Route Origin Authorization

$ rpki-client -vvf rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa
File:                     326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa (raw, json)
Hash identifier:          4CSwVj5li/d3+mlT8M+AsnJkF0l982ZEM1VqEr65me0=
Subject key identifier:   E2:C8:BC:62:73:AE:12:24:84:2E:CE:61:89:06:46:E2:9C:F0:31:2D
Certificate issuer:       /CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
Certificate serial:       7EBE102E2AEAF7FF627F06D82941DA766A9CBD61
Authority key identifier: 60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
Subject info access:      rsync://rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa
Signing time:             Sun 01 Oct 2023 15:04:41 +0000
ROA not before:           Sun 01 Oct 2023 14:59:41 +0000
ROA not after:            Sun 29 Sep 2024 15:04:41 +0000
asID:                     57984
IP address blocks:        2a0b:2f07:abcd::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl
                          rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 13:06:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:be:10:2e:2a:ea:f7:ff:62:7f:06:d8:29:41:da:76:6a:9c:bd:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
        Validity
            Not Before: Oct  1 14:59:41 2023 GMT
            Not After : Sep 29 15:04:41 2024 GMT
        Subject: CN=E2C8BC6273AE1224842ECE61890646E29CF0312D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:84:f5:fc:06:3d:c0:8d:81:9a:3f:2c:9f:6c:
                    ea:d3:ef:e1:01:c1:8f:31:15:cb:a5:e1:62:29:ec:
                    3d:d7:c0:fa:57:53:17:30:a1:5d:11:f1:14:1d:b8:
                    de:70:a8:6a:b3:46:21:ec:8b:fd:6b:b9:b3:ca:5a:
                    a5:38:75:e6:b7:c5:f0:08:00:55:fa:27:32:4a:b9:
                    62:3e:0a:06:18:b1:63:84:25:ef:af:9c:94:5d:b5:
                    07:45:74:7b:b4:c7:be:b0:95:f3:37:37:22:8b:64:
                    de:f5:d3:54:5a:81:cf:80:7a:cb:f3:11:ae:89:58:
                    ba:f4:48:81:37:ec:ee:30:32:8a:da:0c:ec:33:62:
                    81:7d:b3:fb:23:69:b1:99:61:a4:13:22:2a:5a:b6:
                    36:ce:2c:98:79:86:ea:1a:6e:50:a3:31:63:84:d2:
                    02:05:e1:13:5a:3f:ec:2c:67:29:a8:79:c2:0a:2f:
                    c1:57:a6:b8:79:82:da:86:d8:87:2a:4d:ec:37:f5:
                    54:63:e0:b3:a9:3e:a7:13:21:7e:bf:33:46:94:51:
                    c5:b4:15:f6:af:35:31:9f:30:d3:d6:5e:0d:5f:89:
                    7b:a9:2f:24:74:84:ba:42:79:be:16:72:c7:ee:f6:
                    a8:c6:de:79:9b:72:cb:01:b8:08:e3:f6:26:27:be:
                    8a:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:C8:BC:62:73:AE:12:24:84:2E:CE:61:89:06:46:E2:9C:F0:31:2D
            X509v3 Authority Key Identifier:
