Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/323630323a663939653a3a2f33362d3336203d3e203233313235.roa
File:                     323630323a663939653a3a2f33362d3336203d3e203233313235.roa (raw, json)
Hash identifier:          iX2MCjbjhqr0rE/NtAYCR3oaA5Ny0HNtEjLgw+TtHUc=
Subject key identifier:   BC:BE:30:47:94:C1:56:6A:4B:EC:A0:B5:6C:B5:07:65:5E:33:05:E7
Certificate issuer:       /CN=1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39
Certificate serial:       132BCD98A112FAA59D8AE3F0F5B7889568133CB5
Authority key identifier: 10:FA:AD:7B:D8:08:78:1E:33:0C:17:FD:6D:0A:AB:1D:F1:C6:9E:D4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/323630323a663939653a3a2f33362d3336203d3e203233313235.roa
Signing time:             Wed 17 Jan 2024 09:58:34 +0000
ROA not before:           Wed 17 Jan 2024 09:53:34 +0000
ROA not after:            Wed 15 Jan 2025 09:58:34 +0000
asID:                     23125
IP address blocks:        2602:f99e::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Nov 2024 19:08:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:2b:cd:98:a1:12:fa:a5:9d:8a:e3:f0:f5:b7:88:95:68:13:3c:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39
        Validity
            Not Before: Jan 17 09:53:34 2024 GMT
            Not After : Jan 15 09:58:34 2025 GMT
        Subject: CN=BCBE304794C1566A4BECA0B56CB507655E3305E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:df:8a:8d:75:6f:d3:33:d9:bf:3d:80:04:9e:
                    b8:04:68:59:46:1c:0f:eb:ff:60:bd:fb:f0:e9:28:
                    8c:32:7c:87:ab:ce:46:5d:04:c4:e7:e8:57:a0:0e:
                    79:a5:f0:c9:ef:77:41:23:85:7d:51:1e:60:11:5e:
                    62:3d:d2:e4:fd:ab:53:28:33:de:52:5a:8b:99:ae:
                    61:84:76:d3:62:a4:ac:0e:f8:db:be:ef:df:56:f9:
                    ef:74:13:4d:b8:75:34:48:3d:0b:2e:ea:0e:a9:4b:
                    59:13:91:83:e9:c2:69:2f:a6:10:6d:8c:fa:74:80:
                    d2:38:dd:40:17:24:e0:e5:3e:05:35:fb:00:6a:c4:
                    5a:cc:8e:b5:f5:4d:44:42:3e:a8:0a:4b:a5:df:5b:
                    a9:5a:a3:b2:13:bb:bb:23:4b:70:a8:80:33:4a:7a:
                    a7:df:c5:d2:0c:66:8a:e7:62:44:8e:99:62:ed:49:
                    d3:4a:85:b0:50:59:46:db:66:60:3b:6b:98:9b:01:
                    69:a4:c9:1a:ec:26:e6:54:c0:7a:4b:8d:86:89:98:
                    19:2f:75:0d:31:9a:61:8f:97:ea:b1:ed:0c:3c:9d:
                    5e:a2:54:f6:4b:95:02:c8:73:fb:6e:de:30:86:d7:
                    c6:d9:5c:c2:64:40:18:78:6a:db:2d:74:d3:41:7c:
                    92:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:BE:30:47:94:C1:56:6A:4B:EC:A0:B5:6C:B5:07:65:5E:33:05:E7
            X509v3 Authority Key Identifier:
                keyid:10:FA:AD:7B:D8:08:78:1E:33:0C:17:FD:6D:0A:AB:1D:F1:C6:9E:D4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/10FAAD7BD808781E330C17FD6D0AAB1DF1C69ED4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4b92cbc5-48e6-4e59-b9e4-d0055609895d/1a1feb7f05bbd87f010f191667fc5b223c83632b9bbca33e39.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3da4d8b4-a157-4634-ab18-3ef9d0982352/3/323630323a663939653a3a2f33362d3336203d3e203233313235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f99e::/36

