Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa
File:                     326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa (raw, json)
Hash identifier:          3a4LH8f5jeXlPdsIkioq1V+hqiK338mibg/VsUQrPuo=
Subject key identifier:   05:10:C0:B7:9B:AD:21:5D:D6:7C:D1:BB:50:BE:78:67:24:F7:E1:5A
Certificate issuer:       /CN=A816FDA8ADEC8085A8A348E698709DE583B219B5
Certificate serial:       21E4C35C757B6C2BB7CE32ABD69DE4A88CDBC3FF
Authority key identifier: A8:16:FD:A8:AD:EC:80:85:A8:A3:48:E6:98:70:9D:E5:83:B2:19:B5
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa
Signing time:             Mon 05 Feb 2024 12:52:45 +0000
ROA not before:           Mon 05 Feb 2024 12:47:45 +0000
ROA not after:            Mon 03 Feb 2025 12:52:45 +0000
asID:                     215577
IP address blocks:        2a07:54c7:5f00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:e4:c3:5c:75:7b:6c:2b:b7:ce:32:ab:d6:9d:e4:a8:8c:db:c3:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A816FDA8ADEC8085A8A348E698709DE583B219B5
        Validity
            Not Before: Feb  5 12:47:45 2024 GMT
            Not After : Feb  3 12:52:45 2025 GMT
        Subject: CN=0510C0B79BAD215DD67CD1BB50BE786724F7E15A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:63:c6:70:af:a3:d3:b5:bb:3d:8a:7c:b6:ee:
                    f5:bc:95:70:57:f8:e8:0c:66:95:d0:e9:5e:26:cb:
                    1b:92:8a:4e:b3:c1:f4:ce:80:f5:c9:a1:40:af:62:
                    d2:5d:f1:b8:d5:ef:a2:4a:1b:21:ae:d2:b8:ae:4a:
                    95:4e:d8:5f:46:fb:32:7c:72:d8:52:97:fe:8e:f8:
                    92:02:9f:be:4c:83:07:83:65:33:8f:b4:c3:82:c9:
                    12:10:d2:2a:f4:7a:b6:76:77:e8:0b:1e:79:c1:3c:
                    d5:55:b8:a3:b5:44:b9:ee:d3:b8:81:b1:b0:c0:87:
                    42:f1:9d:27:08:cb:66:09:3a:28:f4:09:8c:bd:0a:
                    72:29:98:3a:49:82:2b:7a:31:9f:50:17:35:1c:02:
                    8c:d2:84:de:ec:14:61:c0:09:3d:b0:54:34:a8:cf:
                    de:d8:d7:93:c7:13:b0:9a:b2:b2:ea:f6:da:e8:d6:
                    01:1a:ce:d4:b7:b1:4c:30:41:ff:10:7d:77:bb:a8:
                    c6:19:ed:bb:39:c7:10:d2:f1:73:bb:80:da:a5:0c:
                    e9:fa:87:4e:6a:ac:ad:47:eb:66:ef:cd:86:9a:9c:
                    67:d3:17:2a:2e:65:1d:65:1e:11:90:84:df:ef:6c:
                    e4:35:93:10:d3:e0:cc:d5:18:f5:7e:70:af:c7:b0:
                    13:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:10:C0:B7:9B:AD:21:5D:D6:7C:D1:BB:50:BE:78:67:24:F7:E1:5A
            X509v3 Authority Key Identifier:
                keyid:A8:16:FD:A8:AD:EC:80:85:A8:A3:48:E6:98:70:9D:E5:83:B2:19:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/A816FDA8ADEC8085A8A348E698709DE583B219B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/0/326130373a353463373a356630303a3a2f34302d3438203d3e20323135353737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:5f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         78:6e:67:f3:2f:28:11:2e:71:b9:cb:8f:e7:4c:89:b9:f9:da:
