Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a34303a3a2f34342d3434203d3e203135333533.roa
File:                     323630323a666131313a34303a3a2f34342d3434203d3e203135333533.roa (raw, json)
Hash identifier:          hEsNr1Khj8BY+7GD7I8BUBzEGs/bN/BZ4Qwc9t7pMcs=
Subject key identifier:   CE:B5:B0:46:3B:C0:0A:EC:87:29:6C:E3:9A:0F:56:51:8A:0D:CA:52
Certificate issuer:       /CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
Certificate serial:       3582B42249E6B06A74431EF01576C79569239F34
Authority key identifier: BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a34303a3a2f34342d3434203d3e203135333533.roa
Signing time:             Fri 17 Nov 2023 23:09:48 +0000
ROA not before:           Fri 17 Nov 2023 23:04:48 +0000
ROA not after:            Fri 15 Nov 2024 23:09:48 +0000
asID:                     15353
IP address blocks:        2602:fa11:40::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 27 Jun 2024 03:54:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:82:b4:22:49:e6:b0:6a:74:43:1e:f0:15:76:c7:95:69:23:9f:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
        Validity
            Not Before: Nov 17 23:04:48 2023 GMT
            Not After : Nov 15 23:09:48 2024 GMT
        Subject: CN=CEB5B0463BC00AEC87296CE39A0F56518A0DCA52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c4:87:fe:12:06:68:80:3a:54:bd:da:15:a2:
                    b9:bb:c8:a7:7f:51:bc:02:4a:09:71:47:dc:0f:a5:
                    0e:07:7a:e6:72:af:90:0b:9f:7c:98:9b:fc:0d:1d:
                    94:35:19:29:33:c1:56:c5:d0:e2:08:18:31:30:f8:
                    36:5b:f2:61:96:bc:63:d8:8b:59:c6:fb:45:1e:5b:
                    05:c9:77:b9:77:50:47:ff:f7:2c:2f:3a:1d:0e:82:
                    8d:24:8b:04:71:9a:a2:c2:32:58:04:3a:e4:df:28:
                    91:23:7e:24:05:a9:41:14:1b:f3:9f:80:ec:ad:43:
                    9c:e4:25:06:d5:f8:0e:56:6e:bf:e2:43:8f:b2:2d:
                    f5:85:34:e8:96:a4:54:bb:ac:02:08:b7:03:d3:eb:
                    7f:b4:3a:18:b4:87:1f:37:50:8e:a2:51:d5:e4:34:
                    3b:fa:f6:14:c6:1e:16:6e:b2:3e:41:15:be:f3:20:
                    be:c8:e2:00:2c:d9:7b:a1:89:84:b1:94:1c:78:2b:
                    ad:12:fe:f7:9d:1b:cc:40:4c:53:89:5e:e3:ce:16:
                    cb:66:c2:b2:fe:ad:11:ec:be:53:97:66:9c:d5:41:
                    e6:ba:a4:10:6d:ac:19:b8:53:a5:d5:4c:72:a5:22:
                    f4:7a:c8:49:2b:9b:01:eb:84:7b:e6:cf:c5:4f:34:
                    72:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B5:B0:46:3B:C0:0A:EC:87:29:6C:E3:9A:0F:56:51:8A:0D:CA:52
            X509v3 Authority Key Identifier:
                keyid:BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a34303a3a2f34342d3434203d3e203135333533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa11:40::/44

