Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e203533333536.roa
File:                     326131343a373538313a3130343a3a2f34382d3438203d3e203533333536.roa (raw, json)
Hash identifier:          N1BR8QARdG0tWWXjxfGAU4L8h4MKUeTRjgQCOqgEI+o=
Subject key identifier:   AB:A2:26:59:74:F7:2A:CC:91:80:90:44:80:EB:19:1B:13:03:AF:C3
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       2143C9578B5967258D4BA99C3CBB120AD7EDF2B5
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e203533333536.roa
Signing time:             Wed 29 May 2024 16:06:30 +0000
ROA not before:           Wed 29 May 2024 16:01:30 +0000
ROA not after:            Wed 28 May 2025 16:06:30 +0000
asID:                     53356
IP address blocks:        2a14:7581:104::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:43:c9:57:8b:59:67:25:8d:4b:a9:9c:3c:bb:12:0a:d7:ed:f2:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 29 16:01:30 2024 GMT
            Not After : May 28 16:06:30 2025 GMT
        Subject: CN=ABA2265974F72ACC9180904480EB191B1303AFC3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e6:d6:b3:ab:06:00:da:12:ee:4a:3a:c7:0a:
                    a5:38:1c:d2:ef:07:bb:40:a9:7b:4a:6c:44:e9:ba:
                    fc:33:db:db:38:bf:3c:36:a3:a6:81:b4:4c:2b:0c:
                    59:81:d1:46:8e:6d:28:84:ec:a9:92:a8:f9:70:a3:
                    30:40:84:94:02:a4:48:8d:30:79:7d:08:21:67:71:
                    20:4e:a0:a5:19:3d:4e:aa:89:ef:51:1b:26:04:74:
                    b7:47:95:f4:bc:06:9f:62:2a:af:d7:f6:03:df:2d:
                    fc:f7:a9:64:39:ff:93:02:a2:9c:f7:0f:2c:91:85:
                    33:52:f9:a7:de:a6:47:10:50:a0:45:42:6f:6e:e6:
                    3b:04:9f:a0:a7:3e:e3:cc:2b:5c:87:8b:92:85:8d:
                    c2:c8:8d:f0:c8:f9:de:eb:68:f3:27:81:9e:4d:6f:
                    e8:b3:21:67:f3:ca:ff:13:33:8e:65:7c:d2:39:c3:
                    4e:93:a0:8d:cd:4b:64:2d:ba:64:9e:90:46:c9:f1:
                    9b:86:27:10:36:c7:dc:33:39:21:04:97:8d:4b:26:
                    4e:f6:d7:f7:95:50:2a:1d:38:f5:56:f4:fe:50:bd:
                    2d:6a:e3:5a:32:12:c0:43:fd:c8:4f:9d:64:50:bd:
                    a9:20:4f:a0:a0:b4:82:cc:9d:60:e9:e1:df:65:61:
                    b1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:A2:26:59:74:F7:2A:CC:91:80:90:44:80:EB:19:1B:13:03:AF:C3
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130343a3a2f34382d3438203d3e203533333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:104::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:b8:53:30:74:c2:4a:56:3a:3d:b2:8b:62:bb:3e:dd:91:63:
         ba:aa:ab:62:d7:fe:b8:0c:0f:6b:ee:e1:69:36:a3:0f:ca:3f:
         61:42:b8:04:5e:e1:9e:cb:cc:57:37:a8:42:2d:50:a7:4f:65:
         dd:f5:52:67:60:3a:f5:43:63:50:07:93:ab:24:12:4e:d7:9b:
         3d:00:37:9a:b9:36:b2:66:6b:af:c5:e1:04:9e:67:c4:18:ae:
         6a:77:c9:fb:27:2e:45:42:41:99:38:fe:5c:66:c0:c8:a4:40:
         52:99:4e:fc:84:3f:ec:b4:17:8a:4c:e0:b6:8b:84:0c:be:b5:
         08:13:ee:12:45:80:97:f4:a0:dd:47:83:a3:cf:fc:e0:46:42:
         c5:a1:57:76:7c:eb:17:6f:9b:e2:ed:1b:f8:9a:28:88:8c:82:
         16:9c:58:a3:23:50:4b:57:22:6f:57:de:66:6e:81:da:f2:18:
         40:28:c0:31:f8:2e:c4:23:ca:67:61:a8:3f:14:36:1e:90:a8:
         8f:71:f0:65:73:cf:15:c6:d0:d3:d9:cd:3d:1f:dc:36:56:a8:
         71:6f:db:bb:c8:f1:09:39:29:12:af:7d:4c:33:78:c8:d3:56:
         91:e0:96:92:44:88:5d:91:9a:00:81:54:36:49:f0:96:16:a9:
         e2:16:47:97
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUIUPJV4tZZyWNS6mcPLsSCtft8rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MjkxNjAxMzBaFw0yNTA1MjgxNjA2MzBaMDMxMTAvBgNV
BAMTKEFCQTIyNjU5NzRGNzJBQ0M5MTgwOTA0NDgwRUIxOTFCMTMwM0FGQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo5tazqwYA2hLuSjrHCqU4HNLv
B7tAqXtKbETpuvwz29s4vzw2o6aBtEwrDFmB0UaObSiE7KmSqPlwozBAhJQCpEiN
MHl9CCFncSBOoKUZPU6qie9RGyYEdLdHlfS8Bp9iKq/X9gPfLfz3qWQ5/5MCopz3
DyyRhTNS+afepkcQUKBFQm9u5jsEn6CnPuPMK1yHi5KFjcLIjfDI+d7raPMngZ5N
b+izIWfzyv8TM45lfNI5w06ToI3NS2QtumSekEbJ8ZuGJxA2x9wzOSEEl41LJk72
1/eVUCodOPVW9P5QvS1q41oyEsBD/chPnWRQvakgT6CgtILMnWDp4d9lYbG5AgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUq6ImWXT3KsyRgJBEgOsZGxMDr8MwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzMz
MzM1MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqFHWBAQQwDQYJKoZIhvcNAQELBQADggEBAKC4UzB0
wkpWOj2yi2K7Pt2RY7qqq2LX/rgMD2vu4Wk2ow/KP2FCuARe4Z7LzFc3qEItUKdP
Zd31UmdgOvVDY1AHk6skEk7Xmz0AN5q5NrJma6/F4QSeZ8QYrmp3yfsnLkVCQZk4
/lxmwMikQFKZTvyEP+y0F4pM4LaLhAy+tQgT7hJFgJf0oN1Hg6PP/OBGQsWhV3Z8
6xdvm+LtG/iaKIiMghacWKMjUEtXIm9X3mZugdryGEAowDH4LsQjymdhqD8UNh6Q
qI9x8GVzzxXG0NPZzT0f3DZWqHFv27vI8Qk5KRKvfUwzeMjTVpHglpJEiF2RmgCB
VDZJ8JYWqeIWR5c=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org