Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa
File:                     326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa (raw, json)
Hash identifier:          0kt6gwigpAKm0ujQfW3KL1VzOfzmyMGVOFV9UeH3amY=
Subject key identifier:   EF:81:03:70:9D:57:24:AF:E2:2C:41:28:70:A9:C2:75:42:C0:3B:74
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       2FF8D167A1B05252251799661E0C5CF4DABCA171
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa
Signing time:             Wed 19 Jun 2024 14:01:18 +0000
ROA not before:           Wed 19 Jun 2024 13:56:18 +0000
ROA not after:            Wed 18 Jun 2025 14:01:18 +0000
asID:                     207359
IP address blocks:        2a11:29c0:3dfe::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:f8:d1:67:a1:b0:52:52:25:17:99:66:1e:0c:5c:f4:da:bc:a1:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:18 2024 GMT
            Not After : Jun 18 14:01:18 2025 GMT
        Subject: CN=EF8103709D5724AFE22C412870A9C27542C03B74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:89:91:87:f2:ad:1d:41:f2:41:d2:2f:45:c1:
                    32:3e:0d:07:3d:86:42:3c:76:a6:2e:1a:61:13:b8:
                    0e:08:4b:cb:ac:f4:cf:15:c1:4c:8f:03:ec:7d:b0:
                    75:eb:d8:22:2c:2a:3f:7b:47:0e:95:a6:40:4b:45:
                    20:66:d4:89:ea:54:0b:b3:42:aa:3e:ef:e4:67:00:
                    40:cb:72:d4:63:be:ef:00:c7:f1:39:0e:10:c1:01:
                    47:84:c4:71:8b:48:d0:5f:37:fd:e0:46:3b:bc:f9:
                    75:1a:26:e3:2e:8d:1e:46:a0:18:e7:25:b3:68:de:
                    10:b1:90:1a:ab:de:40:dc:51:d0:97:83:f6:82:0c:
                    35:30:07:42:a8:52:2a:94:e1:c8:7c:07:bb:53:a7:
                    db:6f:d0:64:fe:22:cf:cc:c4:ce:27:b5:2b:f5:de:
                    58:80:5c:b8:c7:74:06:f5:e2:8c:f4:7a:af:1e:3c:
                    d7:6f:e6:03:fa:24:19:59:50:8b:4e:d7:7c:c3:6f:
                    15:c1:ab:74:1e:fa:14:4a:a3:72:8f:18:b1:f6:8a:
                    ae:ad:3a:4e:04:3c:96:79:84:1d:bd:e3:7e:95:c7:
                    fc:b8:9a:19:85:0b:0b:b5:be:30:8e:33:7d:2c:74:
                    75:6b:07:16:ca:b6:2d:e8:5d:bc:df:19:24:03:df:
                    7d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:81:03:70:9D:57:24:AF:E2:2C:41:28:70:A9:C2:75:42:C0:3B:74
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466653a3a2f34382d3438203d3e20323037333539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3dfe::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:76:20:2d:fa:d5:9a:91:d0:64:ac:c5:7f:22:69:fa:05:95:
         08:9b:55:db:29:d5:1e:25:e1:da:59:4d:8a:fe:e6:1c:99:32:
         97:94:f7:9d:d2:d4:73:b0:be:0d:7c:34:a2:e7:78:fa:66:50:
         0a:0f:d6:f8:13:0b:18:46:79:d3:47:e2:4a:fc:26:91:5c:eb:
         f6:62:f5:f4:2d:d1:2b:59:f7:ad:c4:36:43:5f:f1:7c:f5:68:
         d8:e1:81:f3:28:9e:74:cc:c4:a3:5f:52:f4:57:59:fe:d9:47:
         a4:5d:23:1a:ff:3c:86:7c:26:58:37:25:e0:c8:0e:e5:cc:7d:
         18:e0:b2:a8:5a:13:58:ee:ac:7b:79:be:5d:2a:63:cc:9e:43:
         04:af:9e:1c:36:76:ab:ac:95:da:35:52:c4:4f:5a:67:1e:48:
         33:5b:50:99:c1:68:e1:dc:09:3d:bc:44:22:19:12:3e:ae:ae:
         88:ad:89:6f:e0:76:7e:6e:df:1b:85:d0:42:bd:49:70:0b:ab:
         9d:fe:a6:19:2f:04:b7:ed:74:0b:81:4f:83:70:5d:f9:ae:39:
         87:0d:27:e3:e2:6d:1b:3c:36:8c:ab:aa:43:f8:5b:d8:f8:9e:
         63:76:5f:e9:1e:64:79:57:18:df:93:38:0e:07:9b:6f:11:79:
         86:dc:5e:c7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUL/jRZ6GwUlIlF5lmHgxc9Nq8oXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKEVGODEwMzcwOUQ1NzI0QUZFMjJDNDEyODcwQTlDMjc1NDJDMDNCNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoiZGH8q0dQfJB0i9FwTI+DQc9
hkI8dqYuGmETuA4IS8us9M8VwUyPA+x9sHXr2CIsKj97Rw6VpkBLRSBm1InqVAuz
Qqo+7+RnAEDLctRjvu8Ax/E5DhDBAUeExHGLSNBfN/3gRju8+XUaJuMujR5GoBjn
JbNo3hCxkBqr3kDcUdCXg/aCDDUwB0KoUiqU4ch8B7tTp9tv0GT+Is/MxM4ntSv1
3liAXLjHdAb14oz0eq8ePNdv5gP6JBlZUItO13zDbxXBq3Qe+hRKo3KPGLH2iq6t
Ok4EPJZ5hB29436Vx/y4mhmFCwu1vjCOM30sdHVrBxbKti3oXbzfGSQD3331AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU74EDcJ1XJK/iLEEocKnCdULAO3QwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzMzMzUzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/jANBgkqhkiG9w0BAQsFAAOCAQEABHYgLfrVmpHQZKzF
fyJp+gWVCJtV2ynVHiXh2llNiv7mHJkyl5T3ndLUc7C+DXw0oud4+mZQCg/W+BML
GEZ500fiSvwmkVzr9mL19C3RK1n3rcQ2Q1/xfPVo2OGB8yiedMzEo19S9FdZ/tlH
pF0jGv88hnwmWDcl4MgO5cx9GOCyqFoTWO6se3m+XSpjzJ5DBK+eHDZ2q6yV2jVS
xE9aZx5IM1tQmcFo4dwJPbxEIhkSPq6uiK2Jb+B2fm7fG4XQQr1JcAurnf6mGS8E
t+10C4FPg3Bd+a45hw0n4+JtGzw2jKuqQ/hb2PieY3Zf6R5keVcY35M4DgebbxF5
htxexw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org