Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616630303a3a2f34302d3438203d3e203633313530.roa
File:                     326130613a363034343a616630303a3a2f34302d3438203d3e203633313530.roa (raw, json)
Hash identifier:          lUDZ9MuQKctY4d7hltv+qOUST9oKpX4XCkV9Z8aic8g=
Subject key identifier:   A1:C7:ED:64:90:4E:4D:A0:4D:AC:E5:6D:66:49:20:BB:14:94:85:55
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       3F0622384445F6CF052ACAB3677B958557A7649A
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616630303a3a2f34302d3438203d3e203633313530.roa
Signing time:             Thu 16 May 2024 15:56:37 +0000
ROA not before:           Thu 16 May 2024 15:51:37 +0000
ROA not after:            Thu 15 May 2025 15:56:37 +0000
asID:                     63150
IP address blocks:        2a0a:6044:af00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:06:22:38:44:45:f6:cf:05:2a:ca:b3:67:7b:95:85:57:a7:64:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 16 15:51:37 2024 GMT
            Not After : May 15 15:56:37 2025 GMT
        Subject: CN=A1C7ED64904E4DA04DACE56D664920BB14948555
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:b4:2f:d1:75:96:cc:28:2a:36:98:90:07:f6:
                    51:6f:ab:a6:31:9c:e1:4d:fd:c8:83:6d:b1:09:70:
                    c3:58:64:19:77:30:5a:6d:09:7e:c0:c6:e9:5e:08:
                    69:98:f7:ce:bc:b9:51:ff:4e:29:67:76:f7:fb:cf:
                    4b:1b:42:9c:ad:85:af:60:9c:80:74:a1:16:aa:2b:
                    63:60:60:9f:93:8f:11:24:1a:de:8a:6f:15:06:6e:
                    d7:6d:85:78:0f:1b:9d:2a:c1:41:10:f3:ce:68:4c:
                    33:eb:49:40:2b:86:5b:82:67:b0:da:30:75:ae:e1:
                    b9:fe:cc:c2:f9:19:96:2c:27:d7:2b:36:57:92:51:
                    69:2b:28:00:3e:42:3f:5c:3f:ee:c0:ea:89:c7:a9:
                    a8:73:9e:c2:da:a2:7c:58:a6:da:7c:d8:f4:b2:9b:
                    eb:30:bb:a2:ec:9a:d7:cb:c3:fc:7d:f5:d8:fe:11:
                    b9:3c:41:0f:5a:a7:da:87:fc:4d:2b:18:75:56:1a:
                    08:17:91:f3:59:20:98:17:8b:e5:1c:e1:7f:36:e5:
                    f5:45:0f:06:65:d6:ff:22:2c:ee:d5:f5:10:ab:14:
                    e2:9c:8a:0f:39:c1:5a:e2:61:84:2b:3a:2f:66:6a:
                    d2:4e:57:54:be:ad:15:9f:be:df:d4:60:5b:9a:59:
                    78:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C7:ED:64:90:4E:4D:A0:4D:AC:E5:6D:66:49:20:BB:14:94:85:55
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616630303a3a2f34302d3438203d3e203633313530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:af00::/40

    Signature Algorithm: sha256WithRSAEncryption
         6d:b9:8f:42:63:e0:bf:5c:96:15:e6:80:7d:5f:9c:53:6b:ef:
         41:83:8c:6b:38:c7:5e:13:6f:88:71:45:9c:e2:9e:71:55:d4:
         c0:e1:13:b7:e6:b0:56:e3:01:5f:eb:48:c1:f9:95:a1:cb:00:
         7c:45:6a:20:4d:e3:91:a6:d4:ca:ac:7f:c0:2e:a7:78:ec:76:
         05:96:ba:c3:ed:4e:f3:55:5c:90:36:19:f9:ba:03:9f:c7:69:
         36:63:2d:41:a3:bd:99:d8:36:8c:f9:d6:f2:ae:81:95:6b:c3:
         4f:c0:cf:1e:40:71:4a:ec:d3:2b:e2:47:d2:db:e0:91:4f:28:
         bb:e6:68:f7:fb:34:66:e7:f3:ef:05:37:20:1e:2e:79:79:64:
         d1:ec:3c:4c:4b:98:be:03:07:ed:2b:38:0f:30:d9:fe:f7:d7:
         06:5e:9e:0b:4d:a9:9b:b0:2c:4b:68:18:f4:7e:e9:51:84:12:
         48:d8:15:75:35:86:43:ee:1a:e4:a6:20:7e:aa:17:ab:ac:a9:
         10:75:8b:bc:a5:46:f4:28:56:51:57:94:2c:54:15:92:41:11:
         2f:ce:cf:10:4e:2c:8f:6e:05:5c:f1:8c:6c:2c:c4:59:3b:81:
         88:ea:06:74:47:89:9a:80:f0:e5:d0:26:0a:92:b0:94:17:4a:
         3b:0d:46:f3
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUPwYiOERF9s8FKsqzZ3uVhVenZJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MTYxNTUxMzdaFw0yNTA1MTUxNTU2MzdaMDMxMTAvBgNV
BAMTKEExQzdFRDY0OTA0RTREQTA0REFDRTU2RDY2NDkyMEJCMTQ5NDg1NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrtC/RdZbMKCo2mJAH9lFvq6Yx
nOFN/ciDbbEJcMNYZBl3MFptCX7AxuleCGmY9868uVH/Tilndvf7z0sbQpytha9g
nIB0oRaqK2NgYJ+TjxEkGt6KbxUGbtdthXgPG50qwUEQ885oTDPrSUArhluCZ7Da
MHWu4bn+zML5GZYsJ9crNleSUWkrKAA+Qj9cP+7A6onHqahznsLaonxYptp82PSy
m+swu6LsmtfLw/x99dj+Ebk8QQ9ap9qH/E0rGHVWGggXkfNZIJgXi+Uc4X825fVF
DwZl1v8iLO7V9RCrFOKcig85wVriYYQrOi9matJOV1S+rRWfvt/UYFuaWXiPAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUocftZJBOTaBNrOVtZkkguxSUhVUwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTY2MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDM2MzMzMTM1MzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqCmBErzANBgkqhkiG9w0BAQsFAAOCAQEAbbmPQmPgv1yWFeaAfV+c
U2vvQYOMazjHXhNviHFFnOKecVXUwOETt+awVuMBX+tIwfmVocsAfEVqIE3jkabU
yqx/wC6neOx2BZa6w+1O81VckDYZ+boDn8dpNmMtQaO9mdg2jPnW8q6BlWvDT8DP
HkBxSuzTK+JH0tvgkU8ou+Zo9/s0Zufz7wU3IB4ueXlk0ew8TEuYvgMH7Ss4DzDZ
/vfXBl6eC02pm7AsS2gY9H7pUYQSSNgVdTWGQ+4a5KYgfqoXq6ypEHWLvKVG9ChW
UVeULFQVkkERL87PEE4sj24FXPGMbCzEWTuBiOoGdEeJmoDw5dAmCpKwlBdKOw1G
8w==
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:40:51 2024 by rpki-client on console-ams.rpki-client.org