Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130323a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3130323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          I3PkS/Ig3tYT7zNxaooDTThv7uAg/jbENqIFitl1sNs=
Subject key identifier:   9E:DA:E7:0D:51:C5:A7:0C:42:6E:2B:C5:BD:FC:B5:72:EB:3C:EC:1D
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       0540FEDA68F44A160794B29597D1EF731D8E86BD
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130323a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Tue 05 Mar 2024 14:39:19 +0000
ROA not before:           Tue 05 Mar 2024 14:34:19 +0000
ROA not after:            Tue 04 Mar 2025 14:39:19 +0000
asID:                     216324
IP address blocks:        2a14:7581:102::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:40:fe:da:68:f4:4a:16:07:94:b2:95:97:d1:ef:73:1d:8e:86:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar  5 14:34:19 2024 GMT
            Not After : Mar  4 14:39:19 2025 GMT
        Subject: CN=9EDAE70D51C5A70C426E2BC5BDFCB572EB3CEC1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a4:97:f5:76:cc:93:3a:bc:07:b7:cf:2c:a5:
                    d8:f8:5a:db:bf:fe:2c:be:e4:f0:6c:52:d6:e0:b4:
                    76:f3:44:a0:db:d8:2a:d3:75:d1:a7:c1:0a:67:1c:
                    61:16:ac:b2:9c:c5:4c:95:3a:c6:a1:5c:44:d1:95:
                    6e:3f:19:8d:30:05:a8:5c:74:a0:84:58:eb:cc:be:
                    7e:04:36:27:d2:2a:82:c2:77:9d:00:74:03:54:23:
                    1b:e1:c1:b4:53:86:a1:71:f4:99:35:73:5d:64:01:
                    d5:10:43:3d:bf:7e:e5:99:a8:a3:1a:e8:e2:16:6f:
                    ec:a9:b1:d0:19:c3:c9:04:fc:8d:82:21:3b:28:64:
                    c8:d7:83:5e:ad:5f:8f:b4:d0:2c:66:c4:10:97:ab:
                    b7:d4:75:cd:19:86:f6:c8:87:f5:7f:3f:13:44:44:
                    13:b7:53:18:7b:d7:8a:e8:78:2c:3b:05:d8:ae:7d:
                    9c:f4:21:b5:df:38:dd:48:1e:a9:47:29:51:29:ba:
                    21:a6:b5:28:26:f8:52:93:04:1a:6f:ac:93:c7:ee:
                    57:14:fd:95:b3:3a:69:4b:8f:26:d1:59:41:03:88:
                    cf:34:85:21:03:0e:59:2c:4c:6c:9a:9b:f4:c8:2a:
                    53:5f:07:78:c8:2b:6f:1a:d3:9c:a9:2b:5a:9f:73:
                    d0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:DA:E7:0D:51:C5:A7:0C:42:6E:2B:C5:BD:FC:B5:72:EB:3C:EC:1D
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130323a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:102::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:fd:85:1c:2b:1e:06:da:be:b2:d9:93:02:07:04:45:40:04:
         3d:82:aa:c7:1a:ea:43:0b:c2:02:10:a9:59:4a:d0:ae:e0:f2:
         24:5f:c3:b6:92:49:e1:4a:36:6b:0e:32:02:20:57:3f:0f:0d:
         53:99:2a:97:b8:39:98:fe:99:24:ca:97:ad:e1:27:c3:31:bb:
         2d:22:a0:30:4a:d9:48:4b:df:e6:de:49:58:81:ab:51:66:20:
         5f:2c:22:77:06:49:bd:f5:6f:ca:a2:75:ce:ea:75:1c:5e:73:
         00:01:3a:12:72:03:9f:7b:ea:37:d2:d0:d9:2c:61:08:bc:e3:
         fb:18:27:37:8b:b5:84:eb:30:1b:26:5d:de:0b:46:06:a5:0e:
         95:fc:99:da:a3:68:c9:3b:e8:4a:20:d1:a0:dd:a4:50:be:2a:
         2d:8e:20:7b:25:2e:e7:a5:48:84:41:8c:90:8c:e9:6e:67:62:
         35:fa:d1:cd:35:e2:25:48:b0:8f:08:c6:8b:4e:ac:30:90:1a:
         9b:8f:a9:2e:62:8d:e3:c4:36:67:73:9d:94:ef:7d:89:e4:f4:
         69:18:fd:e6:cf:42:a6:2c:8d:72:a5:24:12:3a:0c:d1:02:8f:
         c6:25:76:40:5f:be:f9:ec:ed:a3:a4:e3:4e:fc:14:a9:13:a9:
         b0:f5:0e:5c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUBUD+2mj0ShYHlLKVl9Hvcx2Ohr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMDUxNDM0MTlaFw0yNTAzMDQxNDM5MTlaMDMxMTAvBgNV
BAMTKDlFREFFNzBENTFDNUE3MEM0MjZFMkJDNUJERkNCNTcyRUIzQ0VDMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1pJf1dsyTOrwHt88spdj4Wtu/
/iy+5PBsUtbgtHbzRKDb2CrTddGnwQpnHGEWrLKcxUyVOsahXETRlW4/GY0wBahc
dKCEWOvMvn4ENifSKoLCd50AdANUIxvhwbRThqFx9Jk1c11kAdUQQz2/fuWZqKMa
6OIWb+ypsdAZw8kE/I2CITsoZMjXg16tX4+00CxmxBCXq7fUdc0ZhvbIh/V/PxNE
RBO3Uxh714roeCw7BdiufZz0IbXfON1IHqlHKVEpuiGmtSgm+FKTBBpvrJPH7lcU
/ZWzOmlLjybRWUEDiM80hSEDDlksTGyam/TIKlNfB3jIK28a05ypK1qfc9AtAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUntrnDVHFpwxCbivFvfy1cus87B0wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBAjANBgkqhkiG9w0BAQsFAAOCAQEAef2F
HCseBtq+stmTAgcERUAEPYKqxxrqQwvCAhCpWUrQruDyJF/DtpJJ4Uo2aw4yAiBX
Pw8NU5kql7g5mP6ZJMqXreEnwzG7LSKgMErZSEvf5t5JWIGrUWYgXywidwZJvfVv
yqJ1zup1HF5zAAE6EnIDn3vqN9LQ2SxhCLzj+xgnN4u1hOswGyZd3gtGBqUOlfyZ
2qNoyTvoSiDRoN2kUL4qLY4geyUu56VIhEGMkIzpbmdiNfrRzTXiJUiwjwjGi06s
MJAam4+pLmKN48Q2Z3OdlO99ieT0aRj95s9CpiyNcqUkEjoM0QKPxiV2QF+++ezt
o6TjTvwUqROpsPUOXA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org