Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230323a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          fXe5Ql+Q/opPMECN8U/7cHPUVhnCINtY880TF7prPQQ=
Subject key identifier:   0B:2C:D3:CC:FA:2B:EB:E0:99:DA:13:AD:3F:C3:5A:2E:5F:46:23:6D
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       1EB366C3D3231B82F4DAA0297DC9D472FB5A7F23
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230323a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:55:50 +0000
ROA not before:           Mon 13 May 2024 01:50:50 +0000
ROA not after:            Mon 12 May 2025 01:55:50 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b02::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:b3:66:c3:d3:23:1b:82:f4:da:a0:29:7d:c9:d4:72:fb:5a:7f:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:50:50 2024 GMT
            Not After : May 12 01:55:50 2025 GMT
        Subject: CN=0B2CD3CCFA2BEBE099DA13AD3FC35A2E5F46236D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f8:f2:11:7c:a6:62:d0:7f:64:ce:10:7f:83:
                    87:bd:50:a0:7f:fd:62:dd:2d:d9:b1:d9:33:3b:cc:
                    3e:f3:ba:05:27:97:82:4f:9c:22:7e:69:64:de:53:
                    71:ce:15:41:b5:b0:e6:9f:2e:ce:fd:e1:8d:6b:96:
                    53:eb:cc:e4:f2:01:b7:1b:a1:00:04:68:b8:f0:a4:
                    7a:cd:3f:da:0d:ea:46:0a:88:4e:28:fe:98:bc:aa:
                    4f:3a:5e:7d:45:ce:e9:e4:cd:2a:e6:e6:63:b6:1b:
                    6b:02:68:c5:11:c9:4c:c6:f5:89:4d:89:d0:65:17:
                    c9:62:28:e4:a9:55:6b:72:6f:ae:2d:7b:0a:05:b4:
                    21:96:5e:b7:8a:70:5e:b9:d6:b6:0d:91:0a:d5:83:
                    2b:49:89:36:0b:1f:e6:74:8a:6c:d5:d5:14:14:71:
                    2b:04:b4:85:b0:56:f1:e9:95:cb:c8:6a:a4:f3:f2:
                    ad:17:7e:df:e7:e9:48:1c:09:8a:db:0d:b5:c4:5f:
                    3b:18:31:07:ea:76:0c:4e:8e:63:ee:d6:ee:82:a2:
                    b1:57:84:a7:82:c2:9f:32:dd:15:e1:21:ae:90:c8:
                    08:17:a6:94:f2:0f:6d:d1:5e:d0:0a:bd:ab:53:f9:
                    ab:2a:d7:3d:38:bc:68:44:00:e8:ee:aa:06:c9:d1:
                    9d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:2C:D3:CC:FA:2B:EB:E0:99:DA:13:AD:3F:C3:5A:2E:5F:46:23:6D
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230323a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b02::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:d0:73:e0:a6:b5:22:df:05:52:dd:83:2e:75:a9:14:47:20:
         44:8e:fc:7e:00:34:ab:31:5d:5d:2e:ac:21:d0:88:a2:4e:37:
         40:66:2a:f6:d8:c4:2b:95:b9:3e:88:3f:d5:9b:fe:53:4e:d2:
         fb:26:8d:2b:7e:6c:c2:c8:39:65:47:af:00:f6:c5:e8:22:96:
         05:40:f0:06:f0:e5:21:f7:e8:48:de:27:23:2e:1e:17:f0:f9:
         25:b2:69:be:6b:6d:e1:4b:b6:7a:1d:c8:11:a1:37:98:f6:82:
         fd:52:ac:03:3d:d4:31:07:36:53:8f:20:fb:37:a6:e8:db:ee:
         78:4b:fa:02:cc:24:72:e5:ef:6d:88:a5:9e:0c:45:34:ab:f0:
         70:a8:40:a4:9b:ef:7b:e5:03:af:53:7b:71:36:13:34:53:ea:
         9e:c6:14:02:03:3f:89:a3:a1:7c:74:99:97:39:84:01:27:e9:
         06:38:18:a4:3e:95:c3:02:63:e6:a5:71:77:4a:27:6a:c9:e1:
         94:68:46:ea:18:17:d8:8d:90:63:5e:af:f3:e8:92:d6:53:7a:
         48:f8:7c:91:8c:9e:57:c0:49:4e:9e:0b:e2:19:70:bd:c3:d8:
         0f:5a:49:76:44:4b:30:83:47:39:0d:c9:0e:9d:f5:87:77:c7:
         8c:5b:95:33
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUHrNmw9MjG4L02qApfcnUcvtafyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUwNTBaFw0yNTA1MTIwMTU1NTBaMDMxMTAvBgNV
BAMTKDBCMkNEM0NDRkEyQkVCRTA5OURBMTNBRDNGQzM1QTJFNUY0NjIzNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM+PIRfKZi0H9kzhB/g4e9UKB/
/WLdLdmx2TM7zD7zugUnl4JPnCJ+aWTeU3HOFUG1sOafLs794Y1rllPrzOTyAbcb
oQAEaLjwpHrNP9oN6kYKiE4o/pi8qk86Xn1FzunkzSrm5mO2G2sCaMURyUzG9YlN
idBlF8liKOSpVWtyb64tewoFtCGWXreKcF651rYNkQrVgytJiTYLH+Z0imzV1RQU
cSsEtIWwVvHplcvIaqTz8q0Xft/n6UgcCYrbDbXEXzsYMQfqdgxOjmPu1u6CorFX
hKeCwp8y3RXhIa6QyAgXppTyD23RXtAKvatT+asq1z04vGhEAOjuqgbJ0Z0vAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUCyzTzPor6+CZ2hOtP8NaLl9GI20wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsCMA0GCSqGSIb3DQEBCwUAA4IBAQBP
0HPgprUi3wVS3YMudakURyBEjvx+ADSrMV1dLqwh0IiiTjdAZir22MQrlbk+iD/V
m/5TTtL7Jo0rfmzCyDllR68A9sXoIpYFQPAG8OUh9+hI3icjLh4X8Pklsmm+a23h
S7Z6HcgRoTeY9oL9UqwDPdQxBzZTjyD7N6bo2+54S/oCzCRy5e9tiKWeDEU0q/Bw
qECkm+975QOvU3txNhM0U+qexhQCAz+Jo6F8dJmXOYQBJ+kGOBikPpXDAmPmpXF3
SidqyeGUaEbqGBfYjZBjXq/z6JLWU3pI+HyRjJ5XwElOngviGXC9w9gPWkl2REsw
g0c5DckOnfWHd8eMW5Uz
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org