Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666663a3a2f34382d3438203d3e20323030313739.roa
File:                     326131343a316563373a666666663a3a2f34382d3438203d3e20323030313739.roa (raw, json)
Hash identifier:          OA1iCWMH/fVsbH/PVeaw+nsZWkfYlhG55ODsEs8KPMY=
Subject key identifier:   5F:AD:B7:0E:70:13:F6:1A:5E:9F:8C:D5:57:09:0D:38:7D:6B:B3:3B
Certificate issuer:       /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial:       5D0029AB9FD74B59E635A1F607D41F7E118FCC3F
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666663a3a2f34382d3438203d3e20323030313739.roa
Signing time:             Fri 15 Mar 2024 18:51:52 +0000
ROA not before:           Fri 15 Mar 2024 18:46:52 +0000
ROA not after:            Fri 14 Mar 2025 18:51:52 +0000
asID:                     200179
IP address blocks:        2a14:1ec7:ffff::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:00:29:ab:9f:d7:4b:59:e6:35:a1:f6:07:d4:1f:7e:11:8f:cc:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
        Validity
            Not Before: Mar 15 18:46:52 2024 GMT
            Not After : Mar 14 18:51:52 2025 GMT
        Subject: CN=5FADB70E7013F61A5E9F8CD557090D387D6BB33B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2c:73:84:22:2d:20:1c:e8:8c:6a:65:5a:fb:
                    65:c0:e9:fb:78:0d:4b:ee:59:ed:55:e3:f9:7c:97:
                    0b:0b:63:cf:32:01:45:84:dd:42:60:96:be:57:41:
                    1c:bd:c9:73:86:b0:db:e4:b5:14:e3:75:16:e0:3f:
                    e4:63:12:c4:0a:d4:a1:f7:a7:28:01:21:ef:da:4c:
                    73:9d:09:02:3c:0a:33:f9:0d:5a:9e:ee:0f:76:a7:
                    2b:22:30:3e:b0:d9:af:b2:c1:57:4c:aa:99:dc:f9:
                    4c:a4:8b:1b:ac:90:59:f6:72:03:23:6f:b5:ae:cc:
                    d1:0d:c6:1c:ee:e8:dc:1d:c2:72:0d:27:cd:49:8d:
                    d9:41:2f:50:b1:ec:48:32:d8:d1:8c:c9:22:3a:43:
                    21:51:4a:5b:78:03:99:94:24:d4:f9:9b:82:6b:82:
                    53:43:cc:6b:45:46:df:21:d2:ba:3b:1b:b0:78:b4:
                    08:ea:16:fa:80:c4:4a:e2:42:8d:f9:8d:8a:d0:dc:
                    ef:d4:35:f7:8d:07:f7:d4:92:62:45:a6:46:e2:c1:
                    dc:25:c3:b0:83:6e:86:d7:af:58:a0:5f:87:88:d6:
                    b3:aa:a0:ef:1b:54:e8:f8:42:8f:a5:55:c8:2f:49:
                    53:5f:e8:04:88:16:53:63:a2:30:8c:89:62:5f:65:
                    53:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:AD:B7:0E:70:13:F6:1A:5E:9F:8C:D5:57:09:0D:38:7D:6B:B3:3B
            X509v3 Authority Key Identifier:
                keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666666663a3a2f34382d3438203d3e20323030313739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:1ec7:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:17:aa:cd:e1:a0:77:79:23:50:dd:78:56:36:3b:6f:d0:2f:
         d5:e7:b9:88:e5:69:65:59:b2:8f:cc:bc:26:ab:a8:a6:9a:e9:
         27:de:ae:14:0e:b9:fb:66:62:00:2f:82:7f:eb:43:49:5b:fb:
         23:64:6e:0b:8a:85:5d:44:d8:fb:8c:f6:83:1b:fc:9f:fe:71:
         a0:3c:3f:ed:9f:01:5b:dc:fc:3c:8b:27:56:d5:9a:c5:9b:5a:
         ea:d5:eb:96:f6:fa:84:7d:03:d6:72:aa:e7:2e:3d:93:75:70:
         5f:2d:ed:55:22:44:9c:68:2e:3a:62:b9:38:92:2d:a1:19:0b:
         d1:fd:3a:0a:e4:45:38:a8:ab:30:02:9b:0e:f6:65:f2:40:8e:
         48:ad:4f:29:15:89:1d:9e:04:f0:7a:ab:fc:e1:2c:15:cc:54:
         14:39:7d:d9:51:bb:43:a8:29:d5:b5:22:28:9d:f6:19:2e:d7:
         68:01:0b:e0:35:c4:fe:28:b9:e2:6f:36:af:7d:5b:e4:50:45:
         28:0c:02:f7:5e:f9:2e:b1:7e:a8:9c:c2:d5:5d:45:50:d3:bb:
         9a:02:2f:1e:3c:9e:c3:3d:96:1a:1a:d5:3c:6a:c3:66:07:ee:
         f8:3e:30:6a:0c:50:73:83:fd:af:02:9c:8e:4e:67:10:55:ca:
         23:71:0a:5d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUXQApq5/XS1nmNaH2B9QffhGPzD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDAzMTUxODQ2NTJaFw0yNTAzMTQxODUxNTJaMDMxMTAvBgNV
BAMTKDVGQURCNzBFNzAxM0Y2MUE1RTlGOENENTU3MDkwRDM4N0Q2QkIzM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8LHOEIi0gHOiMamVa+2XA6ft4
DUvuWe1V4/l8lwsLY88yAUWE3UJglr5XQRy9yXOGsNvktRTjdRbgP+RjEsQK1KH3
pygBIe/aTHOdCQI8CjP5DVqe7g92pysiMD6w2a+ywVdMqpnc+UykixuskFn2cgMj
b7WuzNENxhzu6NwdwnINJ81JjdlBL1Cx7Egy2NGMySI6QyFRSlt4A5mUJNT5m4Jr
glNDzGtFRt8h0ro7G7B4tAjqFvqAxEriQo35jYrQ3O/UNfeNB/fUkmJFpkbiwdwl
w7CDbobXr1igX4eI1rOqoO8bVOj4Qo+lVcgvSVNf6ASIFlNjojCMiWJfZVNnAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUX623DnAT9hpen4zVVwkNOH1rszswHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjY2NjY2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMDMxMzczOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUHsf//zANBgkqhkiG9w0BAQsFAAOCAQEAQxeqzeGgd3kjUN14
VjY7b9Av1ee5iOVpZVmyj8y8JquopprpJ96uFA65+2ZiAC+Cf+tDSVv7I2RuC4qF
XUTY+4z2gxv8n/5xoDw/7Z8BW9z8PIsnVtWaxZta6tXrlvb6hH0D1nKq5y49k3Vw
Xy3tVSJEnGguOmK5OJItoRkL0f06CuRFOKirMAKbDvZl8kCOSK1PKRWJHZ4E8Hqr
/OEsFcxUFDl92VG7Q6gp1bUiKJ32GS7XaAEL4DXE/ii54m82r31b5FBFKAwC9175
LrF+qJzC1V1FUNO7mgIvHjyewz2WGhrVPGrDZgfu+D4wagxQc4P9rwKcjk5nEFXK
I3EKXQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:14:42 2024 by rpki-client on console-fra.rpki-client.org