Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e20323134393839.roa
File:                     326130613a363034343a643030303a3a2f33362d3336203d3e20323134393839.roa (raw, json)
Hash identifier:          VENZ2hLpYBzfpII+GRoPAwRjHbNLDhEglMAJjRHoXpo=
Subject key identifier:   C5:27:87:89:DF:90:D2:47:70:3E:46:35:2F:2A:C8:6A:B1:A1:D2:A7
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       6E5F24BF13D108CF917C4A727A4B3EDE71FB9AAF
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e20323134393839.roa
Signing time:             Wed 22 May 2024 17:17:07 +0000
ROA not before:           Wed 22 May 2024 17:12:07 +0000
ROA not after:            Wed 21 May 2025 17:17:07 +0000
asID:                     214989
IP address blocks:        2a0a:6044:d000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:5f:24:bf:13:d1:08:cf:91:7c:4a:72:7a:4b:3e:de:71:fb:9a:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 22 17:12:07 2024 GMT
            Not After : May 21 17:17:07 2025 GMT
        Subject: CN=C5278789DF90D247703E46352F2AC86AB1A1D2A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:51:f2:8c:14:23:11:2f:2b:e5:f2:5c:8e:b6:
                    33:8c:e9:0a:77:c7:06:61:86:b3:e6:98:73:28:e9:
                    4d:fa:ca:54:e7:f9:fc:98:dd:9d:d9:74:97:d2:9a:
                    12:2e:42:01:6d:c1:86:ff:57:9b:2d:49:be:11:3b:
                    43:3e:33:32:bd:fc:53:3e:fa:a9:53:a7:29:a1:07:
                    ca:1b:ea:bf:86:08:fe:7f:15:e0:3e:5c:40:b1:3a:
                    90:5e:ba:c2:63:61:bb:7b:2d:98:cf:4f:35:a3:f1:
                    67:2a:9c:68:d5:0d:e1:45:8d:6b:0b:6e:53:3e:dd:
                    d2:16:58:3a:9a:2b:e1:ae:df:59:bd:0b:0d:e7:70:
                    0f:f2:23:b5:91:59:73:26:4b:52:3b:6d:c6:f2:8f:
                    c5:e4:4f:8e:96:3e:8f:a3:77:17:e1:2e:f8:35:48:
                    d7:c7:5f:ba:c0:80:2b:f4:71:8c:ab:ba:0d:5e:64:
                    0b:0a:df:19:9b:9e:04:50:3e:cb:5e:63:d3:a8:01:
                    3d:27:64:84:f0:79:82:fe:20:a9:e8:28:a2:15:44:
                    54:30:4e:c1:4f:54:5e:1c:68:d3:82:89:aa:8f:74:
                    3a:b1:eb:dd:da:71:a4:d8:ca:21:f1:54:05:fa:ad:
                    97:e5:5e:4d:a3:8d:42:1d:5e:26:84:ff:9e:81:6f:
                    52:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:27:87:89:DF:90:D2:47:70:3E:46:35:2F:2A:C8:6A:B1:A1:D2:A7
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a643030303a3a2f33362d3336203d3e20323134393839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:d000::/36

    Signature Algorithm: sha256WithRSAEncryption
         38:73:80:be:ef:aa:c3:87:d6:b0:c2:d8:ce:7c:7b:3c:3d:61:
         5c:4e:77:c4:96:5a:d6:17:43:e1:18:b1:5e:e4:a3:55:30:97:
         12:df:26:cc:a1:60:4d:f9:95:47:88:07:c9:06:d3:71:60:12:
         d6:03:9c:1a:0b:a8:b2:9c:52:db:65:4b:6f:20:c1:a4:49:73:
         2f:f1:44:1c:1f:18:fe:8a:db:41:f5:24:4a:f8:91:b0:b8:9d:
         1c:df:e5:c0:6e:4e:90:30:e1:0b:4c:a5:7e:ab:24:5d:00:7d:
         94:fc:8c:a7:7d:b3:db:01:93:71:8e:70:88:cb:cf:e7:c5:83:
         eb:fa:7a:2e:d8:c5:c5:83:ae:d2:22:0d:05:b8:24:67:fe:21:
         19:60:9c:5a:00:88:64:4e:01:74:aa:75:28:7f:5a:7c:4d:73:
         5c:11:66:d5:35:28:8e:c0:c9:16:f3:58:29:29:cc:e0:6b:cc:
         14:ca:cc:ac:6e:36:d8:2e:41:e4:81:27:25:3d:5f:56:d0:6d:
         25:dc:8e:2a:73:99:2a:5c:cc:0d:49:9c:7f:c4:8d:a5:fe:04:
         13:cb:0c:c5:e0:36:a3:a5:5b:84:0e:e3:4c:39:d9:ed:19:15:
         c3:fc:c5:b0:79:93:e4:33:65:9f:bb:37:32:2e:57:bf:a6:c6:
         0e:b1:7a:36
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUbl8kvxPRCM+RfEpyeks+3nH7mq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MjIxNzEyMDdaFw0yNTA1MjExNzE3MDdaMDMxMTAvBgNV
BAMTKEM1Mjc4Nzg5REY5MEQyNDc3MDNFNDYzNTJGMkFDODZBQjFBMUQyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUfKMFCMRLyvl8lyOtjOM6Qp3
xwZhhrPmmHMo6U36ylTn+fyY3Z3ZdJfSmhIuQgFtwYb/V5stSb4RO0M+MzK9/FM+
+qlTpymhB8ob6r+GCP5/FeA+XECxOpBeusJjYbt7LZjPTzWj8WcqnGjVDeFFjWsL
blM+3dIWWDqaK+Gu31m9Cw3ncA/yI7WRWXMmS1I7bcbyj8XkT46WPo+jdxfhLvg1
SNfHX7rAgCv0cYyrug1eZAsK3xmbngRQPsteY9OoAT0nZITweYL+IKnoKKIVRFQw
TsFPVF4caNOCiaqPdDqx693acaTYyiHxVAX6rZflXk2jjUIdXiaE/56Bb1JZAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUxSeHid+Q0kdwPkY1LyrIarGh0qcwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2NDMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDMyMzEzNDM5MzgzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoKYETQMA0GCSqGSIb3DQEBCwUAA4IBAQA4c4C+76rDh9awwtjO
fHs8PWFcTnfEllrWF0PhGLFe5KNVMJcS3ybMoWBN+ZVHiAfJBtNxYBLWA5waC6iy
nFLbZUtvIMGkSXMv8UQcHxj+ittB9SRK+JGwuJ0c3+XAbk6QMOELTKV+qyRdAH2U
/IynfbPbAZNxjnCIy8/nxYPr+nou2MXFg67SIg0FuCRn/iEZYJxaAIhkTgF0qnUo
f1p8TXNcEWbVNSiOwMkW81gpKczga8wUysysbjbYLkHkgSclPV9W0G0l3I4qc5kq
XMwNSZx/xI2l/gQTywzF4DajpVuEDuNMOdntGRXD/MWweZPkM2WfuzcyLle/psYO
sXo2
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:42:15 2024 by rpki-client on console-ams.rpki-client.org