Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230313a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          vJXUKmuo3Bbz/sT0L9Gb1sVgQzzdEmZbqGj4PQTfVUM=
Subject key identifier:   60:57:9C:6B:30:25:A0:48:42:CA:ED:E2:B2:11:18:BC:2A:16:F7:98
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       6B1E839058C4D0B0F40EDDF9A6B3294B602F3C13
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230313a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:55:07 +0000
ROA not before:           Mon 13 May 2024 01:50:07 +0000
ROA not after:            Mon 12 May 2025 01:55:07 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b01::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:1e:83:90:58:c4:d0:b0:f4:0e:dd:f9:a6:b3:29:4b:60:2f:3c:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:50:07 2024 GMT
            Not After : May 12 01:55:07 2025 GMT
        Subject: CN=60579C6B3025A04842CAEDE2B21118BC2A16F798
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:65:4f:c1:7e:e5:08:45:aa:06:dc:53:fe:4c:
                    35:76:78:7a:c5:a2:3f:3b:39:7e:26:a2:06:63:bb:
                    c4:d6:be:5e:46:d1:21:0f:70:87:19:67:d2:9f:03:
                    27:db:bb:f1:7f:61:3e:16:98:2b:bb:66:ca:97:09:
                    ba:bc:37:f7:c4:15:06:2c:4e:fb:69:85:ff:81:c7:
                    48:62:fe:c7:9f:94:a9:c9:f5:6b:2d:97:f8:3a:cb:
                    fe:a9:f4:fc:0a:88:47:ab:87:b7:3e:89:4b:cf:52:
                    3e:60:89:09:ac:cb:2f:f4:67:19:83:c5:a3:72:42:
                    fb:eb:64:8b:8e:42:b3:7b:45:45:9e:d8:2c:4e:d9:
                    9e:35:30:cd:81:48:f4:5c:70:98:c3:73:37:60:e3:
                    2c:5a:a2:ef:4b:98:0e:7d:9a:c6:45:4d:84:d5:d0:
                    d2:ed:e7:32:4a:0f:6d:ae:32:6b:59:ca:08:37:36:
                    9e:f0:25:32:bf:98:aa:28:c3:3b:2e:91:1d:7e:54:
                    7b:8c:7c:de:30:d5:5b:8e:c3:bb:55:c7:6c:cc:00:
                    c0:9e:ac:0f:c9:1b:f7:e7:fd:af:72:e4:e7:40:53:
                    1e:b1:bc:66:57:be:b6:2a:a1:36:df:e8:25:d9:fe:
                    14:d1:f2:54:2d:33:66:19:fc:59:54:84:7f:72:bf:
                    cc:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:57:9C:6B:30:25:A0:48:42:CA:ED:E2:B2:11:18:BC:2A:16:F7:98
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230313a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b01::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:a7:21:bd:fe:60:5b:8a:f6:a7:af:09:37:bc:3f:1b:7c:86:
         f0:42:f2:03:50:74:29:3a:17:a3:2d:ef:11:1f:a8:b8:15:95:
         af:c3:a8:1e:69:82:5f:f1:e0:fa:9b:31:6b:3e:39:2e:0c:b6:
         8b:ae:39:56:c7:37:dc:4f:62:8f:82:fe:07:2b:ef:6c:a5:86:
         ee:08:36:a6:60:8e:a5:ba:8b:1c:59:90:8e:b5:76:d4:60:2b:
         82:6b:67:ab:fb:a6:03:1b:2b:16:9e:b2:22:81:bf:94:8f:7e:
         e7:ed:a2:e0:47:fa:20:a0:d4:cc:cd:d2:44:89:08:9c:33:1d:
         f7:33:a0:33:ce:27:82:74:e4:78:f3:a7:8f:fc:9b:5b:3d:54:
         01:2a:b9:63:0c:ac:39:53:9a:ed:b1:d1:c7:dd:1a:d7:7d:cb:
         79:60:f4:47:2b:cc:3d:82:1c:9a:be:db:76:3b:a7:65:fa:13:
         fc:47:82:66:83:40:dd:6f:92:df:49:60:cd:3c:27:0e:f8:99:
         9d:50:6f:6d:04:b5:8a:9a:33:e7:eb:60:49:99:f7:ce:63:a7:
         9b:76:7b:2e:e1:13:1d:1c:f4:ae:c9:4d:75:d6:2f:dc:81:92:
         83:30:d5:1c:32:c2:6c:ce:17:eb:54:db:78:99:2f:30:c1:23:
         51:4c:7b:5a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUax6DkFjE0LD0Dt35prMpS2AvPBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUwMDdaFw0yNTA1MTIwMTU1MDdaMDMxMTAvBgNV
BAMTKDYwNTc5QzZCMzAyNUEwNDg0MkNBRURFMkIyMTExOEJDMkExNkY3OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2ZU/BfuUIRaoG3FP+TDV2eHrF
oj87OX4mogZju8TWvl5G0SEPcIcZZ9KfAyfbu/F/YT4WmCu7ZsqXCbq8N/fEFQYs
Tvtphf+Bx0hi/seflKnJ9Wstl/g6y/6p9PwKiEerh7c+iUvPUj5giQmsyy/0ZxmD
xaNyQvvrZIuOQrN7RUWe2CxO2Z41MM2BSPRccJjDczdg4yxaou9LmA59msZFTYTV
0NLt5zJKD22uMmtZygg3Np7wJTK/mKoowzsukR1+VHuMfN4w1VuOw7tVx2zMAMCe
rA/JG/fn/a9y5OdAUx6xvGZXvrYqoTbf6CXZ/hTR8lQtM2YZ/FlUhH9yv8xzAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUYFecazAloEhCyu3ishEYvCoW95gwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsBMA0GCSqGSIb3DQEBCwUAA4IBAQCl
pyG9/mBbivanrwk3vD8bfIbwQvIDUHQpOhejLe8RH6i4FZWvw6geaYJf8eD6mzFr
PjkuDLaLrjlWxzfcT2KPgv4HK+9spYbuCDamYI6luoscWZCOtXbUYCuCa2er+6YD
GysWnrIigb+Uj37n7aLgR/ogoNTMzdJEiQicMx33M6AzzieCdOR486eP/JtbPVQB
KrljDKw5U5rtsdHH3RrXfct5YPRHK8w9ghyavtt2O6dl+hP8R4Jmg0Ddb5LfSWDN
PCcO+JmdUG9tBLWKmjPn62BJmffOY6ebdnsu4RMdHPSuyU111i/cgZKDMNUcMsJs
zhfrVNt4mS8wwSNRTHta
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org