Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393139343a3a2f34382d3438203d3e20323135333836.roa
File:                     326130353a646663313a393139343a3a2f34382d3438203d3e20323135333836.roa (raw, json)
Hash identifier:          awyK23REAgC5OF3FSXK6T6lPv/Y9OPv1M2gCMFucc/g=
Subject key identifier:   B9:82:C3:6F:F0:61:38:25:16:85:DC:1C:C3:78:AC:F3:7C:AE:37:CC
Certificate issuer:       /CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
Certificate serial:       5AF1CA86249C294ECC3030422F8A38C97857EAF5
Authority key identifier: F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393139343a3a2f34382d3438203d3e20323135333836.roa
Signing time:             Mon 25 Mar 2024 14:28:04 +0000
ROA not before:           Mon 25 Mar 2024 14:23:04 +0000
ROA not after:            Mon 24 Mar 2025 14:28:04 +0000
asID:                     215386
IP address blocks:        2a05:dfc1:9194::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:f1:ca:86:24:9c:29:4e:cc:30:30:42:2f:8a:38:c9:78:57:ea:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
        Validity
            Not Before: Mar 25 14:23:04 2024 GMT
            Not After : Mar 24 14:28:04 2025 GMT
        Subject: CN=B982C36FF06138251685DC1CC378ACF37CAE37CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:69:a7:ce:f3:49:65:44:6a:4e:f4:64:5a:5a:
                    0f:ec:3b:8a:80:97:3a:30:dd:99:fc:83:1f:49:b2:
                    44:50:61:4f:01:3e:da:ac:22:2c:cb:f8:af:0e:a1:
                    cf:87:32:ba:06:f9:a9:4e:73:77:5d:4c:08:e9:64:
                    a9:2e:c8:7b:4b:36:a6:ae:f8:05:34:d5:dd:2b:73:
                    1c:43:f8:55:dd:7a:bf:e8:45:25:00:f5:fd:64:45:
                    b1:e4:e2:af:2a:5c:db:64:2d:e3:75:2b:93:b5:cf:
                    a2:80:7b:64:db:64:3a:f8:6f:4d:31:5c:d9:8d:c8:
                    78:da:f4:84:f4:d5:59:ce:ce:95:a6:64:43:2f:af:
                    c5:3f:c9:02:f1:d1:fc:2d:09:79:e8:16:5d:24:ae:
                    18:62:98:8a:5b:5d:29:20:7a:c0:32:31:8c:fc:48:
                    b2:2a:b1:55:f6:99:b4:a1:46:5e:e2:22:2a:75:ef:
                    1c:14:32:8d:d6:96:b1:cb:2b:67:39:15:fd:61:02:
                    b1:73:33:6a:10:70:5b:ca:61:2e:be:15:7e:60:dd:
                    d7:75:36:17:ca:cf:56:7b:ee:51:79:e3:38:0c:4b:
                    89:7a:f4:97:56:d7:c7:c2:07:6a:58:9c:09:da:80:
                    91:6c:f2:51:ae:fb:27:1c:87:13:fb:77:e7:7a:b5:
                    fd:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:82:C3:6F:F0:61:38:25:16:85:DC:1C:C3:78:AC:F3:7C:AE:37:CC
            X509v3 Authority Key Identifier:
                keyid:F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393139343a3a2f34382d3438203d3e20323135333836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:9194::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:87:56:ba:8c:30:8f:b6:2d:e6:06:c1:05:cb:c0:f3:31:5c:
         55:4e:6a:20:71:eb:08:3f:63:69:e9:e6:7e:8b:47:53:93:65:
         4b:84:6c:39:a6:b4:ca:7e:02:1c:26:7c:c4:96:f5:67:43:d7:
         6b:41:a4:63:f5:3e:89:2c:81:50:1e:b9:34:9c:39:5c:26:42:
         68:c5:a4:fe:e9:d2:29:08:45:93:d7:f2:fc:b1:e4:b6:65:a7:
         2c:8d:b1:75:c8:1c:a9:26:7b:b9:7a:4b:68:2d:c9:c6:fd:98:
         5f:de:cc:7e:14:64:92:fa:89:9a:9e:1c:39:7a:f4:9c:90:35:
         ce:ef:a6:af:07:b2:ef:2f:8e:b7:19:d1:c0:64:dc:87:d3:f1:
         b5:44:d3:19:e4:9c:b6:23:78:73:ff:f4:4b:8f:0d:a0:d9:65:
         2b:a3:38:54:6c:b1:0c:c0:0c:7f:4c:d3:27:2a:97:d3:52:e1:
         3c:92:75:c3:66:9c:77:bf:cf:ae:66:84:53:9a:e8:55:a6:94:
         ed:5e:05:5e:d2:75:cf:59:2d:06:32:f7:43:5c:1a:af:54:be:
         03:f5:ba:06:70:92:f9:37:6a:e9:e8:3d:17:b7:c3:6d:5f:a2:
         a3:b8:13:41:b1:cf:09:f4:e3:d9:e0:39:5f:f8:64:ab:d5:25:
         74:22:de:36
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUWvHKhiScKU7MMDBCL4o4yXhX6vUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRF
MDVFN0I3NjAeFw0yNDAzMjUxNDIzMDRaFw0yNTAzMjQxNDI4MDRaMDMxMTAvBgNV
BAMTKEI5ODJDMzZGRjA2MTM4MjUxNjg1REMxQ0MzNzhBQ0YzN0NBRTM3Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4aafO80llRGpO9GRaWg/sO4qA
lzow3Zn8gx9JskRQYU8BPtqsIizL+K8Ooc+HMroG+alOc3ddTAjpZKkuyHtLNqau
+AU01d0rcxxD+FXder/oRSUA9f1kRbHk4q8qXNtkLeN1K5O1z6KAe2TbZDr4b00x
XNmNyHja9IT01VnOzpWmZEMvr8U/yQLx0fwtCXnoFl0krhhimIpbXSkgesAyMYz8
SLIqsVX2mbShRl7iIip17xwUMo3WlrHLK2c5Ff1hArFzM2oQcFvKYS6+FX5g3dd1
NhfKz1Z77lF54zgMS4l69JdW18fCB2pYnAnagJFs8lGu+ycchxP7d+d6tf01AgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUuYLDb/BhOCUWhdwcw3is83yuN8wwHwYDVR0j
BBgwFoAU9zfYG/vv/e7J7DK3uGQRLeBee3YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzEvRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRFMDVFN0I3Ni5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0Y3MzdEODFCRkJFRkZE
RUVDOUVDMzJCN0I4NjQxMTJERTA1RTdCNzYuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3
ZC8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzkzMTM5MzQzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMjMxMzUzMzM4MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBd/BkZQwDQYJKoZIhvcN
AQELBQADggEBAGGHVrqMMI+2LeYGwQXLwPMxXFVOaiBx6wg/Y2np5n6LR1OTZUuE
bDmmtMp+AhwmfMSW9WdD12tBpGP1PoksgVAeuTScOVwmQmjFpP7p0ikIRZPX8vyx
5LZlpyyNsXXIHKkme7l6S2gtycb9mF/ezH4UZJL6iZqeHDl69JyQNc7vpq8Hsu8v
jrcZ0cBk3IfT8bVE0xnknLYjeHP/9EuPDaDZZSujOFRssQzADH9M0ycql9NS4TyS
dcNmnHe/z65mhFOa6FWmlO1eBV7Sdc9ZLQYy90NcGq9UvgP1ugZwkvk3aunoPRe3
w21foqO4E0Gxzwn049ngOV/4ZKvVJXQi3jY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:16 2024 by rpki-client on console-ams.rpki-client.org