Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130303a3a2f34302d3430203d3e20323033383433.roa
File:                     326130613a363034303a613130303a3a2f34302d3430203d3e20323033383433.roa (raw, json)
Hash identifier:          Xh/FfrHNt61Ngv7mgOC5frZltA6yLiEyKUkiFJ52seY=
Subject key identifier:   11:32:8A:D9:9F:6E:36:D6:2D:E4:73:FF:6E:00:2C:44:C0:9F:FC:67
Certificate issuer:       /CN=13DDCFA128DC141F076EB7B60F46359286489D55
Certificate serial:       383699047A11CA966FE2F24AB6D35F1A18192E0F
Authority key identifier: 13:DD:CF:A1:28:DC:14:1F:07:6E:B7:B6:0F:46:35:92:86:48:9D:55
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130303a3a2f34302d3430203d3e20323033383433.roa
Signing time:             Sun 06 Oct 2024 04:55:36 +0000
ROA not before:           Sun 06 Oct 2024 04:50:36 +0000
ROA not after:            Sun 05 Oct 2025 04:55:36 +0000
asID:                     203843
IP address blocks:        2a0a:6040:a100::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:29:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:36:99:04:7a:11:ca:96:6f:e2:f2:4a:b6:d3:5f:1a:18:19:2e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13DDCFA128DC141F076EB7B60F46359286489D55
        Validity
            Not Before: Oct  6 04:50:36 2024 GMT
            Not After : Oct  5 04:55:36 2025 GMT
        Subject: CN=11328AD99F6E36D62DE473FF6E002C44C09FFC67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7a:93:b0:30:6f:cd:0a:c3:44:5e:0b:c4:95:
                    c7:d8:29:d7:0e:10:4f:6b:a0:20:75:fa:11:9b:86:
                    f9:52:e6:e5:db:c2:74:bb:76:25:8b:d2:e4:75:22:
                    c2:fa:49:ab:08:f1:48:0b:51:1f:93:ef:4b:1c:c4:
                    97:3f:52:71:dc:02:04:b3:c6:55:3a:59:25:c6:69:
                    ac:5f:c9:cd:69:ec:d5:82:e1:3b:ed:2e:fb:80:cf:
                    a3:6a:f3:19:87:be:7e:71:f0:a0:71:9b:0e:e1:64:
                    8d:b7:1b:6b:5f:35:58:77:5e:26:30:46:c3:8c:00:
                    89:87:8c:95:6d:42:38:cd:c8:e6:4d:02:fb:f1:00:
                    54:27:02:97:1f:bf:da:4c:a9:4e:f1:a1:68:cd:e7:
                    c9:7f:46:61:f5:81:29:13:03:7f:ad:50:6f:b5:0f:
                    ac:da:ed:03:24:85:62:f5:e4:6e:d4:c6:a9:3e:b0:
                    a0:e9:e8:c3:8e:52:ce:42:36:a9:cf:79:97:d6:48:
                    a3:a2:33:c7:f6:d0:05:9d:b8:dc:92:49:93:0d:84:
                    78:e5:7c:a1:52:00:fd:d5:be:18:16:4e:91:7a:0f:
                    01:88:c5:c0:f4:b4:51:d3:cc:86:50:79:d6:c3:19:
                    87:26:e2:d0:6f:fa:10:2a:73:84:8f:c1:28:9f:46:
                    3e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:32:8A:D9:9F:6E:36:D6:2D:E4:73:FF:6E:00:2C:44:C0:9F:FC:67
            X509v3 Authority Key Identifier:
                keyid:13:DD:CF:A1:28:DC:14:1F:07:6E:B7:B6:0F:46:35:92:86:48:9D:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130303a3a2f34302d3430203d3e20323033383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:a100::/40

