Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa
File:                     326131343a366634323a3a2f33312d3438203d3e20323030323432.roa (raw, json)
Hash identifier:          TPvNwHsZw7UbSxFzI4ZEU2RQRB0eOXJX5J17JfLQpnQ=
Subject key identifier:   74:E6:8F:96:0A:E8:35:C5:14:F8:EA:78:BA:45:1A:9D:8C:9F:A1:BD
Certificate issuer:       /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial:       5FC11050D39268CAFF2A9FF065B1F6237292F3AA
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa
Signing time:             Mon 01 Jul 2024 14:35:07 +0000
ROA not before:           Mon 01 Jul 2024 14:30:07 +0000
ROA not after:            Mon 30 Jun 2025 14:35:07 +0000
asID:                     200242
IP address blocks:        2a14:6f42::/31 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:c1:10:50:d3:92:68:ca:ff:2a:9f:f0:65:b1:f6:23:72:92:f3:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
        Validity
            Not Before: Jul  1 14:30:07 2024 GMT
            Not After : Jun 30 14:35:07 2025 GMT
        Subject: CN=74E68F960AE835C514F8EA78BA451A9D8C9FA1BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8d:9b:33:cf:c9:5b:9d:e9:39:59:bf:c0:61:
                    44:32:59:c8:6d:46:6f:1e:e9:24:b6:b7:0a:34:e3:
                    c5:62:60:3f:70:5b:16:eb:d7:32:5d:d1:c1:a2:bb:
                    76:45:55:7e:c2:77:6c:c4:16:32:b7:bd:54:92:7d:
                    e4:74:ee:96:e1:98:1d:03:16:85:75:11:eb:b0:72:
                    1c:e3:0a:be:be:5f:00:d7:a9:fc:d2:38:ce:af:5e:
                    58:03:02:03:95:6c:ea:48:1d:9e:06:79:e3:03:f5:
                    e6:66:c1:b5:a1:29:f1:92:ac:90:86:88:e9:5b:49:
                    65:bf:26:e4:93:96:d0:07:c8:0c:c0:c2:4a:00:1b:
                    e1:7d:8e:b2:01:92:2a:42:99:bc:9a:15:3c:68:40:
                    cc:4b:39:75:89:b0:f7:3e:02:d2:46:0f:f3:26:48:
                    cd:95:56:28:62:0b:d2:f2:2a:7e:43:af:a1:4c:57:
                    5f:92:8b:dd:d1:b4:6a:13:bc:55:1f:1e:47:9c:42:
                    c8:bd:1c:39:11:72:ef:89:18:75:05:28:66:a3:b8:
                    51:b8:d8:52:36:c4:2c:3b:99:58:60:a2:5f:98:85:
                    ea:05:73:f1:73:59:5c:b7:e2:2b:6c:92:d2:bd:da:
                    94:3d:2c:bd:6f:83:50:a7:47:68:fa:96:89:c8:d9:
                    50:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:E6:8F:96:0A:E8:35:C5:14:F8:EA:78:BA:45:1A:9D:8C:9F:A1:BD
            X509v3 Authority Key Identifier:
                keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634323a3a2f33312d3438203d3e20323030323432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:6f42::/31

    Signature Algorithm: sha256WithRSAEncryption
         0d:74:e9:7f:f5:b5:12:c6:36:64:59:c5:fe:6f:29:db:8c:96:
         e9:28:8f:44:32:fc:69:18:35:56:8e:31:fe:4c:e2:5f:40:60:
         68:2e:11:79:9f:57:86:bc:5d:d4:d7:b7:4b:f5:33:91:fc:3c:
         c8:29:b2:0c:f6:d3:c1:0a:53:aa:b9:dc:d2:54:5e:03:22:38:
         14:20:a0:ca:bb:50:5e:ab:91:ba:c4:21:ac:ff:6a:79:24:d9:
         ce:de:b5:77:6b:3a:86:0f:74:18:b6:76:8b:52:7d:ef:57:65:
         2f:e6:7d:d9:7a:7d:34:76:3a:d1:31:f1:34:29:2a:07:d5:ae:
         20:e8:9b:82:97:67:b8:53:c7:96:22:0f:35:fb:e4:54:f7:9a:
         74:f2:6e:21:13:72:8d:13:b5:3e:4c:04:3d:7c:2f:9c:4a:32:
         0e:04:08:36:87:fc:84:b7:59:d9:81:d2:05:0c:c9:27:2b:f9:
         0d:18:f7:e7:eb:75:45:86:11:74:5d:d9:a5:a1:ed:1b:4d:14:
         3a:ef:8c:11:ec:39:68:7a:fe:35:0f:ec:35:5e:94:59:5d:35:
         a6:19:b6:f3:a0:52:c3:8e:9c:10:5b:c6:e4:a9:3c:ba:e1:4e:
         f3:ff:a0:af:4d:f3:99:cf:19:3b:58:4a:c0:78:23:e1:a7:5f:
         2b:09:a4:9a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUX8EQUNOSaMr/Kp/wZbH2I3KS86owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNDA3MDExNDMwMDdaFw0yNTA2MzAxNDM1MDdaMDMxMTAvBgNV
BAMTKDc0RTY4Rjk2MEFFODM1QzUxNEY4RUE3OEJBNDUxQTlEOEM5RkExQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOjZszz8lbnek5Wb/AYUQyWcht
Rm8e6SS2two048ViYD9wWxbr1zJd0cGiu3ZFVX7Cd2zEFjK3vVSSfeR07pbhmB0D
FoV1EeuwchzjCr6+XwDXqfzSOM6vXlgDAgOVbOpIHZ4GeeMD9eZmwbWhKfGSrJCG
iOlbSWW/JuSTltAHyAzAwkoAG+F9jrIBkipCmbyaFTxoQMxLOXWJsPc+AtJGD/Mm
SM2VVihiC9LyKn5Dr6FMV1+Si93RtGoTvFUfHkecQsi9HDkRcu+JGHUFKGajuFG4
2FI2xCw7mVhgol+YheoFc/FzWVy34itsktK92pQ9LL1vg1CnR2j6lonI2VBZAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUdOaPlgroNcUU+Op4ukUanYyfob0wHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDMy
M2EzYTJmMzMzMTJkMzQzODIwM2QzZTIwMzIzMDMwMzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUB
KhRvQjANBgkqhkiG9w0BAQsFAAOCAQEADXTpf/W1EsY2ZFnF/m8p24yW6SiPRDL8
aRg1Vo4x/kziX0BgaC4ReZ9Xhrxd1Ne3S/Uzkfw8yCmyDPbTwQpTqrnc0lReAyI4
FCCgyrtQXquRusQhrP9qeSTZzt61d2s6hg90GLZ2i1J971dlL+Z92Xp9NHY60THx
NCkqB9WuIOibgpdnuFPHliIPNfvkVPeadPJuIRNyjRO1PkwEPXwvnEoyDgQINof8
hLdZ2YHSBQzJJyv5DRj35+t1RYYRdF3ZpaHtG00UOu+MEew5aHr+NQ/sNV6UWV01
phm286BSw46cEFvG5Kk8uuFO8/+gr03zmc8ZO1hKwHgj4adfKwmkmg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:40:24 2024 by rpki-client on console-fra.rpki-client.org