Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a37303a3a2f34342d3434203d3e203133363436.roa
File:                     323630323a666131313a37303a3a2f34342d3434203d3e203133363436.roa (raw, json)
Hash identifier:          pOXfBZetAHMfUKEyILMf5vlygsGGFRaFxkHi0pphaA4=
Subject key identifier:   84:5A:97:99:72:96:F0:4A:B8:A9:D9:93:4E:D5:E1:52:A3:54:0D:E2
Certificate issuer:       /CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
Certificate serial:       1D27669B051FF44F0A8F56C489076D48DD00D463
Authority key identifier: BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a37303a3a2f34342d3434203d3e203133363436.roa
Signing time:             Wed 14 Feb 2024 23:58:34 +0000
ROA not before:           Wed 14 Feb 2024 23:53:34 +0000
ROA not after:            Wed 12 Feb 2025 23:58:34 +0000
asID:                     13646
IP address blocks:        2602:fa11:70::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/5138de2d-512a-4692-8c53-d2d9a6ceb549.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Jun 2024 13:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:27:66:9b:05:1f:f4:4f:0a:8f:56:c4:89:07:6d:48:dd:00:d4:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
        Validity
            Not Before: Feb 14 23:53:34 2024 GMT
            Not After : Feb 12 23:58:34 2025 GMT
        Subject: CN=845A97997296F04AB8A9D9934ED5E152A3540DE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e3:1d:12:3f:70:fc:7c:f2:e4:de:5f:c4:70:
                    56:63:7e:71:f0:00:2c:48:8c:5d:2c:58:2c:0e:b9:
                    cb:21:67:38:ca:b3:2e:b8:68:5e:eb:98:89:20:2b:
                    fc:a9:d5:0e:f6:73:24:57:1e:c5:a0:62:88:08:10:
                    39:ba:2c:63:35:64:d0:f3:d3:66:a8:56:29:a2:18:
                    27:5f:50:2c:58:39:ba:43:15:19:6a:c5:75:58:9e:
                    23:8d:1f:f2:c3:c5:fa:31:84:d4:f7:2d:b8:e9:2e:
                    53:3a:92:94:f2:18:61:d7:a3:c8:b6:3d:68:e4:7e:
                    a8:5a:b8:0a:24:17:8d:9e:b1:e0:b8:0c:f9:ef:18:
                    9d:3b:39:10:f3:73:b6:30:89:25:fe:58:5c:dc:c1:
                    3b:0d:b3:d6:93:fa:8f:ea:4b:aa:0b:88:6a:b0:1a:
                    ef:1e:ad:96:d7:ba:91:44:31:10:8c:5b:bf:4f:ef:
                    25:92:b6:85:38:13:63:4f:92:fe:1d:85:8c:38:7c:
                    76:65:e7:1a:c9:a5:23:ff:0f:ec:db:da:bb:6d:e4:
                    b7:52:44:d9:7f:52:21:00:b5:8f:bc:d0:ce:45:5c:
                    b3:01:de:2b:5f:e0:17:06:c3:f8:15:15:7c:a6:9e:
                    87:90:23:25:69:4d:0d:e4:55:89:c9:c5:3c:8b:9d:
                    31:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5A:97:99:72:96:F0:4A:B8:A9:D9:93:4E:D5:E1:52:A3:54:0D:E2
            X509v3 Authority Key Identifier:
