Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/51/323630353a3963303a3a2f33322d3438203d3e2036323333.roa
File:                     323630353a3963303a3a2f33322d3438203d3e2036323333.roa (raw, json)
Hash identifier:          jzljdIIfaM2sidsxEIR+5NVo+O9rd3g0SgH8sZObXhc=
Subject key identifier:   B4:B6:05:37:45:62:D8:6A:F1:4D:C4:E5:10:D8:41:9F:40:F2:6D:98
Certificate issuer:       /CN=e9fac14672122bddfc7a1278980d695c609d5eaeedb0df2450
Certificate serial:       2AF49891000B6D6697BA37A963CD8E7F73BCBAD0
Authority key identifier: 51:30:79:D4:CF:FB:FD:F8:10:24:CA:1B:48:CA:B7:7B:D5:16:66:57
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62/e9fac14672122bddfc7a1278980d695c609d5eaeedb0df2450.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/51/323630353a3963303a3a2f33322d3438203d3e2036323333.roa
Signing time:             Sat 14 Sep 2024 01:22:26 +0000
ROA not before:           Sat 14 Sep 2024 01:17:26 +0000
ROA not after:            Sat 13 Sep 2025 01:22:26 +0000
asID:                     6233
IP address blocks:        2605:9c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.roa.net/rrdp/xTom/51/513079D4CFFBFDF81024CA1B48CAB77BD5166657.crl
                          rsync://rpki.roa.net/rrdp/xTom/51/513079D4CFFBFDF81024CA1B48CAB77BD5166657.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62/e9fac14672122bddfc7a1278980d695c609d5eaeedb0df2450.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62/dab76c6b-0e86-4a03-a59a-f3fc77dbba62.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62/dab76c6b-0e86-4a03-a59a-f3fc77dbba62.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 09:34:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:f4:98:91:00:0b:6d:66:97:ba:37:a9:63:cd:8e:7f:73:bc:ba:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9fac14672122bddfc7a1278980d695c609d5eaeedb0df2450
        Validity
            Not Before: Sep 14 01:17:26 2024 GMT
            Not After : Sep 13 01:22:26 2025 GMT
        Subject: CN=B4B605374562D86AF14DC4E510D8419F40F26D98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:f9:38:cd:7c:94:e0:d1:b6:61:88:08:59:c0:
                    ff:bc:f6:15:5b:b8:fe:00:18:1d:27:d6:72:e8:05:
                    43:28:cd:f9:dd:d0:50:fa:12:49:87:5f:a6:ab:71:
                    d0:f8:1f:1f:85:0a:45:45:1d:20:4f:9d:d4:47:45:
                    ea:fa:f1:79:26:fc:ab:38:ec:9c:94:6f:80:2a:6c:
                    01:63:80:4e:14:9d:9f:cd:9d:c4:53:75:0f:92:7b:
                    25:13:2f:e9:09:76:55:c3:ed:1b:37:a5:bc:14:e2:
                    81:05:6c:9a:81:2b:cc:00:d9:c0:75:6e:31:8e:67:
                    48:99:dd:39:75:1e:6d:6c:2c:e9:1b:6a:a0:fd:e9:
                    78:5c:43:a0:62:ed:79:bc:9d:18:f9:e3:06:f8:df:
                    a6:27:1a:1a:a4:4e:12:25:58:db:91:a1:fd:1b:7e:
                    7d:6b:df:39:5d:3d:31:cb:3f:ca:64:8c:66:52:df:
                    e4:e2:50:40:11:13:03:0b:34:d9:24:f1:5d:4e:bb:
                    80:40:1d:1e:76:6b:d9:72:3a:7a:b3:ef:d0:d3:de:
                    bf:83:53:cb:83:7a:9e:d5:be:97:0b:26:04:a9:03:
                    1f:c0:89:76:74:ee:c3:0b:e7:ce:fa:49:b7:46:a6:
                    07:ae:a3:01:55:26:89:9d:79:c4:03:52:ae:24:66:
                    bb:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:B6:05:37:45:62:D8:6A:F1:4D:C4:E5:10:D8:41:9F:40:F2:6D:98
            X509v3 Authority Key Identifier:
