Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa
File:                     326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier:          kyJufvys1OSu9lr2TOlUl5PLrvbY1mk7xlwMcbyfTUY=
Subject key identifier:   B8:4B:F1:3F:36:E0:FC:8C:39:A7:B3:F2:D2:2A:66:1F:8C:F3:1E:56
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       3FFC458AC11CC8371675E52C25E0EB765DC52F3D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time:             Wed 19 Jun 2024 14:01:17 +0000
ROA not before:           Wed 19 Jun 2024 13:56:17 +0000
ROA not after:            Wed 18 Jun 2025 14:01:17 +0000
asID:                     212149
IP address blocks:        2a11:29c7:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:fc:45:8a:c1:1c:c8:37:16:75:e5:2c:25:e0:eb:76:5d:c5:2f:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:17 2024 GMT
            Not After : Jun 18 14:01:17 2025 GMT
        Subject: CN=B84BF13F36E0FC8C39A7B3F2D22A661F8CF31E56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4a:2e:24:cb:ad:71:c2:0e:a9:9a:a7:28:91:
                    6e:b3:d4:8c:7f:24:94:68:e8:74:11:3f:99:55:4a:
                    94:ce:12:7a:41:1d:97:0f:3c:ce:ff:35:e9:95:08:
                    4f:09:a2:db:fa:e2:7d:97:d4:97:7a:3b:cd:89:88:
                    41:e0:a8:78:22:a1:e0:bf:1a:16:0d:63:1e:7e:19:
                    ce:d4:6a:0d:39:a3:ef:cc:a9:28:54:f5:5e:1f:ed:
                    03:d9:50:b6:ec:b0:4e:e4:78:75:52:09:c6:41:c7:
                    4e:b9:b6:a8:7a:71:06:00:93:58:2e:c7:a2:3b:72:
                    2f:4c:db:aa:61:c0:41:64:f8:8e:b4:11:30:2d:46:
                    2d:04:77:81:06:6e:b2:8e:70:4e:5e:e2:9d:35:c7:
                    12:31:6d:19:8f:83:bb:04:fb:11:16:01:45:ca:bf:
                    43:24:e0:bc:f4:3d:e5:0e:bb:a7:24:91:6c:a4:dc:
                    0c:cc:f1:b3:01:d0:db:a9:1f:b5:a2:97:d2:0b:f6:
                    ab:50:06:d4:e1:0b:d4:08:2a:f9:7d:8a:43:ff:ac:
                    8e:a2:d0:d6:42:6a:fd:17:f4:b0:6d:11:a6:b1:42:
                    53:23:43:ee:88:1e:4f:b7:48:09:ed:42:e8:da:f4:
                    36:8a:e9:df:33:af:a7:0a:74:f6:12:88:cf:9b:46:
                    59:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:4B:F1:3F:36:E0:FC:8C:39:A7:B3:F2:D2:2A:66:1F:8C:F3:1E:56
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c7:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:6e:2a:c8:cd:e5:8f:72:2e:bf:93:d7:70:7b:17:4e:c7:12:
         0e:49:78:ae:62:47:a2:4f:6f:46:53:a6:fd:ca:a6:06:a5:f0:
         cc:11:f5:05:95:f8:65:40:bf:55:57:5c:96:71:b6:1f:a3:85:
         b3:69:07:17:c2:81:95:83:e0:fb:2a:19:55:86:01:99:37:c8:
         b3:2c:48:13:2f:32:a2:b7:ef:0d:94:2b:da:01:1c:4f:8d:92:
         28:60:7c:7e:a5:e8:69:a5:93:6e:25:ff:a4:37:e6:1a:53:2c:
         06:1b:7f:a8:7f:4d:6c:ad:b9:96:be:ab:7c:c3:d3:6e:1c:55:
         6b:47:c0:fd:65:9b:b3:ff:2e:87:e8:17:a8:97:c6:c3:4f:79:
         51:73:7e:41:46:45:2c:ee:2c:8b:26:26:df:d7:cb:52:25:8a:
         18:fb:0b:5d:aa:be:ac:74:f9:09:41:c6:85:e1:d7:ad:7d:d6:
         d8:c3:86:08:a2:cd:c7:54:94:46:82:77:eb:78:7d:37:c3:e6:
         4a:bb:94:ee:33:2d:fe:2e:5b:57:7d:c1:bc:5c:3f:fe:0d:76:
         18:ab:88:22:9f:71:cb:db:18:e5:ab:f4:4f:b3:e2:61:18:a1:
         5a:65:0d:15:a4:f5:01:ef:d3:da:c7:52:17:e8:22:09:1b:f5:
         3e:fe:40:d2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUP/xFisEcyDcWdeUsJeDrdl3FLz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTdaFw0yNTA2MTgxNDAxMTdaMDMxMTAvBgNV
BAMTKEI4NEJGMTNGMzZFMEZDOEMzOUE3QjNGMkQyMkE2NjFGOENGMzFFNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Si4ky61xwg6pmqcokW6z1Ix/
JJRo6HQRP5lVSpTOEnpBHZcPPM7/NemVCE8Jotv64n2X1Jd6O82JiEHgqHgioeC/
GhYNYx5+Gc7Uag05o+/MqShU9V4f7QPZULbssE7keHVSCcZBx065tqh6cQYAk1gu
x6I7ci9M26phwEFk+I60ETAtRi0Ed4EGbrKOcE5e4p01xxIxbRmPg7sE+xEWAUXK
v0Mk4Lz0PeUOu6ckkWyk3AzM8bMB0NupH7Wil9IL9qtQBtThC9QIKvl9ikP/rI6i
0NZCav0X9LBtEaaxQlMjQ+6IHk+3SAntQuja9DaK6d8zr6cKdPYSiM+bRln/AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUuEvxPzbg/Iw5p7Py0ipmH4zzHlYwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM3
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcewCzANBgkqhkiG9w0BAQsFAAOCAQEAM24qyM3lj3Iuv5PX
cHsXTscSDkl4rmJHok9vRlOm/cqmBqXwzBH1BZX4ZUC/VVdclnG2H6OFs2kHF8KB
lYPg+yoZVYYBmTfIsyxIEy8yorfvDZQr2gEcT42SKGB8fqXoaaWTbiX/pDfmGlMs
Bht/qH9NbK25lr6rfMPTbhxVa0fA/WWbs/8uh+gXqJfGw095UXN+QUZFLO4siyYm
39fLUiWKGPsLXaq+rHT5CUHGheHXrX3W2MOGCKLNx1SURoJ363h9N8PmSruU7jMt
/i5bV33BvFw//g12GKuIIp9xy9sY5av0T7PiYRihWmUNFaT1Ae/T2sdSF+giCRv1
Pv5A0g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:20 2024 by rpki-client on console-ams.rpki-client.org