                keyid:BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a37303a3a2f34342d3434203d3e203133363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa11:70::/44

    Signature Algorithm: sha256WithRSAEncryption
         8f:92:57:70:43:e4:d2:c7:12:be:c8:74:0b:21:c6:14:df:a5:
         ba:63:39:20:f6:2f:d4:4f:18:2f:cf:a7:d6:fc:0d:07:8c:3c:
         e4:17:a8:d2:2a:40:37:66:67:12:59:79:b1:c0:80:93:2a:fd:
         c4:c5:ae:76:fd:42:b5:12:f2:53:20:c3:0b:3e:a0:58:1e:38:
         df:84:c3:14:9f:7e:d0:c3:53:66:2f:f5:70:ae:14:24:92:2e:
         05:d0:8e:93:cc:c1:fb:44:15:86:3d:1e:e2:a2:af:07:c0:b7:
         3d:d2:36:aa:91:85:36:f5:fd:da:01:d6:a9:25:3c:a2:0f:3c:
         de:32:73:cf:57:01:c3:1f:76:9d:5f:f9:39:9c:6a:a4:da:f1:
         32:58:f7:67:54:94:25:e6:4b:32:49:48:f8:83:a3:b9:32:c6:
         5e:e1:d1:40:6f:ce:6f:fd:63:ac:dd:4f:b0:c5:71:7d:5a:1b:
         a4:93:83:77:53:ac:4c:8c:44:f7:f0:32:10:40:65:98:86:47:
         72:c0:4f:ba:47:c2:1a:b8:0b:c5:21:ec:e1:d0:07:0a:57:94:
         a8:a2:75:d3:49:77:f8:ca:af:43:25:9c:f1:a4:b4:40:95:b7:
         d9:8c:a1:74:22:6f:f9:49:d3:93:d8:71:2e:65:b7:33:5e:63:
         59:c9:0d:8b
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUHSdmmwUf9E8Kj1bEiQdtSN0A1GMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQy
NGVkMDMyMmUwY2UwMmRhZDYwHhcNMjQwMjE0MjM1MzM0WhcNMjUwMjEyMjM1ODM0
WjAzMTEwLwYDVQQDEyg4NDVBOTc5OTcyOTZGMDRBQjhBOUQ5OTM0RUQ1RTE1MkEz
NTQwREUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOMdEj9w/Hzy
5N5fxHBWY35x8AAsSIxdLFgsDrnLIWc4yrMuuGhe65iJICv8qdUO9nMkVx7FoGKI
CBA5uixjNWTQ89NmqFYpohgnX1AsWDm6QxUZasV1WJ4jjR/yw8X6MYTU9y246S5T
OpKU8hhh16PItj1o5H6oWrgKJBeNnrHguAz57xidOzkQ83O2MIkl/lhc3ME7DbPW
k/qP6kuqC4hqsBrvHq2W17qRRDEQjFu/T+8lkraFOBNjT5L+HYWMOHx2ZecayaUj
/w/s29q7beS3UkTZf1IhALWPvNDORVyzAd4rX+AXBsP4FRV8pp6HkCMlaU0N5FWJ
ycU8i50x/wIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFIRal5lylvBKuKnZk07V4VKj
VA3iMB8GA1UdIwQYMBaAFLsmLS0Gpbv0/yImXHtPVR/wN0M9MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC82L0JCMjYyRDJEMDZBNUJCRjRGRjIyMjY1QzdCNEY1NTFG
RjAzNzQzM0QuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTM4ZGUyZC01MTJhLTQ2OTItOGM1My1k
MmQ5YTZjZWI1NDkvN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQyNGVk
MDMyMmUwY2UwMmRhZDYuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC82LzMyMzYzMDMy
M2E2NjYxMzEzMTNhMzczMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMxMzMzNjM0
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQmAvoRAHAwDQYJKoZIhvcNAQELBQADggEBAI+SV3BD5NLH
Er7IdAshxhTfpbpjOSD2L9RPGC/Pp9b8DQeMPOQXqNIqQDdmZxJZebHAgJMq/cTF
rnb9QrUS8lMgwws+oFgeON+EwxSfftDDU2Yv9XCuFCSSLgXQjpPMwftEFYY9HuKi
rwfAtz3SNqqRhTb1/doB1qklPKIPPN4yc89XAcMfdp1f+TmcaqTa8TJY92dUlCXm
SzJJSPiDo7kyxl7h0UBvzm/9Y6zdT7DFcX1aG6STg3dTrEyMRPfwMhBAZZiGR3LA
T7pHwhq4C8Uh7OHQBwpXlKiiddNJd/jKr0MlnPGktECVt9mMoXQib/lJ05PYcS5l
tzNeY1nJDYs=
-----END CERTIFICATE-----