Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa
File:                     326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa (raw, json)
Hash identifier:          YOFjeZRLDPrV9QhbKkv0Ofp7f7g3XrRID9F3WK+6y3Y=
Subject key identifier:   5E:41:C5:08:EE:FA:DC:19:22:26:C2:30:41:A2:3C:EB:55:9E:35:6A
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       3A1323B9517ADA2248CDAE195E04B525A81323D6
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa
Signing time:             Fri 26 Jan 2024 19:46:08 +0000
ROA not before:           Fri 26 Jan 2024 19:41:08 +0000
ROA not after:            Fri 24 Jan 2025 19:46:08 +0000
asID:                     197963
IP address blocks:        2a0a:6044:aa00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:13:23:b9:51:7a:da:22:48:cd:ae:19:5e:04:b5:25:a8:13:23:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Jan 26 19:41:08 2024 GMT
            Not After : Jan 24 19:46:08 2025 GMT
        Subject: CN=5E41C508EEFADC192226C23041A23CEB559E356A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:88:2e:a5:32:45:c0:12:be:b5:c5:d4:d2:10:
                    c4:97:15:1f:b5:80:c2:14:9f:5f:15:08:e6:7e:cd:
                    86:44:1e:c4:e8:9f:16:d6:6b:19:99:fa:ac:aa:b7:
                    5e:72:f8:7e:62:8c:18:b7:76:e3:2e:9e:60:2b:a3:
                    9b:24:24:43:61:64:38:8b:dc:d4:ea:51:53:e0:f5:
                    a0:cb:4c:c6:ba:de:ee:b0:57:76:98:77:69:b2:1e:
                    16:98:a5:24:4b:4e:7d:e5:fa:b7:18:dd:5d:59:92:
                    e0:5b:66:bb:48:f3:b1:e2:91:b4:60:99:c6:13:1c:
                    84:22:78:b3:28:a5:22:c2:23:ce:f2:cc:a0:49:27:
                    94:15:21:2d:fa:f5:62:91:50:37:d6:54:68:24:6a:
                    59:e5:82:8a:47:09:ba:36:73:af:f9:26:70:8b:ea:
                    6b:dd:86:ad:e5:9f:cb:47:3a:c4:57:ec:95:ac:d6:
                    7b:7e:63:b9:9d:c3:be:d9:8f:d9:b1:ae:7c:af:6b:
                    82:c8:d3:73:99:cf:08:99:da:8d:59:5a:71:51:15:
                    64:77:af:fd:81:53:d2:93:f2:52:7b:bd:06:43:26:
                    f6:9d:7a:a9:ca:54:19:7f:ff:2c:1f:b2:ad:ce:1c:
                    d7:1e:15:d3:0f:43:60:81:0a:bc:7d:fd:a5:60:8a:
                    3c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:41:C5:08:EE:FA:DC:19:22:26:C2:30:41:A2:3C:EB:55:9E:35:6A
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130303a3a2f34382d3438203d3e20313937393633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aa00::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:04:20:f0:99:50:78:3c:0b:d5:34:68:5f:72:95:f0:9e:87:
         45:0c:18:70:77:46:ee:a1:e8:d4:b2:9c:de:41:5c:ac:91:4c:
         cf:61:8a:52:d9:bd:e0:26:47:a6:23:21:bb:84:f8:b9:66:54:
         ac:fd:24:84:81:c3:dc:04:6e:83:7d:65:1a:b9:8d:d2:05:16:
         b0:27:1f:c4:59:f6:69:30:56:61:ae:3c:6b:08:d6:96:79:ce:
         c1:68:78:22:28:4f:44:f2:2a:c8:cd:a4:b2:31:a3:8e:0c:ba:
         54:b3:42:5c:2c:1a:69:7f:b8:e6:09:67:fe:04:4a:11:7d:27:
         54:e3:59:ab:26:3c:1b:ba:95:96:03:f7:27:83:3d:bf:3d:da:
         88:5f:81:24:63:5d:32:d2:fd:3c:25:84:b9:b9:9d:00:2a:d1:
         c9:90:53:0f:3d:5b:f4:9b:ba:1d:d0:20:09:46:c1:4e:e5:2f:
         d7:08:a7:fa:41:d7:b9:88:fd:57:6f:e5:d0:38:81:4e:67:5d:
         0c:2c:84:28:67:a1:61:a3:09:52:b5:e3:ed:b2:8a:af:6b:c4:
         95:bf:3e:7b:50:d6:05:51:90:9d:8c:83:db:0b:8b:80:58:eb:
         78:a6:f2:9b:f7:b1:85:aa:84:3d:65:a2:28:d1:a6:47:e3:b6:
         21:82:2c:b9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUOhMjuVF62iJIza4ZXgS1JagTI9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDAxMjYxOTQxMDhaFw0yNTAxMjQxOTQ2MDhaMDMxMTAvBgNV
BAMTKDVFNDFDNTA4RUVGQURDMTkyMjI2QzIzMDQxQTIzQ0VCNTU5RTM1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDciC6lMkXAEr61xdTSEMSXFR+1
gMIUn18VCOZ+zYZEHsTonxbWaxmZ+qyqt15y+H5ijBi3duMunmAro5skJENhZDiL
3NTqUVPg9aDLTMa63u6wV3aYd2myHhaYpSRLTn3l+rcY3V1ZkuBbZrtI87HikbRg
mcYTHIQieLMopSLCI87yzKBJJ5QVIS369WKRUDfWVGgkalnlgopHCbo2c6/5JnCL
6mvdhq3ln8tHOsRX7JWs1nt+Y7mdw77Zj9mxrnyva4LI03OZzwiZ2o1ZWnFRFWR3
r/2BU9KT8lJ7vQZDJvadeqnKVBl//ywfsq3OHNceFdMPQ2CBCrx9/aVgijztAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUXkHFCO763BkiJsIwQaI861WeNWowHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzNzM5MzYzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoKYESqADANBgkqhkiG9w0BAQsFAAOCAQEAbQQg8JlQeDwL1TRo
X3KV8J6HRQwYcHdG7qHo1LKc3kFcrJFMz2GKUtm94CZHpiMhu4T4uWZUrP0khIHD
3ARug31lGrmN0gUWsCcfxFn2aTBWYa48awjWlnnOwWh4IihPRPIqyM2ksjGjjgy6
VLNCXCwaaX+45gln/gRKEX0nVONZqyY8G7qVlgP3J4M9vz3aiF+BJGNdMtL9PCWE
ubmdACrRyZBTDz1b9Ju6HdAgCUbBTuUv1win+kHXuYj9V2/l0DiBTmddDCyEKGeh
YaMJUrXj7bKKr2vElb8+e1DWBVGQnYyD2wuLgFjreKbym/exhaqEPWWiKNGmR+O2
IYIsuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:40:51 2024 by rpki-client on console-ams.rpki-client.org