Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          cPmNtEX7Otv7W5Ct8xptEWzWWLu6jbcWx9tQvZXPRA8=
Subject key identifier:   DC:40:75:3D:21:00:45:63:C9:B6:60:B6:3C:01:4D:A9:93:C9:21:18
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       78F1B715DB76ED63A9F339ACCF8C29B35A869A76
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Tue 05 Mar 2024 14:39:10 +0000
ROA not before:           Tue 05 Mar 2024 14:34:10 +0000
ROA not after:            Tue 04 Mar 2025 14:39:10 +0000
asID:                     216324
IP address blocks:        2a14:7581:101::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:f1:b7:15:db:76:ed:63:a9:f3:39:ac:cf:8c:29:b3:5a:86:9a:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar  5 14:34:10 2024 GMT
            Not After : Mar  4 14:39:10 2025 GMT
        Subject: CN=DC40753D21004563C9B660B63C014DA993C92118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:51:ae:a5:39:f9:c5:f1:5b:90:b5:4f:88:8c:
                    ec:2c:d2:19:82:63:f5:94:4e:0a:ca:a8:97:45:91:
                    01:f5:d3:4e:7f:fc:52:c9:a3:ad:58:c2:3e:bd:f3:
                    6a:68:68:6b:ef:56:b4:b6:ce:6a:52:2d:d6:89:fd:
                    03:b7:23:88:e9:14:d9:e4:d6:2a:e2:4c:aa:c1:fd:
                    2f:71:a3:37:d9:91:fd:df:8f:6c:8e:b3:74:b4:5c:
                    43:6b:48:61:3d:58:63:e7:15:d3:42:3f:75:14:55:
                    a6:e6:71:9f:da:e5:f0:25:1a:75:66:13:6e:b6:7c:
                    ec:d3:65:01:71:3a:9c:ff:65:c8:b2:1d:f1:23:d1:
                    85:69:be:7f:c7:34:bc:48:ab:bd:75:a8:91:d2:ea:
                    ff:13:33:da:95:8b:4b:b9:27:fc:6f:4a:cd:d0:53:
                    2b:5c:4b:9c:01:e3:8c:3d:15:9f:a6:64:90:5f:e2:
                    96:20:b8:98:49:1e:49:73:1e:72:cf:50:54:1a:dc:
                    43:41:12:d0:2a:3b:42:4a:6d:33:85:fa:2f:6f:c0:
                    ad:1d:ab:80:ff:03:38:e2:fc:17:a4:49:e4:08:d6:
                    45:31:e0:d0:82:38:d8:c1:33:f3:8c:c3:86:0a:36:
                    f2:b0:15:c1:11:ac:7b:70:66:e7:1a:a9:fc:46:1b:
                    23:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:40:75:3D:21:00:45:63:C9:B6:60:B6:3C:01:4D:A9:93:C9:21:18
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:101::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:cb:dd:d4:f9:dd:0d:4c:17:42:7b:0d:f0:0d:21:cb:06:ac:
         ad:f0:2e:9b:34:9e:46:34:8b:16:fc:de:46:69:9e:83:a4:de:
         80:7a:fa:d0:62:6c:ae:e2:02:1e:74:a3:0d:21:61:97:9f:0b:
         7a:9e:d1:37:0b:a0:a8:33:71:39:ff:60:b1:3e:26:fb:53:a7:
         c7:79:76:2e:d1:ea:6a:fe:ce:c3:a7:3e:e7:3f:69:2b:98:7d:
         bd:ec:89:f0:e4:0f:d5:48:fb:83:11:fe:11:25:17:da:40:d8:
         7c:15:b5:ea:2d:0b:2e:5f:b0:2e:26:12:cb:09:38:7a:3e:ee:
         4b:30:48:ae:a4:4c:73:79:50:55:a2:0f:8a:64:45:41:83:f0:
         af:38:c8:6a:1e:5f:66:18:e7:05:bf:7d:ad:1e:38:fe:16:5d:
         ce:20:41:72:a8:68:5e:8a:20:3e:22:f3:21:3a:fe:ef:19:a5:
         ae:81:56:18:b3:b0:b1:e4:23:f7:76:3a:76:07:4b:de:6e:6e:
         76:ea:de:c5:1f:39:19:89:2c:3a:06:f1:f9:bc:a9:b6:f1:c1:
         23:18:88:cf:3e:0a:61:38:13:e9:e8:9e:44:43:61:4f:f0:16:
         33:da:1d:e6:31:55:3b:19:84:b3:09:42:94:49:61:a0:01:87:
         7d:3a:b0:bb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUePG3Fdt27WOp8zmsz4wps1qGmnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMDUxNDM0MTBaFw0yNTAzMDQxNDM5MTBaMDMxMTAvBgNV
BAMTKERDNDA3NTNEMjEwMDQ1NjNDOUI2NjBCNjNDMDE0REE5OTNDOTIxMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWUa6lOfnF8VuQtU+IjOws0hmC
Y/WUTgrKqJdFkQH1005//FLJo61Ywj6982poaGvvVrS2zmpSLdaJ/QO3I4jpFNnk
1iriTKrB/S9xozfZkf3fj2yOs3S0XENrSGE9WGPnFdNCP3UUVabmcZ/a5fAlGnVm
E262fOzTZQFxOpz/ZciyHfEj0YVpvn/HNLxIq711qJHS6v8TM9qVi0u5J/xvSs3Q
UytcS5wB44w9FZ+mZJBf4pYguJhJHklzHnLPUFQa3ENBEtAqO0JKbTOF+i9vwK0d
q4D/Azji/BekSeQI1kUx4NCCONjBM/OMw4YKNvKwFcERrHtwZucaqfxGGyPDAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU3EB1PSEARWPJtmC2PAFNqZPJIRgwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBATANBgkqhkiG9w0BAQsFAAOCAQEAN8vd
1PndDUwXQnsN8A0hywasrfAumzSeRjSLFvzeRmmeg6TegHr60GJsruICHnSjDSFh
l58Lep7RNwugqDNxOf9gsT4m+1Onx3l2LtHqav7Ow6c+5z9pK5h9veyJ8OQP1Uj7
gxH+ESUX2kDYfBW16i0LLl+wLiYSywk4ej7uSzBIrqRMc3lQVaIPimRFQYPwrzjI
ah5fZhjnBb99rR44/hZdziBBcqhoXoogPiLzITr+7xmlroFWGLOwseQj93Y6dgdL
3m5udurexR85GYksOgbx+byptvHBIxiIzz4KYTgT6eieRENhT/AWM9od5jFVOxmE
swlClElhoAGHfTqwuw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org