Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214675.roa
File:                     AS214675.roa (raw, json)
Hash identifier:          MCALW2WMCFjKLeao4PqZqY637XfOrTl8BxGkWr+DsFA=
Subject key identifier:   6B:42:3A:38:DB:34:AF:FD:87:68:7C:A1:E8:39:0D:5F:DD:68:3D:16
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       6C9D30878A47A7CC6EF0F84578A0CF5070E6EBDF
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214675.roa
Signing time:             Thu 29 Aug 2024 03:41:13 +0000
ROA not before:           Thu 29 Aug 2024 03:36:13 +0000
ROA not after:            Thu 28 Aug 2025 03:41:13 +0000
asID:                     214675
IP address blocks:        2a0a:6044:aca0::/44 maxlen: 44
                          2a0a:6044:aca0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:9d:30:87:8a:47:a7:cc:6e:f0:f8:45:78:a0:cf:50:70:e6:eb:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Aug 29 03:36:13 2024 GMT
            Not After : Aug 28 03:41:13 2025 GMT
        Subject: CN=6B423A38DB34AFFD87687CA1E8390D5FDD683D16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:55:26:a8:e2:44:fd:1d:87:d7:e2:f6:fb:d8:
                    f6:30:fe:d9:34:b0:e9:5d:bb:2f:33:be:e1:73:6a:
                    a7:4f:92:d3:61:44:34:af:0f:75:8a:8f:f9:c5:b1:
                    4a:a4:66:07:af:5f:93:de:d7:38:22:43:a1:f0:12:
                    e7:f1:3a:57:0a:aa:46:f8:d8:f0:10:b0:6f:d1:21:
                    4b:4f:b2:d4:c1:68:2f:ca:85:80:de:11:5a:ed:b4:
                    f3:36:c7:3e:ee:3c:4a:ba:69:e2:21:09:39:1d:08:
                    df:2e:b1:cc:9c:e3:8c:0a:e3:17:ed:cb:ff:05:0d:
                    dc:bd:d7:52:d2:23:e8:c2:cc:2f:8a:88:fc:42:b1:
                    60:47:2b:1c:8c:0a:17:14:32:f4:8c:6a:b1:ba:a1:
                    21:83:68:88:73:60:27:31:66:0b:85:74:19:b2:41:
                    9a:86:19:ae:75:fc:0a:3e:5a:f5:22:75:7a:68:23:
                    23:6a:ef:a1:ae:c4:0b:3f:d7:24:32:b3:a9:77:60:
                    eb:b7:b1:ba:05:5a:81:66:6b:01:da:8e:b2:05:92:
                    67:5a:53:39:31:df:52:5e:fd:42:42:c5:23:d2:fb:
                    da:d2:3c:25:e8:0f:76:58:8b:b9:cf:ce:46:47:5d:
                    18:26:82:8c:7c:d6:35:5a:ff:d9:c1:2d:fc:87:9f:
                    8b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:42:3A:38:DB:34:AF:FD:87:68:7C:A1:E8:39:0D:5F:DD:68:3D:16
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214675.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aca0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8e:8b:00:48:03:de:74:0a:00:94:84:69:a4:57:f1:8e:d7:93:
         50:bd:60:64:34:cc:16:1b:b5:57:8a:0a:3e:4f:ae:1e:00:d2:
         34:2f:c1:fb:e6:bb:b1:03:bd:5f:20:5a:e9:4f:45:43:aa:01:
         fe:7a:5d:cb:87:41:a8:61:e3:1d:30:07:7e:d4:9c:73:65:90:
         cc:e5:de:d5:37:6a:48:e0:09:15:fd:2e:48:c5:3e:eb:df:89:
         36:7d:58:41:87:f4:83:38:79:ed:ac:25:6e:16:e3:d1:36:7a:
         1c:7a:e1:22:d8:cc:86:c7:20:5b:c0:1b:30:23:c6:c0:38:c0:
         da:9a:e7:08:68:51:19:1a:1a:d8:c4:d8:6d:f4:74:5f:bb:cb:
         07:4c:d9:4e:8b:9d:3e:18:0e:e8:66:db:0b:f1:54:15:2f:be:
         66:a4:cb:69:24:bb:5c:51:93:87:56:e9:73:83:be:b5:ea:ae:
         68:d2:07:b8:df:e8:55:01:60:77:f8:0d:75:5b:d1:ff:36:62:
         e5:89:dd:b2:fa:48:54:13:11:81:7d:ae:ee:a6:7d:0c:a0:aa:
         d5:ce:38:c1:c6:da:29:2b:fd:cb:af:14:d1:57:26:38:76:46:
         2c:76:d9:b8:8e:66:2a:2b:d0:2d:a1:c3:eb:e6:6e:f1:22:7f:
         c6:13:31:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbJ0wh4pHp8xu8PhFeKDPUHDm698wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA4MjkwMzM2MTNaFw0yNTA4MjgwMzQxMTNaMDMxMTAvBgNV
BAMTKDZCNDIzQTM4REIzNEFGRkQ4NzY4N0NBMUU4MzkwRDVGREQ2ODNEMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIVSao4kT9HYfX4vb72PYw/tk0
sOlduy8zvuFzaqdPktNhRDSvD3WKj/nFsUqkZgevX5Pe1zgiQ6HwEufxOlcKqkb4
2PAQsG/RIUtPstTBaC/KhYDeEVrttPM2xz7uPEq6aeIhCTkdCN8uscyc44wK4xft
y/8FDdy911LSI+jCzC+KiPxCsWBHKxyMChcUMvSMarG6oSGDaIhzYCcxZguFdBmy
QZqGGa51/Ao+WvUidXpoIyNq76GuxAs/1yQys6l3YOu3sboFWoFmawHajrIFkmda
Uzkx31Je/UJCxSPS+9rSPCXoD3ZYi7nPzkZHXRgmgox81jVa/9nBLfyHn4vBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUa0I6ONs0r/2HaHyh6DkNX91oPRYwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYt
NDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC8wL0FTMjE0Njc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgpg
RKygMA0GCSqGSIb3DQEBCwUAA4IBAQCOiwBIA950CgCUhGmkV/GO15NQvWBkNMwW
G7VXigo+T64eANI0L8H75ruxA71fIFrpT0VDqgH+el3Lh0GoYeMdMAd+1JxzZZDM
5d7VN2pI4AkV/S5IxT7r34k2fVhBh/SDOHntrCVuFuPRNnoceuEi2MyGxyBbwBsw
I8bAOMDamucIaFEZGhrYxNht9HRfu8sHTNlOi50+GA7oZtsL8VQVL75mpMtpJLtc
UZOHVulzg7616q5o0ge43+hVAWB3+A11W9H/NmLlid2y+khUExGBfa7upn0MoKrV
zjjBxtopK/3LrxTRVyY4dkYsdtm4jmYqK9AtocPr5m7xIn/GEzGG
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:16 2024 by rpki-client on console-ams.rpki-client.org