Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa
File:                     326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa (raw, json)
Hash identifier:          cyfLJ3CtZo00+Xmo7TFi0ocrdtssO3s07qAEViP0T34=
Subject key identifier:   3A:E6:D3:81:B0:A3:5A:F7:75:D1:9C:3D:67:B0:DB:6B:B7:BC:68:31
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       5FEA07ACF78183FA68B7476FAE43B71BBDF5D9C0
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa
Signing time:             Tue 23 Jan 2024 14:17:13 +0000
ROA not before:           Tue 23 Jan 2024 14:12:13 +0000
ROA not after:            Tue 21 Jan 2025 14:17:13 +0000
asID:                     57417
IP address blocks:        2a11:29c0:36::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:ea:07:ac:f7:81:83:fa:68:b7:47:6f:ae:43:b7:1b:bd:f5:d9:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jan 23 14:12:13 2024 GMT
            Not After : Jan 21 14:17:13 2025 GMT
        Subject: CN=3AE6D381B0A35AF775D19C3D67B0DB6BB7BC6831
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0b:e7:c6:31:55:95:a8:96:c1:6a:a7:3f:49:
                    3d:e7:f5:89:0c:0d:e4:d6:3b:cd:c6:08:09:e3:3c:
                    d1:ce:e2:70:b4:9c:ca:ed:57:5f:fe:99:29:06:dc:
                    07:91:22:2b:ff:a4:25:a1:2b:1d:a9:63:09:c8:ec:
                    1f:19:af:db:fa:9d:c4:fe:4c:c4:55:28:e0:a7:0b:
                    73:fd:df:68:39:72:a7:a2:ef:04:d4:19:03:3f:67:
                    d2:cb:07:96:25:08:88:6f:59:2a:77:6d:80:b9:04:
                    fe:bd:02:c3:3d:80:5e:a2:e2:fc:94:77:3a:98:ca:
                    8f:82:67:8d:6d:24:80:5c:dc:eb:a7:05:99:97:00:
                    8d:98:f2:97:74:34:2b:0e:09:4a:0f:45:fb:ee:2d:
                    b9:7c:63:4d:bb:74:e5:f1:4b:dc:ea:e3:cc:f1:06:
                    1d:bd:f2:f7:84:84:fd:a4:46:49:d3:84:87:ca:aa:
                    11:de:f5:21:a3:ab:58:ad:a9:62:34:2a:c7:bb:6d:
                    b7:eb:3e:8c:22:ad:f6:c8:f9:90:35:2b:14:49:d2:
                    be:f5:a2:1b:a5:2e:57:15:71:6e:c1:50:b7:45:8c:
                    fd:e8:90:3e:49:35:cb:58:b7:d9:2b:06:45:11:87:
                    d3:2d:e6:08:05:e9:fb:31:b3:fa:39:76:ff:e1:1d:
                    de:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:E6:D3:81:B0:A3:5A:F7:75:D1:9C:3D:67:B0:DB:6B:B7:BC:68:31
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a33363a3a2f34382d3438203d3e203537343137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:36::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:80:0d:68:b3:23:94:8b:ff:9b:6a:52:57:ed:eb:b3:7f:24:
         6c:28:34:19:43:5d:1c:cb:91:52:9a:de:74:c0:75:cb:33:9d:
         9b:50:7a:3c:a8:85:43:0c:e8:f4:1e:7f:80:62:83:a7:e7:59:
         9e:65:93:d9:b0:c7:7e:30:73:ea:bd:93:ae:4f:1e:7f:d1:a0:
         ec:87:0a:d1:bd:7f:24:c2:2a:9d:34:74:7a:7b:0f:15:4e:25:
         3c:1f:1b:87:92:89:76:45:d9:a0:1e:cb:b8:42:b5:be:72:f0:
         c3:51:f8:c1:5d:27:c2:8c:e9:29:d0:bb:6a:dd:9b:ba:56:d4:
         bd:fa:94:b2:a3:bd:cf:01:e0:57:80:e7:e4:4b:cf:fd:cd:f1:
         94:70:80:bf:28:70:e0:50:11:81:b1:5f:41:ad:d0:f6:ff:7a:
         32:63:35:54:96:ae:2e:a0:16:b8:81:68:86:f9:b9:f7:3b:b8:
         44:79:60:54:ca:da:9b:43:fe:c2:a1:15:fc:f6:e5:83:d4:77:
         58:30:03:8b:aa:e7:f5:46:c4:23:06:3b:16:2a:92:57:f6:07:
         35:26:05:e8:62:ba:53:94:3a:45:7c:ce:64:47:d0:f8:1a:4d:
         2f:d8:c1:99:03:d2:76:8e:9c:8c:37:cd:de:8e:c8:c6:71:5e:
         17:b9:97:11
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUX+oHrPeBg/pot0dvrkO3G7312cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDAxMjMxNDEyMTNaFw0yNTAxMjExNDE3MTNaMDMxMTAvBgNV
BAMTKDNBRTZEMzgxQjBBMzVBRjc3NUQxOUMzRDY3QjBEQjZCQjdCQzY4MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBC+fGMVWVqJbBaqc/ST3n9YkM
DeTWO83GCAnjPNHO4nC0nMrtV1/+mSkG3AeRIiv/pCWhKx2pYwnI7B8Zr9v6ncT+
TMRVKOCnC3P932g5cqei7wTUGQM/Z9LLB5YlCIhvWSp3bYC5BP69AsM9gF6i4vyU
dzqYyo+CZ41tJIBc3OunBZmXAI2Y8pd0NCsOCUoPRfvuLbl8Y027dOXxS9zq48zx
Bh298veEhP2kRknThIfKqhHe9SGjq1itqWI0Kse7bbfrPowirfbI+ZA1KxRJ0r71
ohulLlcVcW7BULdFjP3okD5JNctYt9krBkURh9Mt5ggF6fsxs/o5dv/hHd79AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUOubTgbCjWvd10Zw9Z7Dba7e8aDEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNzM0MzEzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAANjANBgkqhkiG9w0BAQsFAAOCAQEAkIANaLMjlIv/m2pSV+3rs38k
bCg0GUNdHMuRUpredMB1yzOdm1B6PKiFQwzo9B5/gGKDp+dZnmWT2bDHfjBz6r2T
rk8ef9Gg7IcK0b1/JMIqnTR0ensPFU4lPB8bh5KJdkXZoB7LuEK1vnLww1H4wV0n
wozpKdC7at2bulbUvfqUsqO9zwHgV4Dn5EvP/c3xlHCAvyhw4FARgbFfQa3Q9v96
MmM1VJauLqAWuIFohvm59zu4RHlgVMram0P+wqEV/Pblg9R3WDADi6rn9UbEIwY7
FiqSV/YHNSYF6GK6U5Q6RXzOZEfQ+BpNL9jBmQPSdo6cjDfN3o7IxnFeF7mXEQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org