Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20313939353832.roa
File:                     326130353a646663313a336630303a3a2f34302d3430203d3e20313939353832.roa (raw, json)
Hash identifier:          z74avPSKcJKytxYlrd57W77A2vT4WHAPDkMfkdPrZyw=
Subject key identifier:   64:38:7B:96:92:C8:FA:B7:8C:97:61:CF:A8:4B:E4:71:A7:7D:08:35
Certificate issuer:       /CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
Certificate serial:       06251DB737BAC0DA18A69172E162F45982DD5C75
Authority key identifier: A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20313939353832.roa
Signing time:             Fri 30 Aug 2024 20:27:21 +0000
ROA not before:           Fri 30 Aug 2024 20:22:21 +0000
ROA not after:            Fri 29 Aug 2025 20:27:21 +0000
asID:                     199582
IP address blocks:        2a05:dfc1:3f00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Nov 2024 11:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:25:1d:b7:37:ba:c0:da:18:a6:91:72:e1:62:f4:59:82:dd:5c:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
        Validity
            Not Before: Aug 30 20:22:21 2024 GMT
            Not After : Aug 29 20:27:21 2025 GMT
        Subject: CN=64387B9692C8FAB78C9761CFA84BE471A77D0835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:02:e1:15:be:3a:76:09:00:e4:d1:1c:2c:a8:
                    e2:a8:cb:43:96:1a:0b:8f:80:20:c5:da:19:26:76:
                    f2:c0:af:f6:67:91:ad:fe:96:66:22:de:de:0d:97:
                    91:00:5a:18:e5:ad:eb:73:4a:68:29:1f:0c:8a:9b:
                    4e:55:e0:0c:5f:c3:b9:ab:0b:ca:db:16:cb:44:f9:
                    e9:b1:45:ce:01:3b:18:4f:9f:7e:92:fd:72:96:1a:
                    e4:3d:85:7d:19:d0:4f:d3:88:d8:5e:8f:88:b8:0d:
                    b3:58:13:33:20:08:78:28:e2:11:9d:f9:7e:70:83:
                    0c:a0:5c:01:10:0d:65:a3:4a:0b:47:e0:bb:92:cf:
                    33:d9:d8:90:50:c1:80:2c:5f:2e:ad:07:87:aa:f2:
                    6e:24:bd:f3:15:d8:79:06:76:34:99:04:43:8c:86:
                    6b:f2:3d:ea:50:b6:46:a4:2d:48:02:68:fe:18:50:
                    2d:1b:27:13:47:e7:ab:51:b3:9e:50:34:61:95:61:
                    26:b7:6a:ad:e1:be:c5:c6:db:5e:57:b9:66:2c:34:
                    fc:cf:40:ce:86:f0:04:c5:6b:ab:17:9d:71:71:9f:
                    25:bc:de:3f:b7:48:a9:7a:2e:75:d0:d7:b1:50:5e:
                    8b:71:77:4d:da:57:e5:58:94:72:22:88:cd:22:7c:
                    eb:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:38:7B:96:92:C8:FA:B7:8C:97:61:CF:A8:4B:E4:71:A7:7D:08:35
            X509v3 Authority Key Identifier:
                keyid:A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20313939353832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:3f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         7b:c5:c6:43:2f:c0:8d:68:d3:d8:17:89:44:b2:d4:00:cc:29:
         fe:fb:33:4f:6e:32:6c:90:78:14:ff:4a:91:50:13:21:f2:5b:
         3b:54:9b:51:74:1a:9b:af:80:35:9c:8d:74:5f:57:da:62:0c:
         d7:83:08:cf:e8:02:be:b9:5d:af:83:59:19:c0:3c:7a:9f:3a:
         8c:f9:f4:f8:77:e0:0f:f1:e7:fd:29:03:fe:30:9c:fe:04:ef:
         5c:2e:6b:83:28:49:60:ce:71:9c:50:69:c3:fc:d8:04:11:e9:
         a4:7f:75:b3:6c:a5:36:87:2e:d4:5f:8f:d1:9f:8a:9e:24:a1:
         7e:48:9b:fe:a6:d7:f5:56:03:0b:e9:f2:72:40:ba:75:6c:63:
         c3:e9:19:e4:4e:9d:e4:eb:79:8d:b7:59:06:39:ed:6b:61:df:
         f9:c4:1d:be:05:f5:f4:fd:30:9c:29:7e:c2:70:6c:74:a6:20:
         e4:ba:f9:4a:45:85:39:f3:22:61:e1:78:30:f4:0c:a6:e5:ef:
         99:9b:80:40:cc:cb:25:76:0f:b4:87:ad:d8:be:c4:80:d5:f8:
         17:31:73:99:0a:b7:24:3b:36:c2:2c:3f:ab:57:fb:88:86:ef:
         3c:9b:c6:ce:a1:58:ce:f8:b6:f2:d5:10:53:84:dc:26:96:cf:
         85:5a:70:38
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUBiUdtze6wNoYppFy4WL0WYLdXHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1
Q0NDMEJFMTAeFw0yNDA4MzAyMDIyMjFaFw0yNTA4MjkyMDI3MjFaMDMxMTAvBgNV
BAMTKDY0Mzg3Qjk2OTJDOEZBQjc4Qzk3NjFDRkE4NEJFNDcxQTc3RDA4MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5AuEVvjp2CQDk0RwsqOKoy0OW
GguPgCDF2hkmdvLAr/Znka3+lmYi3t4Nl5EAWhjlretzSmgpHwyKm05V4Axfw7mr
C8rbFstE+emxRc4BOxhPn36S/XKWGuQ9hX0Z0E/TiNhej4i4DbNYEzMgCHgo4hGd
+X5wgwygXAEQDWWjSgtH4LuSzzPZ2JBQwYAsXy6tB4eq8m4kvfMV2HkGdjSZBEOM
hmvyPepQtkakLUgCaP4YUC0bJxNH56tRs55QNGGVYSa3aq3hvsXG215XuWYsNPzP
QM6G8ATFa6sXnXFxnyW83j+3SKl6LnXQ17FQXotxd03aV+VYlHIiiM0ifOvFAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUZDh7lpLI+reMl2HPqEvkcad9CDUwHwYDVR0j
BBgwFoAUqEXYR7J8GNKoxD9H7aruq1zMC+EwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWQyMGJlNGMtOGRiMy00NWUxLTgxNjktMGYyZTQwODQx
MzJjLzEvQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1Q0NDMEJFMS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0E4NDVEODQ3QjI3QzE4
RDJBOEM0M0Y0N0VEQUFFRUFCNUNDQzBCRTEuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzFkMjBiZTRjLThkYjMtNDVlMS04MTY5LTBmMmU0MDg0MTMy
Yy8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzM2NjMwMzAzYTNhMmYzNDMwMmQzNDMw
MjAzZDNlMjAzMTM5MzkzNTM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqBd/BPzANBgkqhkiG9w0B
AQsFAAOCAQEAe8XGQy/AjWjT2BeJRLLUAMwp/vszT24ybJB4FP9KkVATIfJbO1Sb
UXQam6+ANZyNdF9X2mIM14MIz+gCvrldr4NZGcA8ep86jPn0+HfgD/Hn/SkD/jCc
/gTvXC5rgyhJYM5xnFBpw/zYBBHppH91s2ylNocu1F+P0Z+KniShfkib/qbX9VYD
C+nyckC6dWxjw+kZ5E6d5Ot5jbdZBjnta2Hf+cQdvgX19P0wnCl+wnBsdKYg5Lr5
SkWFOfMiYeF4MPQMpuXvmZuAQMzLJXYPtIet2L7EgNX4FzFzmQq3JDs2wiw/q1f7
iIbvPJvGzqFYzvi28tUQU4TcJpbPhVpwOA==
-----END CERTIFICATE-----
Generated at Sat Nov 9 19:29:51 2024 by rpki-client on console-fra.rpki-client.org