Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230393a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326230393a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          ZFvxIbSo2JsryurMCkQWC4YCoREohx8ejFD0+Tei8b4=
Subject key identifier:   44:F4:99:CF:CD:D2:40:A4:87:70:47:CD:28:DF:9F:73:C3:61:4E:C2
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       3630E1D915D4EDB805E1FF4A2EF10A19030C664B
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230393a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:57:21 +0000
ROA not before:           Mon 13 May 2024 01:52:21 +0000
ROA not after:            Mon 12 May 2025 01:57:21 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b09::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:30:e1:d9:15:d4:ed:b8:05:e1:ff:4a:2e:f1:0a:19:03:0c:66:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:52:21 2024 GMT
            Not After : May 12 01:57:21 2025 GMT
        Subject: CN=44F499CFCDD240A4877047CD28DF9F73C3614EC2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:7b:f3:d8:9a:6b:2d:8e:f7:a1:1a:62:5f:33:
                    fa:a8:c6:91:5f:9d:8f:4e:62:12:19:18:ed:1f:65:
                    d3:f0:f0:0e:3b:2f:b0:de:b1:5e:6d:02:1e:7a:17:
                    4a:e5:81:c3:b1:e3:0f:a0:19:7e:fb:e7:4d:50:ca:
                    13:d0:fa:43:85:b2:6f:88:3e:21:5a:fd:a0:d4:b0:
                    3a:a7:d6:3b:13:56:42:d5:5e:60:14:34:fa:68:ea:
                    25:e1:6f:c2:84:5f:f4:5a:18:1a:c8:37:7b:38:02:
                    bd:d6:b5:71:f8:ec:8e:a1:bb:66:d8:e7:56:5c:f5:
                    3c:63:eb:e4:e3:a1:5b:a7:38:6b:a4:5e:f2:e7:90:
                    96:85:af:9c:e3:92:eb:b2:5d:4c:f9:bb:c1:fc:f0:
                    6a:b7:06:54:85:c4:f5:56:e0:60:aa:28:43:5b:3a:
                    f3:f4:fe:ee:03:56:d4:2f:0a:1d:2d:9a:16:c6:93:
                    f2:60:e3:12:16:69:e5:81:bf:3f:f5:98:3a:c9:ff:
                    58:14:2d:dc:19:66:8c:32:f2:dd:c6:26:4b:ce:d3:
                    b9:57:5b:69:80:2b:c1:af:8d:76:3b:09:81:8e:dc:
                    d9:5b:04:e1:a1:0e:a9:a9:02:52:ca:a8:af:f9:36:
                    72:d1:ef:7f:c7:51:24:d0:ff:48:7c:42:a7:c6:f5:
                    5e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F4:99:CF:CD:D2:40:A4:87:70:47:CD:28:DF:9F:73:C3:61:4E:C2
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326230393a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b09::/48

    Signature Algorithm: sha256WithRSAEncryption
         2d:39:52:dd:2c:90:be:7d:09:10:39:9f:ff:e0:67:41:f2:71:
         db:85:34:30:b4:e3:a2:08:2e:da:b1:d6:7d:05:02:7b:50:72:
         1a:7e:1e:8c:e8:41:58:ca:ac:33:d0:91:4b:83:49:af:7b:00:
         8a:a3:ca:65:d0:4b:38:2b:75:00:f0:fc:d4:dc:27:64:a4:0f:
         8a:3f:7c:08:28:6b:00:ab:2e:8f:aa:61:ba:8f:34:5b:d0:19:
         6d:05:9a:6e:99:9a:3d:8c:93:54:2e:7b:ff:52:8b:c5:5b:bb:
         90:2f:a7:90:f0:df:96:a5:0f:52:71:07:63:14:20:e1:53:4e:
         7a:50:9d:c5:74:a5:6f:86:b3:44:69:5f:7e:4a:98:93:64:f4:
         5d:c2:2e:5e:23:8a:61:16:7a:15:74:67:c6:20:ee:bb:86:03:
         9c:1d:84:26:d4:41:92:81:3c:1e:f7:46:9c:14:63:12:64:04:
         c6:d4:58:50:e6:f0:0b:3c:2a:90:04:2e:7f:a1:f1:eb:96:31:
         8a:d0:d3:1e:ce:27:c8:46:64:f8:7a:71:68:83:66:45:ac:ae:
         d7:ae:38:54:4e:b4:31:7d:d1:03:bd:5b:21:5e:43:ff:4e:ed:
         0d:5a:8d:21:2a:b4:6a:75:e4:66:81:79:75:0e:80:34:0f:85:
         e2:3d:5a:f1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUNjDh2RXU7bgF4f9KLvEKGQMMZkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUyMjFaFw0yNTA1MTIwMTU3MjFaMDMxMTAvBgNV
BAMTKDQ0RjQ5OUNGQ0REMjQwQTQ4NzcwNDdDRDI4REY5RjczQzM2MTRFQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDge/PYmmstjvehGmJfM/qoxpFf
nY9OYhIZGO0fZdPw8A47L7DesV5tAh56F0rlgcOx4w+gGX77501QyhPQ+kOFsm+I
PiFa/aDUsDqn1jsTVkLVXmAUNPpo6iXhb8KEX/RaGBrIN3s4Ar3WtXH47I6hu2bY
51Zc9Txj6+TjoVunOGukXvLnkJaFr5zjkuuyXUz5u8H88Gq3BlSFxPVW4GCqKENb
OvP0/u4DVtQvCh0tmhbGk/Jg4xIWaeWBvz/1mDrJ/1gULdwZZowy8t3GJkvO07lX
W2mAK8GvjXY7CYGO3NlbBOGhDqmpAlLKqK/5NnLR73/HUSTQ/0h8QqfG9V5rAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQURPSZz83SQKSHcEfNKN+fc8NhTsIwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsJMA0GCSqGSIb3DQEBCwUAA4IBAQAt
OVLdLJC+fQkQOZ//4GdB8nHbhTQwtOOiCC7asdZ9BQJ7UHIafh6M6EFYyqwz0JFL
g0mvewCKo8pl0Es4K3UA8PzU3CdkpA+KP3wIKGsAqy6PqmG6jzRb0BltBZpumZo9
jJNULnv/UovFW7uQL6eQ8N+WpQ9ScQdjFCDhU056UJ3FdKVvhrNEaV9+SpiTZPRd
wi5eI4phFnoVdGfGIO67hgOcHYQm1EGSgTwe90acFGMSZATG1FhQ5vALPCqQBC5/
ofHrljGK0NMezifIRmT4enFog2ZFrK7XrjhUTrQxfdEDvVshXkP/Tu0NWo0hKrRq
deRmgXl1DoA0D4XiPVrx
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org