Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6364343a3a2f34382d3438203d3e20323136313037.roa
File:                     326130353a646663313a6364343a3a2f34382d3438203d3e20323136313037.roa (raw, json)
Hash identifier:          q5j+c2qIHvhRW7ND0sRZcHrUp69Bd559PsPCXYWPg7Q=
Subject key identifier:   28:3E:9B:18:4C:FC:D4:C7:C6:AC:1E:40:C1:DD:8D:50:2F:7B:25:79
Certificate issuer:       /CN=A0BDCD4CEF02B9AA3CBD0A837666716397198BFD
Certificate serial:       CDBC45F412E957BEDB67C1FB137182062A33DD
Authority key identifier: A0:BD:CD:4C:EF:02:B9:AA:3C:BD:0A:83:76:66:71:63:97:19:8B:FD
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6364343a3a2f34382d3438203d3e20323136313037.roa
Signing time:             Fri 19 Jan 2024 19:28:09 +0000
ROA not before:           Fri 19 Jan 2024 19:23:09 +0000
ROA not after:            Fri 17 Jan 2025 19:28:09 +0000
asID:                     216107
IP address blocks:        2a05:dfc1:cd4::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cd:bc:45:f4:12:e9:57:be:db:67:c1:fb:13:71:82:06:2a:33:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0BDCD4CEF02B9AA3CBD0A837666716397198BFD
        Validity
            Not Before: Jan 19 19:23:09 2024 GMT
            Not After : Jan 17 19:28:09 2025 GMT
        Subject: CN=283E9B184CFCD4C7C6AC1E40C1DD8D502F7B2579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:9c:4c:f0:f8:4f:9e:bd:05:ee:49:20:d4:4d:
                    de:0a:16:00:3b:21:a9:e7:6d:dc:d4:48:ac:48:1c:
                    af:09:d6:80:9a:78:7e:15:f5:c0:15:92:e0:66:16:
                    fa:0a:08:33:61:cd:87:62:f6:bc:b2:ca:4a:65:8e:
                    c7:6e:58:f7:6d:e0:31:81:ac:c5:cd:c2:b7:b0:e2:
                    61:75:af:fd:b4:e2:e4:c6:2a:28:7f:ac:b9:4a:68:
                    df:98:82:de:3f:fe:76:75:9c:d2:a9:a9:79:40:15:
                    aa:83:c8:83:e1:0b:36:f5:9d:9a:06:c2:61:d4:36:
                    7d:7e:f8:b5:0b:40:a3:2f:2b:6f:bd:0e:7d:8e:27:
                    44:a7:17:d3:f8:89:91:78:b0:c8:21:4d:e0:d2:fa:
                    42:6e:8c:7c:ee:4a:44:5f:a1:bd:26:9d:e3:4d:8b:
                    94:80:a0:58:87:f3:d7:83:e0:97:4f:73:ab:07:90:
                    50:b4:10:cf:66:85:5d:6f:5a:8b:c5:18:26:fa:64:
                    2a:94:11:9f:78:11:7f:ad:14:dc:ba:12:e2:76:ef:
                    d6:a8:4d:df:e0:e6:f6:d0:b1:c1:eb:65:08:4c:2f:
                    36:ba:01:9b:5a:5e:3c:70:b1:d3:45:ce:6a:db:62:
                    51:7e:54:af:2c:46:ef:09:9e:bb:db:4d:c8:17:96:
                    28:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:3E:9B:18:4C:FC:D4:C7:C6:AC:1E:40:C1:DD:8D:50:2F:7B:25:79
            X509v3 Authority Key Identifier:
                keyid:A0:BD:CD:4C:EF:02:B9:AA:3C:BD:0A:83:76:66:71:63:97:19:8B:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6364343a3a2f34382d3438203d3e20323136313037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:cd4::/48

