Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a633038303a3a2f34342d3434203d3e203438373030.roa
File:                     326130363a313238333a633038303a3a2f34342d3434203d3e203438373030.roa (raw, json)
Hash identifier:          DX8CjdRH3ZlmmPxZlftAPHR+EdLHKLFTJxSBHNf+Hhw=
Subject key identifier:   87:13:94:0D:3F:79:BD:B0:7C:40:D6:0B:89:6E:55:30:E5:54:E4:D3
Certificate issuer:       /CN=3986DB54152486D65338415899DEAD95A067B25E
Certificate serial:       57D6D08F6D8AAF1089A3BDF6B36F889458BC6847
Authority key identifier: 39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a633038303a3a2f34342d3434203d3e203438373030.roa
Signing time:             Sat 18 Nov 2023 21:47:30 +0000
ROA not before:           Sat 18 Nov 2023 21:42:30 +0000
ROA not after:            Sat 16 Nov 2024 21:47:30 +0000
asID:                     48700
IP address blocks:        2a06:1283:c080::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Mar 2024 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:d6:d0:8f:6d:8a:af:10:89:a3:bd:f6:b3:6f:88:94:58:bc:68:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3986DB54152486D65338415899DEAD95A067B25E
        Validity
            Not Before: Nov 18 21:42:30 2023 GMT
            Not After : Nov 16 21:47:30 2024 GMT
        Subject: CN=8713940D3F79BDB07C40D60B896E5530E554E4D3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:27:63:d1:3f:b1:d5:98:de:54:12:89:44:10:
                    06:72:7a:41:33:e2:e0:27:4d:23:4b:83:b3:29:99:
                    3f:27:fc:51:cc:20:ed:45:8f:3d:e1:cf:0c:a0:38:
                    f7:bc:f1:70:3e:c9:4e:ed:8f:68:f0:61:8a:cc:b9:
                    97:0f:06:b6:8f:f7:26:12:39:ab:8b:4a:32:47:3f:
                    79:b6:13:7c:ce:39:cf:2b:86:a0:b1:73:48:22:93:
                    05:c1:92:01:0d:2c:a2:b8:ce:ef:16:a8:6a:8f:17:
                    87:4d:c0:7d:d5:e2:91:4b:f5:29:ba:01:58:fa:88:
                    19:a9:f5:cc:d9:75:0e:11:1e:61:36:9d:0d:fa:51:
                    56:dd:4e:92:83:27:93:ac:c2:d1:65:dd:87:d3:94:
                    e4:79:00:18:af:a4:72:9a:b3:24:39:56:73:d6:fe:
                    12:26:6d:e4:c0:2e:30:74:36:61:55:22:8b:eb:85:
                    9c:15:0b:61:f6:95:45:a2:ca:38:ad:9d:4f:21:35:
                    cc:6f:ec:16:45:74:aa:3a:5b:fd:e1:69:c9:a8:9a:
                    b4:14:8b:85:97:d5:77:d0:14:8b:8f:9e:fd:ee:37:
                    c0:86:bb:a0:d8:56:4e:0f:1b:9c:45:b4:54:b2:39:
                    26:f2:4c:ec:28:d3:82:25:bd:ef:0c:18:a9:70:f0:
                    09:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:13:94:0D:3F:79:BD:B0:7C:40:D6:0B:89:6E:55:30:E5:54:E4:D3
            X509v3 Authority Key Identifier:
                keyid:39:86:DB:54:15:24:86:D6:53:38:41:58:99:DE:AD:95:A0:67:B2:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/3986DB54152486D65338415899DEAD95A067B25E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/3986DB54152486D65338415899DEAD95A067B25E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/2/326130363a313238333a633038303a3a2f34342d3434203d3e203438373030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:c080::/44

