Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130333a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3130333a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          nuxJuKlibAsrHVsIwRT0ESLHthaHOTlK3o9kdj0C2no=
Subject key identifier:   5D:CF:92:AB:6F:E2:33:3A:A2:6D:4A:B0:8A:5A:EB:10:94:AD:54:C3
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       09A9BD70AB4DFD8DE2B98146D0740EF290DEBDB3
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130333a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Tue 05 Mar 2024 14:39:26 +0000
ROA not before:           Tue 05 Mar 2024 14:34:26 +0000
ROA not after:            Tue 04 Mar 2025 14:39:26 +0000
asID:                     216324
IP address blocks:        2a14:7581:103::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:a9:bd:70:ab:4d:fd:8d:e2:b9:81:46:d0:74:0e:f2:90:de:bd:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar  5 14:34:26 2024 GMT
            Not After : Mar  4 14:39:26 2025 GMT
        Subject: CN=5DCF92AB6FE2333AA26D4AB08A5AEB1094AD54C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a6:7a:86:7c:c8:97:58:dd:74:b0:3b:e4:b5:
                    ba:37:ea:a9:d9:23:12:61:64:3f:10:9e:3c:5d:aa:
                    1e:0b:f7:b3:28:7f:57:a0:58:b6:83:ce:a4:c2:1c:
                    8c:df:d1:70:37:e7:ee:b1:0d:a8:e2:b6:4c:ed:41:
                    0f:8a:71:dd:d1:85:2c:10:0b:b5:29:69:2d:1c:5d:
                    12:61:dc:37:ef:f1:9a:ca:20:75:f5:1b:be:fd:f0:
                    aa:14:b4:84:85:ab:f7:de:55:ac:71:1a:04:d2:7d:
                    ab:71:a4:13:99:b9:5d:99:97:0b:31:db:b3:c5:04:
                    e1:ee:20:70:68:99:33:f0:c3:ee:c3:62:c9:4e:bd:
                    cb:40:7f:46:df:12:a3:a8:8e:fa:99:21:50:3a:f2:
                    52:eb:70:d3:bd:c6:ed:cd:c5:28:d0:c4:01:5d:65:
                    d8:5c:af:9c:7e:df:e1:dc:3c:ff:ed:27:b0:43:a4:
                    3c:eb:e5:97:59:fe:78:c1:6b:4d:52:c0:87:91:89:
                    f6:99:ae:9e:bd:5f:cf:51:34:6b:27:0c:f7:10:3f:
                    98:24:d0:c0:5e:46:06:69:6c:42:ca:3a:af:7c:3d:
                    c2:10:9f:05:1f:6e:a5:5a:f9:63:85:64:81:e2:52:
                    92:6e:ee:b1:fc:a8:7c:8a:0f:31:75:21:57:30:4c:
                    b8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CF:92:AB:6F:E2:33:3A:A2:6D:4A:B0:8A:5A:EB:10:94:AD:54:C3
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130333a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:103::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:64:43:b8:cf:49:ca:83:0f:a4:f8:83:61:92:da:02:3d:f7:
         46:00:3f:82:a4:dd:3d:78:99:43:d6:26:06:82:88:c2:b2:ce:
         b2:41:f3:ff:1f:cf:18:f6:8b:79:99:0d:8c:17:85:5f:ca:7d:
         8d:45:51:30:d0:0c:df:a5:37:bb:fe:90:93:f9:cc:fc:9b:a9:
         21:2d:fd:85:68:f5:ef:c6:88:fc:95:f6:98:65:e0:da:a1:a9:
         ab:09:7d:c8:f6:34:39:a5:e9:62:da:c3:2b:a0:32:9e:43:f5:
         25:79:1e:3c:a1:2b:10:3a:7b:3b:3d:50:ec:36:ea:e6:30:88:
         59:f8:00:c1:63:9f:14:37:ad:10:21:97:19:02:06:ed:02:36:
         d1:15:b4:17:34:21:8a:74:aa:31:d2:d2:a8:ca:67:c0:50:6a:
         ad:fe:c5:80:dd:63:36:83:14:54:7f:39:67:ba:aa:40:6e:c0:
         f3:3d:62:cb:b2:6a:31:63:7b:d9:c4:2b:cb:11:ac:8f:9a:f0:
         0e:4b:c8:50:5e:c0:b2:29:0a:dd:f5:48:5b:b9:a0:ad:a5:c7:
         08:c2:51:ad:40:84:e6:23:8a:d0:b5:f5:1d:6f:8e:aa:3d:22:
         ff:4e:df:ef:ba:8f:fc:f7:8b:5e:2f:08:91:1e:80:f8:4f:ba:
         2b:d1:d8:ab
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUCam9cKtN/Y3iuYFG0HQO8pDevbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMDUxNDM0MjZaFw0yNTAzMDQxNDM5MjZaMDMxMTAvBgNV
BAMTKDVEQ0Y5MkFCNkZFMjMzM0FBMjZENEFCMDhBNUFFQjEwOTRBRDU0QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYpnqGfMiXWN10sDvktbo36qnZ
IxJhZD8Qnjxdqh4L97Mof1egWLaDzqTCHIzf0XA35+6xDajitkztQQ+Kcd3RhSwQ
C7UpaS0cXRJh3Dfv8ZrKIHX1G7798KoUtISFq/feVaxxGgTSfatxpBOZuV2Zlwsx
27PFBOHuIHBomTPww+7DYslOvctAf0bfEqOojvqZIVA68lLrcNO9xu3NxSjQxAFd
Zdhcr5x+3+HcPP/tJ7BDpDzr5ZdZ/njBa01SwIeRifaZrp69X89RNGsnDPcQP5gk
0MBeRgZpbELKOq98PcIQnwUfbqVa+WOFZIHiUpJu7rH8qHyKDzF1IVcwTLhPAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUXc+Sq2/iMzqibUqwilrrEJStVMMwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBAzANBgkqhkiG9w0BAQsFAAOCAQEAWmRD
uM9JyoMPpPiDYZLaAj33RgA/gqTdPXiZQ9YmBoKIwrLOskHz/x/PGPaLeZkNjBeF
X8p9jUVRMNAM36U3u/6Qk/nM/JupIS39hWj178aI/JX2mGXg2qGpqwl9yPY0OaXp
YtrDK6AynkP1JXkePKErEDp7Oz1Q7Dbq5jCIWfgAwWOfFDetECGXGQIG7QI20RW0
FzQhinSqMdLSqMpnwFBqrf7FgN1jNoMUVH85Z7qqQG7A8z1iy7JqMWN72cQryxGs
j5rwDkvIUF7AsikK3fVIW7mgraXHCMJRrUCE5iOK0LX1HW+Oqj0i/07f77qP/PeL
Xi8IkR6A+E+6K9HYqw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org