Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230343a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230343a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          zkZALBEGlXLvaSefwLKldrmOtD0aWAqQaHNo+Aj7F+I=
Subject key identifier:   16:52:A2:54:EC:27:C1:19:9A:D1:7A:EA:48:6D:C5:2E:3C:09:26:89
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       32B8813424362DAC4FBF3657A4B279717E2E5E34
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230343a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:56:23 +0000
ROA not before:           Mon 13 May 2024 01:51:23 +0000
ROA not after:            Mon 12 May 2025 01:56:23 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b04::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:b8:81:34:24:36:2d:ac:4f:bf:36:57:a4:b2:79:71:7e:2e:5e:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:51:23 2024 GMT
            Not After : May 12 01:56:23 2025 GMT
        Subject: CN=1652A254EC27C1199AD17AEA486DC52E3C092689
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:47:f2:83:35:06:08:17:57:34:ed:ff:c5:fb:
                    f9:dc:7d:46:2f:a2:a7:20:76:f9:59:85:48:59:6d:
                    5d:42:57:88:b8:7a:21:49:1b:a3:23:9e:7e:ac:05:
                    a6:1a:ce:26:fb:f8:82:36:cf:ab:82:af:74:64:fa:
                    e4:ff:b0:fd:a7:bc:a3:ec:7b:33:f0:9b:52:a5:47:
                    62:36:7c:a9:ee:40:4e:cb:08:d5:49:1b:1d:57:a7:
                    ea:bb:62:4b:a2:f3:a7:a9:9a:f7:54:4d:96:b4:34:
                    51:f9:7c:e9:50:39:1d:ab:54:06:8f:17:17:97:3e:
                    08:cf:a7:f8:ef:eb:6d:80:a3:65:09:4d:70:a1:cb:
                    c0:5a:8d:e6:0a:89:41:70:0f:f5:4a:ff:d4:28:a7:
                    92:14:6f:2d:10:61:99:10:0a:8f:a9:44:2d:22:84:
                    bb:64:aa:49:ca:ae:3d:31:c1:c4:33:a2:03:77:1f:
                    ad:54:1f:85:63:ae:0e:70:f4:d6:24:c6:1d:20:f5:
                    79:22:78:37:21:9e:77:69:22:cc:f5:15:1b:31:a9:
                    79:6d:73:34:0e:a4:89:df:0d:b8:96:a8:9f:b9:eb:
                    b5:b5:4b:32:d6:5f:a9:26:fe:3d:b8:b2:31:8e:e8:
                    f1:f1:0a:cf:03:f8:2a:7d:27:20:93:ae:25:c8:26:
                    2d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:52:A2:54:EC:27:C1:19:9A:D1:7A:EA:48:6D:C5:2E:3C:09:26:89
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230343a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b04::/48

    Signature Algorithm: sha256WithRSAEncryption
         bb:9a:08:b6:31:52:55:ed:fa:02:45:1a:0a:22:7f:35:8e:14:
         51:f6:99:6d:dc:3b:21:70:c4:e6:23:c8:87:47:71:6a:4b:84:
         9a:ce:e2:91:d5:53:37:af:35:5a:37:2d:9a:6b:19:f7:a9:03:
         d6:79:a2:5e:a3:07:bb:bd:d8:23:2c:de:19:7e:5f:3e:da:69:
         16:59:6d:36:9f:cb:c0:95:00:98:f1:95:e2:fd:cb:0b:50:4f:
         a0:e4:07:84:d8:90:53:8c:ad:68:d7:87:14:04:0c:d9:c3:b5:
         f5:76:66:30:20:de:16:51:b9:37:c0:00:64:67:f1:a0:fa:18:
         2e:b9:d2:e3:5d:80:40:79:66:e1:f1:1b:c2:0c:c7:d1:ab:71:
         90:9e:24:87:b3:f1:44:e2:31:ab:34:70:e1:d5:f3:09:d4:a4:
         fb:51:f8:9d:46:bf:83:d2:02:d4:52:db:0f:ab:53:45:ff:01:
         b0:07:2b:b8:69:f2:18:78:86:f9:10:c0:f7:ee:df:bf:77:75:
         18:eb:5c:de:92:94:57:dc:ab:f0:d0:f0:d5:8e:b2:46:15:40:
         bc:ab:04:7c:c2:ad:b9:fe:c5:52:37:c9:f4:1c:40:14:f4:e1:
         90:70:45:f9:a9:1c:d8:c3:d6:31:76:e7:2f:b6:d2:64:2a:af:
         9d:7b:33:da
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUMriBNCQ2LaxPvzZXpLJ5cX4uXjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUxMjNaFw0yNTA1MTIwMTU2MjNaMDMxMTAvBgNV
BAMTKDE2NTJBMjU0RUMyN0MxMTk5QUQxN0FFQTQ4NkRDNTJFM0MwOTI2ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFR/KDNQYIF1c07f/F+/ncfUYv
oqcgdvlZhUhZbV1CV4i4eiFJG6Mjnn6sBaYazib7+II2z6uCr3Rk+uT/sP2nvKPs
ezPwm1KlR2I2fKnuQE7LCNVJGx1Xp+q7Ykui86epmvdUTZa0NFH5fOlQOR2rVAaP
FxeXPgjPp/jv622Ao2UJTXChy8BajeYKiUFwD/VK/9Qop5IUby0QYZkQCo+pRC0i
hLtkqknKrj0xwcQzogN3H61UH4Vjrg5w9NYkxh0g9XkieDchnndpIsz1FRsxqXlt
czQOpInfDbiWqJ+567W1SzLWX6km/j24sjGO6PHxCs8D+Cp9JyCTriXIJi0rAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUFlKiVOwnwRma0XrqSG3FLjwJJokwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsEMA0GCSqGSIb3DQEBCwUAA4IBAQC7
mgi2MVJV7foCRRoKIn81jhRR9plt3DshcMTmI8iHR3FqS4SazuKR1VM3rzVaNy2a
axn3qQPWeaJeowe7vdgjLN4Zfl8+2mkWWW02n8vAlQCY8ZXi/csLUE+g5AeE2JBT
jK1o14cUBAzZw7X1dmYwIN4WUbk3wABkZ/Gg+hguudLjXYBAeWbh8RvCDMfRq3GQ
niSHs/FE4jGrNHDh1fMJ1KT7UfidRr+D0gLUUtsPq1NF/wGwByu4afIYeIb5EMD3
7t+/d3UY61zekpRX3Kvw0PDVjrJGFUC8qwR8wq25/sVSN8n0HEAU9OGQcEX5qRzY
w9YxducvttJkKq+dezPa
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org