Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130313a3a2f34382d3438203d3e20323033383433.roa
File:                     326130613a363034303a613130313a3a2f34382d3438203d3e20323033383433.roa (raw, json)
Hash identifier:          8kE6bd3UIwVjGeLjsemhmEEHlGKhtuqOlLO98xqUvuU=
Subject key identifier:   51:AF:02:33:57:74:8F:B0:B0:76:74:F7:89:42:FD:52:F9:7F:E4:F4
Certificate issuer:       /CN=13DDCFA128DC141F076EB7B60F46359286489D55
Certificate serial:       32C8847C2B516A88CC7F5DB3C645E7BFC5A06A89
Authority key identifier: 13:DD:CF:A1:28:DC:14:1F:07:6E:B7:B6:0F:46:35:92:86:48:9D:55
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130313a3a2f34382d3438203d3e20323033383433.roa
Signing time:             Sun 06 Oct 2024 04:55:36 +0000
ROA not before:           Sun 06 Oct 2024 04:50:36 +0000
ROA not after:            Sun 05 Oct 2025 04:55:36 +0000
asID:                     203843
IP address blocks:        2a0a:6040:a101::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 13:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:c8:84:7c:2b:51:6a:88:cc:7f:5d:b3:c6:45:e7:bf:c5:a0:6a:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13DDCFA128DC141F076EB7B60F46359286489D55
        Validity
            Not Before: Oct  6 04:50:36 2024 GMT
            Not After : Oct  5 04:55:36 2025 GMT
        Subject: CN=51AF023357748FB0B07674F78942FD52F97FE4F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:31:4d:90:c2:34:c3:60:1f:5a:e2:ab:32:ec:
                    23:96:b3:a6:b4:18:0c:3b:cd:3d:5c:62:7a:6e:90:
                    72:52:04:e9:1a:84:f5:3e:26:8b:99:e4:4d:af:7f:
                    61:a4:ca:bf:e9:bd:8d:ea:68:e6:2b:80:c9:86:42:
                    6a:eb:72:3f:aa:db:0c:5e:71:84:46:b4:84:bf:ce:
                    58:f5:dc:c9:08:61:44:6d:44:b9:05:11:82:cc:7e:
                    66:78:aa:a2:23:1b:b6:82:59:74:4a:6d:a3:a0:98:
                    0d:74:89:f1:b0:4f:1f:e3:c2:d3:89:98:99:24:53:
                    a7:90:09:56:d4:9e:77:1c:a8:52:d8:f9:4e:90:7c:
                    32:77:73:c1:ad:f6:8c:0e:92:8a:0a:06:c0:8f:30:
                    e8:5d:b6:ce:91:45:45:9e:8a:4c:bc:76:d7:a3:ff:
                    4c:de:b1:0e:f0:30:36:91:e1:17:4f:1f:9d:6b:56:
                    78:0b:e5:5a:6c:c4:52:e2:eb:7a:d1:2a:f3:ff:71:
                    3d:94:d5:fa:56:fe:f7:e1:ae:4d:3c:e1:ba:03:92:
                    74:83:23:d9:c5:c2:df:9e:2b:c8:22:e4:7c:1b:0c:
                    ef:a8:97:d5:51:e0:46:85:ac:29:8a:94:18:e2:b6:
                    c0:89:d6:7b:af:30:97:25:ae:3d:59:8c:63:e5:f8:
                    01:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AF:02:33:57:74:8F:B0:B0:76:74:F7:89:42:FD:52:F9:7F:E4:F4
            X509v3 Authority Key Identifier:
                keyid:13:DD:CF:A1:28:DC:14:1F:07:6E:B7:B6:0F:46:35:92:86:48:9D:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/13DDCFA128DC141F076EB7B60F46359286489D55.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/13DDCFA128DC141F076EB7B60F46359286489D55.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/13f68561-0a74-4cca-bf8f-12faaafc8eb8/2/326130613a363034303a613130313a3a2f34382d3438203d3e20323033383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:a101::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:b3:e3:27:65:da:fd:de:cc:51:e4:48:ca:9d:76:73:e0:ac:
