Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203438353831.roa
File:                     323630323a666136653a3a2f34302d3430203d3e203438353831.roa (raw, json)
Hash identifier:          PZG0tkWQ3Ewb3pvswaCuWY0tILAId8LV5lXAJdM3nUE=
Subject key identifier:   4A:46:70:75:39:5A:38:FA:C6:EC:AF:80:F8:3B:C5:43:DB:4A:69:14
Certificate issuer:       /CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
Certificate serial:       43C28232322BA32176FA832ED3107AF4FFC8C4DC
Authority key identifier: 6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203438353831.roa
Signing time:             Thu 11 Jan 2024 15:42:45 +0000
ROA not before:           Thu 11 Jan 2024 15:37:45 +0000
ROA not after:            Thu 09 Jan 2025 15:42:45 +0000
asID:                     48581
IP address blocks:        2602:fa6e::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/829fb872-15bb-4a4e-9ed9-259960b049bd.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/829fb872-15bb-4a4e-9ed9-259960b049bd.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 May 2024 08:16:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:c2:82:32:32:2b:a3:21:76:fa:83:2e:d3:10:7a:f4:ff:c8:c4:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
        Validity
            Not Before: Jan 11 15:37:45 2024 GMT
            Not After : Jan  9 15:42:45 2025 GMT
        Subject: CN=4A467075395A38FAC6ECAF80F83BC543DB4A6914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ee:6d:b2:32:08:64:da:f1:4e:11:43:24:dd:
                    9b:e6:a6:85:9e:80:7d:2b:40:f9:a4:23:a2:63:7d:
                    28:a6:a3:7a:43:0d:59:28:c7:9a:6c:5a:f4:45:54:
                    ff:7d:03:46:5e:06:60:7d:bf:8e:e8:d7:c9:2d:bc:
                    99:96:40:82:53:09:a1:ec:30:c1:44:89:b1:cb:9b:
                    b7:39:84:58:56:e5:09:f8:57:32:36:d8:e1:59:35:
                    1b:2d:08:a3:e8:36:af:21:cc:bf:eb:2b:2f:94:73:
                    31:18:38:7b:b8:c2:25:b1:4f:71:e4:de:39:40:0f:
                    a7:fd:a0:5a:ba:21:44:f0:0f:b3:ca:b4:da:4c:1f:
                    17:f8:73:35:a6:90:82:74:df:6b:54:af:6b:6d:4a:
                    f2:5d:78:65:1c:98:2e:ee:30:25:ca:1c:bf:79:4b:
                    6c:83:59:f1:95:a8:8d:74:ed:9d:65:f5:97:b4:a7:
                    c0:09:58:ea:2e:97:84:4d:95:6b:11:1f:14:6b:03:
                    1b:6b:e4:73:67:12:6f:4c:d9:30:ff:bb:3c:c7:28:
                    64:a9:94:25:94:86:a6:e7:8e:07:f6:f0:9c:12:59:
                    64:e3:93:f6:25:9a:3c:36:01:40:9e:cd:b3:83:90:
                    c2:05:7c:65:78:86:e8:40:84:dd:98:cf:3e:0f:45:
                    77:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:46:70:75:39:5A:38:FA:C6:EC:AF:80:F8:3B:C5:43:DB:4A:69:14
            X509v3 Authority Key Identifier:
                keyid:6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203438353831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa6e::/40