    Signature Algorithm: sha256WithRSAEncryption
         78:99:66:fc:49:4e:2d:1d:9b:8a:48:e2:a6:87:68:d6:c3:0c:
         36:05:e1:83:06:01:63:8b:51:7a:f6:47:3e:d6:4d:bf:6d:97:
         5d:75:90:b6:42:88:67:81:a5:60:b4:7e:e4:2a:db:fa:07:54:
         f4:e3:09:1d:7c:a2:c3:92:51:e8:43:f5:83:e0:0f:e3:fe:95:
         72:85:e8:cc:be:a4:80:2f:77:56:ee:ea:9b:37:34:a4:3e:9a:
         11:39:2d:58:1b:57:7f:b5:08:7b:6d:f6:a7:40:4d:cb:47:7d:
         bc:ae:2d:a6:d3:76:20:ac:e0:a7:6b:7a:41:61:05:9e:6e:ad:
         12:6d:05:6c:56:32:d8:d9:dc:e8:04:a3:4f:8a:d5:33:13:99:
         15:77:d8:0e:e9:92:55:fd:1b:fd:01:27:db:e1:50:72:e6:e4:
         f0:a0:06:45:8c:45:d3:cc:09:b4:ec:67:d0:ff:c2:e2:7b:e7:
         d7:9f:a0:c9:3e:5d:f0:bf:40:44:41:4f:aa:63:b2:d6:b0:6e:
         77:fe:83:2f:c6:68:aa:0e:b5:b3:e7:f5:3e:3a:be:62:75:d6:
         5d:87:b6:db:97:48:81:8d:41:ec:d2:32:5d:24:4a:c5:0f:10:
         f8:44:c7:9b:39:17:3e:a0:6f:cc:ff:a7:00:e5:9f:52:20:5f:
         fb:d7:7d:d1
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUV9bQj22KrxCJo732s2+IlFi8aEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVB
MDY3QjI1RTAeFw0yMzExMTgyMTQyMzBaFw0yNDExMTYyMTQ3MzBaMDMxMTAvBgNV
BAMTKDg3MTM5NDBEM0Y3OUJEQjA3QzQwRDYwQjg5NkU1NTMwRTU1NEU0RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiJ2PRP7HVmN5UEolEEAZyekEz
4uAnTSNLg7MpmT8n/FHMIO1Fjz3hzwygOPe88XA+yU7tj2jwYYrMuZcPBraP9yYS
OauLSjJHP3m2E3zOOc8rhqCxc0gikwXBkgENLKK4zu8WqGqPF4dNwH3V4pFL9Sm6
AVj6iBmp9czZdQ4RHmE2nQ36UVbdTpKDJ5OswtFl3YfTlOR5ABivpHKasyQ5VnPW
/hImbeTALjB0NmFVIovrhZwVC2H2lUWiyjitnU8hNcxv7BZFdKo6W/3hacmomrQU
i4WX1XfQFIuPnv3uN8CGu6DYVk4PG5xFtFSyOSbyTOwo04Ilve8MGKlw8Am9AgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUhxOUDT95vbB8QNYLiW5VMOVU5NMwHwYDVR0j
BBgwFoAUOYbbVBUkhtZTOEFYmd6tlaBnsl4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3QjI1RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMzk4NkRCNTQxNTI0ODZENjUzMzg0MTU4OTlERUFEOTVBMDY3
QjI1RS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNhODExZjgt
ZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcxNjhmLzIvMzI2MTMwMzYzYTMxMzIzODMz
M2E2MzMwMzgzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDM0MzgzNzMwMzAucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqBhKDwIAwDQYJKoZIhvcNAQELBQADggEBAHiZZvxJTi0dm4pI4qaH
aNbDDDYF4YMGAWOLUXr2Rz7WTb9tl111kLZCiGeBpWC0fuQq2/oHVPTjCR18osOS
UehD9YPgD+P+lXKF6My+pIAvd1bu6ps3NKQ+mhE5LVgbV3+1CHtt9qdATctHfbyu
LabTdiCs4KdrekFhBZ5urRJtBWxWMtjZ3OgEo0+K1TMTmRV32A7pklX9G/0BJ9vh
UHLm5PCgBkWMRdPMCbTsZ9D/wuJ759efoMk+XfC/QERBT6pjstawbnf+gy/GaKoO
tbPn9T46vmJ11l2HttuXSIGNQezSMl0kSsUPEPhEx5s5Fz6gb8z/pwDln1IgX/vX
fdE=
-----END CERTIFICATE-----
Generated at Sun Mar 3 09:19:11 2024 by rpki-client on console-ams.rpki-client.org