         4e:a6:96:fc:cc:96:32:65:67:d1:e5:d7:7b:c5:24:06:2f:cb:
         07:c5:f3:c9:02:e2:a4:10:d3:6b:04:7d:14:a0:8f:df:24:70:
         26:9f:e9:cf:1b:b9:24:e7:bd:89:17:5b:78:49:8a:06:af:20:
         ea:28:17:62:a7:26:4c:b6:25:3e:fc:6f:76:de:6e:41:b9:91:
         2a:90:68:73:47:d8:d7:e4:35:14:3a:5a:cb:d1:a7:10:00:86:
         7c:bb:e9:37:32:9e:3e:06:b9:6a:36:a5:b8:76:5f:75:db:af:
         8d:84:88:a3:9b:53:83:45:ef:0d:a7:51:87:84:df:4d:04:2f:
         9f:be:a2:43:cf:a2:eb:1a:30:f4:6e:e9:d3:54:36:db:6c:3c:
         cb:a0:b4:6b:5f:98:bd:1b:91:76:71:08:c6:b0:47:d9:58:84:
         d6:30:73:f9:7f:59:fd:73:15:18:4c:b4:25:8e:38:12:ea:b8:
         4a:68:d5:85:e9:84:3b:c8:da:3d:54:3e:ad:79:d4:93:a5:c3:
         77:19:87:c7:1d:91:65:2b:7f:03:87:50:5f:64:4a:b5:bc:0f:
         8e:85:b0:02:69:b1:a7:5a:61:c2:76:71:4b:78:ef:2f:93:47:
         f1:24:61:a0
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUMsiEfCtRaojMf12zxkXnv8WgaokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTNERENGQTEyOERDMTQxRjA3NkVCN0I2MEY0NjM1OTI4
NjQ4OUQ1NTAeFw0yNDEwMDYwNDUwMzZaFw0yNTEwMDUwNDU1MzZaMDMxMTAvBgNV
BAMTKDUxQUYwMjMzNTc3NDhGQjBCMDc2NzRGNzg5NDJGRDUyRjk3RkU0RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYMU2QwjTDYB9a4qsy7COWs6a0
GAw7zT1cYnpukHJSBOkahPU+JouZ5E2vf2Gkyr/pvY3qaOYrgMmGQmrrcj+q2wxe
cYRGtIS/zlj13MkIYURtRLkFEYLMfmZ4qqIjG7aCWXRKbaOgmA10ifGwTx/jwtOJ
mJkkU6eQCVbUnnccqFLY+U6QfDJ3c8Gt9owOkooKBsCPMOhdts6RRUWeiky8dtej
/0zesQ7wMDaR4RdPH51rVngL5VpsxFLi63rRKvP/cT2U1fpW/vfhrk084boDknSD
I9nFwt+eK8gi5HwbDO+ol9VR4EaFrCmKlBjitsCJ1nuvMJclrj1ZjGPl+AF/AgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUUa8CM1d0j7CwdnT3iUL9Uvl/5PQwHwYDVR0j
BBgwFoAUE93PoSjcFB8Hbre2D0Y1koZInVUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTNmNjg1NjEtMGE3NC00Y2NhLWJmOGYtMTJmYWFhZmM4
ZWI4LzIvMTNERENGQTEyOERDMTQxRjA3NkVCN0I2MEY0NjM1OTI4NjQ4OUQ1NS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzEzRERDRkExMjhEQzE0
MUYwNzZFQjdCNjBGNDYzNTkyODY0ODlENTUuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzEzZjY4NTYxLTBhNzQtNGNjYS1iZjhmLTEyZmFhYWZjOGVi
OC8yLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjEzMTMwMzEzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMjMwMzMzODM0MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAoQEwDQYJKoZIhvcN
AQELBQADggEBAHWz4ydl2v3ezFHkSMqddnPgrE6mlvzMljJlZ9Hl13vFJAYvywfF
88kC4qQQ02sEfRSgj98kcCaf6c8buSTnvYkXW3hJigavIOooF2KnJky2JT78b3be
bkG5kSqQaHNH2NfkNRQ6WsvRpxAAhny76Tcynj4GuWo2pbh2X3Xbr42EiKObU4NF
7w2nUYeE300EL5++okPPousaMPRu6dNUNttsPMugtGtfmL0bkXZxCMawR9lYhNYw
c/l/Wf1zFRhMtCWOOBLquEpo1YXphDvI2j1UPq151JOlw3cZh8cdkWUrfwOHUF9k
SrW8D46FsAJpsadaYcJ2cUt47y+TR/EkYaA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:32:36 2024 by rpki-client on console-ams.rpki-client.org