Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a353a3a2f34382d3438203d3e203530333931.roa
File:                     326131313a323963303a353a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier:          noEQYYxZMtP4TElxCjqZZxtSM2oTo0F/DAHyXepXpOA=
Subject key identifier:   2E:0A:C7:94:C7:45:DE:C3:9F:79:46:24:6F:0C:02:D2:B7:13:86:E4
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       0A1906BAFD7B7AEFE25572A2C58158CFC9263DF6
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a353a3a2f34382d3438203d3e203530333931.roa
Signing time:             Wed 19 Jun 2024 14:01:17 +0000
ROA not before:           Wed 19 Jun 2024 13:56:17 +0000
ROA not after:            Wed 18 Jun 2025 14:01:17 +0000
asID:                     50391
IP address blocks:        2a11:29c0:5::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:19:06:ba:fd:7b:7a:ef:e2:55:72:a2:c5:81:58:cf:c9:26:3d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:17 2024 GMT
            Not After : Jun 18 14:01:17 2025 GMT
        Subject: CN=2E0AC794C745DEC39F7946246F0C02D2B71386E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f1:2d:15:e7:ee:ec:22:cc:6a:03:dc:7e:6f:
                    e4:e9:fb:ac:1f:f4:f4:23:7a:e5:0c:a9:b8:ab:ca:
                    a5:c1:a2:8f:95:0c:d8:da:4c:20:47:02:96:2f:18:
                    8f:54:5c:f3:c1:d5:35:50:a4:4c:cf:d0:71:48:49:
                    8b:9b:6c:c4:e0:dd:44:3e:c2:d1:28:91:1e:5a:c1:
                    88:9a:95:7f:36:90:41:b4:b5:6e:98:c7:2b:e4:75:
                    8e:8b:18:cb:31:30:2b:0b:b5:4f:b9:63:c6:85:5d:
                    04:15:8b:c7:b2:04:05:6f:a5:f2:5c:06:af:e4:b0:
                    45:c1:77:99:bd:a7:81:0c:f8:4c:63:61:4f:09:9f:
                    9e:f2:96:49:03:2a:d5:d1:fa:e2:60:c0:64:51:6b:
                    cc:1c:33:01:b4:11:df:80:58:e0:45:92:db:65:2c:
                    41:bd:b4:8e:60:54:56:ca:da:7d:bd:c6:f5:7d:75:
                    61:88:a8:94:fa:e6:72:81:25:c1:04:54:b0:b3:a8:
                    7f:b4:fd:e2:1c:8f:b2:d6:f6:ac:3f:9e:ec:ef:29:
                    27:a8:60:90:71:de:89:df:54:87:a8:5f:0e:f8:8e:
                    8c:79:11:9c:04:bb:09:73:bb:af:ba:ef:68:e1:e5:
                    0a:2d:3e:f0:80:9a:78:9e:fa:cd:e4:11:d8:52:3c:
                    0a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:0A:C7:94:C7:45:DE:C3:9F:79:46:24:6F:0C:02:D2:B7:13:86:E4
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a353a3a2f34382d3438203d3e203530333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:5::/48

    Signature Algorithm: sha256WithRSAEncryption
         66:da:21:6d:a6:3d:b6:66:1e:b2:86:9f:4e:9e:47:c0:d3:22:
         06:b0:c7:5d:05:5e:7b:8e:13:f3:e2:ec:de:81:15:5b:d0:d4:
         a7:6d:0a:02:d7:79:e1:3d:08:98:e6:3e:48:ef:42:e2:41:50:
         7e:2b:a4:7f:68:ac:9a:95:38:1b:29:c1:74:7f:bf:b3:47:c6:
         8c:68:55:8c:99:da:82:07:d6:8c:0f:e9:8b:e1:7f:c9:8b:99:
         6f:b3:db:44:f2:32:7b:18:7d:9d:fc:21:37:15:ae:67:fd:7f:
         c1:90:07:f7:c1:98:9a:f3:18:dd:dd:79:91:35:6a:a7:d0:be:
         43:40:ef:a8:5e:b4:6f:1d:74:5a:75:9f:69:3d:bc:fa:f2:ec:
         96:e6:89:d5:91:7e:4f:1e:35:ea:0a:bd:a0:ce:ed:e1:db:db:
         4c:8a:c9:c6:66:51:d7:f7:4e:33:78:df:45:15:80:cd:9b:24:
         48:ea:8b:a3:7d:f0:c5:f2:5d:15:16:8f:ed:e1:79:bb:96:32:
         ec:17:a7:0a:02:43:5d:c3:6c:dc:a2:d4:c1:d0:a5:f0:65:31:
         ee:ec:da:dd:dc:5e:e5:bd:74:c0:d0:b2:ec:f8:c9:ae:5d:68:
         5c:85:6d:01:df:62:1e:d5:58:ab:a7:49:2b:fa:61:1b:66:f2:
         0a:a9:0b:76
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUChkGuv17eu/iVXKixYFYz8kmPfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTdaFw0yNTA2MTgxNDAxMTdaMDMxMTAvBgNV
BAMTKDJFMEFDNzk0Qzc0NURFQzM5Rjc5NDYyNDZGMEMwMkQyQjcxMzg2RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV8S0V5+7sIsxqA9x+b+Tp+6wf
9PQjeuUMqbiryqXBoo+VDNjaTCBHApYvGI9UXPPB1TVQpEzP0HFISYubbMTg3UQ+
wtEokR5awYialX82kEG0tW6YxyvkdY6LGMsxMCsLtU+5Y8aFXQQVi8eyBAVvpfJc
Bq/ksEXBd5m9p4EM+ExjYU8Jn57ylkkDKtXR+uJgwGRRa8wcMwG0Ed+AWOBFkttl
LEG9tI5gVFbK2n29xvV9dWGIqJT65nKBJcEEVLCzqH+0/eIcj7LW9qw/nuzvKSeo
YJBx3onfVIeoXw74jox5EZwEuwlzu6+672jh5QotPvCAmnie+s3kEdhSPApvAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQULgrHlMdF3sOfeUYkbwwC0rcThuQwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzAzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqESnAAAUwDQYJKoZIhvcNAQELBQADggEBAGbaIW2mPbZmHrKGn06eR8DTIgaw
x10FXnuOE/Pi7N6BFVvQ1KdtCgLXeeE9CJjmPkjvQuJBUH4rpH9orJqVOBspwXR/
v7NHxoxoVYyZ2oIH1owP6Yvhf8mLmW+z20TyMnsYfZ38ITcVrmf9f8GQB/fBmJrz
GN3deZE1aqfQvkNA76hetG8ddFp1n2k9vPry7JbmidWRfk8eNeoKvaDO7eHb20yK
ycZmUdf3TjN430UVgM2bJEjqi6N98MXyXRUWj+3hebuWMuwXpwoCQ13DbNyi1MHQ
pfBlMe7s2t3cXuW9dMDQsuz4ya5daFyFbQHfYh7VWKunSSv6YRtm8gqpC3Y=
-----END CERTIFICATE-----
Generated at Tue Dec 3 14:01:02 2024 by rpki-client on console-ams.rpki-client.org