Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3130343a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          M4AFawuD6mVftpSAmco5ZCZQYh7plZkky5TYjOq7o9g=
Subject key identifier:   23:2A:A1:03:7D:84:99:86:72:87:1E:F5:58:87:D6:E1:5A:A2:97:B6
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       501A6178F7DD2A7086B86BA26C48F8D73FC7747E
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Tue 12 Mar 2024 05:31:17 +0000
ROA not before:           Tue 12 Mar 2024 05:26:17 +0000
ROA not after:            Tue 11 Mar 2025 05:31:17 +0000
asID:                     216324
IP address blocks:        2a14:7581:104::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:1a:61:78:f7:dd:2a:70:86:b8:6b:a2:6c:48:f8:d7:3f:c7:74:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar 12 05:26:17 2024 GMT
            Not After : Mar 11 05:31:17 2025 GMT
        Subject: CN=232AA1037D84998672871EF55887D6E15AA297B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:33:ea:3b:db:c8:70:0a:91:f0:cd:34:e7:b1:
                    9a:55:db:e9:8f:e5:3c:2a:58:89:50:16:bf:ad:f9:
                    6b:d6:51:ec:2b:05:9d:fe:ff:a1:81:41:26:75:60:
                    3a:3d:78:c0:6b:b1:af:ab:a5:68:a3:63:c3:a8:45:
                    1a:a7:9b:2b:35:53:88:db:ee:53:09:bb:e8:37:f6:
                    1e:cd:15:d3:b6:ed:1b:96:6a:b7:cf:59:38:22:b3:
                    7c:a5:7b:b3:f9:14:e6:4e:1c:a2:25:24:39:48:3b:
                    98:a0:c9:ad:19:76:9f:13:7b:05:e6:41:ea:ed:5d:
                    81:03:da:59:95:57:5c:8b:44:93:94:cb:7c:36:97:
                    20:5c:fe:6f:1a:f7:0b:10:7f:1d:d1:69:cf:86:5c:
                    db:40:60:ed:58:e5:bc:aa:6d:06:68:58:81:ec:28:
                    c6:88:c2:34:66:9e:29:e1:1c:51:b8:dc:20:8c:6d:
                    22:35:10:cd:f9:c2:33:4a:d8:8b:8a:b0:ef:6d:82:
                    51:7c:ec:21:6f:a2:94:f0:36:32:a6:a1:e1:de:e8:
                    c1:cb:f6:fc:23:b7:d8:ff:cc:9e:44:43:b2:02:06:
                    91:56:4d:44:86:95:8b:94:70:f4:02:ee:c9:2c:48:
                    3e:4c:9d:52:e7:0c:aa:cd:e6:28:6a:84:c5:fe:fa:
                    b9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:2A:A1:03:7D:84:99:86:72:87:1E:F5:58:87:D6:E1:5A:A2:97:B6
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:104::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:28:71:34:ed:69:40:70:44:60:90:4e:04:e4:23:2d:fe:ef:
         6e:a1:be:05:44:52:4a:9f:b5:7b:1a:70:80:52:58:42:f3:fd:
         f6:77:a8:dc:be:fe:08:ba:cc:5e:82:a4:83:ac:37:b1:02:0a:
         c9:a0:f7:7b:d3:0c:f3:77:87:a6:92:74:9f:dd:dd:cc:b1:3a:
         d8:25:5f:2f:ca:e1:fb:86:7b:05:b9:cf:85:ec:5c:46:ec:14:
         34:00:9f:64:9f:af:12:7c:05:27:23:d9:c9:2d:32:7d:dc:64:
         34:15:6d:de:10:e8:16:3a:b0:44:06:0d:68:f8:24:2e:d9:65:
         05:63:92:ad:28:44:26:39:d9:ef:34:b9:42:7c:15:7c:e5:22:
         9b:7e:e3:9e:95:3b:45:88:bb:d8:17:03:1b:47:9f:84:87:14:
         55:3d:05:11:56:4a:c1:39:e6:dd:48:12:47:ab:63:34:57:51:
         72:e4:7e:6c:be:99:0b:bf:b5:a4:6a:64:c7:a9:cc:cd:d9:43:
         79:19:e9:3e:59:55:08:d7:77:1f:d0:60:df:1b:cf:31:b3:ad:
         37:c1:77:5b:55:01:93:d4:0d:a6:fe:31:03:56:28:37:c5:81:
         01:b0:68:36:4f:95:1a:a6:23:42:c4:9b:e2:49:35:48:f8:39:
         55:d7:6c:3a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUUBphePfdKnCGuGuibEj41z/HdH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMTIwNTI2MTdaFw0yNTAzMTEwNTMxMTdaMDMxMTAvBgNV
BAMTKDIzMkFBMTAzN0Q4NDk5ODY3Mjg3MUVGNTU4ODdENkUxNUFBMjk3QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+M+o728hwCpHwzTTnsZpV2+mP
5TwqWIlQFr+t+WvWUewrBZ3+/6GBQSZ1YDo9eMBrsa+rpWijY8OoRRqnmys1U4jb
7lMJu+g39h7NFdO27RuWarfPWTgis3yle7P5FOZOHKIlJDlIO5igya0Zdp8TewXm
QertXYED2lmVV1yLRJOUy3w2lyBc/m8a9wsQfx3Rac+GXNtAYO1Y5byqbQZoWIHs
KMaIwjRmninhHFG43CCMbSI1EM35wjNK2IuKsO9tglF87CFvopTwNjKmoeHe6MHL
9vwjt9j/zJ5EQ7ICBpFWTUSGlYuUcPQC7sksSD5MnVLnDKrN5ihqhMX++rklAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUIyqhA32EmYZyhx71WIfW4Vqil7YwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBBDANBgkqhkiG9w0BAQsFAAOCAQEAbChx
NO1pQHBEYJBOBOQjLf7vbqG+BURSSp+1expwgFJYQvP99neo3L7+CLrMXoKkg6w3
sQIKyaD3e9MM83eHppJ0n93dzLE62CVfL8rh+4Z7BbnPhexcRuwUNACfZJ+vEnwF
JyPZyS0yfdxkNBVt3hDoFjqwRAYNaPgkLtllBWOSrShEJjnZ7zS5QnwVfOUim37j
npU7RYi72BcDG0efhIcUVT0FEVZKwTnm3UgSR6tjNFdRcuR+bL6ZC7+1pGpkx6nM
zdlDeRnpPllVCNd3H9Bg3xvPMbOtN8F3W1UBk9QNpv4xA1YoN8WBAbBoNk+VGqYj
QsSb4kk1SPg5VddsOg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org