Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/326130613a363034303a623166313a3a2f34382d3438203d3e20323030363736.roa
File:                     326130613a363034303a623166313a3a2f34382d3438203d3e20323030363736.roa (raw, json)
Hash identifier:          MYzoD8wbCOxI3VM/BdbUpxOg1cHoSa/pKdV7AMYn73k=
Subject key identifier:   1E:D3:A6:5F:1C:28:5B:B6:FE:60:CE:39:9F:48:14:02:FE:91:12:B9
Certificate issuer:       /CN=309C25E7B18FF28A60B96B25572F8A9E3104FE76
Certificate serial:       07DF7C85A200F74DFB292BB7047CA6D7CFD17E0D
Authority key identifier: 30:9C:25:E7:B1:8F:F2:8A:60:B9:6B:25:57:2F:8A:9E:31:04:FE:76
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/326130613a363034303a623166313a3a2f34382d3438203d3e20323030363736.roa
Signing time:             Tue 10 Sep 2024 19:15:16 +0000
ROA not before:           Tue 10 Sep 2024 19:10:16 +0000
ROA not after:            Tue 09 Sep 2025 19:15:16 +0000
asID:                     200676
IP address blocks:        2a0a:6040:b1f1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:df:7c:85:a2:00:f7:4d:fb:29:2b:b7:04:7c:a6:d7:cf:d1:7e:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=309C25E7B18FF28A60B96B25572F8A9E3104FE76
        Validity
            Not Before: Sep 10 19:10:16 2024 GMT
            Not After : Sep  9 19:15:16 2025 GMT
        Subject: CN=1ED3A65F1C285BB6FE60CE399F481402FE9112B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:84:ac:f9:8c:db:c9:0f:c7:0b:8f:3d:02:ba:
                    d4:4a:aa:1f:5a:94:5a:36:7d:bd:4c:12:3b:60:0a:
                    ba:31:c8:8d:7c:21:fd:6a:2c:1b:27:3b:e7:85:67:
                    81:93:96:0e:5f:d2:e2:58:1a:aa:25:fd:18:6d:d9:
                    06:59:4f:8f:58:68:eb:5c:1d:e1:6c:92:1e:42:b9:
                    e2:38:e0:5d:95:79:ca:8d:72:51:7e:32:2c:31:8a:
                    ed:4f:61:59:55:9c:6b:75:83:2d:67:cb:0b:3d:68:
                    0f:3e:22:7d:4d:70:5f:d3:65:e7:43:e8:3e:90:43:
                    49:e2:d5:7f:c2:08:d1:3f:e3:bd:da:02:9f:a6:4d:
                    39:9a:8f:85:c4:69:b0:b1:20:fc:cb:3f:22:27:94:
                    d9:29:29:98:ea:54:81:4d:4f:ab:f7:73:92:9a:6a:
                    0b:c9:3b:12:36:8d:73:71:47:21:71:31:9c:6c:4b:
                    e1:8a:c7:57:d3:53:94:89:31:36:af:6f:35:5f:08:
                    d5:5b:39:a1:2f:77:d8:15:f6:fe:69:8b:27:d4:de:
                    fa:1a:20:72:db:b4:db:39:42:27:62:9c:d4:dc:e6:
                    41:17:73:67:d1:ef:bb:00:3a:e5:ca:81:08:7b:2e:
                    ca:42:03:8a:42:34:59:59:5d:fb:dc:07:78:44:19:
                    01:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:D3:A6:5F:1C:28:5B:B6:FE:60:CE:39:9F:48:14:02:FE:91:12:B9
            X509v3 Authority Key Identifier:
                keyid:30:9C:25:E7:B1:8F:F2:8A:60:B9:6B:25:57:2F:8A:9E:31:04:FE:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/309C25E7B18FF28A60B96B25572F8A9E3104FE76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/0/326130613a363034303a623166313a3a2f34382d3438203d3e20323030363736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:b1f1::/48