    Signature Algorithm: sha256WithRSAEncryption
         7b:f0:87:5e:4e:85:56:8f:92:92:54:88:9f:11:ea:3a:f7:07:
         2e:dc:6e:11:12:af:59:dd:c2:14:77:eb:49:84:e0:1f:20:c7:
         c9:5b:5e:da:d8:67:ea:91:03:c7:6a:05:53:ac:35:f9:ce:fd:
         71:b2:d7:49:20:70:16:af:d9:8a:14:8d:af:97:fa:e0:d2:e5:
         84:29:85:9c:ad:c0:59:25:e7:f9:3b:30:a9:94:2d:14:ef:83:
         c7:e6:7f:22:ad:2b:73:a9:1f:c3:e7:f3:88:63:12:57:f5:d8:
         c9:45:d3:e9:1f:21:31:1b:d4:f8:d2:5d:7c:80:82:0b:f3:9d:
         f6:9e:ca:bd:62:94:d6:f2:ad:a9:2c:a8:db:a7:1a:5f:54:ee:
         cb:6c:fe:42:73:38:22:60:68:c2:23:e8:9d:f7:82:ca:be:d4:
         49:9b:45:32:57:d1:d2:d4:37:5e:15:b2:5f:cc:ac:d3:b4:d7:
         6e:3c:36:6a:2d:09:7a:0b:59:e9:c7:24:c4:b2:ab:ee:f8:e7:
         65:51:46:25:02:d8:79:4b:68:0f:d8:9a:b9:25:42:e5:87:8e:
         19:b7:d6:c8:28:63:b5:b8:de:c5:70:f5:6d:65:18:4f:c3:7d:
         a4:5a:c8:e9:b6:6f:6b:57:1b:f2:a9:1d:73:47:e1:b9:cf:de:
         a5:3a:a1:85
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUQ8KCMjIroyF2+oMu0xB69P/IxNwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIw
MjY3OTY2MDExMmJlOWEyZDcwHhcNMjQwMTExMTUzNzQ1WhcNMjUwMTA5MTU0MjQ1
WjAzMTEwLwYDVQQDEyg0QTQ2NzA3NTM5NUEzOEZBQzZFQ0FGODBGODNCQzU0M0RC
NEE2OTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue5tsjIIZNrx
ThFDJN2b5qaFnoB9K0D5pCOiY30opqN6Qw1ZKMeabFr0RVT/fQNGXgZgfb+O6NfJ
LbyZlkCCUwmh7DDBRImxy5u3OYRYVuUJ+FcyNtjhWTUbLQij6DavIcy/6ysvlHMx
GDh7uMIlsU9x5N45QA+n/aBauiFE8A+zyrTaTB8X+HM1ppCCdN9rVK9rbUryXXhl
HJgu7jAlyhy/eUtsg1nxlaiNdO2dZfWXtKfACVjqLpeETZVrER8UawMba+RzZxJv
TNkw/7s8xyhkqZQllIam544H9vCcEllk45P2JZo8NgFAns2zg5DCBXxleIboQITd
mM8+D0V38wIDAQABo4ICzTCCAskwHQYDVR0OBBYEFEpGcHU5Wjj6xuyvgPg7xUPb
SmkUMB8GA1UdIwQYMBaAFGpvbsJypevcGCQcLITR2f6UwSWqMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC83LzZBNkY2RUMyNzJBNUVCREMxODI0MUMyQzg0RDFEOUZF
OTRDMTI1QUEuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTIt
NDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84MjlmYjg3Mi0xNWJiLTRhNGUtOWVkOS0y
NTk5NjBiMDQ5YmQvNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIwMjY3
OTY2MDExMmJlOWEyZDcuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC83LzMyMzYzMDMy
M2E2NjYxMzY2NTNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDM0MzgzNTM4MzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAmAvpuADANBgkqhkiG9w0BAQsFAAOCAQEAe/CHXk6FVo+SklSInxHq
OvcHLtxuERKvWd3CFHfrSYTgHyDHyVte2thn6pEDx2oFU6w1+c79cbLXSSBwFq/Z
ihSNr5f64NLlhCmFnK3AWSXn+TswqZQtFO+Dx+Z/Iq0rc6kfw+fziGMSV/XYyUXT
6R8hMRvU+NJdfICCC/Od9p7KvWKU1vKtqSyo26caX1Tuy2z+QnM4ImBowiPonfeC
yr7USZtFMlfR0tQ3XhWyX8ys07TXbjw2ai0JegtZ6cckxLKr7vjnZVFGJQLYeUto
D9iauSVC5YeOGbfWyChjtbjexXD1bWUYT8N9pFrI6bZva1cb8qkdc0fhuc/epTqh
hQ==
-----END CERTIFICATE-----
Generated at Sat May 18 06:38:40 2024 by rpki-client on console-fra.rpki-client.org