                keyid:60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:2f07:abcd::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:4b:96:5b:4d:6e:5d:3f:b9:30:62:fa:8f:e7:e5:5f:7b:b4:
         54:2a:c1:4f:86:ef:04:21:3d:7c:49:ad:ab:a9:0f:06:fb:bc:
         d9:77:26:d2:9c:12:85:c1:c4:5a:99:2c:af:02:bb:43:c3:c9:
         5c:16:f6:af:65:c7:7a:af:d6:d6:03:67:2a:57:07:56:cf:45:
         bf:3d:50:cf:06:92:5b:fc:76:f3:96:84:9a:3f:b6:57:f8:11:
         ed:e2:92:91:b3:db:f6:e4:da:37:06:1e:11:cf:65:c3:12:81:
         73:28:1a:fc:9e:d3:55:78:e3:0a:c0:17:27:77:40:c9:db:40:
         0d:10:7d:98:c0:55:b0:90:85:ac:22:8b:1b:d8:ce:90:7f:d1:
         11:ed:97:3e:9f:4f:2c:ac:b6:58:cb:10:1a:90:60:3a:b6:d8:
         cd:15:0a:72:46:31:0b:81:2d:c4:8e:82:d8:a0:94:9a:86:2b:
         68:95:03:29:e4:ae:94:38:c7:9b:39:18:74:71:1c:a6:9a:99:
         36:32:6b:07:0c:4e:fe:55:a9:38:82:31:72:60:74:37:30:3b:
         e5:26:be:18:cb:ed:26:47:ab:d0:80:b2:dc:45:e2:a9:7a:f1:
         8d:36:be:57:ca:f0:91:b7:ab:76:eb:fd:3e:17:05:44:87:fe:
         8f:f6:ec:5a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUfr4QLirq9/9ifwbYKUHadmqcvWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjAxODMyODdlYjA4ZWNlMGM2NWZhNDlhM2Y0NTYyMWM2
MTJkZGJkMTAeFw0yMzEwMDExNDU5NDFaFw0yNDA5MjkxNTA0NDFaMDMxMTAvBgNV
BAMTKEUyQzhCQzYyNzNBRTEyMjQ4NDJFQ0U2MTg5MDY0NkUyOUNGMDMxMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0hPX8Bj3AjYGaPyyfbOrT7+EB
wY8xFcul4WIp7D3XwPpXUxcwoV0R8RQduN5wqGqzRiHsi/1rubPKWqU4dea3xfAI
AFX6JzJKuWI+CgYYsWOEJe+vnJRdtQdFdHu0x76wlfM3NyKLZN7101Ragc+Aesvz
Ea6JWLr0SIE37O4wMoraDOwzYoF9s/sjabGZYaQTIipatjbOLJh5huoablCjMWOE
0gIF4RNaP+wsZymoecIKL8FXprh5gtqG2IcqTew39VRj4LOpPqcTIX6/M0aUUcW0
FfavNTGfMNPWXg1fiXupLyR0hLpCeb4Wcsfu9qjG3nmbcssBuAjj9iYnvornAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQU4si8YnOuEiSELs5hiQZG4pzwMS0wHwYDVR0j
BBgwFoAUYBgyh+sI7ODGX6SaP0ViHGEt29EwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraS54aW5kaS5ldS9yZXBvL1hJTkRJLzAv
NjAxODMyODdFQjA4RUNFMEM2NUZBNDlBM0Y0NTYyMUM2MTJEREJEMS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL1lCZ3loLXNJN09ER1g2U2FQMFZpSEdFdDI5RS5j
ZXIwgYEGCCsGAQUFBwELBHUwczBxBggrBgEFBQcwC4ZlcnN5bmM6Ly9ycGtpLnhp
bmRpLmV1L3JlcG8vWElOREkvMC8zMjYxMzA2MjNhMzI2NjMwMzczYTYxNjI2MzY0
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNzM5MzgzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoL
LwerzTANBgkqhkiG9w0BAQsFAAOCAQEAiEuWW01uXT+5MGL6j+flX3u0VCrBT4bv
BCE9fEmtq6kPBvu82Xcm0pwShcHEWpksrwK7Q8PJXBb2r2XHeq/W1gNnKlcHVs9F
vz1QzwaSW/x285aEmj+2V/gR7eKSkbPb9uTaNwYeEc9lwxKBcyga/J7TVXjjCsAX
J3dAydtADRB9mMBVsJCFrCKLG9jOkH/REe2XPp9PLKy2WMsQGpBgOrbYzRUKckYx
C4EtxI6C2KCUmoYraJUDKeSulDjHmzkYdHEcppqZNjJrBwxO/lWpOIIxcmB0NzA7
5Sa+GMvtJker0ICy3EXiqXrxjTa+V8rwkberduv9PhcFRIf+j/bsWg==
-----END CERTIFICATE-----