Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          awwk9sn4y6px5AfeAMCmrkO1izLEDvnw1lyMHXQvScM=
Subject key identifier:   AC:D0:4C:DE:6B:E0:54:EB:8D:C8:59:C1:8F:DD:FB:19:18:F2:E0:60
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       0EDA9AEEC3145F040868CB1FBBCA5F381007C558
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 22 Apr 2024 05:55:12 +0000
ROA not before:           Mon 22 Apr 2024 05:50:12 +0000
ROA not after:            Mon 21 Apr 2025 05:55:12 +0000
asID:                     216324
IP address blocks:        2a14:7581:105::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:da:9a:ee:c3:14:5f:04:08:68:cb:1f:bb:ca:5f:38:10:07:c5:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Apr 22 05:50:12 2024 GMT
            Not After : Apr 21 05:55:12 2025 GMT
        Subject: CN=ACD04CDE6BE054EB8DC859C18FDDFB1918F2E060
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ef:4d:18:83:89:98:aa:fd:22:f5:fb:64:3f:
                    e0:95:25:fb:04:d1:3f:92:5d:02:bb:f3:86:15:b6:
                    67:60:04:f1:9b:6e:92:8a:df:2a:19:8d:e2:73:42:
                    dd:af:cc:06:0e:67:f5:8e:55:d0:5f:2b:a3:b3:a8:
                    f0:67:78:92:64:81:8e:d8:d9:44:4e:98:25:d5:b5:
                    d7:ff:be:a3:fa:fa:67:06:e2:17:fa:e8:85:b3:7d:
                    63:89:29:36:50:8c:25:6e:23:32:c3:8a:b2:c3:96:
                    02:e9:f5:fd:f7:d7:2b:d8:ba:04:dd:a0:d2:aa:d6:
                    b9:82:87:99:7e:14:2d:3e:88:cc:d9:27:6f:8e:33:
                    36:3e:83:aa:a5:bd:03:c2:dd:3f:a2:ed:ee:85:79:
                    45:61:71:dd:53:b8:32:93:0d:90:e5:4c:ad:80:43:
                    0b:36:82:39:5e:44:24:96:5a:9e:84:e8:3f:b0:68:
                    b9:b6:5d:ee:2e:3e:4d:bc:6e:73:4c:33:43:6f:4a:
                    2c:32:4d:96:72:bf:96:ed:2e:6d:19:c7:bc:f2:d1:
                    7a:52:e9:eb:69:25:0b:c9:a0:3c:4b:cc:10:b7:a6:
                    90:c9:25:40:35:d6:ff:df:af:f9:42:80:b3:55:60:
                    fa:98:4b:14:09:97:2e:01:3a:60:32:f7:d6:96:95:
                    f0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:D0:4C:DE:6B:E0:54:EB:8D:C8:59:C1:8F:DD:FB:19:18:F2:E0:60
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:105::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:32:f5:8d:59:c7:b1:dc:af:71:45:f3:bd:db:a8:7e:08:a8:
         13:26:bc:02:a1:96:24:cc:79:f2:5d:be:97:6d:9e:fe:0e:55:
         5c:14:e5:62:c0:63:e7:2c:08:23:ba:7a:71:6b:e1:35:cf:91:
         3c:ab:80:3d:27:ff:48:9e:cf:4b:fa:d9:e9:f7:de:84:ad:85:
         cf:d4:64:ec:b5:75:1d:e8:5d:da:97:0d:e1:fe:40:0b:a3:3c:
         18:c3:f1:45:f2:25:67:96:a4:b8:d1:1f:bc:b3:60:99:e5:dd:
         c0:f8:9a:81:19:33:84:1f:7e:f0:a2:d2:91:f2:dd:7c:8b:5f:
         5e:5b:2d:a0:3a:3b:94:63:b5:14:fe:d3:18:d8:92:f6:2d:3a:
         40:62:d6:fb:bb:7e:ca:c0:37:71:a3:50:a2:a7:0c:ca:4d:9b:
         06:4c:4c:5d:67:3a:c5:31:d4:cd:a8:53:24:f4:54:63:1d:e9:
         91:f5:a8:87:b7:35:0c:20:2e:d2:9f:b9:63:1a:bf:c1:63:94:
         84:11:e7:19:31:33:14:ff:cb:d0:77:95:ec:0e:0c:26:11:d5:
         88:68:48:81:af:7b:95:0d:fa:7e:5c:d9:ac:68:c6:0c:09:49:
         ca:cd:70:b8:7c:ac:e3:23:0a:1c:f7:94:8f:d6:db:8a:e2:a9:
         14:24:bb:dc
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUDtqa7sMUXwQIaMsfu8pfOBAHxVgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA0MjIwNTUwMTJaFw0yNTA0MjEwNTU1MTJaMDMxMTAvBgNV
BAMTKEFDRDA0Q0RFNkJFMDU0RUI4REM4NTlDMThGRERGQjE5MThGMkUwNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc700Yg4mYqv0i9ftkP+CVJfsE
0T+SXQK784YVtmdgBPGbbpKK3yoZjeJzQt2vzAYOZ/WOVdBfK6OzqPBneJJkgY7Y
2UROmCXVtdf/vqP6+mcG4hf66IWzfWOJKTZQjCVuIzLDirLDlgLp9f331yvYugTd
oNKq1rmCh5l+FC0+iMzZJ2+OMzY+g6qlvQPC3T+i7e6FeUVhcd1TuDKTDZDlTK2A
Qws2gjleRCSWWp6E6D+waLm2Xe4uPk28bnNMM0NvSiwyTZZyv5btLm0Zx7zy0XpS
6etpJQvJoDxLzBC3ppDJJUA11v/fr/lCgLNVYPqYSxQJly4BOmAy99aWlfB5AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUrNBM3mvgVOuNyFnBj937GRjy4GAwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBBTANBgkqhkiG9w0BAQsFAAOCAQEATTL1
jVnHsdyvcUXzvduofgioEya8AqGWJMx58l2+l22e/g5VXBTlYsBj5ywII7p6cWvh
Nc+RPKuAPSf/SJ7PS/rZ6ffehK2Fz9Rk7LV1Hehd2pcN4f5AC6M8GMPxRfIlZ5ak
uNEfvLNgmeXdwPiagRkzhB9+8KLSkfLdfItfXlstoDo7lGO1FP7TGNiS9i06QGLW
+7t+ysA3caNQoqcMyk2bBkxMXWc6xTHUzahTJPRUYx3pkfWoh7c1DCAu0p+5Yxq/
wWOUhBHnGTEzFP/L0HeV7A4MJhHViGhIga97lQ36flzZrGjGDAlJys1wuHys4yMK
HPeUj9bbiuKpFCS73A==
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org