Route Origin Authorization

$ rpki-client -vvf rpki.pudu.be/repo/pudu/0/326130363a613334303a3a2f32392d3438203d3e203437363839.roa
File:                     326130363a613334303a3a2f32392d3438203d3e203437363839.roa (raw, json)
Hash identifier:          sX6rJ6M1j1Yi7oRpHGKzj5u7qCezBBl809wce9gi0tU=
Subject key identifier:   4C:C9:FA:D3:5B:0D:6F:14:C6:C5:75:B9:3C:E1:91:3F:1E:3C:8F:EC
Certificate issuer:       /CN=73a83c810157e3e8511eebe39cfcad16fa329700
Certificate serial:       5E6DB29224BF05FFC5EBFA8CAAFCB82B1BDEC068
Authority key identifier: 73:A8:3C:81:01:57:E3:E8:51:1E:EB:E3:9C:FC:AD:16:FA:32:97:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c6g8gQFX4-hRHuvjnPytFvoylwA.cer
Subject info access:      rsync://rpki.pudu.be/repo/pudu/0/326130363a613334303a3a2f32392d3438203d3e203437363839.roa
Signing time:             Thu 15 Feb 2024 19:42:15 +0000
ROA not before:           Thu 15 Feb 2024 19:37:15 +0000
ROA not after:            Thu 13 Feb 2025 19:42:15 +0000
asID:                     47689
IP address blocks:        2a06:a340::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.pudu.be/repo/pudu/0/73A83C810157E3E8511EEBE39CFCAD16FA329700.crl
                          rsync://rpki.pudu.be/repo/pudu/0/73A83C810157E3E8511EEBE39CFCAD16FA329700.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c6g8gQFX4-hRHuvjnPytFvoylwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 14:20:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:6d:b2:92:24:bf:05:ff:c5:eb:fa:8c:aa:fc:b8:2b:1b:de:c0:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73a83c810157e3e8511eebe39cfcad16fa329700
        Validity
            Not Before: Feb 15 19:37:15 2024 GMT
            Not After : Feb 13 19:42:15 2025 GMT
        Subject: CN=4CC9FAD35B0D6F14C6C575B93CE1913F1E3C8FEC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b6:09:dc:80:32:49:8b:8f:0d:59:7b:62:75:
                    ba:c2:f8:5b:44:48:0f:4f:63:69:92:9c:c2:60:11:
                    a4:e3:3c:66:6b:ef:f0:fd:91:95:1c:67:ff:ec:e3:
                    d1:65:fd:d4:db:4c:64:7e:55:9b:7f:b4:ce:7e:06:
                    37:21:76:16:b3:1d:4d:c1:7d:a6:de:cc:79:5f:a9:
                    6d:22:35:ac:d1:57:66:3b:01:b9:37:12:41:14:01:
                    db:9d:be:15:22:cf:ce:53:9a:ba:11:d2:ca:c8:81:
                    4d:18:3e:12:f7:b4:18:85:74:d4:23:49:09:bf:b0:
                    a1:e5:35:25:b8:d9:86:3b:e8:8d:00:a7:83:e3:d3:
                    5f:03:d6:1b:84:de:29:0a:cd:a6:49:3b:70:99:af:
                    12:03:77:b6:d6:1c:8a:96:cc:9a:02:a9:ee:0e:2b:
                    36:70:e2:de:4a:1a:60:57:9e:60:4a:ee:e3:86:6c:
                    e6:e8:09:26:f7:b8:05:05:60:03:ed:ee:66:1f:18:
                    1d:69:93:49:f0:e7:6a:66:ce:b3:be:b1:fd:40:7b:
                    09:77:ca:ac:7f:13:2f:0d:17:80:79:71:2d:c5:03:
                    30:4a:58:cc:55:fa:41:6e:e8:13:9d:88:6f:11:d9:
                    56:a5:a3:d8:b1:98:13:46:68:7f:9d:20:dc:c6:80:
                    0e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:C9:FA:D3:5B:0D:6F:14:C6:C5:75:B9:3C:E1:91:3F:1E:3C:8F:EC
            X509v3 Authority Key Identifier:
                keyid:73:A8:3C:81:01:57:E3:E8:51:1E:EB:E3:9C:FC:AD:16:FA:32:97:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.pudu.be/repo/pudu/0/73A83C810157E3E8511EEBE39CFCAD16FA329700.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6g8gQFX4-hRHuvjnPytFvoylwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.pudu.be/repo/pudu/0/326130363a613334303a3a2f32392d3438203d3e203437363839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a340::/29

    Signature Algorithm: sha256WithRSAEncryption
         84:d1:86:1b:72:11:19:f0:11:3d:cb:e5:2d:5a:67:89:f1:ac:
         16:25:ed:18:2d:21:53:e0:7c:18:d1:a2:b9:94:3d:67:cc:8b:
         48:e2:8e:b9:bb:dd:3b:57:2c:b1:78:4a:fb:71:94:60:78:de:
         09:b8:0b:fc:ee:63:30:a2:f2:45:e9:9e:91:6e:b9:ed:0a:77:
         88:bf:65:0e:4a:db:69:89:3b:ac:2f:b9:13:7a:30:3e:fe:7e:
         be:4f:41:06:23:ee:1a:33:70:d6:d8:44:4f:4f:cc:b2:f5:82:
         30:81:40:33:2d:01:4c:f6:95:14:04:d4:b5:cf:5a:5c:4d:aa:
         2f:5a:16:3d:20:5b:ea:f1:fe:4b:0a:04:68:f2:8b:2e:61:dc:
         67:15:50:af:c1:da:f2:0c:86:6f:72:d9:9e:bc:a2:f9:d6:eb:
         c0:2e:89:5b:5c:08:6c:68:77:39:1b:0d:44:3d:7d:3b:a5:12:
         3d:2d:08:76:e7:c4:11:6a:bd:97:fb:ca:89:fa:f8:4c:2f:45:
         fa:38:51:53:b1:2a:30:0c:b3:40:da:16:c2:35:93:1b:68:d3:
         9f:1a:2b:04:ae:3f:d0:eb:e8:75:df:6f:7f:70:cd:82:a7:a3:
         f4:76:7a:e7:4d:b1:3c:22:a5:f5:6e:ed:c8:cc:2a:fb:55:08:
         8b:09:aa:bb
-----BEGIN CERTIFICATE-----
MIIEwzCCA6ugAwIBAgIUXm2ykiS/Bf/F6/qMqvy4KxvewGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzNhODNjODEwMTU3ZTNlODUxMWVlYmUzOWNmY2FkMTZm
YTMyOTcwMDAeFw0yNDAyMTUxOTM3MTVaFw0yNTAyMTMxOTQyMTVaMDMxMTAvBgNV
BAMTKDRDQzlGQUQzNUIwRDZGMTRDNkM1NzVCOTNDRTE5MTNGMUUzQzhGRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOtgncgDJJi48NWXtidbrC+FtE
SA9PY2mSnMJgEaTjPGZr7/D9kZUcZ//s49Fl/dTbTGR+VZt/tM5+BjchdhazHU3B
fabezHlfqW0iNazRV2Y7Abk3EkEUAdudvhUiz85TmroR0srIgU0YPhL3tBiFdNQj
SQm/sKHlNSW42YY76I0Ap4Pj018D1huE3ikKzaZJO3CZrxIDd7bWHIqWzJoCqe4O
KzZw4t5KGmBXnmBK7uOGbOboCSb3uAUFYAPt7mYfGB1pk0nw52pmzrO+sf1Aewl3
yqx/Ey8NF4B5cS3FAzBKWMxV+kFu6BOdiG8R2Valo9ixmBNGaH+dINzGgA4JAgMB
AAGjggHNMIIByTAdBgNVHQ4EFgQUTMn601sNbxTGxXW5POGRPx48j+wwHwYDVR0j
BBgwFoAUc6g8gQFX4+hRHuvjnPytFvoylwAwDgYDVR0PAQH/BAQDAgeAMF4GA1Ud
HwRXMFUwU6BRoE+GTXJzeW5jOi8vcnBraS5wdWR1LmJlL3JlcG8vcHVkdS8wLzcz
QTgzQzgxMDE1N0UzRTg1MTFFRUJFMzlDRkNBRDE2RkEzMjk3MDAuY3JsMGQGCCsG
AQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9jNmc4Z1FGWDQtaFJIdXZqblB5dEZ2b3lsd0EuY2Vy
MHUGCCsGAQUFBwELBGkwZzBlBggrBgEFBQcwC4ZZcnN5bmM6Ly9ycGtpLnB1ZHUu
YmUvcmVwby9wdWR1LzAvMzI2MTMwMzYzYTYxMzMzNDMwM2EzYTJmMzIzOTJkMzQz
ODIwM2QzZTIwMzQzNzM2MzgzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoGo0AwDQYJKoZIhvcNAQEL
BQADggEBAITRhhtyERnwET3L5S1aZ4nxrBYl7RgtIVPgfBjRormUPWfMi0jijrm7
3TtXLLF4SvtxlGB43gm4C/zuYzCi8kXpnpFuue0Kd4i/ZQ5K22mJO6wvuRN6MD7+
fr5PQQYj7hozcNbYRE9PzLL1gjCBQDMtAUz2lRQE1LXPWlxNqi9aFj0gW+rx/ksK
BGjyiy5h3GcVUK/B2vIMhm9y2Z68ovnW68AuiVtcCGxodzkbDUQ9fTulEj0tCHbn
xBFqvZf7yon6+EwvRfo4UVOxKjAMs0DaFsI1kxto058aKwSuP9Dr6HXfb39wzYKn
o/R2eudNsTwipfVu7cjMKvtVCIsJqrs=
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:25:01 2024 by rpki-client on console-ams.rpki-client.org