Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa
File:                     326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa (raw, json)
Hash identifier:          Q5gjl44KzFA6g8+tW8lygBoA3oaZ4qvSEamF1iUuuio=
Subject key identifier:   9B:53:5B:47:A5:B2:AC:F6:3E:11:82:BD:76:1A:E5:59:3F:A7:78:C3
Certificate issuer:       /CN=CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD
Certificate serial:       36251DD20F8EA4CF380DAE8D49C99B12E4593195
Authority key identifier: CE:1B:4F:43:67:B6:A5:5F:34:CA:98:1A:0D:6C:A7:58:3F:95:51:CD
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa
Signing time:             Tue 10 Sep 2024 19:15:21 +0000
ROA not before:           Tue 10 Sep 2024 19:10:21 +0000
ROA not after:            Tue 09 Sep 2025 19:15:21 +0000
asID:                     200676
IP address blocks:        2a06:a003:1111::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:25:1d:d2:0f:8e:a4:cf:38:0d:ae:8d:49:c9:9b:12:e4:59:31:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD
        Validity
            Not Before: Sep 10 19:10:21 2024 GMT
            Not After : Sep  9 19:15:21 2025 GMT
        Subject: CN=9B535B47A5B2ACF63E1182BD761AE5593FA778C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cf:0a:58:37:82:81:cf:66:f0:f3:22:60:4a:
                    1d:de:61:11:9a:00:36:c6:cb:c0:88:11:4d:42:11:
                    3d:95:ca:75:18:52:90:e3:19:52:c8:2a:6c:25:45:
                    d7:1b:15:a0:31:e3:61:a4:8e:9f:45:3b:1f:f9:2c:
                    91:ba:b0:1e:ab:fc:57:a8:25:c5:ff:16:a9:a7:c3:
                    66:a8:36:71:49:3e:d1:21:21:1b:34:5e:e1:25:1c:
                    9c:91:5b:12:7a:a7:6a:59:8f:77:5c:49:ed:14:4f:
                    74:d5:dd:ce:19:83:5c:13:79:99:55:f0:c3:ee:df:
                    7b:2a:04:46:99:85:a0:ea:f8:d7:46:33:f2:7b:94:
                    81:20:15:b6:5c:51:9a:87:f4:3e:30:b1:84:c7:77:
                    6b:11:28:cd:a7:fe:b2:0b:1a:62:80:e5:99:71:65:
                    29:32:f8:c1:63:bb:3a:00:3c:a7:d1:c4:96:eb:e6:
                    ba:72:39:02:23:3b:43:3c:eb:f1:cc:c2:3c:f0:b0:
                    6c:c0:9b:d8:c5:78:af:c1:2f:fe:cc:1c:ea:37:b4:
                    f6:fc:e4:4f:47:57:d8:03:1f:e2:ea:44:40:66:19:
                    0e:1a:f6:1c:31:8a:78:ed:d3:4f:f3:05:82:8b:af:
                    37:f6:1b:6f:93:db:bf:0f:ae:c2:1a:60:4d:f6:2a:
                    4b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:53:5B:47:A5:B2:AC:F6:3E:11:82:BD:76:1A:E5:59:3F:A7:78:C3
            X509v3 Authority Key Identifier:
                keyid:CE:1B:4F:43:67:B6:A5:5F:34:CA:98:1A:0D:6C:A7:58:3F:95:51:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CE1B4F4367B6A55F34CA981A0D6CA7583F9551CD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/1/326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a003:1111::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:54:99:5c:ce:0a:50:ac:b3:b7:3a:33:23:ce:ac:42:c5:cf:
