Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231383a3a2f34382d3438203d3e20323136333234.roa
File:                     326131343a373538313a326231383a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          iT329C8Lj7NHFACZkEHs2i7KOSE0FuLTHaD35QSTZuo=
Subject key identifier:   13:91:DD:33:1C:C9:F3:C1:A3:B4:1A:EC:1B:10:FB:8C:AF:0A:B8:89
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       402EADA0BD9E514A541311A1390DE8534B966E56
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231383a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Mon 13 May 2024 02:01:00 +0000
ROA not before:           Mon 13 May 2024 01:56:00 +0000
ROA not after:            Mon 12 May 2025 02:01:00 +0000
asID:                     216324
IP address blocks:        2a14:7581:2b18::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 07:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:2e:ad:a0:bd:9e:51:4a:54:13:11:a1:39:0d:e8:53:4b:96:6e:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 13 01:56:00 2024 GMT
            Not After : May 12 02:01:00 2025 GMT
        Subject: CN=1391DD331CC9F3C1A3B41AEC1B10FB8CAF0AB889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a2:ee:7a:6f:b2:69:5d:5e:bd:31:3a:75:24:
                    ae:1e:c7:9e:a8:05:a5:53:d3:0b:ee:90:2c:dd:7c:
                    65:40:8f:62:90:da:94:cb:ef:c9:bd:69:3b:d4:3e:
                    2c:e3:29:44:7c:2a:3d:e1:39:dc:00:34:fd:e4:5e:
                    82:64:cc:81:d3:43:89:0f:cf:0b:de:48:39:64:b7:
                    5c:49:f6:63:2a:e5:a2:e1:08:06:6b:58:97:0e:07:
                    45:1f:c5:0a:0a:a0:6f:ae:7f:56:5a:63:16:b3:ec:
                    cd:6a:38:df:f6:59:c4:72:00:72:5e:2a:c3:51:6f:
                    df:cd:fc:bf:cf:9a:a6:27:06:98:3f:c5:9d:56:63:
                    b4:26:e9:83:ad:83:2f:ee:ce:49:55:1e:ce:76:45:
                    d7:0d:28:27:d0:c1:00:23:f1:ac:92:e2:fb:37:d6:
                    1e:cb:30:c9:ea:33:77:f4:87:b7:66:03:a5:f3:70:
                    62:5d:e1:ec:e9:7f:86:cf:bf:37:27:54:49:e0:93:
                    91:eb:3b:2c:78:a2:1b:88:fd:12:85:2f:78:1e:78:
                    92:10:32:9e:67:e5:3d:ca:50:76:c9:51:ef:ef:d2:
                    b3:90:d5:30:f3:7b:d2:55:3f:b4:c1:e4:9e:70:1e:
                    18:af:60:9b:cf:8f:fe:c3:03:40:5d:f6:19:48:38:
                    c4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:91:DD:33:1C:C9:F3:C1:A3:B4:1A:EC:1B:10:FB:8C:AF:0A:B8:89
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a326231383a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2b18::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:8a:69:48:70:40:27:24:c2:ca:ba:5c:b7:5f:27:dd:a9:42:
         bb:68:f4:de:df:7b:49:c4:c7:2a:c4:53:78:e5:d9:f4:b2:94:
         67:31:57:5e:26:16:39:9d:d6:09:38:d5:61:39:b1:d5:1e:c3:
         6c:51:a8:7a:61:be:90:82:2c:6f:b4:9b:df:0b:60:a7:68:d2:
         72:02:82:ca:94:a9:8a:2f:38:6d:61:6a:83:5f:0e:fa:95:bb:
         eb:13:19:41:15:1a:90:dc:28:5d:0a:73:b4:2b:4b:19:d2:17:
         ac:6a:91:3d:13:07:0e:20:b6:e7:1d:cc:ba:3c:10:4f:8f:37:
         d5:c5:dc:c1:b4:a3:bb:ed:6e:84:de:90:30:06:3b:46:81:68:
         da:86:ce:94:a6:e3:b2:52:c3:a0:1b:4d:e9:91:f9:0a:df:03:
         3d:4f:c3:5e:10:7e:ed:51:b0:05:ba:c2:62:83:bb:12:30:54:
         d1:6d:1f:71:54:5e:82:66:af:60:23:dd:b4:6e:02:35:fe:6c:
         ae:a6:ce:d0:8a:98:00:b5:97:07:cd:e5:20:8a:70:62:6f:44:
         cf:39:bb:38:a0:9b:bf:87:c8:1b:d9:58:45:d4:41:c5:09:c3:
         7d:cf:fb:7d:0a:db:90:33:1a:6c:97:38:9b:b1:0f:86:1e:0c:
         6f:a5:aa:f1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUQC6toL2eUUpUExGhOQ3oU0uWblYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MTMwMTU2MDBaFw0yNTA1MTIwMjAxMDBaMDMxMTAvBgNV
BAMTKDEzOTFERDMzMUNDOUYzQzFBM0I0MUFFQzFCMTBGQjhDQUYwQUI4ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOou56b7JpXV69MTp1JK4ex56o
BaVT0wvukCzdfGVAj2KQ2pTL78m9aTvUPizjKUR8Kj3hOdwANP3kXoJkzIHTQ4kP
zwveSDlkt1xJ9mMq5aLhCAZrWJcOB0UfxQoKoG+uf1ZaYxaz7M1qON/2WcRyAHJe
KsNRb9/N/L/PmqYnBpg/xZ1WY7Qm6YOtgy/uzklVHs52RdcNKCfQwQAj8ayS4vs3
1h7LMMnqM3f0h7dmA6XzcGJd4ezpf4bPvzcnVEngk5HrOyx4ohuI/RKFL3geeJIQ
Mp5n5T3KUHbJUe/v0rOQ1TDze9JVP7TB5J5wHhivYJvPj/7DA0Bd9hlIOMSHAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUE5HdMxzJ88GjtBrsGxD7jK8KuIkwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjIzMTM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSsYMA0GCSqGSIb3DQEBCwUAA4IBAQCq
imlIcEAnJMLKuly3XyfdqUK7aPTe33tJxMcqxFN45dn0spRnMVdeJhY5ndYJONVh
ObHVHsNsUah6Yb6QgixvtJvfC2CnaNJyAoLKlKmKLzhtYWqDXw76lbvrExlBFRqQ
3ChdCnO0K0sZ0hesapE9EwcOILbnHcy6PBBPjzfVxdzBtKO77W6E3pAwBjtGgWja
hs6UpuOyUsOgG03pkfkK3wM9T8NeEH7tUbAFusJig7sSMFTRbR9xVF6CZq9gI920
bgI1/myups7QipgAtZcHzeUginBib0TPObs4oJu/h8gb2VhF1EHFCcN9z/t9CtuQ
MxpslzibsQ+GHgxvparx
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:35:54 2024 by rpki-client on console-fra.rpki-client.org