         fc:5d:eb:e6:aa:d8:16:36:b5:f2:12:f6:90:df:6b:02:b2:9a:
         0e:2f:e8:6f:8a:e3:c1:56:6b:bf:46:10:9e:23:00:ee:fb:f8:
         85:16:e2:bf:1c:43:dd:65:8f:e6:96:d8:5f:87:d7:59:54:f2:
         b8:01:84:ca:a4:ae:3e:8a:19:d2:87:59:b7:a1:c6:06:7d:8b:
         ec:b9:9e:7b:6b:0f:48:b1:fa:77:5a:07:d8:eb:ce:6c:27:19:
         c4:f5:46:a5:42:7e:33:e2:c1:04:65:2e:f2:17:f0:30:0d:3e:
         75:d0:00:14:8a:4b:1c:b0:c8:93:f1:35:da:a0:50:47:a4:40:
         71:33:2d:6c:0f:0c:d8:ef:a1:b0:f2:7a:b9:f8:70:f9:1d:96:
         e7:84:d8:c8:69:bc:8c:af:89:1b:b5:78:8b:d4:bc:49:14:7d:
         b6:a2:f4:98:d7:4a:34:51:3c:d4:e4:6c:f0:02:6a:57:fc:80:
         48:d0:30:88:be:b7:c6:15:a7:f1:ce:bb:7d:2d:92:90:60:fd:
         65:7b:d2:85:01:2c:43:75:03:9c:72:da:c2:d6:43:ff:88:7e:
         36:9a:90:de:33:1c:40:e6:9b:b4:da:41:e4:e6:24:bc:37:9d:
         43:fb:2e:43
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUIeTDXHV7bCu3zjKr1p3kqIzbw/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTgxNkZEQThBREVDODA4NUE4QTM0OEU2OTg3MDlERTU4
M0IyMTlCNTAeFw0yNDAyMDUxMjQ3NDVaFw0yNTAyMDMxMjUyNDVaMDMxMTAvBgNV
BAMTKDA1MTBDMEI3OUJBRDIxNURENjdDRDFCQjUwQkU3ODY3MjRGN0UxNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcY8Zwr6PTtbs9iny27vW8lXBX
+OgMZpXQ6V4myxuSik6zwfTOgPXJoUCvYtJd8bjV76JKGyGu0riuSpVO2F9G+zJ8
cthSl/6O+JICn75MgweDZTOPtMOCyRIQ0ir0erZ2d+gLHnnBPNVVuKO1RLnu07iB
sbDAh0LxnScIy2YJOij0CYy9CnIpmDpJgit6MZ9QFzUcAozShN7sFGHACT2wVDSo
z97Y15PHE7CasrLq9tro1gEaztS3sUwwQf8QfXe7qMYZ7bs5xxDS8XO7gNqlDOn6
h05qrK1H62bvzYaanGfTFyouZR1lHhGQhN/vbOQ1kxDT4MzVGPV+cK/HsBNvAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUBRDAt5utIV3WfNG7UL54ZyT34VowHwYDVR0j
BBgwFoAUqBb9qK3sgIWoo0jmmHCd5YOyGbUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTgyMWM0N2UtZTgxNS00MmRlLWJkNmItMTlhMmUxYWU1
NjRhLzAvQTgxNkZEQThBREVDODA4NUE4QTM0OEU2OTg3MDlERTU4M0IyMTlCNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9BODE2RkRBOEFERUM4MDg1QThBMzQ4RTY5
ODcwOURFNTgzQjIxOUI1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS81ODIxYzQ3ZS1lODE1LTQyZGUtYmQ2Yi0xOWEyZTFhZTU2NGEvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM1NjYzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz
MTM1MzUzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdUx18wDQYJKoZIhvcNAQELBQADggEBAHhu
Z/MvKBEucbnLj+dMibn52vxd6+aq2BY2tfIS9pDfawKymg4v6G+K48FWa79GEJ4j
AO77+IUW4r8cQ91lj+aW2F+H11lU8rgBhMqkrj6KGdKHWbehxgZ9i+y5nntrD0ix
+ndaB9jrzmwnGcT1RqVCfjPiwQRlLvIX8DANPnXQABSKSxywyJPxNdqgUEekQHEz
LWwPDNjvobDyern4cPkdlueE2MhpvIyviRu1eIvUvEkUfbai9JjXSjRRPNTkbPAC
alf8gEjQMIi+t8YVp/HOu30tkpBg/WV70oUBLEN1A5xy2sLWQ/+IfjaakN4zHEDm
m7TaQeTmJLw3nUP7LkM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org