Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230383a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230383a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          jypb1Snw3yn05YyyWmsG0JobUqTR4189QMeV3MilTQc=
Subject key identifier:   58:94:71:C9:E4:27:67:65:77:63:BF:0D:55:BB:98:65:73:8F:C3:F8
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       503DFAFC5FFF7B4A9586F182BEA5A9D35DCACF62
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230383a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 02:01:20 +0000
ROA not before:           Mon 13 May 2024 01:56:20 +0000
ROA not after:            Mon 12 May 2025 02:01:20 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b08::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:3d:fa:fc:5f:ff:7b:4a:95:86:f1:82:be:a5:a9:d3:5d:ca:cf:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:56:20 2024 GMT
            Not After : May 12 02:01:20 2025 GMT
        Subject: CN=589471C9E42767657763BF0D55BB9865738FC3F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:70:06:c1:e3:9e:ed:03:01:12:eb:39:ee:4c:
                    fa:5f:6a:07:4b:76:a0:05:c9:40:36:47:b2:38:15:
                    b2:3b:18:73:0f:77:69:f7:da:b5:dc:48:5f:b6:2b:
                    90:03:a8:df:91:df:e5:ec:43:c4:f8:89:a1:fe:42:
                    d0:40:73:cb:66:91:65:82:75:7f:14:f3:86:7a:85:
                    b1:d0:50:8e:42:50:96:98:16:8b:f0:2a:56:5e:7a:
                    ca:a5:0c:45:c9:50:e3:ae:8a:ab:1f:ef:af:1b:2a:
                    07:38:d2:11:e0:d1:4a:d8:54:76:2f:50:f0:70:8a:
                    1a:3e:19:be:5d:29:3b:6a:10:8f:8d:a8:19:7e:69:
                    99:61:7e:9f:52:d4:eb:73:2b:2c:86:fb:a4:6e:a4:
                    f7:f3:7b:d6:7f:3c:28:7e:27:0b:90:ca:00:95:de:
                    e5:87:c7:fb:67:3d:67:10:fc:eb:47:de:fe:ea:d7:
                    d6:65:16:7c:dd:ea:28:7c:17:7d:5a:fb:ad:a2:66:
                    46:22:93:ba:16:8f:d3:29:a5:38:81:7d:bd:ef:e8:
                    8c:24:b9:9f:4f:54:d7:78:bd:16:f7:de:16:ab:67:
                    6b:8c:65:32:eb:2c:02:48:87:1a:d5:bc:ca:19:90:
                    79:a9:f7:ee:4c:8a:80:d4:c4:9c:b6:5d:8c:ab:4c:
                    14:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:94:71:C9:E4:27:67:65:77:63:BF:0D:55:BB:98:65:73:8F:C3:F8
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230383a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b08::/48

    Signature Algorithm: sha256WithRSAEncryption
         a7:2e:30:e7:06:86:70:78:59:08:91:b7:39:0d:85:c1:2c:16:
         14:d3:ea:16:75:8c:65:33:cb:d3:b9:9e:44:4a:85:e9:f4:0b:
         13:5b:29:bb:36:3a:8f:dc:1e:88:69:bf:3b:e5:27:93:4f:fd:
         87:21:97:81:dd:92:83:c9:fc:77:e7:bd:cd:0d:39:5f:99:fc:
         43:e6:8a:6a:cb:db:54:2c:e0:2b:c2:69:17:ee:bd:ab:92:07:
         09:df:1f:4d:c9:c0:b1:61:54:d7:93:00:ea:e4:e0:44:5e:6f:
         ba:67:b1:cc:eb:be:c8:12:db:60:47:12:3a:da:cb:c9:89:f1:
         4e:c8:a7:56:57:a7:d5:b7:1e:21:b0:a4:fa:54:7b:b9:35:cc:
         48:1f:75:88:41:4e:1f:3e:04:a7:48:8d:59:fc:de:31:31:b6:
         04:67:36:22:01:8c:c1:57:49:23:4d:45:58:18:9e:dc:b6:92:
         1e:bf:42:f3:48:9d:fe:d3:66:77:b9:e4:42:f8:37:f6:1b:26:
         23:a7:83:98:e7:64:52:7f:13:15:91:28:41:28:3e:d0:46:ef:
         3a:d3:dd:57:1b:75:50:84:da:fb:a0:c7:aa:46:c3:78:ef:c0:
         70:97:4a:7b:b8:89:7f:9f:a6:73:c4:ed:25:cf:9c:5e:7b:e3:
         ad:5b:a9:bf
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUUD36/F//e0qVhvGCvqWp013Kz2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTU2MjBaFw0yNTA1MTIwMjAxMjBaMDMxMTAvBgNV
BAMTKDU4OTQ3MUM5RTQyNzY3NjU3NzYzQkYwRDU1QkI5ODY1NzM4RkMzRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOcAbB457tAwES6znuTPpfagdL
dqAFyUA2R7I4FbI7GHMPd2n32rXcSF+2K5ADqN+R3+XsQ8T4iaH+QtBAc8tmkWWC
dX8U84Z6hbHQUI5CUJaYFovwKlZeesqlDEXJUOOuiqsf768bKgc40hHg0UrYVHYv
UPBwiho+Gb5dKTtqEI+NqBl+aZlhfp9S1OtzKyyG+6RupPfze9Z/PCh+JwuQygCV
3uWHx/tnPWcQ/OtH3v7q19ZlFnzd6ih8F31a+62iZkYik7oWj9MppTiBfb3v6Iwk
uZ9PVNd4vRb33harZ2uMZTLrLAJIhxrVvMoZkHmp9+5MioDUxJy2XYyrTBQzAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUWJRxyeQnZ2V3Y78NVbuYZXOPw/gwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsIMA0GCSqGSIb3DQEBCwUAA4IBAQCn
LjDnBoZweFkIkbc5DYXBLBYU0+oWdYxlM8vTuZ5ESoXp9AsTWym7NjqP3B6Iab87
5SeTT/2HIZeB3ZKDyfx3573NDTlfmfxD5opqy9tULOArwmkX7r2rkgcJ3x9NycCx
YVTXkwDq5OBEXm+6Z7HM677IEttgRxI62svJifFOyKdWV6fVtx4hsKT6VHu5NcxI
H3WIQU4fPgSnSI1Z/N4xMbYEZzYiAYzBV0kjTUVYGJ7ctpIev0LzSJ3+02Z3ueRC
+Df2GyYjp4OY52RSfxMVkShBKD7QRu86091XG3VQhNr7oMeqRsN478Bwl0p7uIl/
n6ZzxO0lz5xee+OtW6m/
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org