Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231353a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231353a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          KIO6v6Ibw+rRLcHNOP06bIDpNQX9xN+xmTJwanhJ21U=
Subject key identifier:   C0:98:B1:9D:3A:7B:2F:0F:21:8D:A4:9A:CE:19:93:F5:B4:61:C0:B4
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       52732DC67363ED255B494DF9FF1C3D9D9BC2828F
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231353a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:58:58 +0000
ROA not before:           Mon 13 May 2024 01:53:58 +0000
ROA not after:            Mon 12 May 2025 01:58:58 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b15::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:73:2d:c6:73:63:ed:25:5b:49:4d:f9:ff:1c:3d:9d:9b:c2:82:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:53:58 2024 GMT
            Not After : May 12 01:58:58 2025 GMT
        Subject: CN=C098B19D3A7B2F0F218DA49ACE1993F5B461C0B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:51:94:2b:d0:c7:80:88:90:b8:cc:58:da:5e:
                    a0:e6:f4:c9:ab:27:f9:a7:73:7b:27:a3:5c:a1:6c:
                    77:26:d0:36:e6:e4:f8:3d:14:94:e5:12:e0:8c:de:
                    ba:21:2b:68:7c:58:84:a7:a6:11:4d:ee:0b:a0:41:
                    5c:be:44:5d:08:34:2e:4d:a3:5d:67:73:e6:63:35:
                    42:65:1e:a5:3a:83:16:07:08:db:ee:99:52:9f:3b:
                    2b:5c:19:2d:59:d7:38:92:ed:2b:92:2c:d6:0f:f5:
                    20:59:76:70:46:94:94:5e:c4:24:4f:fc:da:db:f6:
                    5f:2f:ea:fe:27:12:7f:98:9e:57:0a:e7:7d:5d:13:
                    d1:a3:4c:82:35:2a:ad:ef:90:e3:a7:b4:5b:ee:17:
                    55:0e:49:03:6b:01:18:fa:d2:4d:c5:2c:27:84:db:
                    42:64:a4:5a:a8:bf:cc:95:c3:88:30:a1:f1:25:4f:
                    da:90:d9:57:84:c6:a4:93:d7:50:4c:c0:38:00:63:
                    08:42:25:89:46:da:a8:6f:eb:f1:03:bf:91:a4:a9:
                    33:9d:d9:c2:1c:ed:46:1b:72:6c:4f:66:07:bb:ea:
                    b8:cd:ad:bb:74:d9:2b:68:6c:32:be:f4:6e:0b:d0:
                    b1:e7:97:b1:2d:45:af:3a:36:8f:e8:28:97:13:89:
                    e3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:98:B1:9D:3A:7B:2F:0F:21:8D:A4:9A:CE:19:93:F5:B4:61:C0:B4
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231353a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b15::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:a6:9b:c2:5c:1b:08:45:4b:4d:f1:cc:9d:ac:f5:d0:4a:c9:
         43:88:34:3c:69:ea:4d:75:2a:1c:f4:0d:83:84:83:0e:54:bd:
         bb:f6:4d:3b:e9:10:57:06:21:f5:67:3c:08:d8:0e:3e:02:9f:
         d6:c6:9a:5d:81:a3:f8:b9:7b:bd:df:dd:ef:ea:7d:44:65:de:
         ad:74:72:9f:12:79:9d:13:e3:31:82:3c:2b:a8:eb:de:e5:f0:
         8e:cc:45:7c:a9:df:fa:4f:c8:52:ca:88:08:1c:5c:15:18:5a:
         8d:f5:73:21:a8:7d:af:c9:a1:88:f3:84:61:26:63:2b:96:26:
         de:01:e3:75:af:82:8a:ea:58:9d:ea:51:77:4e:b2:e3:4d:aa:
         9e:83:80:dc:90:e3:66:8c:ef:48:7d:13:e4:c9:0f:bd:7f:07:
         5b:ef:67:6d:4d:e6:61:30:1b:02:68:ca:bc:b7:49:02:ca:35:
         55:af:ea:8a:07:0a:49:53:d9:c1:26:02:d8:bb:44:0a:4e:35:
         74:7b:b9:f1:d4:03:2c:34:c0:91:0d:99:8e:c2:80:08:16:a2:
         ec:14:39:34:5d:f5:7d:75:55:23:32:2e:d5:3d:90:c3:95:aa:
         4f:37:88:33:62:b7:c2:8d:8c:45:9e:1a:39:f2:d5:6a:98:e7:
         19:e1:01:78
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUUnMtxnNj7SVbSU35/xw9nZvCgo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTUzNThaFw0yNTA1MTIwMTU4NThaMDMxMTAvBgNV
BAMTKEMwOThCMTlEM0E3QjJGMEYyMThEQTQ5QUNFMTk5M0Y1QjQ2MUMwQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvUZQr0MeAiJC4zFjaXqDm9Mmr
J/mnc3sno1yhbHcm0Dbm5Pg9FJTlEuCM3rohK2h8WISnphFN7gugQVy+RF0INC5N
o11nc+ZjNUJlHqU6gxYHCNvumVKfOytcGS1Z1ziS7SuSLNYP9SBZdnBGlJRexCRP
/Nrb9l8v6v4nEn+YnlcK531dE9GjTII1Kq3vkOOntFvuF1UOSQNrARj60k3FLCeE
20JkpFqov8yVw4gwofElT9qQ2VeExqST11BMwDgAYwhCJYlG2qhv6/EDv5GkqTOd
2cIc7UYbcmxPZge76rjNrbt02StobDK+9G4L0LHnl7EtRa86No/oKJcTieM1AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUwJixnTp7Lw8hjaSazhmT9bRhwLQwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsVMA0GCSqGSIb3DQEBCwUAA4IBAQAN
ppvCXBsIRUtN8cydrPXQSslDiDQ8aepNdSoc9A2DhIMOVL279k076RBXBiH1ZzwI
2A4+Ap/WxppdgaP4uXu9393v6n1EZd6tdHKfEnmdE+MxgjwrqOve5fCOzEV8qd/6
T8hSyogIHFwVGFqN9XMhqH2vyaGI84RhJmMrlibeAeN1r4KK6lid6lF3TrLjTaqe
g4DckONmjO9IfRPkyQ+9fwdb72dtTeZhMBsCaMq8t0kCyjVVr+qKBwpJU9nBJgLY
u0QKTjV0e7nx1AMsNMCRDZmOwoAIFqLsFDk0XfV9dVUjMi7VPZDDlapPN4gzYrfC
jYxFnho58tVqmOcZ4QF4
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:58:02 2024 by rpki-client on console-ams.rpki-client.org