                keyid:51:30:79:D4:CF:FB:FD:F8:10:24:CA:1B:48:CA:B7:7B:D5:16:66:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/51/513079D4CFFBFDF81024CA1B48CAB77BD5166657.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/dab76c6b-0e86-4a03-a59a-f3fc77dbba62/e9fac14672122bddfc7a1278980d695c609d5eaeedb0df2450.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/51/323630353a3963303a3a2f33322d3438203d3e2036323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:a5:80:39:4a:ae:10:f0:4a:09:5c:29:2d:e3:67:21:07:6d:
         b8:7e:7b:85:31:e1:e3:2d:60:33:f3:68:17:45:be:02:c8:d6:
         41:6b:06:6a:c9:4c:fc:8c:07:ee:8f:44:0d:bb:00:74:c1:1a:
         a3:aa:c3:c1:76:38:56:5a:9b:08:20:a6:14:83:21:4a:69:13:
         bd:12:42:13:0f:d7:94:34:58:49:78:62:bc:96:be:48:15:1f:
         c6:ff:54:0e:7c:ec:d1:11:33:a4:1c:34:46:c6:fc:9e:fc:19:
         b3:b7:db:58:ad:ac:cc:1a:b0:ef:d8:92:bc:89:de:be:0c:f8:
         fb:f5:9f:92:cb:88:6b:98:b6:da:73:fb:24:ea:7f:97:c6:52:
         33:60:e8:1e:99:b7:ee:1a:db:e1:be:e8:6b:36:bb:06:da:24:
         e0:55:d3:14:d3:42:7c:fa:87:b7:b5:0c:2a:19:4a:17:f9:2e:
         4b:07:85:d0:90:49:19:59:18:f2:dc:64:45:23:17:72:bb:93:
         84:5f:8d:08:e3:b7:0c:b8:7a:6c:3a:6e:b5:af:de:d3:84:45:
         ae:77:bf:0f:8d:1a:89:ef:58:03:3b:a7:99:27:7e:9e:18:c0:
         ca:61:57:e0:c9:64:e6:95:eb:0e:65:32:7b:f6:f0:d1:87:d2:
         56:8a:13:cb
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUKvSYkQALbWaXujepY82Of3O8utAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZTlmYWMxNDY3MjEyMmJkZGZjN2ExMjc4OTgwZDY5NWM2
MDlkNWVhZWVkYjBkZjI0NTAwHhcNMjQwOTE0MDExNzI2WhcNMjUwOTEzMDEyMjI2
WjAzMTEwLwYDVQQDEyhCNEI2MDUzNzQ1NjJEODZBRjE0REM0RTUxMEQ4NDE5RjQw
RjI2RDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPk4zXyU4NG2
YYgIWcD/vPYVW7j+ABgdJ9Zy6AVDKM353dBQ+hJJh1+mq3HQ+B8fhQpFRR0gT53U
R0Xq+vF5JvyrOOyclG+AKmwBY4BOFJ2fzZ3EU3UPknslEy/pCXZVw+0bN6W8FOKB
BWyagSvMANnAdW4xjmdImd05dR5tbCzpG2qg/el4XEOgYu15vJ0Y+eMG+N+mJxoa
pE4SJVjbkaH9G359a985XT0xyz/KZIxmUt/k4lBAERMDCzTZJPFdTruAQB0edmvZ
cjp6s+/Q096/g1PLg3qe1b6XCyYEqQMfwIl2dO7DC+fO+km3RqYHrqMBVSaJnXnE
A1KuJGa7ewIDAQABo4ICWzCCAlcwHQYDVR0OBBYEFLS2BTdFYthq8U3E5RDYQZ9A
8m2YMB8GA1UdIwQYMBaAFFEwedTP+/34ECTKG0jKt3vVFmZXMA4GA1UdDwEB/wQE
AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL3Jwa2kucm9hLm5ldC9ycmRw
L3hUb20vNTEvNTEzMDc5RDRDRkZCRkRGODEwMjRDQTFCNDhDQUI3N0JENTE2NjY1
Ny5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v
cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l
ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFj
Y2UtMTM3MjI3ZTk3MWFjL2RhYjc2YzZiLTBlODYtNGEwMy1hNTlhLWYzZmM3N2Ri
YmE2Mi9lOWZhYzE0NjcyMTIyYmRkZmM3YTEyNzg5ODBkNjk1YzYwOWQ1ZWFlZWRi
MGRmMjQ1MC5jZXIwcgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzov
L3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNTEvMzIzNjMwMzUzYTM5NjMzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM2MzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJgUJwDANBgkq
hkiG9w0BAQsFAAOCAQEAQKWAOUquEPBKCVwpLeNnIQdtuH57hTHh4y1gM/NoF0W+
AsjWQWsGaslM/IwH7o9EDbsAdMEao6rDwXY4VlqbCCCmFIMhSmkTvRJCEw/XlDRY
SXhivJa+SBUfxv9UDnzs0REzpBw0Rsb8nvwZs7fbWK2szBqw79iSvInevgz4+/Wf
ksuIa5i22nP7JOp/l8ZSM2DoHpm37hrb4b7oaza7Btok4FXTFNNCfPqHt7UMKhlK
F/kuSweF0JBJGVkY8txkRSMXcruThF+NCOO3DLh6bDputa/e04RFrne/D40aie9Y
AzunmSd+nhjAymFX4Mlk5pXrDmUye/bw0YfSVooTyw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:20 2024 by rpki-client on console-fra.rpki-client.org