Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613930303a3a2f34302d3438203d3e20323136303532.roa
File:                     326130613a363034343a613930303a3a2f34302d3438203d3e20323136303532.roa (raw, json)
Hash identifier:          d2ZYtVZEXxXvByc4itkAm3sCJxBpSoLF7oaYZ4HjfyY=
Subject key identifier:   6D:E2:6B:15:67:1A:68:25:8E:5A:04:3F:75:1F:D2:1D:93:05:CC:FD
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       51F5B56405BA05A3F9CDD0F7FC2CE0E421DCC109
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613930303a3a2f34302d3438203d3e20323136303532.roa
Signing time:             Sat 04 May 2024 17:56:56 +0000
ROA not before:           Sat 04 May 2024 17:51:56 +0000
ROA not after:            Sat 03 May 2025 17:56:56 +0000
asID:                     216052
IP address blocks:        2a0a:6044:a900::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:f5:b5:64:05:ba:05:a3:f9:cd:d0:f7:fc:2c:e0:e4:21:dc:c1:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May  4 17:51:56 2024 GMT
            Not After : May  3 17:56:56 2025 GMT
        Subject: CN=6DE26B15671A68258E5A043F751FD21D9305CCFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2c:41:69:7a:24:b1:29:32:e1:d5:90:0e:41:
                    f0:c8:34:a1:7e:76:78:61:47:23:d1:06:f6:4b:39:
                    02:6b:c3:d4:8e:eb:6b:cd:04:a4:f7:72:fa:4f:80:
                    84:78:5c:c1:77:37:3c:7f:87:ba:e1:73:6e:fc:1d:
                    d5:fe:a6:08:76:dc:9d:63:d1:4a:ec:08:61:0c:97:
                    70:54:a1:7f:40:08:7b:f9:de:7a:96:ad:9b:4b:1a:
                    9e:e1:83:73:cb:87:4f:5b:61:e5:39:52:55:3e:95:
                    64:71:58:41:ef:fd:ee:4d:9b:d4:89:06:28:01:5c:
                    01:14:75:5c:8a:4a:9e:a0:fd:16:f6:63:55:86:e4:
                    12:ae:33:fe:b2:4c:9c:31:05:50:8f:19:7e:96:ab:
                    7b:8c:63:0f:47:29:16:bd:9c:62:ef:7f:13:1f:f8:
                    6a:66:87:96:e5:bc:31:73:7b:d9:14:86:4a:31:1f:
                    7d:28:c7:df:e6:9b:b5:c0:12:62:78:c3:52:35:10:
                    c1:47:18:ac:b1:49:d3:e3:61:18:a4:ec:83:4e:ba:
                    3e:7b:dc:a3:c6:d4:fe:72:12:01:d0:24:26:b9:9d:
                    63:25:5d:04:8b:a0:14:00:07:9e:df:d3:92:88:b2:
                    6f:ae:83:15:74:47:07:ee:06:da:f1:cd:12:2e:a6:
                    f8:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:E2:6B:15:67:1A:68:25:8E:5A:04:3F:75:1F:D2:1D:93:05:CC:FD
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a613930303a3a2f34302d3438203d3e20323136303532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a900::/40

    Signature Algorithm: sha256WithRSAEncryption
         b6:89:85:fe:65:74:29:e0:10:e5:af:07:f9:40:e3:ce:aa:73:
         f2:78:4e:83:e0:06:fb:46:29:d2:e2:67:36:28:8d:5c:ce:ce:
         15:48:1b:45:21:bc:c8:e9:dd:b4:99:79:65:2a:7c:61:30:29:
         aa:c6:8a:d3:34:81:2e:4d:e1:db:99:85:07:d5:ab:63:d3:76:
         88:4c:ca:52:ae:97:78:12:03:e9:b0:6a:3a:48:24:61:f4:6c:
         4c:eb:fe:1a:c7:4e:e0:f7:70:7f:09:97:52:c2:75:ac:01:4a:
         5f:f2:ce:43:ae:6c:8f:a8:03:8d:6d:a6:e1:9a:27:29:b2:67:
         03:45:df:fe:94:c7:8b:58:f8:51:7b:17:60:58:3b:3e:ff:7c:
         c4:ec:5a:39:14:a3:0c:46:ec:b6:0a:57:bd:bf:c0:28:86:0a:
         5a:8f:dd:f0:5c:56:50:36:ad:ac:29:3f:81:77:2f:bf:8d:e2:
         45:c6:a2:a4:0d:7b:28:91:d1:10:b5:31:4f:e2:67:e0:21:e3:
         c7:22:61:7b:08:97:c3:92:d2:74:b5:4e:00:f5:47:97:2b:d7:
         30:bf:73:35:b3:4c:68:60:53:3d:a4:bb:2b:92:bc:dd:7d:38:
         21:7e:e4:f2:f3:85:d1:c1:88:22:aa:7f:d3:76:8a:8a:9c:92:
         dd:ad:bd:80
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUUfW1ZAW6BaP5zdD3/Czg5CHcwQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MDQxNzUxNTZaFw0yNTA1MDMxNzU2NTZaMDMxMTAvBgNV
BAMTKDZERTI2QjE1NjcxQTY4MjU4RTVBMDQzRjc1MUZEMjFEOTMwNUNDRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbLEFpeiSxKTLh1ZAOQfDINKF+
dnhhRyPRBvZLOQJrw9SO62vNBKT3cvpPgIR4XMF3Nzx/h7rhc278HdX+pgh23J1j
0UrsCGEMl3BUoX9ACHv53nqWrZtLGp7hg3PLh09bYeU5UlU+lWRxWEHv/e5Nm9SJ
BigBXAEUdVyKSp6g/Rb2Y1WG5BKuM/6yTJwxBVCPGX6Wq3uMYw9HKRa9nGLvfxMf
+Gpmh5blvDFze9kUhkoxH30ox9/mm7XAEmJ4w1I1EMFHGKyxSdPjYRik7INOuj57
3KPG1P5yEgHQJCa5nWMlXQSLoBQAB57f05KIsm+ugxV0RwfuBtrxzRIupviVAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUbeJrFWcaaCWOWgQ/dR/SHZMFzP0wHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTM5MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNjMwMzUzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoKYESpMA0GCSqGSIb3DQEBCwUAA4IBAQC2iYX+ZXQp4BDlrwf5
QOPOqnPyeE6D4Ab7RinS4mc2KI1czs4VSBtFIbzI6d20mXllKnxhMCmqxorTNIEu
TeHbmYUH1atj03aITMpSrpd4EgPpsGo6SCRh9GxM6/4ax07g93B/CZdSwnWsAUpf
8s5DrmyPqAONbabhmicpsmcDRd/+lMeLWPhRexdgWDs+/3zE7Fo5FKMMRuy2Cle9
v8Aohgpaj93wXFZQNq2sKT+Bdy+/jeJFxqKkDXsokdEQtTFP4mfgIePHImF7CJfD
ktJ0tU4A9UeXK9cwv3M1s0xoYFM9pLsrkrzdfTghfuTy84XRwYgiqn/TdoqKnJLd
rb2A
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:40:51 2024 by rpki-client on console-ams.rpki-client.org