Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/323630323a663766663a32343a3a2f34382d3438203d3e203133383532.roa
File:                     323630323a663766663a32343a3a2f34382d3438203d3e203133383532.roa (raw, json)
Hash identifier:          kkQWnNHzXdd0thGtKbw+uoXQNfvmKaVGoWtdNeL5U18=
Subject key identifier:   69:B4:08:AE:64:90:E1:D2:88:00:26:D5:72:FA:DC:FA:B9:F7:2B:99
Certificate issuer:       /CN=f9d4bd83ed27b9a9325e1d6da6cc71a7e6564c102ee7996ce8
Certificate serial:       1DB01344127022DE33DE658C6353CC81A1FC5ABB
Authority key identifier: 22:EC:27:BC:99:97:53:43:E6:F2:5F:5A:46:C6:E6:7C:28:2D:96:DD
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab/f9d4bd83ed27b9a9325e1d6da6cc71a7e6564c102ee7996ce8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/323630323a663766663a32343a3a2f34382d3438203d3e203133383532.roa
Signing time:             Mon 30 Sep 2024 19:16:20 +0000
ROA not before:           Mon 30 Sep 2024 19:11:20 +0000
ROA not after:            Mon 29 Sep 2025 19:16:20 +0000
asID:                     13852
IP address blocks:        2602:f7ff:24::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/22EC27BC99975343E6F25F5A46C6E67C282D96DD.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/22EC27BC99975343E6F25F5A46C6E67C282D96DD.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab/f9d4bd83ed27b9a9325e1d6da6cc71a7e6564c102ee7996ce8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/69fd0156-bb1f-48b6-bf32-c9492286f195.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/69fd0156-bb1f-48b6-bf32-c9492286f195.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 Nov 2024 07:40:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:b0:13:44:12:70:22:de:33:de:65:8c:63:53:cc:81:a1:fc:5a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f9d4bd83ed27b9a9325e1d6da6cc71a7e6564c102ee7996ce8
        Validity
            Not Before: Sep 30 19:11:20 2024 GMT
            Not After : Sep 29 19:16:20 2025 GMT
        Subject: CN=69B408AE6490E1D2880026D572FADCFAB9F72B99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:85:74:23:47:83:87:8a:a3:1b:9e:00:a9:d2:
                    e7:67:c4:f7:11:11:da:aa:75:06:6a:fc:54:94:be:
                    9b:b7:f8:db:1a:04:ba:69:6d:ef:54:94:05:43:43:
                    74:9f:64:85:47:26:88:fc:b2:39:2c:0c:d1:43:aa:
                    40:9c:a5:2b:40:f6:36:00:93:df:72:ae:b9:4a:07:
                    00:82:82:ac:80:1c:b8:d4:c4:7d:64:86:f7:2c:e7:
                    90:0f:49:40:fd:fb:42:fe:a1:3f:ef:aa:cb:19:48:
                    35:6e:16:6e:f7:a1:62:f8:18:b8:6c:21:bb:a6:76:
                    f9:e1:3b:43:da:bc:bb:3f:c3:b9:ca:f0:3e:ac:f4:
                    cd:53:af:6f:00:ea:26:0c:5e:4d:4c:16:c0:b1:02:
                    6e:72:6a:6c:1b:0e:59:5c:44:34:f7:3c:9c:55:b9:
                    52:34:5d:be:e0:f2:c7:50:8d:60:17:90:7d:f9:d7:
                    3e:82:c2:90:fb:1b:d4:96:98:20:e3:34:27:9e:23:
                    4f:0e:c6:47:5f:8d:7c:38:dd:d6:3c:a9:b7:32:ab:
                    b2:9f:11:80:22:53:4b:20:20:3d:5f:af:11:73:57:
                    49:57:59:1d:c4:05:b2:73:f9:6e:90:3c:a3:83:8d:
                    76:ac:bd:10:51:99:31:cf:b4:84:be:94:a4:82:75:
                    b3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B4:08:AE:64:90:E1:D2:88:00:26:D5:72:FA:DC:FA:B9:F7:2B:99
            X509v3 Authority Key Identifier:
                keyid:22:EC:27:BC:99:97:53:43:E6:F2:5F:5A:46:C6:E6:7C:28:2D:96:DD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/22EC27BC99975343E6F25F5A46C6E67C282D96DD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/6e83fbf2-b64b-4c55-ba28-ca84ad0af5ab/f9d4bd83ed27b9a9325e1d6da6cc71a7e6564c102ee7996ce8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/3/323630323a663766663a32343a3a2f34382d3438203d3e203133383532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f7ff:24::/48

    Signature Algorithm: sha256WithRSAEncryption
         84:57:99:b9:49:99:da:15:6a:2c:62:c2:ff:fa:0a:06:3f:42:
         16:cc:2b:7b:db:d1:01:e9:6e:ef:17:d3:29:a7:b1:db:07:19:
         be:a3:82:b3:e9:b5:72:2e:c5:6d:01:a1:a9:5b:9a:17:7f:ef:
         9e:6d:52:98:27:b6:5d:51:1d:b7:18:d1:db:d6:ef:a8:ad:f0:
         6d:4c:ca:10:18:1a:89:fc:97:6a:7a:63:5d:ed:2e:31:7d:a5:
         0f:ee:d6:2f:41:45:02:03:1a:60:b7:58:d1:29:e9:97:1f:41:
         20:c1:0f:d7:49:46:da:e0:e7:12:31:ca:91:4d:a4:7c:1e:6b:
         5c:e3:79:cd:fb:69:7f:98:36:90:4f:b9:aa:45:58:cc:af:87:
         e9:6a:8c:65:4a:2c:f3:a6:7a:88:53:50:13:90:24:85:15:ef:
         4f:d3:e1:7c:6f:9f:19:e7:05:e7:9e:5c:60:3d:92:d7:8a:ff:
         8d:57:2a:be:d7:41:87:97:f1:55:c3:bc:b4:53:bd:0c:91:f8:
         c8:68:c4:95:66:59:2d:2b:01:dc:c6:6f:a1:76:d3:50:cb:72:
         84:e5:c6:84:82:31:89:b0:de:be:f8:d1:7f:b8:1f:de:58:bf:
         0a:f2:28:7d:97:00:d1:3f:ac:c1:f5:cb:a1:66:d0:28:9c:68:
         e4:d7:96:f9
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUHbATRBJwIt4z3mWMY1PMgaH8WrswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZjlkNGJkODNlZDI3YjlhOTMyNWUxZDZkYTZjYzcxYTdl
NjU2NGMxMDJlZTc5OTZjZTgwHhcNMjQwOTMwMTkxMTIwWhcNMjUwOTI5MTkxNjIw
WjAzMTEwLwYDVQQDEyg2OUI0MDhBRTY0OTBFMUQyODgwMDI2RDU3MkZBRENGQUI5
RjcyQjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYV0I0eDh4qj
G54AqdLnZ8T3ERHaqnUGavxUlL6bt/jbGgS6aW3vVJQFQ0N0n2SFRyaI/LI5LAzR
Q6pAnKUrQPY2AJPfcq65SgcAgoKsgBy41MR9ZIb3LOeQD0lA/ftC/qE/76rLGUg1
bhZu96Fi+Bi4bCG7pnb54TtD2ry7P8O5yvA+rPTNU69vAOomDF5NTBbAsQJucmps
Gw5ZXEQ09zycVblSNF2+4PLHUI1gF5B9+dc+gsKQ+xvUlpgg4zQnniNPDsZHX418
ON3WPKm3MquynxGAIlNLICA9X68Rc1dJV1kdxAWyc/lukDyjg412rL0QUZkxz7SE
vpSkgnWzqQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFGm0CK5kkOHSiAAm1XL63Pq5
9yuZMB8GA1UdIwQYMBaAFCLsJ7yZl1ND5vJfWkbG5nwoLZbdMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzBjNzA0MDFjLTdmNDEtNGE2Yi05NDM0
LWNjODBkY2EwOTNlNi8zLzIyRUMyN0JDOTk5NzUzNDNFNkYyNUY1QTQ2QzZFNjdD
MjgyRDk2REQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzY5ZmQwMTU2LWJiMWYt
NDhiNi1iZjMyLWM5NDkyMjg2ZjE5NS82ZTgzZmJmMi1iNjRiLTRjNTUtYmEyOC1j
YTg0YWQwYWY1YWIvZjlkNGJkODNlZDI3YjlhOTMyNWUxZDZkYTZjYzcxYTdlNjU2
NGMxMDJlZTc5OTZjZTguY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzBjNzA0MDFjLTdmNDEtNGE2Yi05NDM0LWNjODBkY2EwOTNlNi8zLzMyMzYzMDMy
M2E2NjM3NjY2NjNhMzIzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzODM1
MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAmAvf/ACQwDQYJKoZIhvcNAQELBQADggEBAIRXmblJmdoV
aixiwv/6CgY/QhbMK3vb0QHpbu8X0ymnsdsHGb6jgrPptXIuxW0Boalbmhd/755t
Upgntl1RHbcY0dvW76it8G1MyhAYGon8l2p6Y13tLjF9pQ/u1i9BRQIDGmC3WNEp
6ZcfQSDBD9dJRtrg5xIxypFNpHwea1zjec37aX+YNpBPuapFWMyvh+lqjGVKLPOm
eohTUBOQJIUV70/T4XxvnxnnBeeeXGA9kteK/41XKr7XQYeX8VXDvLRTvQyR+Mho
xJVmWS0rAdzGb6F201DLcoTlxoSCMYmw3r740X+4H95YvwryKH2XANE/rMH1y6Fm
0CicaOTXlvk=
-----END CERTIFICATE-----
Generated at Tue Nov 12 07:15:26 2024 by rpki-client on console-fra.rpki-client.org