    Signature Algorithm: sha256WithRSAEncryption
         00:db:46:ee:72:dd:42:63:78:0f:d7:fb:cf:a1:aa:44:2d:b7:
         2c:56:8f:37:72:74:68:85:e9:74:ff:98:73:de:93:f8:f0:49:
         ac:a8:18:f0:e1:29:af:8c:6d:cb:09:15:2b:6a:2c:e3:90:e5:
         f0:d2:f4:1e:3d:d3:d1:a6:db:7f:46:4d:38:5c:46:a4:a7:87:
         f8:59:ee:93:5b:88:40:05:fa:a7:ab:a9:6b:b4:36:39:3c:69:
         20:14:76:0f:8b:62:56:d2:ce:6f:31:63:9b:3f:38:89:3c:a2:
         f1:42:ed:82:8a:81:85:5b:ef:85:d8:7d:85:e5:3d:5c:6e:ca:
         bc:2a:ad:04:90:7c:81:20:71:f2:e4:2b:12:27:b2:bf:95:0a:
         b0:1c:fe:f0:ee:6d:15:62:37:f7:d1:2e:d0:d8:26:42:43:2d:
         31:de:ad:91:bf:48:54:a7:57:ee:e5:b8:15:82:24:6f:ad:29:
         5a:95:72:da:04:c4:34:f1:2a:e9:03:63:0c:27:af:43:02:0f:
         1e:04:1e:40:a2:85:5c:ac:27:c5:23:82:51:5a:50:56:c6:1e:
         62:bb:34:93:77:87:72:c8:0b:dd:71:e8:c0:02:42:5f:99:ba:
         c0:5c:a3:7d:02:c1:c3:6e:89:88:52:9d:36:46:a3:68:a7:c5:
         ca:9f:02:88
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUAM28RfQS6Ve+22fB+xNxggYqM90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBCRENENENFRjAyQjlBQTNDQkQwQTgzNzY2NjcxNjM5
NzE5OEJGRDAeFw0yNDAxMTkxOTIzMDlaFw0yNTAxMTcxOTI4MDlaMDMxMTAvBgNV
BAMTKDI4M0U5QjE4NENGQ0Q0QzdDNkFDMUU0MEMxREQ4RDUwMkY3QjI1NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrnEzw+E+evQXuSSDUTd4KFgA7
IannbdzUSKxIHK8J1oCaeH4V9cAVkuBmFvoKCDNhzYdi9ryyykpljsduWPdt4DGB
rMXNwrew4mF1r/204uTGKih/rLlKaN+Ygt4//nZ1nNKpqXlAFaqDyIPhCzb1nZoG
wmHUNn1++LULQKMvK2+9Dn2OJ0SnF9P4iZF4sMghTeDS+kJujHzuSkRfob0mneNN
i5SAoFiH89eD4JdPc6sHkFC0EM9mhV1vWovFGCb6ZCqUEZ94EX+tFNy6EuJ279ao
Td/g5vbQscHrZQhMLza6AZtaXjxwsdNFzmrbYlF+VK8sRu8JnrvbTcgXlihJAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUKD6bGEz81MfGrB5Awd2NUC97JXkwHwYDVR0j
BBgwFoAUoL3NTO8Cuao8vQqDdmZxY5cZi/0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjhjZDYyMjQtYTNiMC00NjhlLWFhMzctODJjYTZhM2U5
MjQzLzEvQTBCRENENENFRjAyQjlBQTNDQkQwQTgzNzY2NjcxNjM5NzE5OEJGRC5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0EwQkRDRDRDRUYwMkI5
QUEzQ0JEMEE4Mzc2NjY3MTYzOTcxOThCRkQuY2VyMIG1BggrBgEFBQcBCwSBqDCB
pTCBogYIKwYBBQUHMAuGgZVyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzI4Y2Q2MjI0LWEzYjAtNDY4ZS1hYTM3LTgyY2E2YTNlOTI0
My8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhNjM2NDM0M2EzYTJmMzQzODJkMzQzODIw
M2QzZTIwMzIzMTM2MzEzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXfwQzUMA0GCSqGSIb3DQEB
CwUAA4IBAQAA20buct1CY3gP1/vPoapELbcsVo83cnRohel0/5hz3pP48EmsqBjw
4SmvjG3LCRUraizjkOXw0vQePdPRptt/Rk04XEakp4f4We6TW4hABfqnq6lrtDY5
PGkgFHYPi2JW0s5vMWObPziJPKLxQu2CioGFW++F2H2F5T1cbsq8Kq0EkHyBIHHy
5CsSJ7K/lQqwHP7w7m0VYjf30S7Q2CZCQy0x3q2Rv0hUp1fu5bgVgiRvrSlalXLa
BMQ08SrpA2MMJ69DAg8eBB5AooVcrCfFI4JRWlBWxh5iuzSTd4dyyAvdcejAAkJf
mbrAXKN9AsHDbomIUp02RqNop8XKnwKI
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:58:30 2024 by rpki-client on console-ams.rpki-client.org