Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323130363637.roa
File:                     326131343a366634343a623030623a3a2f34382d3438203d3e20323130363637.roa (raw, json)
Hash identifier:          5aLekRp0Z/nDkL3quTBST646++5Or5kPuLfIwZxGWPU=
Subject key identifier:   AF:99:BE:B1:CB:4E:B2:F6:C1:22:FD:D5:12:FD:C0:2A:BE:CF:AA:70
Certificate issuer:       /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial:       24251D5A5C1DB27AE7FA922A5AD837523A706B30
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323130363637.roa
Signing time:             Sun 28 Jul 2024 10:45:24 +0000
ROA not before:           Sun 28 Jul 2024 10:40:24 +0000
ROA not after:            Sun 27 Jul 2025 10:45:24 +0000
asID:                     210667
IP address blocks:        2a14:6f44:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:58:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:25:1d:5a:5c:1d:b2:7a:e7:fa:92:2a:5a:d8:37:52:3a:70:6b:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
        Validity
            Not Before: Jul 28 10:40:24 2024 GMT
            Not After : Jul 27 10:45:24 2025 GMT
        Subject: CN=AF99BEB1CB4EB2F6C122FDD512FDC02ABECFAA70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:86:84:87:0e:ca:60:d7:b2:3b:56:68:35:fc:
                    0e:23:74:02:50:4c:23:80:cc:4e:d0:4f:27:94:ba:
                    1a:58:eb:49:5c:79:af:df:63:fe:1e:b5:59:ee:3f:
                    8d:52:f0:3b:44:a6:8b:c9:32:72:be:29:42:77:0f:
                    d6:f9:e7:6b:b7:34:82:ae:7f:7f:0e:04:92:db:f2:
                    c4:fa:d0:bc:21:52:e7:09:32:49:b6:f7:f3:cd:87:
                    4e:58:3a:45:07:07:4b:86:d9:0d:64:4e:87:87:fe:
                    55:71:41:5e:3d:56:5a:35:e8:b3:61:91:f5:57:ca:
                    ac:f3:30:87:85:bf:eb:b4:9d:27:a3:4f:b5:0b:28:
                    b2:cd:23:22:07:24:a5:36:e5:2e:79:23:5d:8d:31:
                    72:c4:71:a3:24:f5:b5:85:2d:e7:b2:d0:65:d3:14:
                    96:43:36:ed:40:2d:73:f3:ec:bb:d9:77:8c:98:93:
                    27:78:d0:f0:58:e9:75:8a:9b:a5:91:5d:56:43:b5:
                    94:1a:28:fe:81:f1:76:40:45:16:75:9d:f5:32:86:
                    53:df:95:75:b2:a5:4a:fd:c8:79:93:fc:ad:77:5d:
                    e8:d4:c3:c7:f6:b8:1b:53:c3:6f:8d:ee:3d:94:34:
                    24:4d:12:1d:fc:ec:83:f0:4a:c0:13:f0:a8:51:66:
                    ad:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:99:BE:B1:CB:4E:B2:F6:C1:22:FD:D5:12:FD:C0:2A:BE:CF:AA:70
            X509v3 Authority Key Identifier:
                keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323130363637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:6f44:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:fa:63:58:fa:d0:ac:1c:fe:a6:6a:d8:4e:10:e7:30:03:f6:
         77:ed:2b:35:f8:0b:0e:f8:64:19:91:69:44:ba:ab:b5:7e:9c:
         c2:44:44:ee:52:88:ab:5b:19:87:9e:ee:ea:79:60:85:1b:99:
         a7:ea:49:90:e4:7f:82:1d:93:d0:fc:98:7a:41:a4:0c:1f:0c:
         44:0c:8a:cc:0e:86:48:80:a6:ce:29:1a:93:0b:72:a3:e5:30:
         19:90:f2:cf:4b:c6:46:84:e0:95:6a:99:6b:9b:b4:a0:2a:0d:
         94:20:da:f6:3b:af:5a:b9:5b:0a:d7:5e:08:5f:ac:a7:ad:30:
         57:cf:65:8b:c0:77:09:97:fd:4f:65:1c:c3:02:bc:67:4c:6f:
         59:74:78:19:f4:79:66:e9:2d:0b:87:59:2c:8b:07:44:97:e2:
         85:0c:38:1f:77:ee:6a:75:0a:00:08:4c:e0:50:01:74:35:f0:
         15:6d:0d:b0:24:87:60:68:70:90:1c:8a:f3:00:5f:f1:91:24:
         ca:a4:87:8a:68:b5:03:e1:52:d7:f9:dc:79:eb:fc:a8:2d:3b:
         62:d1:4a:7f:4e:fa:99:3c:9d:d6:12:65:f7:4d:77:62:de:f7:
         c1:9a:4a:4d:fb:a7:6d:43:d3:55:21:07:f2:a2:9a:4a:bf:c1:
         04:82:bd:66
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUJCUdWlwdsnrn+pIqWtg3UjpwazAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNDA3MjgxMDQwMjRaFw0yNTA3MjcxMDQ1MjRaMDMxMTAvBgNV
BAMTKEFGOTlCRUIxQ0I0RUIyRjZDMTIyRkRENTEyRkRDMDJBQkVDRkFBNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLhoSHDspg17I7Vmg1/A4jdAJQ
TCOAzE7QTyeUuhpY60lcea/fY/4etVnuP41S8DtEpovJMnK+KUJ3D9b552u3NIKu
f38OBJLb8sT60LwhUucJMkm29/PNh05YOkUHB0uG2Q1kToeH/lVxQV49Vlo16LNh
kfVXyqzzMIeFv+u0nSejT7ULKLLNIyIHJKU25S55I12NMXLEcaMk9bWFLeey0GXT
FJZDNu1ALXPz7LvZd4yYkyd40PBY6XWKm6WRXVZDtZQaKP6B8XZARRZ1nfUyhlPf
lXWypUr9yHmT/K13XejUw8f2uBtTw2+N7j2UNCRNEh387IPwSsAT8KhRZq3LAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUr5m+sctOsvbBIv3VEv3AKr7PqnAwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDM2MzYzNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUb0SwCzANBgkqhkiG9w0BAQsFAAOCAQEAD/pjWPrQrBz+pmrY
ThDnMAP2d+0rNfgLDvhkGZFpRLqrtX6cwkRE7lKIq1sZh57u6nlghRuZp+pJkOR/
gh2T0PyYekGkDB8MRAyKzA6GSICmzikakwtyo+UwGZDyz0vGRoTglWqZa5u0oCoN
lCDa9juvWrlbCtdeCF+sp60wV89li8B3CZf9T2UcwwK8Z0xvWXR4GfR5ZuktC4dZ
LIsHRJfihQw4H3fuanUKAAhM4FABdDXwFW0NsCSHYGhwkByK8wBf8ZEkyqSHimi1
A+FS1/nceev8qC07YtFKf076mTyd1hJl9013Yt73wZpKTfunbUPTVSEH8qKaSr/B
BIK9Zg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:58:32 2024 by rpki-client on console-ams.rpki-client.org