Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a31303a3a2f34342d3434203d3e203135333533.roa
File:                     323630323a666131313a31303a3a2f34342d3434203d3e203135333533.roa (raw, json)
Hash identifier:          KKKzf5iQWJYVU1EdiqKNk8a6R6x9jCS17Vv6+VU6AY0=
Subject key identifier:   1E:8D:32:C4:56:0A:65:A2:96:0B:F7:42:4B:1D:0F:7C:86:63:5F:C8
Certificate issuer:       /CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
Certificate serial:       7ABAFF11B61E117D7F5BC9586D5E64DEF0686931
Authority key identifier: BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a31303a3a2f34342d3434203d3e203135333533.roa
Signing time:             Mon 14 Oct 2024 10:50:18 +0000
ROA not before:           Mon 14 Oct 2024 10:45:18 +0000
ROA not after:            Mon 13 Oct 2025 10:50:18 +0000
asID:                     15353
IP address blocks:        2602:fa11:10::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 10:24:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:ba:ff:11:b6:1e:11:7d:7f:5b:c9:58:6d:5e:64:de:f0:68:69:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
        Validity
            Not Before: Oct 14 10:45:18 2024 GMT
            Not After : Oct 13 10:50:18 2025 GMT
        Subject: CN=1E8D32C4560A65A2960BF7424B1D0F7C86635FC8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2b:5c:f4:39:e3:b4:64:72:c5:59:1a:c4:cb:
                    03:73:de:cc:d4:b5:20:91:2b:41:d8:5a:2f:01:ad:
                    db:db:62:60:06:20:40:c1:cd:86:de:dd:74:9e:fc:
                    cb:13:54:47:52:2b:29:44:62:de:b3:98:61:7d:dc:
                    59:97:ab:99:f5:8a:73:fb:91:78:9b:dc:88:20:fa:
                    c8:37:25:dc:4a:2c:6e:76:93:99:fc:94:d9:a6:ad:
                    0a:dc:fd:39:82:e0:28:21:26:4e:9e:ef:57:f6:ae:
                    f3:22:24:94:41:73:bb:39:8d:c7:e7:cd:a3:4b:9e:
                    12:85:43:1b:4e:b9:8c:ec:a1:ff:6e:75:33:33:f8:
                    a0:3e:f2:a4:db:ae:24:9d:96:e8:ab:6f:00:e0:09:
                    45:37:a1:de:c4:24:03:ee:e8:2b:0a:d2:1f:8d:4d:
                    d2:25:8a:3d:a0:36:d5:b1:f5:2c:30:a3:42:d6:83:
                    b7:a7:ca:ce:8e:08:a5:52:84:10:3a:52:11:ac:70:
                    b3:e7:b4:cf:16:59:fa:54:9c:37:41:07:5b:7a:38:
                    bd:60:b6:74:db:33:8f:73:62:e1:c4:e1:41:74:84:
                    04:3f:82:72:2c:11:74:e9:2e:1a:44:19:d5:30:72:
                    ae:2e:77:67:9e:46:cb:85:aa:ff:b6:1b:92:33:33:
                    f5:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:8D:32:C4:56:0A:65:A2:96:0B:F7:42:4B:1D:0F:7C:86:63:5F:C8
            X509v3 Authority Key Identifier:
                keyid:BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a31303a3a2f34342d3434203d3e203135333533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa11:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         5d:17:4e:e4:79:cb:63:54:f4:5d:8c:9a:70:23:da:9c:00:e0:
         35:49:02:14:c9:86:3a:ad:7a:60:d7:23:4a:d2:bc:d1:11:e2:
         1c:5d:24:a2:80:cb:01:58:9a:52:19:11:70:8f:c4:94:97:f3:
         24:ce:b4:bc:64:3d:a5:f3:f5:9b:f9:85:cb:94:4f:55:4a:53:
         e3:5c:8f:76:13:b3:19:30:95:e0:3a:16:3c:48:bd:4e:a3:b0:
         0c:13:fc:d7:05:62:6b:23:da:80:05:80:ea:03:f0:93:91:60:
         23:91:14:71:89:f9:b5:73:65:06:bc:d7:c7:28:2a:0f:d0:bc:
         73:38:40:4c:c4:25:cc:ac:38:5b:db:f1:0b:ad:2d:50:5b:a2:
         96:a7:a6:d9:7c:8b:35:f7:ba:4d:ca:4f:aa:9a:48:32:e2:67:
         a7:ff:42:25:c8:28:39:ff:be:40:39:7f:9c:c2:97:92:85:af:
         af:e9:e8:be:0b:d8:37:04:83:20:9a:0d:9f:42:37:0c:b2:81:
         ef:47:2f:43:c1:ba:4a:2f:1b:46:94:d0:53:77:c6:03:f5:e1:
         26:84:72:19:8d:65:c1:4b:21:95:39:41:cb:e2:3d:62:b5:7d:
         c2:29:06:bf:40:56:c4:23:3f:73:4b:0a:05:2d:c3:54:24:5b:
         a0:34:44:55
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUerr/EbYeEX1/W8lYbV5k3vBoaTEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQy
NGVkMDMyMmUwY2UwMmRhZDYwHhcNMjQxMDE0MTA0NTE4WhcNMjUxMDEzMTA1MDE4
WjAzMTEwLwYDVQQDEygxRThEMzJDNDU2MEE2NUEyOTYwQkY3NDI0QjFEMEY3Qzg2
NjM1RkM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApStc9DnjtGRy
xVkaxMsDc97M1LUgkStB2FovAa3b22JgBiBAwc2G3t10nvzLE1RHUispRGLes5hh
fdxZl6uZ9Ypz+5F4m9yIIPrINyXcSixudpOZ/JTZpq0K3P05guAoISZOnu9X9q7z
IiSUQXO7OY3H582jS54ShUMbTrmM7KH/bnUzM/igPvKk264knZboq28A4AlFN6He
xCQD7ugrCtIfjU3SJYo9oDbVsfUsMKNC1oO3p8rOjgilUoQQOlIRrHCz57TPFln6
VJw3QQdbeji9YLZ02zOPc2LhxOFBdIQEP4JyLBF06S4aRBnVMHKuLndnnkbLhar/
thuSMzP1KwIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFB6NMsRWCmWilgv3QksdD3yG
Y1/IMB8GA1UdIwQYMBaAFLsmLS0Gpbv0/yImXHtPVR/wN0M9MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC82L0JCMjYyRDJEMDZBNUJCRjRGRjIyMjY1QzdCNEY1NTFG
RjAzNzQzM0QuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTM4ZGUyZC01MTJhLTQ2OTItOGM1My1k
MmQ5YTZjZWI1NDkvN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQyNGVk
MDMyMmUwY2UwMmRhZDYuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC82LzMyMzYzMDMy
M2E2NjYxMzEzMTNhMzEzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMxMzUzMzM1
MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQmAvoRABAwDQYJKoZIhvcNAQELBQADggEBAF0XTuR5y2NU
9F2MmnAj2pwA4DVJAhTJhjqtemDXI0rSvNER4hxdJKKAywFYmlIZEXCPxJSX8yTO
tLxkPaXz9Zv5hcuUT1VKU+Ncj3YTsxkwleA6FjxIvU6jsAwT/NcFYmsj2oAFgOoD
8JORYCORFHGJ+bVzZQa818coKg/QvHM4QEzEJcysOFvb8QutLVBbopanptl8izX3
uk3KT6qaSDLiZ6f/QiXIKDn/vkA5f5zCl5KFr6/p6L4L2DcEgyCaDZ9CNwyyge9H
L0PBukovG0aU0FN3xgP14SaEchmNZcFLIZU5QcviPWK1fcIpBr9AVsQjP3NLCgUt
w1QkW6A0RFU=
-----END CERTIFICATE-----