Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130353a3a2f34382d3438203d3e20323134393038.roa
File:                     326130613a363034343a616130353a3a2f34382d3438203d3e20323134393038.roa (raw, json)
Hash identifier:          hBZvX/yM31RVbOkFztKvQWBzLsufQJkI79iB26V5Spc=
Subject key identifier:   89:4B:5C:22:EE:83:E8:ED:3C:A7:EE:DB:E5:BB:D2:36:3D:08:A7:70
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       5E8143EC692492BDFFA41943354D4088E9BABE4C
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130353a3a2f34382d3438203d3e20323134393038.roa
Signing time:             Tue 14 May 2024 13:46:27 +0000
ROA not before:           Tue 14 May 2024 13:41:27 +0000
ROA not after:            Tue 13 May 2025 13:46:27 +0000
asID:                     214908
IP address blocks:        2a0a:6044:aa05::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:81:43:ec:69:24:92:bd:ff:a4:19:43:35:4d:40:88:e9:ba:be:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 14 13:41:27 2024 GMT
            Not After : May 13 13:46:27 2025 GMT
        Subject: CN=894B5C22EE83E8ED3CA7EEDBE5BBD2363D08A770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:b5:6c:d9:c4:57:11:45:13:1a:0f:4e:3e:
                    0e:37:3d:e3:9c:95:a4:0e:ff:bd:70:fa:59:97:e4:
                    3e:6c:a3:5a:b3:d1:f9:c6:13:4a:27:c1:9f:1c:d3:
                    97:c1:ad:74:50:22:3d:2a:10:ae:43:32:1b:0f:11:
                    c7:c8:c7:5b:4b:8d:3a:35:cf:66:67:9e:df:50:3e:
                    ec:b6:16:5b:08:a3:52:08:56:df:a5:60:d5:0e:47:
                    4d:95:18:b5:7a:1a:73:f2:60:cb:36:6a:e8:35:7c:
                    f4:84:bc:54:71:84:d2:8c:cd:0b:89:29:73:a4:ce:
                    38:9a:a3:44:f7:96:91:48:6c:d7:37:ec:75:74:6c:
                    35:8a:68:cc:e3:8e:79:30:99:55:5b:30:1c:e3:d2:
                    04:3d:ab:f8:25:66:94:6e:51:5c:a4:f6:00:e9:eb:
                    8f:51:37:88:4c:4c:a1:71:db:83:89:9f:a9:43:e8:
                    ad:80:72:55:d8:11:9d:15:d4:98:e1:06:b0:f3:43:
                    a6:da:41:82:43:5f:93:b4:70:12:50:10:fc:a1:4d:
                    29:28:ba:73:52:39:36:c0:98:d1:89:f2:80:0c:78:
                    cf:e5:95:d6:26:6c:d0:40:91:07:fd:26:e2:d6:2e:
                    c9:ca:4d:a8:0b:50:e3:97:f2:9b:ea:19:e9:ba:bb:
                    a9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:4B:5C:22:EE:83:E8:ED:3C:A7:EE:DB:E5:BB:D2:36:3D:08:A7:70
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130353a3a2f34382d3438203d3e20323134393038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aa05::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:c0:28:4a:81:78:be:e3:c5:2b:02:77:c8:45:ea:d1:9b:c9:
         33:86:af:33:33:4b:79:97:d5:80:81:31:3d:5c:7c:76:78:da:
         5a:15:60:9f:0d:0e:10:4c:54:32:2d:c4:ec:73:7f:25:32:b3:
         a7:5f:31:fe:de:f3:b6:bc:85:ee:bd:13:66:1a:12:da:7f:38:
         5c:89:3d:f8:f9:c4:c6:35:ab:2d:3e:2c:05:14:87:4e:f5:4a:
         20:1c:6e:a6:21:80:d7:37:3b:bb:43:95:8e:30:66:28:12:40:
         db:38:a2:35:02:a5:6d:18:10:83:29:08:90:93:d1:30:d4:d9:
         b9:b6:d9:c0:04:03:b2:c2:fd:c3:9a:c8:46:93:d1:9c:5e:47:
         dd:ef:bc:a2:f6:66:af:4d:e0:31:31:b8:5b:e9:24:00:8d:11:
         e1:2f:8c:4b:f7:1d:57:12:82:d0:a0:ad:4b:5e:28:e2:97:33:
         5a:7e:65:c8:79:37:0f:56:02:98:cb:32:41:70:1c:9a:f7:43:
         88:34:55:14:e2:9d:a3:61:c5:40:ba:48:7b:64:49:f9:e9:98:
         3d:d7:26:0c:11:fe:6c:63:47:c4:d0:c7:4c:1e:53:78:dd:c0:
         75:60:7b:b8:cf:c1:c2:90:71:a1:de:de:63:05:bd:11:d0:66:
         67:82:0e:20
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUXoFD7Gkkkr3/pBlDNU1AiOm6vkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MTQxMzQxMjdaFw0yNTA1MTMxMzQ2MjdaMDMxMTAvBgNV
BAMTKDg5NEI1QzIyRUU4M0U4RUQzQ0E3RUVEQkU1QkJEMjM2M0QwOEE3NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/j7Vs2cRXEUUTGg9OPg43PeOc
laQO/71w+lmX5D5so1qz0fnGE0onwZ8c05fBrXRQIj0qEK5DMhsPEcfIx1tLjTo1
z2Znnt9QPuy2FlsIo1IIVt+lYNUOR02VGLV6GnPyYMs2aug1fPSEvFRxhNKMzQuJ
KXOkzjiao0T3lpFIbNc37HV0bDWKaMzjjnkwmVVbMBzj0gQ9q/glZpRuUVyk9gDp
649RN4hMTKFx24OJn6lD6K2AclXYEZ0V1JjhBrDzQ6baQYJDX5O0cBJQEPyhTSko
unNSOTbAmNGJ8oAMeM/lldYmbNBAkQf9JuLWLsnKTagLUOOX8pvqGem6u6mzAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUiUtcIu6D6O08p+7b5bvSNj0Ip3AwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYxMzAzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzAzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoKYESqBTANBgkqhkiG9w0BAQsFAAOCAQEAgMAoSoF4vuPFKwJ3
yEXq0ZvJM4avMzNLeZfVgIExPVx8dnjaWhVgnw0OEExUMi3E7HN/JTKzp18x/t7z
tryF7r0TZhoS2n84XIk9+PnExjWrLT4sBRSHTvVKIBxupiGA1zc7u0OVjjBmKBJA
2ziiNQKlbRgQgykIkJPRMNTZubbZwAQDssL9w5rIRpPRnF5H3e+8ovZmr03gMTG4
W+kkAI0R4S+MS/cdVxKC0KCtS14o4pczWn5lyHk3D1YCmMsyQXAcmvdDiDRVFOKd
o2HFQLpIe2RJ+emYPdcmDBH+bGNHxNDHTB5TeN3AdWB7uM/BwpBxod7eYwW9EdBm
Z4IOIA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:42:15 2024 by rpki-client on console-ams.rpki-client.org