    Signature Algorithm: sha256WithRSAEncryption
         70:03:c9:70:49:5e:a6:ed:14:32:a4:4c:1f:09:ba:f1:a3:5d:
         73:af:c2:5e:a9:72:5e:12:b6:14:36:bf:f7:55:91:5e:f7:39:
         53:fc:97:51:b3:7a:d5:ae:28:0b:b8:2f:0e:a7:1d:7a:49:ce:
         d3:e7:b6:da:ac:2f:f3:e0:02:73:39:5c:68:4b:76:e8:fb:26:
         b5:1e:8a:bc:09:2d:df:32:10:6c:5a:4e:ba:17:ac:24:a4:34:
         ce:33:55:0e:93:3a:16:ea:e9:22:df:e6:95:d3:ef:8c:8e:cc:
         d2:94:21:c1:81:88:5d:15:0c:cd:00:c3:ba:bb:a3:52:ad:f8:
         d2:19:35:73:41:36:96:0e:50:8e:c4:7e:79:bf:79:ef:46:88:
         d9:53:4f:36:4a:7f:f7:53:8a:6b:ac:62:34:86:8b:f0:d7:05:
         08:db:0d:99:7d:d7:04:0e:10:fc:17:45:58:2f:36:45:19:f0:
         6d:77:c7:b4:5e:4c:e1:34:1d:67:2a:de:66:77:2c:c6:3b:b8:
         96:26:c1:ab:08:34:fd:83:ba:28:40:25:71:1e:44:e6:e2:f9:
         d1:de:83:b6:08:8c:59:15:24:9e:cf:02:68:41:dc:5a:99:35:
         db:dd:9b:f1:db:7c:7c:5f:85:ae:fd:db:cb:c2:34:9c:71:5f:
         cf:12:e0:76
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUODaZBHoRypZv4vJKttNfGhgZLg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTNERENGQTEyOERDMTQxRjA3NkVCN0I2MEY0NjM1OTI4
NjQ4OUQ1NTAeFw0yNDEwMDYwNDUwMzZaFw0yNTEwMDUwNDU1MzZaMDMxMTAvBgNV
BAMTKDExMzI4QUQ5OUY2RTM2RDYyREU0NzNGRjZFMDAyQzQ0QzA5RkZDNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMepOwMG/NCsNEXgvElcfYKdcO
EE9roCB1+hGbhvlS5uXbwnS7diWL0uR1IsL6SasI8UgLUR+T70scxJc/UnHcAgSz
xlU6WSXGaaxfyc1p7NWC4TvtLvuAz6Nq8xmHvn5x8KBxmw7hZI23G2tfNVh3XiYw
RsOMAImHjJVtQjjNyOZNAvvxAFQnApcfv9pMqU7xoWjN58l/RmH1gSkTA3+tUG+1
D6za7QMkhWL15G7Uxqk+sKDp6MOOUs5CNqnPeZfWSKOiM8f20AWduNySSZMNhHjl
fKFSAP3VvhgWTpF6DwGIxcD0tFHTzIZQedbDGYcm4tBv+hAqc4SPwSifRj55AgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUETKK2Z9uNtYt5HP/bgAsRMCf/GcwHwYDVR0j
BBgwFoAUE93PoSjcFB8Hbre2D0Y1koZInVUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTNmNjg1NjEtMGE3NC00Y2NhLWJmOGYtMTJmYWFhZmM4
ZWI4LzIvMTNERENGQTEyOERDMTQxRjA3NkVCN0I2MEY0NjM1OTI4NjQ4OUQ1NS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzEzRERDRkExMjhEQzE0
MUYwNzZFQjdCNjBGNDYzNTkyODY0ODlENTUuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzEzZjY4NTYxLTBhNzQtNGNjYS1iZjhmLTEyZmFhYWZjOGVi
OC8yLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjEzMTMwMzAzYTNhMmYzNDMwMmQzNDMw
MjAzZDNlMjAzMjMwMzMzODM0MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCmBAoTANBgkqhkiG9w0B
AQsFAAOCAQEAcAPJcElepu0UMqRMHwm68aNdc6/CXqlyXhK2FDa/91WRXvc5U/yX
UbN61a4oC7gvDqcdeknO0+e22qwv8+ACczlcaEt26PsmtR6KvAkt3zIQbFpOuhes
JKQ0zjNVDpM6FurpIt/mldPvjI7M0pQhwYGIXRUMzQDDurujUq340hk1c0E2lg5Q
jsR+eb9570aI2VNPNkp/91OKa6xiNIaL8NcFCNsNmX3XBA4Q/BdFWC82RRnwbXfH
tF5M4TQdZyreZncsxju4libBqwg0/YO6KEAlcR5E5uL50d6DtgiMWRUkns8CaEHc
Wpk1292b8dt8fF+Frv3by8I0nHFfzxLgdg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:34 2024 by rpki-client on console-fra.rpki-client.org