Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231343a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231343a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          vT79jhQFpp3g2QJjAGP6nhSRdehh1bMYxpcf72IE5JY=
Subject key identifier:   18:A3:42:EF:A9:58:78:CE:E7:6D:CF:69:ED:B0:BC:81:1C:BD:F6:9F
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       79937B03A46F3F91CFB24D3C018CB6E544F230E3
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231343a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:58:02 +0000
ROA not before:           Mon 13 May 2024 01:53:02 +0000
ROA not after:            Mon 12 May 2025 01:58:02 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b14::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:93:7b:03:a4:6f:3f:91:cf:b2:4d:3c:01:8c:b6:e5:44:f2:30:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:53:02 2024 GMT
            Not After : May 12 01:58:02 2025 GMT
        Subject: CN=18A342EFA95878CEE76DCF69EDB0BC811CBDF69F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1f:55:79:b5:c6:c9:3c:81:5b:df:bc:26:f9:
                    87:a8:6e:07:24:4d:3b:72:74:f8:b4:78:0b:f5:10:
                    ea:52:1f:d7:18:78:e8:78:7b:1b:30:05:2e:69:70:
                    18:ac:a7:05:86:18:c9:68:e3:e4:b4:c3:a3:ad:f4:
                    7a:9a:11:d1:df:a6:7b:63:4a:0d:08:5a:05:5d:75:
                    33:b9:f0:ed:8e:ca:77:91:d9:63:81:2e:d8:5a:4a:
                    9f:84:36:b1:06:a3:1f:01:fc:be:11:11:33:56:b5:
                    de:5b:f3:fb:cc:e0:93:b2:bf:fe:ce:9d:78:59:ab:
                    fd:ac:ae:9c:b0:72:0d:74:8d:7c:ac:23:00:13:d9:
                    03:94:68:03:96:f3:a0:15:42:62:19:19:55:e5:56:
                    70:17:96:2d:1f:2f:fb:68:4e:05:0f:4a:3b:c6:2a:
                    01:ff:bb:4c:b4:1a:e5:8d:d3:04:b9:01:4d:8f:40:
                    f6:a6:40:ba:b8:c9:3a:bc:1b:ca:e7:b2:0d:4b:ee:
                    8d:29:e8:94:2b:0a:1b:9d:c9:25:a3:bf:90:c6:60:
                    35:4b:6b:48:2c:2f:ce:66:47:41:b9:02:75:7c:86:
                    de:41:16:36:0f:b7:d0:1d:c0:dd:02:6b:6e:ce:74:
                    98:d1:e7:92:ec:28:d0:c4:f5:07:18:8d:e5:fe:1e:
                    b8:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:A3:42:EF:A9:58:78:CE:E7:6D:CF:69:ED:B0:BC:81:1C:BD:F6:9F
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231343a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b14::/48

    Signature Algorithm: sha256WithRSAEncryption
         78:f7:b8:57:a2:5e:a7:65:7a:43:d0:20:25:e7:15:31:c4:0c:
         90:39:bc:85:97:ed:25:79:f4:01:2b:9b:05:f2:f0:dc:13:31:
         c2:80:e3:9e:ac:65:e1:4f:ee:e8:33:0a:0c:d0:22:48:69:e4:
         40:d9:f6:76:dd:db:90:6d:7a:c9:fe:68:fe:90:93:50:49:4c:
         b8:55:6f:1b:b4:28:e9:61:51:b7:51:04:d8:b6:c0:b9:d6:81:
         f5:30:5e:cf:d1:70:56:a3:4b:25:31:9d:6f:4d:32:cd:f8:d5:
         49:33:52:11:ee:cc:24:f1:e9:6d:17:0f:d8:d4:13:01:d7:69:
         65:63:19:c1:ea:1c:3a:c2:50:50:3f:13:4e:bb:e3:f3:01:e6:
         70:b4:6c:e5:17:e2:bf:fc:8c:79:80:e6:cf:c8:da:c4:9f:b4:
         81:c9:cf:2b:7f:66:a4:b0:b1:bb:b0:98:d9:3b:1e:61:c6:50:
         f2:cb:b1:c7:38:74:a8:5c:c6:28:4c:e5:1d:0c:70:3a:c8:12:
         7a:b9:e0:5b:ba:a8:82:8c:3d:e8:85:41:13:f7:e1:3f:2f:e7:
         f8:d4:8f:0a:0e:97:ed:b3:1c:fe:0c:eb:d9:3a:2f:48:8a:c0:
         66:ed:37:87:97:13:18:eb:ac:3b:d7:10:9d:df:6d:5e:de:46:
         fa:2a:0d:f1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUeZN7A6RvP5HPsk08AYy25UTyMOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUzMDJaFw0yNTA1MTIwMTU4MDJaMDMxMTAvBgNV
BAMTKDE4QTM0MkVGQTk1ODc4Q0VFNzZEQ0Y2OUVEQjBCQzgxMUNCREY2OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2H1V5tcbJPIFb37wm+Yeobgck
TTtydPi0eAv1EOpSH9cYeOh4exswBS5pcBispwWGGMlo4+S0w6Ot9HqaEdHfpntj
Sg0IWgVddTO58O2OyneR2WOBLthaSp+ENrEGox8B/L4RETNWtd5b8/vM4JOyv/7O
nXhZq/2srpywcg10jXysIwAT2QOUaAOW86AVQmIZGVXlVnAXli0fL/toTgUPSjvG
KgH/u0y0GuWN0wS5AU2PQPamQLq4yTq8G8rnsg1L7o0p6JQrChudySWjv5DGYDVL
a0gsL85mR0G5AnV8ht5BFjYPt9AdwN0Ca27OdJjR55LsKNDE9QcYjeX+HrjHAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUGKNC76lYeM7nbc9p7bC8gRy99p8wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsUMA0GCSqGSIb3DQEBCwUAA4IBAQB4
97hXol6nZXpD0CAl5xUxxAyQObyFl+0lefQBK5sF8vDcEzHCgOOerGXhT+7oMwoM
0CJIaeRA2fZ23duQbXrJ/mj+kJNQSUy4VW8btCjpYVG3UQTYtsC51oH1MF7P0XBW
o0slMZ1vTTLN+NVJM1IR7swk8eltFw/Y1BMB12llYxnB6hw6wlBQPxNOu+PzAeZw
tGzlF+K//Ix5gObPyNrEn7SByc8rf2aksLG7sJjZOx5hxlDyy7HHOHSoXMYoTOUd
DHA6yBJ6ueBbuqiCjD3ohUET9+E/L+f41I8KDpftsxz+DOvZOi9IisBm7TeHlxMY
66w71xCd321e3kb6Kg3x
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org