Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323135343733.roa
File:                     326131343a366634343a623030623a3a2f34382d3438203d3e20323135343733.roa (raw, json)
Hash identifier:          L8GmqvJ1QVmWAKscHOFBmFM5vDJ8hADh4YYnfT4JEAM=
Subject key identifier:   8C:44:6E:8C:19:73:4E:DC:10:70:06:F6:F0:F4:F5:41:2A:59:F4:40
Certificate issuer:       /CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
Certificate serial:       385D1F1AAF0D81D6869BE9B64C7B869FF63AD074
Authority key identifier: 3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323135343733.roa
Signing time:             Sun 28 Jul 2024 10:45:49 +0000
ROA not before:           Sun 28 Jul 2024 10:40:49 +0000
ROA not after:            Sun 27 Jul 2025 10:45:49 +0000
asID:                     215473
IP address blocks:        2a14:6f44:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:58:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:5d:1f:1a:af:0d:81:d6:86:9b:e9:b6:4c:7b:86:9f:f6:3a:d0:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eeebb946a8d21d4083c93dc09cee557bb2ac32e
        Validity
            Not Before: Jul 28 10:40:49 2024 GMT
            Not After : Jul 27 10:45:49 2025 GMT
        Subject: CN=8C446E8C19734EDC107006F6F0F4F5412A59F440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:51:ec:96:af:6a:f8:f8:2f:4b:a4:8a:bf:9d:
                    25:a4:0b:45:38:58:87:ea:3c:86:41:0d:5e:c0:dd:
                    38:94:ce:62:3a:40:62:47:3d:a3:64:83:8b:4e:ad:
                    8e:99:22:9b:53:05:dd:4b:b4:c2:c7:3d:81:5d:e8:
                    e8:f5:0e:7e:c6:69:db:b5:2a:a8:e8:a7:42:ad:82:
                    e1:5e:6d:a0:fd:9f:a8:b5:cb:90:31:cd:53:54:7e:
                    ad:55:bc:99:45:ad:da:50:75:8d:20:48:44:89:fa:
                    bc:c2:33:be:44:42:e0:ea:4a:d3:ec:00:17:fc:ca:
                    fc:58:1d:f3:04:d4:13:5d:17:54:3b:f1:da:4f:b0:
                    11:6a:73:4b:8d:95:0c:1c:c1:28:cd:ef:48:8c:e2:
                    78:93:9b:54:79:0f:3b:af:1f:5f:85:bc:e2:22:30:
                    dc:b7:3b:d9:1e:c1:82:f8:13:44:0f:10:5b:eb:dc:
                    ff:14:8d:b8:d7:f1:9f:0b:54:f4:6b:06:b8:14:8e:
                    b4:0c:bc:aa:7a:7e:d1:f2:60:68:a5:c1:d0:84:31:
                    0b:28:bf:a7:9b:69:b1:a3:50:9b:69:2c:d7:2d:c0:
                    cd:dc:4c:a6:b8:e1:15:39:a5:be:43:45:4b:08:0a:
                    c4:a2:2e:05:6c:42:e5:a7:71:a9:3a:0e:06:ed:93:
                    e8:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:44:6E:8C:19:73:4E:DC:10:70:06:F6:F0:F4:F5:41:2A:59:F4:40
            X509v3 Authority Key Identifier:
                keyid:3E:EE:BB:94:6A:8D:21:D4:08:3C:93:DC:09:CE:E5:57:BB:2A:C3:2E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/3EEEBB946A8D21D4083C93DC09CEE557BB2AC32E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pu67lGqNIdQIPJPcCc7lV7sqwy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/326131343a366634343a623030623a3a2f34382d3438203d3e20323135343733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:6f44:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:5e:4d:97:b6:77:3c:a2:32:5f:f4:92:d7:aa:22:32:c3:80:
         08:da:8d:1c:33:89:f8:0c:55:ba:58:10:b3:e1:f1:cb:49:82:
         9e:1a:58:ff:05:a5:a4:4c:8b:62:ad:25:f1:6e:65:09:6f:2f:
         3b:99:2c:a1:26:df:01:2b:d2:d2:1c:86:b8:32:cd:49:e7:0e:
         a0:2e:2d:79:ba:44:03:31:ef:36:1e:54:08:cc:a0:d4:ce:ce:
         5c:b0:b8:23:99:f9:c7:37:c3:ca:8d:64:c9:e8:6f:e6:dc:82:
         30:9e:79:c9:46:3e:ca:06:47:de:f8:3e:10:fb:3d:cb:83:ee:
         d4:1b:a7:69:80:ac:82:c9:67:43:57:a0:7d:1b:29:d9:f2:c3:
         13:45:c7:02:90:54:f0:3b:56:3a:74:dc:73:89:0b:26:33:3d:
         c8:00:33:82:6d:75:78:39:1a:5c:fe:a6:1e:50:69:94:f2:ee:
         06:c7:11:85:3c:41:2c:6b:b0:ec:10:37:5a:11:ac:cb:8f:11:
         ba:36:ca:cb:b5:ea:fb:ba:50:3e:38:26:d4:6f:0f:0f:5d:97:
         69:ca:3f:49:8f:85:d2:09:c2:3c:6b:1f:87:fa:8a:78:19:dd:
         6d:0c:59:86:8e:32:25:28:f3:7d:8a:d7:f7:84:52:98:ca:6b:
         ec:84:33:bb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUOF0fGq8NgdaGm+m2THuGn/Y60HQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2VlZWJiOTQ2YThkMjFkNDA4M2M5M2RjMDljZWU1NTdi
YjJhYzMyZTAeFw0yNDA3MjgxMDQwNDlaFw0yNTA3MjcxMDQ1NDlaMDMxMTAvBgNV
BAMTKDhDNDQ2RThDMTk3MzRFREMxMDcwMDZGNkYwRjRGNTQxMkE1OUY0NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeUeyWr2r4+C9LpIq/nSWkC0U4
WIfqPIZBDV7A3TiUzmI6QGJHPaNkg4tOrY6ZIptTBd1LtMLHPYFd6Oj1Dn7Gadu1
Kqjop0KtguFebaD9n6i1y5AxzVNUfq1VvJlFrdpQdY0gSESJ+rzCM75EQuDqStPs
ABf8yvxYHfME1BNdF1Q78dpPsBFqc0uNlQwcwSjN70iM4niTm1R5DzuvH1+FvOIi
MNy3O9kewYL4E0QPEFvr3P8UjbjX8Z8LVPRrBrgUjrQMvKp6ftHyYGilwdCEMQso
v6ebabGjUJtpLNctwM3cTKa44RU5pb5DRUsICsSiLgVsQuWncak6Dgbtk+j1AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUjERujBlzTtwQcAb28PT1QSpZ9EAwHwYDVR0j
BBgwFoAUPu67lGqNIdQIPJPcCc7lV7sqwy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmZmN2E5ODktZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5
YjNkLzQvM0VFRUJCOTQ2QThEMjFENDA4M0M5M0RDMDlDRUU1NTdCQjJBQzMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1B1NjdsR3FOSWRRSVBKUGNDYzdsVjdz
cXd5NC5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmZmN2E5ODkt
ZWNkZi00M2Q2LTg2ZTEtZjZjMzkzNWI5YjNkLzQvMzI2MTMxMzQzYTM2NjYzNDM0
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTM0MzczMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoUb0SwCzANBgkqhkiG9w0BAQsFAAOCAQEAJl5Nl7Z3PKIyX/SS
16oiMsOACNqNHDOJ+AxVulgQs+Hxy0mCnhpY/wWlpEyLYq0l8W5lCW8vO5ksoSbf
ASvS0hyGuDLNSecOoC4tebpEAzHvNh5UCMyg1M7OXLC4I5n5xzfDyo1kyehv5tyC
MJ55yUY+ygZH3vg+EPs9y4Pu1BunaYCsgslnQ1egfRsp2fLDE0XHApBU8DtWOnTc
c4kLJjM9yAAzgm11eDkaXP6mHlBplPLuBscRhTxBLGuw7BA3WhGsy48RujbKy7Xq
+7pQPjgm1G8PD12Xaco/SY+F0gnCPGsfh/qKeBndbQxZho4yJSjzfYrX94RSmMpr
7IQzuw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:58:32 2024 by rpki-client on console-ams.rpki-client.org