Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231363a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231363a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          erN6EhvJ7CCI+12TXqJh8cqzutk4rdz0XIcmVFgnHWo=
Subject key identifier:   72:8B:87:91:8A:19:F1:4C:6A:83:35:3A:1C:B4:2E:E4:39:EE:97:BA
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       30DF6B97A6810AF8BCFA2412EB47A0704BC88FBB
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231363a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 01:59:19 +0000
ROA not before:           Mon 13 May 2024 01:54:19 +0000
ROA not after:            Mon 12 May 2025 01:59:19 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b16::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:df:6b:97:a6:81:0a:f8:bc:fa:24:12:eb:47:a0:70:4b:c8:8f:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:54:19 2024 GMT
            Not After : May 12 01:59:19 2025 GMT
        Subject: CN=728B87918A19F14C6A83353A1CB42EE439EE97BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:be:33:93:9d:f2:bb:31:5f:8a:00:80:39:2d:
                    e7:97:9b:18:3c:0a:a0:a4:12:83:68:b4:50:55:b4:
                    c7:1a:1f:60:49:bc:47:ac:8d:10:1a:4c:55:9f:a7:
                    be:41:c3:26:f9:45:7c:53:5a:2a:63:33:90:c7:31:
                    2c:52:8d:ba:59:ba:98:fd:54:c1:ec:d1:23:b0:95:
                    ac:12:9e:b5:85:a7:c5:1c:5c:a0:89:9c:d2:78:93:
                    9c:57:e8:85:72:e5:d4:1a:59:e3:55:7e:70:3b:b3:
                    4f:a3:ea:b1:2e:9f:40:fb:60:8f:ec:1b:f4:21:30:
                    76:c4:98:0a:b5:20:c9:a4:1b:b5:66:41:a7:64:58:
                    72:69:99:04:fa:c6:56:de:fa:9c:62:75:15:67:d3:
                    be:29:c3:70:45:8a:2d:db:74:d7:d3:63:31:82:42:
                    ec:1d:8e:f3:4c:e3:3d:f5:63:05:fe:46:27:9d:10:
                    46:f8:55:34:c7:50:b4:69:db:e1:f7:1a:bd:a1:5d:
                    c5:ac:09:e2:9d:5a:10:84:31:4c:f6:6b:59:14:86:
                    84:b1:c3:cf:ab:56:60:cb:72:2c:3c:dd:c2:e0:c5:
                    98:c1:57:d3:85:0a:c8:b7:f7:47:9b:ca:bd:fc:3a:
                    56:1c:7a:e6:d7:2d:00:24:d0:e6:d6:2f:5d:d5:f1:
                    16:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:8B:87:91:8A:19:F1:4C:6A:83:35:3A:1C:B4:2E:E4:39:EE:97:BA
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231363a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b16::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:c4:38:e7:b7:b1:8e:d0:84:96:fe:1c:1a:09:0a:09:ad:7d:
         53:21:04:76:50:64:a5:ec:46:38:13:28:b3:a8:be:e6:5c:55:
         8c:a9:9a:36:65:d7:1e:95:93:81:ea:41:0f:31:32:46:54:dd:
         eb:fb:f1:8b:72:36:26:e0:21:7b:3b:63:c3:1e:94:b5:74:5d:
         c3:e3:0b:10:bf:41:ed:ec:4c:df:dd:1a:9a:e4:5f:2e:7a:a0:
         48:0e:87:10:9c:39:01:d8:e2:93:e0:ff:07:4b:b2:ec:45:ea:
         ee:3c:47:d9:2f:10:bf:df:45:94:6a:cf:2c:f2:1c:e3:b5:c0:
         7d:db:ea:a4:4d:c4:a8:9d:14:4b:f1:32:25:90:9c:25:e9:41:
         0e:12:6e:cc:4c:ff:b7:51:b2:b1:ea:93:13:20:da:59:4c:10:
         34:ae:08:15:9f:21:23:70:95:6e:b2:34:76:01:d2:c6:8b:a1:
         11:c0:ba:2e:36:ba:4b:50:e4:90:b4:62:43:18:17:c5:f2:5e:
         3b:0d:48:ed:33:82:4b:04:f4:5e:66:e9:e0:fa:76:c4:32:25:
         7b:2e:47:e7:59:58:a2:bd:cb:c7:58:29:0b:7b:87:f6:1c:77:
         8f:df:9a:da:8e:fc:b4:6f:06:fa:ec:a0:2a:49:41:93:3f:f9:
         a1:de:85:de
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUMN9rl6aBCvi8+iQS60egcEvIj7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTU0MTlaFw0yNTA1MTIwMTU5MTlaMDMxMTAvBgNV
BAMTKDcyOEI4NzkxOEExOUYxNEM2QTgzMzUzQTFDQjQyRUU0MzlFRTk3QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+vjOTnfK7MV+KAIA5LeeXmxg8
CqCkEoNotFBVtMcaH2BJvEesjRAaTFWfp75Bwyb5RXxTWipjM5DHMSxSjbpZupj9
VMHs0SOwlawSnrWFp8UcXKCJnNJ4k5xX6IVy5dQaWeNVfnA7s0+j6rEun0D7YI/s
G/QhMHbEmAq1IMmkG7VmQadkWHJpmQT6xlbe+pxidRVn074pw3BFii3bdNfTYzGC
QuwdjvNM4z31YwX+RiedEEb4VTTHULRp2+H3Gr2hXcWsCeKdWhCEMUz2a1kUhoSx
w8+rVmDLciw83cLgxZjBV9OFCsi390ebyr38OlYceubXLQAk0ObWL13V8RbDAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUcouHkYoZ8UxqgzU6HLQu5Dnul7owHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsWMA0GCSqGSIb3DQEBCwUAA4IBAQBC
xDjnt7GO0ISW/hwaCQoJrX1TIQR2UGSl7EY4EyizqL7mXFWMqZo2ZdcelZOB6kEP
MTJGVN3r+/GLcjYm4CF7O2PDHpS1dF3D4wsQv0Ht7Ezf3Rqa5F8ueqBIDocQnDkB
2OKT4P8HS7LsReruPEfZLxC/30WUas8s8hzjtcB92+qkTcSonRRL8TIlkJwl6UEO
Em7MTP+3UbKx6pMTINpZTBA0rggVnyEjcJVusjR2AdLGi6ERwLouNrpLUOSQtGJD
GBfF8l47DUjtM4JLBPReZung+nbEMiV7LkfnWViivcvHWCkLe4f2HHeP35rajvy0
bwb67KAqSUGTP/mh3oXe
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org