Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
File:                     323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa (raw, json)
Hash identifier:          8MeLwIq9X11wDoQ/ZgGEvlUxaB3HW/sYqcOlC+5LNr8=
Subject key identifier:   E0:3A:8C:11:69:D6:F2:72:88:87:B7:58:3F:9C:92:D1:77:A2:AA:15
Certificate issuer:       /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial:       05A7AA07B753544AE7B42A7A7EC30D9C99F2B9E4
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa
Signing time:             Wed 08 Nov 2023 14:49:55 +0000
ROA not before:           Wed 08 Nov 2023 14:44:55 +0000
ROA not after:            Wed 06 Nov 2024 14:49:55 +0000
asID:                     207960
IP address blocks:        2001:678:fc8::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 23:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:a7:aa:07:b7:53:54:4a:e7:b4:2a:7a:7e:c3:0d:9c:99:f2:b9:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
        Validity
            Not Before: Nov  8 14:44:55 2023 GMT
            Not After : Nov  6 14:49:55 2024 GMT
        Subject: CN=E03A8C1169D6F2728887B7583F9C92D177A2AA15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:9b:e0:e8:53:15:ae:9c:fd:a7:66:10:09:4d:
                    d9:6f:38:14:e8:c8:fd:21:06:a6:01:f5:2a:05:57:
                    bf:cd:4b:74:c0:73:b4:99:89:e6:37:08:f9:b0:fd:
                    b1:83:5a:5a:7b:42:3c:fd:a6:4e:29:8b:ef:65:dd:
                    f2:95:eb:ec:f9:c9:f3:d7:ef:91:e8:f2:63:4c:e4:
                    58:00:10:a9:66:10:43:19:2b:91:cf:4f:9a:72:22:
                    7a:3a:24:96:0e:1f:b3:69:21:ed:58:bb:e8:47:cd:
                    aa:28:8b:2e:ba:c4:e2:27:31:3e:59:6b:42:4d:f4:
                    7f:73:ce:31:bd:6d:0d:41:4a:0c:6f:58:7b:26:39:
                    d7:e8:70:b9:6d:a1:62:96:6a:e2:3a:8e:26:08:4e:
                    40:d1:42:a8:ca:de:64:f5:46:6c:81:d8:58:a3:96:
                    6a:b0:be:4d:a8:8a:f4:34:df:40:e6:99:5a:97:8a:
                    23:12:0a:3e:59:87:36:6d:e6:19:19:c3:5d:16:73:
                    e7:f8:11:1d:7d:c2:10:bf:6a:97:b3:f4:6a:8d:f8:
                    8e:7d:f5:c7:13:85:a8:58:d9:2b:db:62:ef:f0:9c:
                    50:c7:01:f6:b6:53:c6:ba:b2:0f:87:1a:92:88:6c:
                    1c:a8:8b:cc:2b:8c:64:24:5f:36:9d:71:b5:32:53:
                    8e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:3A:8C:11:69:D6:F2:72:88:87:B7:58:3F:9C:92:D1:77:A2:AA:15
            X509v3 Authority Key Identifier:
                keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/323030313a3637383a6663383a3a2f34382d3438203d3e20323037393630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:fc8::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:b0:fc:5f:d3:59:86:1e:f0:54:5b:57:10:4d:4d:45:d6:f8:
         44:5c:bd:9a:4b:98:c5:2a:e7:43:d2:48:d0:34:c0:14:05:0f:
         5f:88:3f:19:e7:a7:81:20:ad:1f:68:1b:6b:4b:52:21:f8:4d:
         bd:42:22:68:32:c8:f9:61:bd:ed:79:3a:6d:fc:d6:e7:3b:29:
         aa:eb:4a:95:e8:4e:90:c0:0f:e6:ac:29:5f:65:c0:72:76:1a:
         e6:5a:57:00:8c:ed:e2:04:2f:67:9e:97:d3:f1:6c:e0:eb:a5:
         5f:fe:48:9b:69:ef:63:f3:e3:06:33:db:c6:4a:c7:41:28:40:
         2d:85:a5:12:11:28:16:8c:80:e1:dd:01:1c:31:45:bb:2f:34:
         47:a5:0e:09:b2:6f:ea:9b:36:d6:fc:9c:a0:df:e4:76:59:11:
         30:76:b3:9b:9f:5d:38:df:90:a8:2c:1e:51:d5:cb:ce:00:e0:
         c0:e6:a6:e3:12:2b:55:97:c7:90:48:5d:03:58:b9:ae:60:f9:
         14:05:fe:db:97:30:be:32:6c:fe:42:3f:eb:fb:1b:74:c5:b3:
         86:3f:98:65:aa:4e:7b:36:46:84:7f:79:8d:55:97:82:f8:c8:
         b8:60:5f:b8:9e:69:b7:41:6c:64:82:a7:2d:4f:27:f2:41:43:
         b7:99:63:4d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUBaeqB7dTVErntCp6fsMNnJnyueQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMDgxNDQ0NTVaFw0yNDExMDYxNDQ5NTVaMDMxMTAvBgNV
BAMTKEUwM0E4QzExNjlENkYyNzI4ODg3Qjc1ODNGOUM5MkQxNzdBMkFBMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnm+DoUxWunP2nZhAJTdlvOBTo
yP0hBqYB9SoFV7/NS3TAc7SZieY3CPmw/bGDWlp7Qjz9pk4pi+9l3fKV6+z5yfPX
75Ho8mNM5FgAEKlmEEMZK5HPT5pyIno6JJYOH7NpIe1Yu+hHzaooiy66xOInMT5Z
a0JN9H9zzjG9bQ1BSgxvWHsmOdfocLltoWKWauI6jiYITkDRQqjK3mT1RmyB2Fij
lmqwvk2oivQ030DmmVqXiiMSCj5ZhzZt5hkZw10Wc+f4ER19whC/apez9GqN+I59
9ccThahY2SvbYu/wnFDHAfa2U8a6sg+HGpKIbByoi8wrjGQkXzadcbUyU46jAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU4DqMEWnW8nKIh7dYP5yS0XeiqhUwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzIzMDMwMzEzYTM2MzczODNh
NjY2MzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDM3MzkzNjMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGeA/IMA0GCSqGSIb3DQEBCwUAA4IBAQAhsPxf01mGHvBUW1cQTU1F
1vhEXL2aS5jFKudD0kjQNMAUBQ9fiD8Z56eBIK0faBtrS1Ih+E29QiJoMsj5Yb3t
eTpt/NbnOymq60qV6E6QwA/mrClfZcBydhrmWlcAjO3iBC9nnpfT8Wzg66Vf/kib
ae9j8+MGM9vGSsdBKEAthaUSESgWjIDh3QEcMUW7LzRHpQ4Jsm/qmzbW/Jyg3+R2
WREwdrObn10435CoLB5R1cvOAODA5qbjEitVl8eQSF0DWLmuYPkUBf7blzC+Mmz+
Qj/r+xt0xbOGP5hlqk57NkaEf3mNVZeC+Mi4YF+4nmm3QWxkgqctTyfyQUO3mWNN
-----END CERTIFICATE-----
Generated at Sat May 18 04:11:01 2024 by rpki-client on console-ams.rpki-client.org