Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6130303a3a2f34302d3430203d3e203437323732.roa
File:                     323630323a663936643a6130303a3a2f34302d3430203d3e203437323732.roa (raw, json)
Hash identifier:          SmUQCGt8Jq5YCTX9NIlLTXvfCOIJo4XEiGFtoi3V3VA=
Subject key identifier:   D6:E6:0B:63:CB:EE:C7:E7:F6:96:0F:AF:B5:E7:81:01:DC:61:2A:A8
Certificate issuer:       /CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
Certificate serial:       08036B71CABBCD1DFF79CE8D1EADF33007DD49B0
Authority key identifier: 6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6130303a3a2f34302d3430203d3e203437323732.roa
Signing time:             Wed 28 Aug 2024 10:23:35 +0000
ROA not before:           Wed 28 Aug 2024 10:18:35 +0000
ROA not after:            Wed 27 Aug 2025 10:23:35 +0000
asID:                     47272
IP address blocks:        2602:f96d:a00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/6D7A266730928D9DFDFDACE36F73AC89E424E228.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/6D7A266730928D9DFDFDACE36F73AC89E424E228.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/02c7706b-3baf-42cb-bdf7-782b036252b3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/02c7706b-3baf-42cb-bdf7-782b036252b3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:34:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:03:6b:71:ca:bb:cd:1d:ff:79:ce:8d:1e:ad:f3:30:07:dd:49:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
        Validity
            Not Before: Aug 28 10:18:35 2024 GMT
            Not After : Aug 27 10:23:35 2025 GMT
        Subject: CN=D6E60B63CBEEC7E7F6960FAFB5E78101DC612AA8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:29:14:0c:38:ac:78:c1:51:43:3f:e0:e4:2b:
                    a7:0c:ab:f2:eb:99:8d:71:3d:58:3b:55:eb:f2:58:
                    ee:d1:d4:4c:2b:8e:d5:20:db:94:a2:85:b7:30:09:
                    3b:d6:20:ab:a4:79:ab:bb:25:27:51:bb:fa:18:2f:
                    31:43:d1:ae:ac:4a:86:6a:10:95:df:11:bb:d1:57:
                    45:61:20:36:55:04:8d:fd:03:a5:11:81:e9:12:7b:
                    c3:0d:c5:68:66:f0:f3:0c:f2:aa:1a:40:16:05:72:
                    8e:d5:74:ec:b5:03:fa:8b:24:7e:2c:15:3a:b4:60:
                    54:eb:54:39:c3:45:b8:ab:6d:69:f5:4b:e2:e4:d7:
                    f8:52:c8:f7:db:9e:3a:a7:c8:97:6b:33:6f:9c:c8:
                    39:31:40:e3:ec:ae:85:3c:44:e9:96:38:6d:cc:28:
                    1e:98:6f:55:68:aa:48:2b:70:38:a6:73:ef:f0:87:
                    48:1a:da:b9:70:82:1f:00:3b:68:54:0c:39:fa:0d:
                    eb:f9:9b:e5:58:15:16:dd:92:23:d3:fd:81:47:4e:
                    f3:44:d6:f8:7d:b1:16:10:7e:b8:03:b0:d4:72:36:
                    e4:06:fc:b5:05:06:0c:86:a7:8e:36:af:e1:98:9d:
                    23:f6:9e:10:04:31:8f:84:1b:2f:77:93:e4:ce:da:
                    7d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:E6:0B:63:CB:EE:C7:E7:F6:96:0F:AF:B5:E7:81:01:DC:61:2A:A8
            X509v3 Authority Key Identifier:
                keyid:6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/6D7A266730928D9DFDFDACE36F73AC89E424E228.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/323630323a663936643a6130303a3a2f34302d3430203d3e203437323732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f96d:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         41:9e:1b:b6:46:b3:35:10:d7:3c:7c:20:42:dc:35:0d:07:55:
         89:a9:f0:7e:07:39:da:05:58:78:5b:c6:e9:f3:3e:49:e7:80:
         cd:25:9e:7b:f2:3e:b1:64:d6:f9:2b:c0:a7:a6:76:0d:26:e2:
         dd:79:c3:d2:25:59:f3:48:14:c1:ce:4c:76:f0:91:25:dc:0f:
         33:00:f2:11:eb:aa:ee:2d:a2:22:09:aa:3f:58:63:5d:1a:f9:
         97:de:6d:9e:00:33:53:b2:e5:48:70:d3:53:60:7c:b7:be:62:
         02:c9:a2:3f:9e:aa:40:16:aa:7c:43:86:b3:52:a5:e4:0e:39:
         d5:5d:ca:ef:3d:d3:47:e5:f5:1c:8b:b1:02:9a:61:82:73:d9:
         f0:3f:1f:5a:d6:46:78:31:be:cb:11:86:b1:1a:21:9d:2c:e0:
         91:d7:0a:dd:14:49:06:3b:6c:89:34:f0:e8:e8:ab:c9:e7:29:
         2e:1a:02:33:f6:47:df:1a:53:c2:98:4e:09:d2:b5:ca:5d:82:
         b1:34:5d:3e:29:ad:70:c6:d0:43:5c:a0:77:c9:83:5a:ec:8d:
         9c:cb:64:b2:5b:5a:7b:29:4f:dd:fb:34:04:95:e2:e7:c6:18:
         54:87:56:e4:b8:7c:c2:ed:a3:c9:da:06:6e:6c:a3:f4:43:95:
         35:23:ac:1b
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIUCANrccq7zR3/ec6NHq3zMAfdSbAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5
MmE1NzM3OWQ3ZjEzYmU4ZmEwHhcNMjQwODI4MTAxODM1WhcNMjUwODI3MTAyMzM1
WjAzMTEwLwYDVQQDEyhENkU2MEI2M0NCRUVDN0U3RjY5NjBGQUZCNUU3ODEwMURD
NjEyQUE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCkUDDiseMFR
Qz/g5CunDKvy65mNcT1YO1Xr8lju0dRMK47VINuUooW3MAk71iCrpHmruyUnUbv6
GC8xQ9GurEqGahCV3xG70VdFYSA2VQSN/QOlEYHpEnvDDcVoZvDzDPKqGkAWBXKO
1XTstQP6iyR+LBU6tGBU61Q5w0W4q21p9Uvi5Nf4Usj32546p8iXazNvnMg5MUDj
7K6FPETpljhtzCgemG9VaKpIK3A4pnPv8IdIGtq5cIIfADtoVAw5+g3r+ZvlWBUW
3ZIj0/2BR07zRNb4fbEWEH64A7DUcjbkBvy1BQYMhqeONq/hmJ0j9p4QBDGPhBsv
d5Pkztp9EwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFNbmC2PL7sfn9pYPr7XngQHc
YSqoMB8GA1UdIwQYMBaAFG16Jmcwko2d/f2s429zrInkJOIoMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2Mx
LTI3NjU0M2EyNWM3ZC80LzZEN0EyNjY3MzA5MjhEOURGREZEQUNFMzZGNzNBQzg5
RTQyNEUyMjguY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC8wMmM3NzA2Yi0zYmFmLTQyY2ItYmRmNy03
ODJiMDM2MjUyYjMvZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5MmE1
NzM3OWQ3ZjEzYmU4ZmEuY2VyMIGzBggrBgEFBQcBCwSBpjCBozCBoAYIKwYBBQUH
MAuGgZNyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC80LzMyMzYzMDMy
M2E2NjM5MzY2NDNhNjEzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzQzNzMy
MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB
/wQSMBAwDgQCAAIwCAMGACYC+W0KMA0GCSqGSIb3DQEBCwUAA4IBAQBBnhu2RrM1
ENc8fCBC3DUNB1WJqfB+BznaBVh4W8bp8z5J54DNJZ578j6xZNb5K8CnpnYNJuLd
ecPSJVnzSBTBzkx28JEl3A8zAPIR66ruLaIiCao/WGNdGvmX3m2eADNTsuVIcNNT
YHy3vmICyaI/nqpAFqp8Q4azUqXkDjnVXcrvPdNH5fUci7ECmmGCc9nwPx9a1kZ4
Mb7LEYaxGiGdLOCR1wrdFEkGO2yJNPDo6KvJ5ykuGgIz9kffGlPCmE4J0rXKXYKx
NF0+Ka1wxtBDXKB3yYNa7I2cy2SyW1p7KU/d+zQEleLnxhhUh1bkuHzC7aPJ2gZu
bKP0Q5U1I6wb
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:15:23 2024 by rpki-client on console-fra.rpki-client.org