Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230373a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230373a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          FVGLG3cxlwq4XScEApEg3LoCjETT82wlC1N4oSI91eM=
Subject key identifier:   8D:EC:D0:F4:B6:54:7C:E9:D9:C1:67:C6:C4:D4:26:D6:8A:4B:81:CF
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       68DB0AE1D136A0A47F434DE21500DE474CBDE15D
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230373a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:56:59 +0000
ROA not before:           Mon 13 May 2024 01:51:59 +0000
ROA not after:            Mon 12 May 2025 01:56:59 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b07::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:db:0a:e1:d1:36:a0:a4:7f:43:4d:e2:15:00:de:47:4c:bd:e1:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:51:59 2024 GMT
            Not After : May 12 01:56:59 2025 GMT
        Subject: CN=8DECD0F4B6547CE9D9C167C6C4D426D68A4B81CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:12:5b:5e:21:a6:b0:e4:2a:9e:48:5b:dc:c2:
                    d6:28:47:23:f4:1f:7a:14:cf:b7:0f:e7:b0:ef:58:
                    fa:ca:3c:15:7d:6c:5d:d9:bd:cd:2f:69:30:75:71:
                    96:fe:a1:77:c4:d6:78:43:a9:3f:4b:e5:f3:f5:73:
                    98:75:2e:e2:31:5b:ea:24:22:06:0c:2f:74:95:e8:
                    15:63:19:66:3a:60:f6:0f:0a:06:94:8e:40:07:64:
                    b9:3a:ea:ce:75:eb:db:34:2d:f2:13:34:46:c6:a7:
                    d0:36:7a:3c:6c:b8:79:7e:b0:8e:9f:d4:83:ac:41:
                    8d:93:24:73:67:93:e5:3c:5d:82:50:cd:ff:85:68:
                    44:b1:e1:1b:04:5c:9b:07:d0:f0:ed:c2:7b:a9:be:
                    f1:eb:b9:d0:e1:24:ea:4b:f2:df:48:73:55:ba:6d:
                    14:4a:1d:a0:c2:b9:b9:29:b5:95:e9:68:e4:42:42:
                    25:6c:af:57:0f:0e:c4:1e:ab:f3:5e:a8:75:d3:0e:
                    89:cc:06:d6:54:c9:fc:97:c9:a6:91:0a:37:5b:8b:
                    cc:53:a5:0b:80:63:0b:d6:83:b5:ca:2a:4c:92:d1:
                    ec:63:5b:16:70:c0:20:f2:f0:3a:c5:ca:0c:59:48:
                    11:36:b0:12:f2:41:9c:d5:56:0f:ac:44:3a:5f:0b:
                    b1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EC:D0:F4:B6:54:7C:E9:D9:C1:67:C6:C4:D4:26:D6:8A:4B:81:CF
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230373a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b07::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:72:15:cf:d7:70:1f:64:19:11:d7:c9:af:5a:de:b5:67:ec:
         28:24:6f:e0:6c:16:81:e9:88:9b:75:bf:47:ed:67:2d:40:d6:
         38:7e:90:10:9d:62:7d:7f:a6:05:28:3d:e4:1f:59:89:61:93:
         58:bd:96:50:12:68:c4:cd:7c:f6:1a:ee:44:e8:26:ed:5f:26:
         35:e6:57:b0:68:a9:5c:4f:cd:c9:70:f9:55:04:b1:0f:78:54:
         18:b5:92:e0:8d:af:3b:32:cc:30:d1:a8:eb:1b:4a:6c:d7:7a:
         db:2b:5b:3f:1e:8a:d7:2a:0a:fe:bd:47:8d:ff:68:f9:d5:6c:
         2d:05:d9:e8:63:84:a6:d0:cf:a7:17:e1:84:02:a6:19:3a:6c:
         da:49:b3:cf:58:4e:43:8c:8c:64:1a:ef:34:1c:35:26:4b:6f:
         37:38:9f:95:21:9f:f5:7d:fe:fd:c5:8b:e8:20:f7:84:98:ec:
         40:b8:37:98:41:de:94:c1:be:ab:08:a7:59:36:fb:cb:fb:95:
         10:61:6e:5d:f0:f9:34:db:47:37:65:0e:51:7e:cd:6b:cc:67:
         04:a1:61:d0:0f:57:31:5e:f2:ad:41:76:78:af:4b:4b:24:0c:
         93:3c:ba:b3:43:34:53:29:dc:25:1f:40:81:0d:63:fa:5e:0c:
         d7:08:b8:58
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUaNsK4dE2oKR/Q03iFQDeR0y94V0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUxNTlaFw0yNTA1MTIwMTU2NTlaMDMxMTAvBgNV
BAMTKDhERUNEMEY0QjY1NDdDRTlEOUMxNjdDNkM0RDQyNkQ2OEE0QjgxQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtElteIaaw5CqeSFvcwtYoRyP0
H3oUz7cP57DvWPrKPBV9bF3Zvc0vaTB1cZb+oXfE1nhDqT9L5fP1c5h1LuIxW+ok
IgYML3SV6BVjGWY6YPYPCgaUjkAHZLk66s5169s0LfITNEbGp9A2ejxsuHl+sI6f
1IOsQY2TJHNnk+U8XYJQzf+FaESx4RsEXJsH0PDtwnupvvHrudDhJOpL8t9Ic1W6
bRRKHaDCubkptZXpaORCQiVsr1cPDsQeq/NeqHXTDonMBtZUyfyXyaaRCjdbi8xT
pQuAYwvWg7XKKkyS0exjWxZwwCDy8DrFygxZSBE2sBLyQZzVVg+sRDpfC7FbAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjezQ9LZUfOnZwWfGxNQm1opLgc8wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsHMA0GCSqGSIb3DQEBCwUAA4IBAQBk
chXP13AfZBkR18mvWt61Z+woJG/gbBaB6Yibdb9H7WctQNY4fpAQnWJ9f6YFKD3k
H1mJYZNYvZZQEmjEzXz2Gu5E6CbtXyY15lewaKlcT83JcPlVBLEPeFQYtZLgja87
Msww0ajrG0ps13rbK1s/HorXKgr+vUeN/2j51WwtBdnoY4Sm0M+nF+GEAqYZOmza
SbPPWE5DjIxkGu80HDUmS283OJ+VIZ/1ff79xYvoIPeEmOxAuDeYQd6Uwb6rCKdZ
NvvL+5UQYW5d8Pk020c3ZQ5Rfs1rzGcEoWHQD1cxXvKtQXZ4r0tLJAyTPLqzQzRT
KdwlH0CBDWP6XgzXCLhY
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org