Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623030623a3a2f34382d3438203d3e203438373030.roa
File:                     326130363a313238333a623030623a3a2f34382d3438203d3e203438373030.roa (raw, json)
Hash identifier:          SjPnjRiefRYYHoCeww6eaOg5hmIEdhjewetJMbA881s=
Subject key identifier:   26:10:F4:F6:B1:5B:87:22:99:8F:46:34:6B:0D:29:24:75:87:7F:96
Certificate issuer:       /CN=3986DB54152486D65338415899DEAD95A067B25E
Certificate serial:       71DCBA68A3397DCAFE3FC396FBC04CBE27C99C1D
Authority key identifier: 39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623030623a3a2f34382d3438203d3e203438373030.roa
Signing time:             Sun 12 Nov 2023 20:45:58 +0000
ROA not before:           Sun 12 Nov 2023 20:40:58 +0000
ROA not after:            Sun 10 Nov 2024 20:45:58 +0000
asID:                     48700
IP address blocks:        2a06:1283:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 28 Feb 2024 12:41:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:dc:ba:68:a3:39:7d:ca:fe:3f:c3:96:fb:c0:4c:be:27:c9:9c:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3986DB54152486D65338415899DEAD95A067B25E
        Validity
            Not Before: Nov 12 20:40:58 2023 GMT
            Not After : Nov 10 20:45:58 2024 GMT
        Subject: CN=2610F4F6B15B8722998F46346B0D292475877F96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:f2:b7:5c:a7:5e:c2:31:7d:f3:b8:a6:cf:ca:
                    90:3c:b8:08:2d:5d:07:5c:87:9b:82:ea:3f:6e:06:
                    6a:d3:e2:31:8b:64:32:49:2d:21:10:fa:4b:8e:f3:
                    0f:05:40:8d:e4:aa:4d:26:39:ce:c8:cb:c7:dc:2e:
                    d6:25:76:3e:fc:88:17:f9:fd:94:29:a1:d4:1b:d1:
                    d4:c5:dd:64:9b:91:51:71:44:31:f5:66:39:7b:95:
                    c4:47:a2:e1:2e:f2:62:b5:ae:89:f7:43:92:89:d1:
                    e2:c8:36:bc:5c:28:62:73:ae:1a:38:db:13:f1:e2:
                    9a:5f:57:ee:bc:d8:5c:d2:e0:95:79:e9:7c:b9:96:
                    ae:ba:94:01:f6:45:64:fc:c0:ff:90:c8:d5:bf:b8:
                    3f:3f:f8:9e:42:1f:ea:1e:1a:bb:36:52:68:77:dc:
                    01:69:f4:5a:05:39:17:11:3c:4e:c7:9c:da:3f:6d:
                    c5:1a:04:02:6e:01:ec:fb:d2:60:b2:aa:70:38:05:
                    7c:62:78:15:90:e7:60:58:43:3c:55:f1:f4:fb:e8:
                    fe:b1:98:7d:98:87:68:ee:7f:33:d3:f5:a4:de:a6:
                    49:e8:40:27:19:28:31:d4:3f:b8:61:a0:83:7a:e4:
                    08:72:19:19:21:ca:0b:2c:6c:1c:9b:56:37:92:06:
                    42:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:10:F4:F6:B1:5B:87:22:99:8F:46:34:6B:0D:29:24:75:87:7F:96
            X509v3 Authority Key Identifier:
