Route Origin Authorization

$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/2/323630373a396130303a3a2f33322d3332203d3e203335393136.roa
File:                     323630373a396130303a3a2f33322d3332203d3e203335393136.roa (raw, json)
Hash identifier:          NuxFf5i0trV1xIHWyHuAoSVyHsYpzPQwiMPv9z1ruZ8=
Subject key identifier:   D9:9B:65:B0:A7:4C:80:E4:9B:C4:5B:BE:FD:B8:03:51:74:56:27:83
Certificate issuer:       /CN=cf392b3981b80473864cbb50f6c8bb88508f19a9ff8e4fbe8d
Certificate serial:       59675E3D525C42429CA6CC34548E9965492F6A2C
Authority key identifier: 54:63:A0:40:A4:DF:40:E0:D6:FA:4C:F7:D7:9B:C3:85:4E:70:5A:BD
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43/cf392b3981b80473864cbb50f6c8bb88508f19a9ff8e4fbe8d.cer
Subject info access:      rsync://rpki.multacom.com/repo/MCOMCA/2/323630373a396130303a3a2f33322d3332203d3e203335393136.roa
Signing time:             Thu 14 Dec 2023 18:00:17 +0000
ROA not before:           Thu 14 Dec 2023 17:55:17 +0000
ROA not after:            Thu 12 Dec 2024 18:00:17 +0000
asID:                     35916
IP address blocks:        2607:9a00::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.multacom.com/repo/MCOMCA/2/5463A040A4DF40E0D6FA4CF7D79BC3854E705ABD.crl
                          rsync://rpki.multacom.com/repo/MCOMCA/2/5463A040A4DF40E0D6FA4CF7D79BC3854E705ABD.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43/cf392b3981b80473864cbb50f6c8bb88508f19a9ff8e4fbe8d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43/53f49dd6-d1b1-4de7-a156-d48977daeb43.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43/53f49dd6-d1b1-4de7-a156-d48977daeb43.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 28 Mar 2024 19:09:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:67:5e:3d:52:5c:42:42:9c:a6:cc:34:54:8e:99:65:49:2f:6a:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf392b3981b80473864cbb50f6c8bb88508f19a9ff8e4fbe8d
        Validity
            Not Before: Dec 14 17:55:17 2023 GMT
            Not After : Dec 12 18:00:17 2024 GMT
        Subject: CN=D99B65B0A74C80E49BC45BBEFDB8035174562783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:75:25:a4:e4:bd:ba:d3:a5:ef:12:16:24:5e:
                    36:0f:cc:3b:0c:66:ec:ba:86:db:05:56:de:02:b0:
                    6b:d0:3b:7d:91:c9:9e:e6:f3:30:c3:63:02:12:5b:
                    fd:e2:6d:56:79:19:1e:f9:bd:69:be:68:90:84:85:
                    3f:2d:d2:30:8c:1d:22:6c:6d:2b:38:70:91:fc:1e:
                    3f:71:8b:e2:5f:b6:8c:d0:03:e8:ac:dc:fb:7c:21:
                    c1:51:04:23:78:3e:f1:cf:8f:c3:b2:44:f8:56:1a:
                    c0:fc:63:c3:c3:a8:ab:1c:a3:8a:50:d0:e9:7b:38:
                    04:1e:9b:82:bd:9d:35:cd:bf:7a:c0:6c:41:2a:72:
                    27:84:10:31:02:e8:a7:5a:35:3f:14:9a:25:9d:eb:
                    5f:09:c1:16:fd:03:d0:7d:c0:50:7f:b5:0f:34:92:
                    93:de:fb:ac:99:24:12:12:8b:cd:35:80:74:7a:e6:
                    d0:5c:91:1e:e5:e2:08:ed:f8:43:da:4b:aa:cc:67:
                    38:70:ce:f6:40:49:5f:50:97:2f:ee:0d:a7:65:59:
                    e7:c9:1d:cf:a0:34:0f:8e:46:98:57:ba:04:c5:01:
                    e6:58:3f:48:e8:fe:77:94:eb:6b:2b:7f:a3:b2:01:
                    96:b8:5d:70:da:a3:8a:fb:4e:60:46:51:46:dc:07:
                    6b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:9B:65:B0:A7:4C:80:E4:9B:C4:5B:BE:FD:B8:03:51:74:56:27:83
            X509v3 Authority Key Identifier:
                keyid:54:63:A0:40:A4:DF:40:E0:D6:FA:4C:F7:D7:9B:C3:85:4E:70:5A:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.multacom.com/repo/MCOMCA/2/5463A040A4DF40E0D6FA4CF7D79BC3854E705ABD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/53f49dd6-d1b1-4de7-a156-d48977daeb43/cf392b3981b80473864cbb50f6c8bb88508f19a9ff8e4fbe8d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/2/323630373a396130303a3a2f33322d3332203d3e203335393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2607:9a00::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:22:74:54:a0:53:74:26:6f:ca:81:46:66:46:7f:81:0e:3e:
         8b:19:63:54:3b:d7:90:fb:c4:71:85:52:5d:9d:75:d4:b3:09:
         ed:ac:98:c0:50:4e:13:6d:4a:5b:f2:6c:eb:e5:3d:e2:f8:c4:
         cf:7b:3a:a1:92:90:1a:0e:df:b2:12:c4:67:d5:06:1e:2e:72:
         86:b7:0c:c1:7b:b2:c7:b6:72:52:ff:32:0b:d0:09:bf:39:98:
         c0:69:7c:00:74:7d:77:fc:4d:bd:e8:ef:48:bd:dd:f1:18:92:
         dc:72:0b:3d:69:e8:05:c8:0b:72:d0:80:96:ec:7d:05:75:d7:
         66:74:84:f5:23:3f:b0:5e:e1:e4:56:84:43:4b:12:bf:db:33:
         95:2a:ca:69:38:73:34:9d:15:fd:e9:b2:50:37:c0:e1:ab:13:
         36:36:2d:45:da:87:cf:82:76:60:b3:2f:c9:82:fd:3b:38:78:
         c5:50:72:9d:8e:b9:f6:71:b4:d8:7b:ff:0c:de:c1:8e:c5:34:
         25:c1:4b:37:b8:5d:73:f8:46:e9:1b:ae:5b:be:70:70:56:af:
         8e:26:c7:57:5f:f0:7f:bf:ce:85:54:1e:69:fd:58:d5:86:80:
         f4:9d:e4:24:3d:f7:cb:e1:74:92:96:54:a9:5d:3f:02:76:30:
         19:d8:25:6a
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIUWWdePVJcQkKcpsw0VI6ZZUkvaiwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyY2YzOTJiMzk4MWI4MDQ3Mzg2NGNiYjUwZjZjOGJiODg1
MDhmMTlhOWZmOGU0ZmJlOGQwHhcNMjMxMjE0MTc1NTE3WhcNMjQxMjEyMTgwMDE3
WjAzMTEwLwYDVQQDEyhEOTlCNjVCMEE3NEM4MEU0OUJDNDVCQkVGREI4MDM1MTc0
NTYyNzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3UlpOS9utOl
7xIWJF42D8w7DGbsuobbBVbeArBr0Dt9kcme5vMww2MCElv94m1WeRke+b1pvmiQ
hIU/LdIwjB0ibG0rOHCR/B4/cYviX7aM0APorNz7fCHBUQQjeD7xz4/DskT4VhrA
/GPDw6irHKOKUNDpezgEHpuCvZ01zb96wGxBKnInhBAxAuinWjU/FJolnetfCcEW
/QPQfcBQf7UPNJKT3vusmSQSEovNNYB0eubQXJEe5eII7fhD2kuqzGc4cM72QElf
UJcv7g2nZVnnyR3PoDQPjkaYV7oExQHmWD9I6P53lOtrK3+jsgGWuF1w2qOK+05g
RlFG3AdrEwIDAQABo4ICazCCAmcwHQYDVR0OBBYEFNmbZbCnTIDkm8Rbvv24A1F0
VieDMB8GA1UdIwQYMBaAFFRjoECk30Dg1vpM99ebw4VOcFq9MA4GA1UdDwEB/wQE
AwIHgDBlBgNVHR8EXjBcMFqgWKBWhlRyc3luYzovL3Jwa2kubXVsdGFjb20uY29t
L3JlcG8vTUNPTUNBLzIvNTQ2M0EwNDBBNERGNDBFMEQ2RkE0Q0Y3RDc5QkMzODU0
RTcwNUFCRC5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03Jz
eW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRh
MjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvNzQ2ZTAxMTEtZmFmYi00
MzBmLWI3NzgtZDIwNGNmY2Q5OWE4LzUzZjQ5ZGQ2LWQxYjEtNGRlNy1hMTU2LWQ0
ODk3N2RhZWI0My9jZjM5MmIzOTgxYjgwNDczODY0Y2JiNTBmNmM4YmI4ODUwOGYx
OWE5ZmY4ZTRmYmU4ZC5jZXIwfAYIKwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmBy
c3luYzovL3Jwa2kubXVsdGFjb20uY29tL3JlcG8vTUNPTUNBLzIvMzIzNjMwMzcz
YTM5NjEzMDMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzMzNTM5MzEzNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQC
AAIwBwMFACYHmgAwDQYJKoZIhvcNAQELBQADggEBADYidFSgU3Qmb8qBRmZGf4EO
PosZY1Q715D7xHGFUl2dddSzCe2smMBQThNtSlvybOvlPeL4xM97OqGSkBoO37IS
xGfVBh4ucoa3DMF7sse2clL/MgvQCb85mMBpfAB0fXf8Tb3o70i93fEYktxyCz1p
6AXIC3LQgJbsfQV112Z0hPUjP7Be4eRWhENLEr/bM5Uqymk4czSdFf3pslA3wOGr
EzY2LUXah8+CdmCzL8mC/Ts4eMVQcp2OufZxtNh7/wzewY7FNCXBSze4XXP4Rukb
rlu+cHBWr44mx1df8H+/zoVUHmn9WNWGgPSd5CQ998vhdJKWVKldPwJ2MBnYJWo=
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:58:20 2024 by rpki-client on console-fra.rpki-client.org