Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a623135303a3a2f34342d3434203d3e20323136303532.roa
File:                     326130363a313238333a623135303a3a2f34342d3434203d3e20323136303532.roa (raw, json)
Hash identifier:          EHV0LY45mo7uUXKCRrVt/g4hybeHUuI+Loub55NUpiw=
Subject key identifier:   CE:1D:92:66:8D:16:E1:AF:5D:0B:CC:D6:6D:49:94:1C:A2:B6:2D:B1
Certificate issuer:       /CN=20595BDBAD09C7D604202305854D1DF14F190959
Certificate serial:       14C5401B7A3264BE4CDD04EB3269DD9CD0466C09
Authority key identifier: 20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a623135303a3a2f34342d3434203d3e20323136303532.roa
Signing time:             Sun 15 Sep 2024 14:36:45 +0000
ROA not before:           Sun 15 Sep 2024 14:31:45 +0000
ROA not after:            Sun 14 Sep 2025 14:36:45 +0000
asID:                     216052
IP address blocks:        2a06:1283:b150::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/20595BDBAD09C7D604202305854D1DF14F190959.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/20595BDBAD09C7D604202305854D1DF14F190959.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:c5:40:1b:7a:32:64:be:4c:dd:04:eb:32:69:dd:9c:d0:46:6c:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20595BDBAD09C7D604202305854D1DF14F190959
        Validity
            Not Before: Sep 15 14:31:45 2024 GMT
            Not After : Sep 14 14:36:45 2025 GMT
        Subject: CN=CE1D92668D16E1AF5D0BCCD66D49941CA2B62DB1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b1:a7:23:d4:f7:5b:c0:35:25:ff:79:bd:fd:
                    00:b9:7b:b1:39:33:a7:73:d4:45:e8:e2:84:60:86:
                    4e:21:a1:4b:a1:9d:16:0e:98:8c:b8:ca:58:85:a7:
                    7d:b2:cd:a4:7e:14:4c:44:15:e9:ed:2d:86:a2:93:
                    77:b6:5e:67:ca:7b:8c:fb:b2:d2:fb:96:1d:b7:ba:
                    60:88:af:cd:27:21:82:4e:8d:20:c1:99:f7:d5:53:
                    54:f8:ba:4d:39:50:a9:c4:9a:c9:be:66:70:15:b2:
                    15:63:4c:28:5b:c3:e0:2c:da:d7:91:2e:8c:16:fb:
                    62:a9:17:b3:b5:d2:a5:3c:63:af:ed:5b:62:a9:74:
                    52:42:3a:86:a6:5f:a2:4d:86:af:c8:e9:a8:62:56:
                    1f:9f:c3:bf:ab:1c:0c:f4:95:11:02:79:0a:ab:8e:
                    21:61:b7:de:be:50:f1:d9:6c:61:21:df:99:92:ad:
                    da:09:a8:5e:13:84:4b:e2:1c:dd:40:05:b5:9e:f5:
                    c6:2b:94:9c:15:9b:a8:9c:f9:47:4d:aa:e6:c9:22:
                    61:40:c8:44:e3:2a:82:19:e6:95:1b:ef:27:77:de:
                    f3:4f:cf:cd:ed:2b:a2:b2:b0:5d:96:7f:a4:79:fe:
                    4e:76:e7:cb:71:0c:be:33:fe:f4:54:32:66:53:6b:
                    de:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:1D:92:66:8D:16:E1:AF:5D:0B:CC:D6:6D:49:94:1C:A2:B6:2D:B1
            X509v3 Authority Key Identifier:
                keyid:20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/20595BDBAD09C7D604202305854D1DF14F190959.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a623135303a3a2f34342d3434203d3e20323136303532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:b150::/44

    Signature Algorithm: sha256WithRSAEncryption
         64:01:2e:f1:47:01:11:28:d8:44:5e:35:57:9e:6e:25:d0:15:
         03:bb:a9:23:08:b7:b1:48:ce:5f:dc:d3:e9:e0:0d:f6:f7:41:
         6c:d6:0d:d9:a5:0c:a3:65:af:71:28:a6:5d:73:54:21:c7:34:
         94:9e:29:e1:05:39:7d:f7:74:86:4c:4f:15:9a:56:9e:74:ea:
         41:43:b5:c2:80:41:3d:05:bd:d4:9e:05:0f:f7:ec:a0:24:58:
         0a:ef:ef:d7:cc:d7:73:84:99:fc:ec:a0:18:c0:f5:93:7b:36:
         f7:d0:8a:54:7a:71:f3:b2:4d:7a:79:78:54:b8:14:f6:d2:d3:
         1d:8b:37:f9:f3:4f:8f:7b:e3:0d:c0:8d:d5:7c:ca:8a:2e:68:
         f3:ac:05:0a:a2:36:95:47:d7:72:4a:f3:56:4c:af:52:d5:f8:
         30:9b:de:cb:56:2f:46:06:42:ea:74:c9:5e:39:2d:54:34:9c:
         cf:fe:5a:4f:01:b6:de:65:c7:0f:83:22:e0:a2:dc:2a:40:9d:
         cc:c1:ab:fa:92:92:79:4b:11:84:b6:71:10:a2:2e:7d:25:fe:
         0c:f2:6d:97:0d:87:07:e7:9b:e0:69:86:9e:aa:80:f5:51:6a:
         40:ac:8d:97:88:e5:79:2c:3c:6b:c9:45:c6:2e:61:4e:b6:5a:
         4b:ca:4b:07
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUFMVAG3oyZL5M3QTrMmndnNBGbAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0
RjE5MDk1OTAeFw0yNDA5MTUxNDMxNDVaFw0yNTA5MTQxNDM2NDVaMDMxMTAvBgNV
BAMTKENFMUQ5MjY2OEQxNkUxQUY1RDBCQ0NENjZENDk5NDFDQTJCNjJEQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnsacj1PdbwDUl/3m9/QC5e7E5
M6dz1EXo4oRghk4hoUuhnRYOmIy4yliFp32yzaR+FExEFentLYaik3e2XmfKe4z7
stL7lh23umCIr80nIYJOjSDBmffVU1T4uk05UKnEmsm+ZnAVshVjTChbw+As2teR
LowW+2KpF7O10qU8Y6/tW2KpdFJCOoamX6JNhq/I6ahiVh+fw7+rHAz0lRECeQqr
jiFht96+UPHZbGEh35mSrdoJqF4ThEviHN1ABbWe9cYrlJwVm6ic+UdNqubJImFA
yETjKoIZ5pUb7yd33vNPz83tK6KysF2Wf6R5/k5258txDL4z/vRUMmZTa94jAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUzh2SZo0W4a9dC8zWbUmUHKK2LbEwHwYDVR0j
BBgwFoAUIFlb260Jx9YEICMFhU0d8U8ZCVkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzEvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5MDk1OS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5
MDk1OS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMt
MjA1OC00M2JiLTlhYzYtNWFiNDJkZmJmNDA5LzEvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MjMxMzUzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzEzNjMwMzUzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoGEoOxUDANBgkqhkiG9w0BAQsFAAOCAQEAZAEu8UcBESjYRF41
V55uJdAVA7upIwi3sUjOX9zT6eAN9vdBbNYN2aUMo2WvcSimXXNUIcc0lJ4p4QU5
ffd0hkxPFZpWnnTqQUO1woBBPQW91J4FD/fsoCRYCu/v18zXc4SZ/OygGMD1k3s2
99CKVHpx87JNenl4VLgU9tLTHYs3+fNPj3vjDcCN1XzKii5o86wFCqI2lUfXckrz
VkyvUtX4MJvey1YvRgZC6nTJXjktVDScz/5aTwG23mXHD4Mi4KLcKkCdzMGr+pKS
eUsRhLZxEKIufSX+DPJtlw2HB+eb4GmGnqqA9VFqQKyNl4jleSw8a8lFxi5hTrZa
S8pLBw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org