    Signature Algorithm: sha256WithRSAEncryption
         43:41:6a:c4:21:f4:81:bc:94:65:20:7d:94:3c:20:78:8b:ed:
         29:3e:e9:0e:b5:c2:e1:97:fe:44:49:36:9d:bd:7a:bf:a7:79:
         8a:d4:15:b2:16:ec:d5:f8:2e:e7:0c:cc:1b:33:43:59:1d:a1:
         d8:d0:d3:39:a7:31:84:c0:15:08:b5:25:ea:3e:8a:bc:c4:2a:
         7d:5b:f9:60:02:c3:5b:e5:f0:15:cb:9d:6c:3b:c8:06:73:64:
         c6:ba:53:40:5f:f1:85:39:6d:69:bd:20:4c:8b:52:c1:9b:50:
         bd:cf:d4:5b:10:98:b4:ce:38:22:63:f0:68:df:1f:b2:6b:77:
         bd:48:d1:05:00:0b:28:c5:ae:01:ff:f8:26:96:d9:25:5f:74:
         8b:28:08:63:a3:72:8a:d3:1e:d8:9e:9a:dc:ea:c4:84:3d:ce:
         fb:20:97:50:89:3b:80:d0:8f:f8:0b:5e:26:b9:19:08:8d:d3:
         f2:7d:7c:73:19:4a:7f:9b:e4:b4:f6:d3:31:a6:d9:f6:fd:6c:
         22:2a:80:70:89:24:d1:24:86:b3:4a:df:f6:60:00:7c:20:e9:
         3c:d8:96:cd:1e:0f:0c:2e:d3:02:e7:bd:34:65:23:a9:69:a2:
         8b:4d:96:db:b8:28:69:6a:da:b6:fc:c5:e7:e7:75:e1:9c:45:
         be:28:32:88
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUB998haIA9037KSu3BHym18/Rfg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzA5QzI1RTdCMThGRjI4QTYwQjk2QjI1NTcyRjhBOUUz
MTA0RkU3NjAeFw0yNDA5MTAxOTEwMTZaFw0yNTA5MDkxOTE1MTZaMDMxMTAvBgNV
BAMTKDFFRDNBNjVGMUMyODVCQjZGRTYwQ0UzOTlGNDgxNDAyRkU5MTEyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQhKz5jNvJD8cLjz0CutRKqh9a
lFo2fb1MEjtgCroxyI18If1qLBsnO+eFZ4GTlg5f0uJYGqol/Rht2QZZT49YaOtc
HeFskh5CueI44F2VecqNclF+Miwxiu1PYVlVnGt1gy1nyws9aA8+In1NcF/TZedD
6D6QQ0ni1X/CCNE/473aAp+mTTmaj4XEabCxIPzLPyInlNkpKZjqVIFNT6v3c5Ka
agvJOxI2jXNxRyFxMZxsS+GKx1fTU5SJMTavbzVfCNVbOaEvd9gV9v5piyfU3voa
IHLbtNs5QidinNTc5kEXc2fR77sAOuXKgQh7LspCA4pCNFlZXfvcB3hEGQENAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUHtOmXxwoW7b+YM45n0gUAv6RErkwHwYDVR0j
BBgwFoAUMJwl57GP8opguWslVy+KnjEE/nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1
Y2U3LzAvMzA5QzI1RTdCMThGRjI4QTYwQjk2QjI1NTcyRjhBOUUzMTA0RkU3Ni5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzMwOUMyNUU3QjE4RkYy
OEE2MEI5NkIyNTU3MkY4QTlFMzEwNEZFNzYuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzJhY2EzY2E2LTM0Y2MtNDc3Mi1iYWMwLWEzNWRkMDE5NWNl
Ny8wLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjIzMTY2MzEzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMjMwMzAzNjM3MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAsfEwDQYJKoZIhvcN
AQELBQADggEBAENBasQh9IG8lGUgfZQ8IHiL7Sk+6Q61wuGX/kRJNp29er+neYrU
FbIW7NX4LucMzBszQ1kdodjQ0zmnMYTAFQi1Jeo+irzEKn1b+WACw1vl8BXLnWw7
yAZzZMa6U0Bf8YU5bWm9IEyLUsGbUL3P1FsQmLTOOCJj8GjfH7Jrd71I0QUACyjF
rgH/+CaW2SVfdIsoCGOjcorTHtiemtzqxIQ9zvsgl1CJO4DQj/gLXia5GQiN0/J9
fHMZSn+b5LT20zGm2fb9bCIqgHCJJNEkhrNK3/ZgAHwg6TzYls0eDwwu0wLnvTRl
I6lpootNltu4KGlq2rb8xefndeGcRb4oMog=
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:50:28 2024 by rpki-client on console-ams.rpki-client.org