Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616335303a3a2f34342d3434203d3e20323135303339.roa
File:                     326130613a363034343a616335303a3a2f34342d3434203d3e20323135303339.roa (raw, json)
Hash identifier:          625MNiD2L6P4dy70CuXdQWQIDTS3oHf0F77tXab52CI=
Subject key identifier:   E0:CE:48:62:48:13:F8:99:F2:D7:E5:22:53:FA:06:4B:BC:B0:8E:48
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       7687E2BD65761664C19AB2F43C3E17E376A72A85
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616335303a3a2f34342d3434203d3e20323135303339.roa
Signing time:             Wed 15 May 2024 12:52:08 +0000
ROA not before:           Wed 15 May 2024 12:47:08 +0000
ROA not after:            Wed 14 May 2025 12:52:08 +0000
asID:                     215039
IP address blocks:        2a0a:6044:ac50::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:87:e2:bd:65:76:16:64:c1:9a:b2:f4:3c:3e:17:e3:76:a7:2a:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 15 12:47:08 2024 GMT
            Not After : May 14 12:52:08 2025 GMT
        Subject: CN=E0CE48624813F899F2D7E52253FA064BBCB08E48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:20:32:b4:d6:a7:69:e9:47:d8:46:5d:dc:a4:
                    76:0d:d2:08:2c:75:03:1c:f7:87:8c:9f:42:7a:ff:
                    2f:56:e5:e4:56:0c:e3:54:df:85:b5:ca:5d:24:ac:
                    14:8f:b7:3f:c3:6f:28:9e:c5:d0:f9:5a:ef:60:70:
                    e7:43:85:c5:14:bd:12:09:69:d9:1c:c0:36:b2:a1:
                    26:ed:a2:60:d6:0a:65:29:5d:f7:81:6b:95:f1:ab:
                    74:b5:0d:47:9f:6d:5e:22:34:ee:6f:25:82:79:5a:
                    7b:63:f9:05:b7:ed:ca:03:d9:09:3a:df:3c:ce:1a:
                    8e:b0:cd:f8:ea:de:95:7d:6f:a5:f0:94:4a:57:c6:
                    0a:a4:76:bc:c7:40:f2:1d:f9:74:b1:6d:9a:25:d4:
                    bd:ce:fe:07:43:dc:b5:e8:4b:13:ac:a6:e6:9b:b4:
                    cc:67:bd:36:56:34:8b:4e:6b:07:3f:6b:96:da:3b:
                    6b:08:0e:42:6f:7a:65:b9:e4:8c:cf:07:f3:3e:18:
                    0f:33:84:ad:02:34:26:e1:ad:d3:0c:20:bb:57:59:
                    c6:ed:44:b0:5c:36:07:cd:e4:24:3f:20:90:45:2d:
                    2a:28:93:9a:28:fd:34:dd:02:f2:93:e8:42:e2:49:
                    14:ee:b5:17:03:f1:85:58:f5:1f:7d:98:c5:62:89:
                    e9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:CE:48:62:48:13:F8:99:F2:D7:E5:22:53:FA:06:4B:BC:B0:8E:48
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616335303a3a2f34342d3434203d3e20323135303339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:ac50::/44

    Signature Algorithm: sha256WithRSAEncryption
         11:15:6c:fd:b0:1a:5f:19:c6:4a:2c:24:47:7b:64:b9:00:69:
         b0:b1:ba:0a:84:a8:a5:21:2b:ea:68:0d:3b:72:47:e3:8a:e5:
         ae:9f:96:8d:dc:c4:2f:c0:45:42:29:c8:88:36:bd:34:25:4d:
         f4:c1:e3:20:57:89:29:ae:67:c0:21:b6:5a:38:f1:ee:88:90:
         10:35:50:67:b9:d1:8d:e6:60:6a:9b:b3:10:21:fe:27:94:6a:
         a8:88:0b:54:1a:6b:db:cd:79:1e:6b:fe:60:7c:e0:6c:00:10:
         24:30:4e:fd:98:d8:32:26:f7:8b:19:6c:9f:43:7f:fc:80:00:
         cf:3b:72:8d:a3:90:c6:b7:95:8d:05:e7:de:b3:14:02:c4:af:
         ab:2c:33:fa:e3:42:f4:2e:1d:cf:9f:82:97:45:32:a1:29:d5:
         9f:d1:1a:07:9d:4f:9a:3b:ac:25:ee:da:ce:6c:05:58:cc:ab:
         e2:b7:18:4b:27:9a:47:05:54:0e:19:0a:0d:48:d6:3c:9c:47:
         a7:c9:3f:88:aa:53:dd:2d:06:2f:a2:c2:74:f9:e7:e1:ba:32:
         75:c2:03:61:31:e7:b6:2d:0a:3d:73:53:41:e3:b9:76:b3:e1:
         5d:85:57:78:06:68:72:e3:0b:33:44:b0:3b:fd:22:77:4e:1c:
         47:a5:8e:dd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUdofivWV2FmTBmrL0PD4X43anKoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MTUxMjQ3MDhaFw0yNTA1MTQxMjUyMDhaMDMxMTAvBgNV
BAMTKEUwQ0U0ODYyNDgxM0Y4OTlGMkQ3RTUyMjUzRkEwNjRCQkNCMDhFNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/IDK01qdp6UfYRl3cpHYN0ggs
dQMc94eMn0J6/y9W5eRWDONU34W1yl0krBSPtz/DbyiexdD5Wu9gcOdDhcUUvRIJ
adkcwDayoSbtomDWCmUpXfeBa5Xxq3S1DUefbV4iNO5vJYJ5Wntj+QW37coD2Qk6
3zzOGo6wzfjq3pV9b6XwlEpXxgqkdrzHQPId+XSxbZol1L3O/gdD3LXoSxOspuab
tMxnvTZWNItOawc/a5baO2sIDkJvemW55IzPB/M+GA8zhK0CNCbhrdMMILtXWcbt
RLBcNgfN5CQ/IJBFLSook5oo/TTdAvKT6ELiSRTutRcD8YVY9R99mMViienZAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU4M5IYkgT+Jny1+UiU/oGS7ywjkgwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYzMzUzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMyMzEzNTMwMzMzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoKYESsUDANBgkqhkiG9w0BAQsFAAOCAQEAERVs/bAaXxnGSiwk
R3tkuQBpsLG6CoSopSEr6mgNO3JH44rlrp+WjdzEL8BFQinIiDa9NCVN9MHjIFeJ
Ka5nwCG2Wjjx7oiQEDVQZ7nRjeZgapuzECH+J5RqqIgLVBpr2815Hmv+YHzgbAAQ
JDBO/ZjYMib3ixlsn0N//IAAzztyjaOQxreVjQXn3rMUAsSvqywz+uNC9C4dz5+C
l0UyoSnVn9EaB51PmjusJe7azmwFWMyr4rcYSyeaRwVUDhkKDUjWPJxHp8k/iKpT
3S0GL6LCdPnn4boydcIDYTHnti0KPXNTQeO5drPhXYVXeAZocuMLM0SwO/0id04c
R6WO3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:43:32 2024 by rpki-client on console-fra.rpki-client.org