         1a:83:53:70:96:ba:9b:2d:c6:c3:05:39:cb:a4:d4:16:e6:28:
         05:b9:d8:c1:47:fd:a7:8d:37:bf:21:7e:dc:0d:b0:ef:d6:8f:
         15:fc:75:eb:b2:cf:e3:d8:ee:f3:ba:81:a8:14:eb:5e:d9:a4:
         ad:51:82:7e:a8:e7:6f:98:03:d6:bf:2a:02:66:e3:81:37:94:
         12:e5:a8:f7:5d:8a:e3:05:33:18:d3:93:99:c5:c3:08:21:69:
         51:65:93:d3:62:1f:c2:79:b7:63:b3:c8:a1:22:18:cb:a1:6a:
         8e:29:63:5e:68:c6:e2:2f:6e:d6:31:df:73:df:84:b0:ce:ce:
         97:15:10:01:ba:62:1e:4d:27:52:23:5a:d6:93:40:f4:53:4b:
         b2:bb:7a:b3:6d:c4:ad:ae:64:0c:9a:cc:c1:3d:b2:11:b3:fd:
         78:96:b1:44:10:28:6d:45:83:7b:cd:66:0d:cb:ff:79:66:dd:
         56:f6:de:c6:5d:5a:85:74:40:68:77:98:9f:25:cf:43:b0:2c:
         2c:1a:c4:20:2d:6b:51:42:b9:8f:15:6a:f5:0e:3c:2d:8b:b0:
         17:eb:3c:73:8a:7f:c0:c9:0f:2f:03:48:5a:9c:bb:8a:48:22:
         13:5f:71:df
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUNiUd0g+OpM84Da6NScmbEuRZMZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0UxQjRGNDM2N0I2QTU1RjM0Q0E5ODFBMEQ2Q0E3NTgz
Rjk1NTFDRDAeFw0yNDA5MTAxOTEwMjFaFw0yNTA5MDkxOTE1MjFaMDMxMTAvBgNV
BAMTKDlCNTM1QjQ3QTVCMkFDRjYzRTExODJCRDc2MUFFNTU5M0ZBNzc4QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKzwpYN4KBz2bw8yJgSh3eYRGa
ADbGy8CIEU1CET2VynUYUpDjGVLIKmwlRdcbFaAx42Gkjp9FOx/5LJG6sB6r/Feo
JcX/Fqmnw2aoNnFJPtEhIRs0XuElHJyRWxJ6p2pZj3dcSe0UT3TV3c4Zg1wTeZlV
8MPu33sqBEaZhaDq+NdGM/J7lIEgFbZcUZqH9D4wsYTHd2sRKM2n/rILGmKA5Zlx
ZSky+MFjuzoAPKfRxJbr5rpyOQIjO0M86/HMwjzwsGzAm9jFeK/BL/7MHOo3tPb8
5E9HV9gDH+LqREBmGQ4a9hwxinjt00/zBYKLrzf2G2+T278PrsIaYE32KktJAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUm1NbR6WyrPY+EYK9dhrlWT+neMMwHwYDVR0j
BBgwFoAUzhtPQ2e2pV80ypgaDWynWD+VUc0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1
Y2U3LzEvQ0UxQjRGNDM2N0I2QTU1RjM0Q0E5ODFBMEQ2Q0E3NTgzRjk1NTFDRC5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0UxQjRGNDM2N0I2QTU1RjM0Q0E5ODFBMEQ2Q0E3NTgzRjk1
NTFDRC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYt
MzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1Y2U3LzEvMzI2MTMwMzYzYTYxMzAzMDMz
M2EzMTMxMzEzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMDM2MzczNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoGoAMRETANBgkqhkiG9w0BAQsFAAOCAQEAd1SZXM4KUKyztzoz
I86sQsXPGoNTcJa6my3GwwU5y6TUFuYoBbnYwUf9p403vyF+3A2w79aPFfx167LP
49ju87qBqBTrXtmkrVGCfqjnb5gD1r8qAmbjgTeUEuWo912K4wUzGNOTmcXDCCFp
UWWT02Ifwnm3Y7PIoSIYy6FqjiljXmjG4i9u1jHfc9+EsM7OlxUQAbpiHk0nUiNa
1pNA9FNLsrt6s23Era5kDJrMwT2yEbP9eJaxRBAobUWDe81mDcv/eWbdVvbexl1a
hXRAaHeYnyXPQ7AsLBrEIC1rUUK5jxVq9Q48LYuwF+s8c4p/wMkPLwNIWpy7ikgi
E19x3w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:34 2024 by rpki-client on console-fra.rpki-client.org