Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613630303a3a2f34302d3438203d3e20323135323734.roa
File:                     326130613a363034343a613630303a3a2f34302d3438203d3e20323135323734.roa (raw, json)
Hash identifier:          VnyzUbHNkJxMRbrwWfqj3iEi8yb8Kp2elDaAIoTP6jA=
Subject key identifier:   39:19:39:9F:AF:70:9A:26:F1:54:9E:7F:05:FC:60:A9:F8:77:C4:22
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       3FEEDA5807D2E15EDC70F1F12F24606BB511F31C
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613630303a3a2f34302d3438203d3e20323135323734.roa
Signing time:             Tue 16 Apr 2024 14:43:06 +0000
ROA not before:           Tue 16 Apr 2024 14:38:06 +0000
ROA not after:            Tue 15 Apr 2025 14:43:06 +0000
asID:                     215274
IP address blocks:        2a0a:6044:a600::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:ee:da:58:07:d2:e1:5e:dc:70:f1:f1:2f:24:60:6b:b5:11:f3:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Apr 16 14:38:06 2024 GMT
            Not After : Apr 15 14:43:06 2025 GMT
        Subject: CN=3919399FAF709A26F1549E7F05FC60A9F877C422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ec:f1:a5:5c:0c:96:ca:8b:43:5d:1b:58:74:
                    e3:d5:1e:35:52:ee:16:8a:63:9b:a7:40:b0:a0:3b:
                    14:2b:9d:a6:f0:09:dc:6f:09:9a:65:7a:fa:0d:2c:
                    f9:81:50:35:d0:1c:a4:9a:a7:e3:b4:10:c3:bb:e7:
                    f9:06:a6:9a:23:92:e0:82:8e:72:d7:d4:43:b8:3b:
                    67:bd:ae:41:13:92:49:33:90:6f:5b:f6:b2:bf:57:
                    28:99:e4:e7:25:7e:93:73:1c:99:c2:45:66:a0:eb:
                    05:b5:f6:75:f4:7c:b6:e5:20:e6:a2:a2:aa:b6:8f:
                    a1:2c:41:34:a3:e7:5e:d5:cd:51:e3:2a:27:f4:38:
                    8b:04:70:fc:bc:35:bf:01:8f:e8:16:bb:fc:79:56:
                    db:1e:6f:0e:fc:29:49:68:d3:9d:3d:8d:13:30:cf:
                    74:79:13:ab:1e:37:52:6a:22:be:88:72:5c:3e:6a:
                    3f:41:40:e7:b7:7a:76:27:4d:05:e9:f0:22:25:2b:
                    28:f4:f2:fa:1a:43:bd:24:86:19:80:a5:db:df:3d:
                    7b:8c:35:77:03:26:b5:c7:d1:50:5e:5b:aa:0c:ad:
                    9b:f9:7f:c8:26:a8:10:e5:01:3b:18:1c:f0:42:39:
                    2d:fe:58:1b:fd:a6:d4:68:0a:39:ad:e5:0f:1e:e1:
                    42:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:19:39:9F:AF:70:9A:26:F1:54:9E:7F:05:FC:60:A9:F8:77:C4:22
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613630303a3a2f34302d3438203d3e20323135323734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a600::/40

    Signature Algorithm: sha256WithRSAEncryption
         11:de:c9:eb:db:2f:ca:07:ef:b1:9c:81:f0:b4:6f:1f:e7:f9:
         8e:2a:cd:c5:98:2f:31:02:aa:09:23:09:05:3f:9a:28:ab:e4:
         c1:07:3d:16:c9:88:7d:04:7a:bb:3b:be:f0:6f:09:04:1e:9b:
         c8:01:4e:ba:8f:23:1f:93:14:10:f1:61:59:33:a2:a7:71:90:
         6c:07:27:55:b7:46:a1:47:75:30:4b:72:f7:4b:3a:58:52:14:
         04:62:11:9c:36:d5:4b:42:4c:37:4a:6b:c7:5d:ef:a3:05:fb:
         fa:d2:64:68:e1:e2:c0:ec:72:0b:7b:b9:75:e1:02:c5:c3:a7:
         25:56:49:4e:98:9b:10:e9:2a:68:e6:6c:67:3f:74:96:a8:f6:
         1d:e5:c3:3c:fd:b1:cf:19:7f:1c:e2:8d:2f:e7:be:84:a4:4e:
         b3:8f:e2:2a:fd:e4:70:da:d6:23:c1:eb:f7:96:0a:7a:a1:29:
         54:ff:dc:40:29:f2:ab:d9:e3:38:a2:40:7a:62:a0:91:14:e7:
         b6:c9:49:2a:da:6f:61:18:1a:0a:8b:ec:ef:d1:45:35:25:e9:
         14:ad:cb:48:72:16:23:2a:89:74:12:74:04:63:cd:a8:fc:0d:
         a1:5f:30:3a:bb:ad:54:04:fb:0a:a2:cf:48:04:ba:35:92:0a:
         e6:b3:f8:81
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUP+7aWAfS4V7ccPHxLyRga7UR8xwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA0MTYxNDM4MDZaFw0yNTA0MTUxNDQzMDZaMDMxMTAvBgNV
BAMTKDM5MTkzOTlGQUY3MDlBMjZGMTU0OUU3RjA1RkM2MEE5Rjg3N0M0MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7PGlXAyWyotDXRtYdOPVHjVS
7haKY5unQLCgOxQrnabwCdxvCZplevoNLPmBUDXQHKSap+O0EMO75/kGppojkuCC
jnLX1EO4O2e9rkETkkkzkG9b9rK/VyiZ5OclfpNzHJnCRWag6wW19nX0fLblIOai
oqq2j6EsQTSj517VzVHjKif0OIsEcPy8Nb8Bj+gWu/x5Vtsebw78KUlo0509jRMw
z3R5E6seN1JqIr6Iclw+aj9BQOe3enYnTQXp8CIlKyj08voaQ70khhmApdvfPXuM
NXcDJrXH0VBeW6oMrZv5f8gmqBDlATsYHPBCOS3+WBv9ptRoCjmt5Q8e4UKfAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUORk5n69wmibxVJ5/Bfxgqfh3xCIwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTM2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNTMyMzczNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoKYESmMA0GCSqGSIb3DQEBCwUAA4IBAQAR3snr2y/KB++xnIHw
tG8f5/mOKs3FmC8xAqoJIwkFP5ooq+TBBz0WyYh9BHq7O77wbwkEHpvIAU66jyMf
kxQQ8WFZM6KncZBsBydVt0ahR3UwS3L3SzpYUhQEYhGcNtVLQkw3SmvHXe+jBfv6
0mRo4eLA7HILe7l14QLFw6clVklOmJsQ6Spo5mxnP3SWqPYd5cM8/bHPGX8c4o0v
576EpE6zj+Iq/eRw2tYjwev3lgp6oSlU/9xAKfKr2eM4okB6YqCRFOe2yUkq2m9h
GBoKi+zv0UU1JekUrctIchYjKol0EnQEY82o/A2hXzA6u61UBPsKos9IBLo1kgrm
s/iB
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:40:51 2024 by rpki-client on console-ams.rpki-client.org