Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623230303a3a2f34302d3438203d3e20313938393539.roa
File:                     326130613a363034343a623230303a3a2f34302d3438203d3e20313938393539.roa (raw, json)
Hash identifier:          ZiqS/S0APz2rA17kXVfznN5JEtXUNMdUJwQFLLdvdHk=
Subject key identifier:   76:7A:8A:48:68:C7:71:CD:AD:25:1D:CD:58:78:D1:EA:ED:7B:05:12
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       38B6A282FC65AAA968ADD730D1178FDDB751128F
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623230303a3a2f34302d3438203d3e20313938393539.roa
Signing time:             Tue 21 May 2024 06:31:39 +0000
ROA not before:           Tue 21 May 2024 06:26:39 +0000
ROA not after:            Tue 20 May 2025 06:31:39 +0000
asID:                     198959
IP address blocks:        2a0a:6044:b200::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:b6:a2:82:fc:65:aa:a9:68:ad:d7:30:d1:17:8f:dd:b7:51:12:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 21 06:26:39 2024 GMT
            Not After : May 20 06:31:39 2025 GMT
        Subject: CN=767A8A4868C771CDAD251DCD5878D1EAED7B0512
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e5:47:da:a2:0c:e4:2e:e4:0f:f1:3d:46:97:
                    69:6b:60:89:27:0b:c9:da:9d:81:43:6a:7c:69:85:
                    01:d5:72:b0:8c:6c:a7:7b:16:62:11:4f:ac:4a:62:
                    37:f7:99:84:5d:45:ec:91:24:94:a2:0b:da:09:7e:
                    22:59:b2:8c:15:ad:ed:07:ed:e1:7c:5b:48:f4:5c:
                    b7:60:f6:22:d3:07:0f:05:04:7d:eb:c4:c5:12:a4:
                    1a:84:5b:e6:3d:fe:62:15:bf:aa:00:28:29:2f:22:
                    c6:a1:16:6f:06:39:62:c4:a9:45:e1:e6:cb:af:15:
                    48:ef:0d:e4:a3:6a:dc:29:c9:5d:c8:86:58:2a:a2:
                    a6:3f:c5:73:f7:c2:f1:80:ed:1b:ad:28:a7:19:4e:
                    fa:fe:1f:2b:93:a2:5d:47:d6:3a:b2:33:19:db:b8:
                    e2:44:22:87:7b:a2:8d:6b:63:a4:95:88:59:af:8b:
                    3b:f6:66:2a:1b:bd:d7:76:48:66:c1:27:82:2c:6a:
                    b3:c3:3c:cd:10:27:d4:61:c8:0b:0c:2f:2e:dd:30:
                    5f:fb:80:c1:32:a5:a2:00:45:c0:c9:6d:96:67:98:
                    f0:a9:bb:0c:f8:e8:03:41:16:11:5e:ad:91:01:3a:
                    c4:ea:c6:65:3d:d6:63:5f:2c:9b:76:4b:eb:ab:c6:
                    dc:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:7A:8A:48:68:C7:71:CD:AD:25:1D:CD:58:78:D1:EA:ED:7B:05:12
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a623230303a3a2f34302d3438203d3e20313938393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:b200::/40

    Signature Algorithm: sha256WithRSAEncryption
         0a:45:53:01:21:e9:70:50:1c:71:85:02:76:43:ab:4e:82:a0:
         97:5b:51:e9:8e:b3:fa:a6:fc:b7:94:80:94:4b:46:9a:d8:34:
         f2:92:bf:99:8b:c8:23:15:4e:d0:63:07:e0:a7:0d:e0:c0:5d:
         d2:70:6f:6a:ba:24:cb:37:75:f1:5f:cb:81:0d:07:8a:78:5d:
         77:dd:59:e8:15:fb:e5:ca:bd:ad:c7:97:50:3f:bd:db:23:0e:
         9d:f7:45:3b:a5:72:c4:0a:32:22:bb:9b:f0:37:cd:1d:1e:b7:
         f2:a2:ea:75:ff:03:56:0d:10:ea:3f:1c:de:97:43:02:15:9c:
         81:c2:86:9c:0d:f4:8c:38:4b:5b:d1:5a:e0:11:11:0f:7c:c3:
         af:cf:ab:05:51:ba:c4:20:fe:c1:70:2d:fa:78:6c:a4:52:ec:
         b1:83:1c:09:e2:fb:d0:bb:9c:31:35:b5:99:da:22:91:07:9d:
         48:7c:e6:e1:ee:67:4c:8b:ca:50:3f:41:80:ba:15:ca:dd:f5:
         7c:a3:9c:a8:94:fb:45:69:c4:b0:93:aa:eb:d7:e0:7b:15:e5:
         ee:e9:72:23:ba:f1:77:bb:b5:f3:5c:69:55:a9:1c:fb:19:80:
         d9:82:e2:4b:f7:63:ab:b1:38:77:8a:77:ed:39:72:a3:6e:b3:
         81:fb:e8:b3
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUOLaigvxlqqlordcw0ReP3bdREo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MjEwNjI2MzlaFw0yNTA1MjAwNjMxMzlaMDMxMTAvBgNV
BAMTKDc2N0E4QTQ4NjhDNzcxQ0RBRDI1MURDRDU4NzhEMUVBRUQ3QjA1MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM5UfaogzkLuQP8T1Gl2lrYIkn
C8nanYFDanxphQHVcrCMbKd7FmIRT6xKYjf3mYRdReyRJJSiC9oJfiJZsowVre0H
7eF8W0j0XLdg9iLTBw8FBH3rxMUSpBqEW+Y9/mIVv6oAKCkvIsahFm8GOWLEqUXh
5suvFUjvDeSjatwpyV3IhlgqoqY/xXP3wvGA7RutKKcZTvr+HyuTol1H1jqyMxnb
uOJEIod7oo1rY6SViFmvizv2Ziobvdd2SGbBJ4IsarPDPM0QJ9RhyAsMLy7dMF/7
gMEypaIARcDJbZZnmPCpuwz46ANBFhFerZEBOsTqxmU91mNfLJt2S+urxtwnAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUdnqKSGjHcc2tJR3NWHjR6u17BRIwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MjMyMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzODM5MzUzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoKYESyMA0GCSqGSIb3DQEBCwUAA4IBAQAKRVMBIelwUBxxhQJ2
Q6tOgqCXW1HpjrP6pvy3lICUS0aa2DTykr+Zi8gjFU7QYwfgpw3gwF3ScG9quiTL
N3XxX8uBDQeKeF133VnoFfvlyr2tx5dQP73bIw6d90U7pXLECjIiu5vwN80dHrfy
oup1/wNWDRDqPxzel0MCFZyBwoacDfSMOEtb0VrgEREPfMOvz6sFUbrEIP7BcC36
eGykUuyxgxwJ4vvQu5wxNbWZ2iKRB51IfObh7mdMi8pQP0GAuhXK3fV8o5yolPtF
acSwk6rr1+B7FeXu6XIjuvF3u7XzXGlVqRz7GYDZguJL92OrsTh3inftOXKjbrOB
++iz
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:43:32 2024 by rpki-client on console-fra.rpki-client.org