Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231303a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231303a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          QGJzf4a/uGKWXhDabERdBjuZ4BbBLGSS+NVvDzLEQcA=
Subject key identifier:   B7:09:79:C0:F8:A1:34:4D:3F:0C:1B:FB:00:77:11:D5:61:6D:2B:88
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       31A7AB6DD8FD484F4CD7E5DEB75483D4F5E9F7E5
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231303a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:57:34 +0000
ROA not before:           Mon 13 May 2024 01:52:34 +0000
ROA not after:            Mon 12 May 2025 01:57:34 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b10::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:a7:ab:6d:d8:fd:48:4f:4c:d7:e5:de:b7:54:83:d4:f5:e9:f7:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:52:34 2024 GMT
            Not After : May 12 01:57:34 2025 GMT
        Subject: CN=B70979C0F8A1344D3F0C1BFB007711D5616D2B88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:46:6d:48:3a:57:5a:c4:da:0b:ab:5c:94:4c:
                    a7:36:6b:65:97:3f:1c:88:71:74:3b:86:7a:9c:96:
                    ea:b1:be:90:56:ca:a5:57:6c:4c:f9:3c:15:d8:24:
                    5d:9b:ff:65:40:b0:ed:1b:ce:d8:eb:45:8c:cf:6a:
                    64:22:01:e3:0d:54:f3:e7:a5:49:67:92:75:c2:b2:
                    5c:5f:ef:d1:07:3d:37:9c:7d:e8:7f:d1:ff:77:22:
                    02:21:45:90:0d:b6:b7:f4:0c:4c:55:ff:65:3b:e4:
                    c7:9d:ff:b6:16:b8:27:eb:b5:8d:d6:2c:23:2e:11:
                    36:23:f0:7d:ca:44:3e:b5:43:29:a7:e9:d3:5c:30:
                    25:77:85:bb:64:ad:19:e5:fc:b8:ea:aa:2c:b5:16:
                    d1:c4:8f:36:c2:99:21:a5:a0:9a:cd:ef:42:f8:7d:
                    59:1d:52:6e:64:08:a1:4f:f5:bf:16:1e:e3:06:c1:
                    db:be:85:c8:28:a8:da:ba:b6:b5:a7:c1:93:bc:06:
                    3b:27:09:6d:7e:43:d3:c6:7c:2b:8d:e9:39:8d:73:
                    a6:57:19:c7:a4:4a:81:60:ab:5b:21:b2:d4:6c:72:
                    48:7d:32:1c:74:0a:c8:91:40:0c:5a:d0:7d:ad:a8:
                    ee:22:f4:32:7d:1f:c3:4e:be:0c:90:9a:b1:11:c8:
                    df:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:09:79:C0:F8:A1:34:4D:3F:0C:1B:FB:00:77:11:D5:61:6D:2B:88
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231303a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b10::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:af:e4:8c:1b:da:b5:ce:20:01:fb:d8:c6:b2:ee:97:79:3a:
         b0:1f:82:db:38:8c:ef:d3:46:c8:a3:22:f3:43:d7:43:ae:82:
         a0:47:41:74:03:57:df:a9:79:3e:23:ba:a6:0d:ff:8b:24:16:
         60:3d:be:1c:fb:95:1f:c0:5f:93:a5:f0:9b:ca:31:5f:eb:2b:
         7f:8b:b0:1a:1c:63:92:0b:79:65:6a:5f:21:e2:c1:72:60:b0:
         60:8d:7e:24:a4:7f:1e:0a:be:bd:f8:ce:02:8f:0c:76:e9:20:
         9e:2f:5d:7d:ff:2c:3a:91:2a:9f:5c:ef:91:da:59:ef:76:66:
         22:a8:e0:b2:63:3f:c9:dc:cb:ce:9d:92:c7:4e:6a:fa:7c:7b:
         e4:94:d2:73:6b:8c:94:ab:cb:fc:dd:b1:f7:4b:ac:28:f1:2a:
         3a:be:c8:c9:93:ce:b5:ca:42:af:e3:63:fa:d2:1d:05:12:d1:
         27:67:81:b1:e0:20:2e:64:97:09:4a:b4:88:cf:3d:6e:2e:a3:
         17:9c:fb:7a:dc:fb:e1:f8:21:91:c5:1f:66:db:b2:39:bc:2f:
         bd:40:b6:4e:19:c4:8f:5f:a7:8a:53:87:ef:e3:3c:7a:ad:f7:
         d3:56:e8:8c:88:15:33:f6:3e:7a:55:b5:61:fb:7c:20:33:5d:
         0b:bd:a4:83
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUMaerbdj9SE9M1+Xet1SD1PXp9+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUyMzRaFw0yNTA1MTIwMTU3MzRaMDMxMTAvBgNV
BAMTKEI3MDk3OUMwRjhBMTM0NEQzRjBDMUJGQjAwNzcxMUQ1NjE2RDJCODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Rm1IOldaxNoLq1yUTKc2a2WX
PxyIcXQ7hnqcluqxvpBWyqVXbEz5PBXYJF2b/2VAsO0bztjrRYzPamQiAeMNVPPn
pUlnknXCslxf79EHPTecfeh/0f93IgIhRZANtrf0DExV/2U75Med/7YWuCfrtY3W
LCMuETYj8H3KRD61Qymn6dNcMCV3hbtkrRnl/Ljqqiy1FtHEjzbCmSGloJrN70L4
fVkdUm5kCKFP9b8WHuMGwdu+hcgoqNq6trWnwZO8BjsnCW1+Q9PGfCuN6TmNc6ZX
GcekSoFgq1shstRsckh9Mhx0CsiRQAxa0H2tqO4i9DJ9H8NOvgyQmrERyN8FAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUtwl5wPihNE0/DBv7AHcR1WFtK4gwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsQMA0GCSqGSIb3DQEBCwUAA4IBAQCt
r+SMG9q1ziAB+9jGsu6XeTqwH4LbOIzv00bIoyLzQ9dDroKgR0F0A1ffqXk+I7qm
Df+LJBZgPb4c+5UfwF+TpfCbyjFf6yt/i7AaHGOSC3llal8h4sFyYLBgjX4kpH8e
Cr69+M4Cjwx26SCeL119/yw6kSqfXO+R2lnvdmYiqOCyYz/J3MvOnZLHTmr6fHvk
lNJza4yUq8v83bH3S6wo8So6vsjJk861ykKv42P60h0FEtEnZ4Gx4CAuZJcJSrSI
zz1uLqMXnPt63Pvh+CGRxR9m27I5vC+9QLZOGcSPX6eKU4fv4zx6rffTVuiMiBUz
9j56VbVh+3wgM10LvaSD
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org