    Signature Algorithm: sha256WithRSAEncryption
         51:0f:56:96:7b:d0:7b:28:bf:25:0f:8a:09:dc:cb:89:8b:08:
         50:a5:f1:c6:8a:7e:8e:1a:66:51:0e:ff:c6:df:b3:d5:5a:d7:
         3c:db:50:d6:2c:62:1b:33:be:0d:37:2b:33:ab:44:b7:ab:f0:
         45:74:e9:0d:dd:7a:f5:2f:04:b4:0a:5e:ae:1b:c6:53:b4:8f:
         b2:3f:82:c5:d4:10:bb:71:d8:05:31:c7:2c:74:c3:46:28:6e:
         3b:e2:ba:21:b6:38:37:d4:28:e1:d7:3c:ed:04:dd:6e:28:65:
         9f:8b:b9:8b:18:85:e5:6b:94:27:b9:09:e6:3b:bf:d8:d7:cd:
         3f:6d:2f:54:40:e2:37:2e:73:55:5e:86:f9:4d:44:b0:00:50:
         47:9c:82:8a:a9:d6:f9:af:f8:47:d3:07:8c:3d:ce:34:f9:23:
         fd:ee:94:84:2a:74:05:c2:86:29:a9:ba:f8:13:70:4f:7e:f2:
         67:ce:34:5b:1d:c7:29:86:24:55:3f:da:bd:ab:d7:7a:58:e8:
         82:55:d5:95:06:f3:d1:23:a3:25:30:f5:40:b6:89:61:36:70:
         60:94:24:6b:08:e2:cd:09:e6:5d:df:d1:1f:44:d1:54:0b:9d:
         65:b2:f0:22:b1:39:ed:7f:d8:4f:1e:27:16:07:e7:1e:66:ad:
         21:9d:88:da
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUNYK0IknmsGp0Qx7wFXbHlWkjnzQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQy
NGVkMDMyMmUwY2UwMmRhZDYwHhcNMjMxMTE3MjMwNDQ4WhcNMjQxMTE1MjMwOTQ4
WjAzMTEwLwYDVQQDEyhDRUI1QjA0NjNCQzAwQUVDODcyOTZDRTM5QTBGNTY1MThB
MERDQTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMSH/hIGaIA6
VL3aFaK5u8inf1G8AkoJcUfcD6UOB3rmcq+QC598mJv8DR2UNRkpM8FWxdDiCBgx
MPg2W/Jhlrxj2ItZxvtFHlsFyXe5d1BH//csLzodDoKNJIsEcZqiwjJYBDrk3yiR
I34kBalBFBvzn4DsrUOc5CUG1fgOVm6/4kOPsi31hTTolqRUu6wCCLcD0+t/tDoY
tIcfN1COolHV5DQ7+vYUxh4WbrI+QRW+8yC+yOIALNl7oYmEsZQceCutEv73nRvM
QExTiV7jzhbLZsKy/q0R7L5Tl2ac1UHmuqQQbawZuFOl1UxypSL0eshJK5sB64R7
5s/FTzRymQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFM61sEY7wArshyls45oPVlGK
DcpSMB8GA1UdIwQYMBaAFLsmLS0Gpbv0/yImXHtPVR/wN0M9MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC82L0JCMjYyRDJEMDZBNUJCRjRGRjIyMjY1QzdCNEY1NTFG
RjAzNzQzM0QuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTM4ZGUyZC01MTJhLTQ2OTItOGM1My1k
MmQ5YTZjZWI1NDkvN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQyNGVk
MDMyMmUwY2UwMmRhZDYuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC82LzMyMzYzMDMy
M2E2NjYxMzEzMTNhMzQzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMxMzUzMzM1
MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQmAvoRAEAwDQYJKoZIhvcNAQELBQADggEBAFEPVpZ70Hso
vyUPigncy4mLCFCl8caKfo4aZlEO/8bfs9Va1zzbUNYsYhszvg03KzOrRLer8EV0
6Q3devUvBLQKXq4bxlO0j7I/gsXUELtx2AUxxyx0w0YobjviuiG2ODfUKOHXPO0E
3W4oZZ+LuYsYheVrlCe5CeY7v9jXzT9tL1RA4jcuc1VehvlNRLAAUEecgoqp1vmv
+EfTB4w9zjT5I/3ulIQqdAXChimpuvgTcE9+8mfONFsdxymGJFU/2r2r13pY6IJV
1ZUG89EjoyUw9UC2iWE2cGCUJGsI4s0J5l3f0R9E0VQLnWWy8CKxOe1/2E8eJxYH
5x5mrSGdiNo=
-----END CERTIFICATE-----