    Signature Algorithm: sha256WithRSAEncryption
         36:6e:39:60:23:fa:97:cc:ce:cf:fa:8c:e5:7c:8a:1b:e3:76:
         37:01:e2:b0:a8:55:bd:60:58:0d:b2:5a:49:c0:90:72:e0:87:
         1e:36:9e:2f:84:a3:6d:c4:de:45:e4:ec:49:ab:32:8b:19:6b:
         91:c0:e0:9c:90:c1:99:24:13:71:d3:22:64:ed:a1:23:1e:41:
         a1:33:3c:06:a1:d2:d8:fd:07:1f:32:89:3d:ed:85:20:b9:8b:
         34:0e:9a:b0:d8:be:a2:fe:c3:92:ff:a2:48:f4:55:d6:cf:0a:
         b1:cf:dd:21:26:f4:c0:ea:ac:47:6b:75:07:a0:ff:38:38:15:
         05:af:93:3e:aa:40:09:46:7a:2a:1b:e5:58:3c:97:4b:3e:64:
         e2:9c:b5:b8:ca:25:08:a6:cd:a6:23:33:e2:5c:e6:2d:77:7d:
         e8:83:3b:d7:4b:b5:54:6f:53:09:18:fd:8c:fb:7e:92:6f:4f:
         48:dc:ea:58:31:57:3d:e1:27:a7:36:e6:36:e5:ba:a0:37:ec:
         f3:c1:04:f6:0c:f9:49:40:9a:af:cb:6b:53:11:b2:15:54:06:
         a1:51:2d:a7:9d:cf:30:f8:25:a6:82:6b:87:73:11:c2:aa:c5:
         f7:77:52:40:b1:32:ff:cd:c3:2d:90:cc:48:8e:ad:61:4f:59:
         d9:6f:7a:4b
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUEyvNmKES+qWdiuPw9beIlWgTPLUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWExZmViN2YwNWJiZDg3ZjAxMGYxOTE2NjdmYzViMjIz
YzgzNjMyYjliYmNhMzNlMzkwHhcNMjQwMTE3MDk1MzM0WhcNMjUwMTE1MDk1ODM0
WjAzMTEwLwYDVQQDEyhCQ0JFMzA0Nzk0QzE1NjZBNEJFQ0EwQjU2Q0I1MDc2NTVF
MzMwNUU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3t+KjXVv0zPZ
vz2ABJ64BGhZRhwP6/9gvfvw6SiMMnyHq85GXQTE5+hXoA55pfDJ73dBI4V9UR5g
EV5iPdLk/atTKDPeUlqLma5hhHbTYqSsDvjbvu/fVvnvdBNNuHU0SD0LLuoOqUtZ
E5GD6cJpL6YQbYz6dIDSON1AFyTg5T4FNfsAasRazI619U1EQj6oCkul31upWqOy
E7u7I0twqIAzSnqn38XSDGaK52JEjpli7UnTSoWwUFlG22ZgO2uYmwFppMka7Cbm
VMB6S42GiZgZL3UNMZphj5fqse0MPJ1eolT2S5UCyHP7bt4whtfG2VzCZEAYeGrb
LXTTQXySeQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFLy+MEeUwVZqS+ygtWy1B2Ve
MwXnMB8GA1UdIwQYMBaAFBD6rXvYCHgeMwwX/W0Kqx3xxp7UMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzNkYTRkOGI0LWExNTctNDYzNC1hYjE4
LTNlZjlkMDk4MjM1Mi8zLzEwRkFBRDdCRDgwODc4MUUzMzBDMTdGRDZEMEFBQjFE
RjFDNjlFRDQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC80YjkyY2JjNS00OGU2LTRlNTktYjllNC1k
MDA1NTYwOTg5NWQvMWExZmViN2YwNWJiZDg3ZjAxMGYxOTE2NjdmYzViMjIzYzgz
NjMyYjliYmNhMzNlMzkuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzNkYTRkOGI0LWExNTctNDYzNC1hYjE4LTNlZjlkMDk4MjM1Mi8zLzMyMzYzMDMy
M2E2NjM5Mzk2NTNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDMyMzMzMTMyMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQmAvmeADANBgkqhkiG9w0BAQsFAAOCAQEANm45YCP6l8zOz/qM5XyK
G+N2NwHisKhVvWBYDbJaScCQcuCHHjaeL4SjbcTeReTsSasyixlrkcDgnJDBmSQT
cdMiZO2hIx5BoTM8BqHS2P0HHzKJPe2FILmLNA6asNi+ov7Dkv+iSPRV1s8Ksc/d
ISb0wOqsR2t1B6D/ODgVBa+TPqpACUZ6KhvlWDyXSz5k4py1uMolCKbNpiMz4lzm
LXd96IM710u1VG9TCRj9jPt+km9PSNzqWDFXPeEnpzbmNuW6oDfs88EE9gz5SUCa
r8trUxGyFVQGoVEtp53PMPglpoJrh3MRwqrF93dSQLEy/83DLZDMSI6tYU9Z2W96
Sw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:09 2024 by rpki-client on console-fra.rpki-client.org