Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231323a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          xlK6tCz38eq5G5ARLa5aGJZDw8Gw4Lnc0jQI0JwEubk=
Subject key identifier:   55:2A:DA:C8:95:FE:BA:0C:67:43:13:87:42:F2:4B:E7:E3:EC:01:DC
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       527AACE12EEC7867A828F9EED9F20FCA047EB782
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231323a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 02:01:40 +0000
ROA not before:           Mon 13 May 2024 01:56:40 +0000
ROA not after:            Mon 12 May 2025 02:01:40 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b12::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:7a:ac:e1:2e:ec:78:67:a8:28:f9:ee:d9:f2:0f:ca:04:7e:b7:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:56:40 2024 GMT
            Not After : May 12 02:01:40 2025 GMT
        Subject: CN=552ADAC895FEBA0C6743138742F24BE7E3EC01DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5e:f1:b6:de:17:9b:25:c1:e2:19:80:9d:e6:
                    96:0d:bd:cf:9b:7f:47:46:e9:22:35:75:12:eb:fd:
                    31:17:73:b8:8d:f4:f9:64:d0:03:46:31:fb:ed:b1:
                    51:73:41:40:cb:4b:33:3d:88:6f:54:4f:7b:05:b6:
                    4e:4b:b0:cf:31:43:64:b4:d7:27:aa:cc:3c:03:03:
                    eb:90:9b:97:38:40:2d:92:97:d8:0e:8f:c5:e3:f8:
                    28:54:61:a4:aa:49:64:aa:97:6d:01:4a:75:55:b7:
                    d7:b8:f9:a2:90:d8:e4:03:24:da:c9:fc:f9:a1:28:
                    06:fa:1e:59:37:14:83:78:20:68:fb:6e:f8:4c:02:
                    c2:c3:3a:c5:67:8d:34:24:db:a9:a2:88:8d:0c:e3:
                    23:20:2f:dd:3a:3f:de:0c:a1:3a:7b:2c:f0:f9:14:
                    b5:23:d6:18:68:86:f1:cb:8b:b7:40:a8:0c:9f:9a:
                    60:c3:f7:8e:be:20:74:b5:dc:65:02:6e:2e:b8:b2:
                    25:33:58:1e:96:f3:dc:c5:ad:60:90:7e:78:f4:af:
                    60:d9:eb:e9:b9:8c:f9:76:20:63:24:38:13:3a:37:
                    5f:c8:04:9b:5f:0b:4b:78:44:15:90:f7:77:42:81:
                    ee:66:a2:6a:d6:ce:d0:ce:3c:36:fd:7f:1a:81:8b:
                    e9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:2A:DA:C8:95:FE:BA:0C:67:43:13:87:42:F2:4B:E7:E3:EC:01:DC
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231323a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b12::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:85:a3:de:86:51:f5:66:33:6e:a8:d0:30:08:57:7e:66:d4:
         ba:a9:4f:f0:4e:96:1c:2b:47:9c:eb:d6:82:44:74:a1:c5:b8:
         f8:36:76:35:f1:ff:09:d7:12:45:4e:2f:63:77:db:60:d8:8b:
         a5:25:bc:53:93:5b:3e:6e:84:3a:fb:d2:1d:6a:5c:cf:a4:f6:
         df:83:78:91:d7:0d:b1:91:84:f4:52:7c:82:fa:e6:bb:0d:f0:
         90:24:70:2c:d8:01:91:ba:7f:30:8b:80:1c:18:e4:67:29:00:
         ba:24:00:aa:a8:7f:18:2d:68:2e:a9:68:cb:11:98:c3:de:d8:
         9b:34:3c:57:a8:2a:0b:05:7a:1c:8b:58:82:71:2a:e7:91:87:
         af:6b:65:b8:71:cc:2e:f2:3b:45:dc:ea:ed:36:42:d8:d2:16:
         58:1a:c5:76:4a:83:23:15:8d:9c:c3:48:ed:b4:17:77:d6:65:
         c5:73:a1:a9:3c:5c:fd:ec:61:51:ad:99:71:70:bb:8e:f0:9e:
         23:da:74:8a:56:20:3e:ea:e1:20:4e:ae:c3:ae:06:93:f9:68:
         2e:47:82:66:c1:a9:fc:ab:a8:b2:06:16:0f:49:25:7f:b7:1b:
         82:f9:36:be:c5:10:1d:cb:da:06:a0:fb:8c:7b:70:a3:75:8e:
         6b:2e:71:ff
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUUnqs4S7seGeoKPnu2fIPygR+t4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTU2NDBaFw0yNTA1MTIwMjAxNDBaMDMxMTAvBgNV
BAMTKDU1MkFEQUM4OTVGRUJBMEM2NzQzMTM4NzQyRjI0QkU3RTNFQzAxREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnXvG23hebJcHiGYCd5pYNvc+b
f0dG6SI1dRLr/TEXc7iN9Plk0ANGMfvtsVFzQUDLSzM9iG9UT3sFtk5LsM8xQ2S0
1yeqzDwDA+uQm5c4QC2Sl9gOj8Xj+ChUYaSqSWSql20BSnVVt9e4+aKQ2OQDJNrJ
/PmhKAb6Hlk3FIN4IGj7bvhMAsLDOsVnjTQk26miiI0M4yMgL906P94MoTp7LPD5
FLUj1hhohvHLi7dAqAyfmmDD946+IHS13GUCbi64siUzWB6W89zFrWCQfnj0r2DZ
6+m5jPl2IGMkOBM6N1/IBJtfC0t4RBWQ93dCge5momrWztDOPDb9fxqBi+lpAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUVSrayJX+ugxnQxOHQvJL5+PsAdwwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsSMA0GCSqGSIb3DQEBCwUAA4IBAQAK
haPehlH1ZjNuqNAwCFd+ZtS6qU/wTpYcK0ec69aCRHShxbj4NnY18f8J1xJFTi9j
d9tg2IulJbxTk1s+boQ6+9IdalzPpPbfg3iR1w2xkYT0UnyC+ua7DfCQJHAs2AGR
un8wi4AcGORnKQC6JACqqH8YLWguqWjLEZjD3tibNDxXqCoLBXoci1iCcSrnkYev
a2W4ccwu8jtF3OrtNkLY0hZYGsV2SoMjFY2cw0jttBd31mXFc6GpPFz97GFRrZlx
cLuO8J4j2nSKViA+6uEgTq7DrgaT+WguR4Jmwan8q6iyBhYPSSV/txuC+Ta+xRAd
y9oGoPuMe3CjdY5rLnH/
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org