                keyid:39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a623030623a3a2f34382d3438203d3e203438373030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:3e:a3:3c:9d:49:26:70:df:5f:80:f4:37:78:2e:06:28:76:
         87:c8:01:ee:87:2c:a4:11:4a:b8:7a:26:57:29:70:88:7c:a0:
         f2:7b:ab:79:9b:fa:9d:78:46:28:65:a7:77:06:13:53:e6:40:
         cc:96:3b:33:96:a9:6c:12:92:22:3c:f4:43:74:23:a9:46:09:
         63:3f:58:fa:38:10:ca:e2:fd:8b:a0:21:64:78:ad:2b:8e:54:
         16:b9:2b:fa:47:a4:6a:b0:51:92:86:28:82:3d:6f:e9:bc:1b:
         7e:2d:44:e1:3c:74:f3:98:c8:af:5d:f5:15:a3:09:29:6a:60:
         9a:70:00:6a:ee:5a:57:b4:b4:68:f0:5a:a0:a5:48:cc:69:a3:
         ef:50:b1:5b:48:0b:36:11:7e:a7:c8:7f:aa:f9:4a:0d:d1:2c:
         08:b7:ef:86:d5:8d:40:28:09:a9:43:00:63:24:43:7d:ac:c6:
         7d:b0:d4:5d:9d:70:0b:43:68:ba:48:53:fd:2d:75:1f:50:9d:
         d9:b0:41:98:d5:64:2a:1a:a7:07:3f:f1:44:c9:da:ce:89:79:
         27:e5:ff:43:da:10:69:5d:96:09:cc:36:4f:fa:4c:88:71:fd:
         0c:9d:f2:69:94:75:0d:1a:21:61:05:3e:f8:43:a0:06:79:ec:
         0d:b8:f8:ba
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUcdy6aKM5fcr+P8OW+8BMvifJnB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVB
MDY3QjI1RTAeFw0yMzExMTIyMDQwNThaFw0yNDExMTAyMDQ1NThaMDMxMTAvBgNV
BAMTKDI2MTBGNEY2QjE1Qjg3MjI5OThGNDYzNDZCMEQyOTI0NzU4NzdGOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz8rdcp17CMX3zuKbPypA8uAgt
XQdch5uC6j9uBmrT4jGLZDJJLSEQ+kuO8w8FQI3kqk0mOc7Iy8fcLtYldj78iBf5
/ZQpodQb0dTF3WSbkVFxRDH1Zjl7lcRHouEu8mK1ron3Q5KJ0eLINrxcKGJzrho4
2xPx4ppfV+682FzS4JV56Xy5lq66lAH2RWT8wP+QyNW/uD8/+J5CH+oeGrs2Umh3
3AFp9FoFORcRPE7HnNo/bcUaBAJuAez70mCyqnA4BXxieBWQ52BYQzxV8fT76P6x
mH2Yh2jufzPT9aTepknoQCcZKDHUP7hhoIN65AhyGRkhygssbBybVjeSBkLrAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUJhD09rFbhyKZj0Y0aw0pJHWHf5YwHwYDVR0j
BBgwFoAUOYbbVBUkhtZTOEFYmd6tlaBnsl4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3QjI1RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3
QjI1RS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNhODExZjgt
ZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcxNjhmLzIvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM0MzgzNzMwMzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqBhKDsAswDQYJKoZIhvcNAQELBQADggEBAAI+ozydSSZw31+A9Dd4
LgYodofIAe6HLKQRSrh6JlcpcIh8oPJ7q3mb+p14Rihlp3cGE1PmQMyWOzOWqWwS
kiI89EN0I6lGCWM/WPo4EMri/YugIWR4rSuOVBa5K/pHpGqwUZKGKII9b+m8G34t
ROE8dPOYyK9d9RWjCSlqYJpwAGruWle0tGjwWqClSMxpo+9QsVtICzYRfqfIf6r5
Sg3RLAi374bVjUAoCalDAGMkQ32sxn2w1F2dcAtDaLpIU/0tdR9QndmwQZjVZCoa
pwc/8UTJ2s6JeSfl/0PaEGldlgnMNk/6TIhx/Qyd8mmUdQ0aIWEFPvhDoAZ57A24
+Lo=
-----END CERTIFICATE-----
Generated at Tue Feb 27 21:14:16 2024 by rpki-client on console-fra.rpki-client.org