Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e312e302f32342d3234203d3e20323135333632.roa
File:                     33312e362e312e302f32342d3234203d3e20323135333632.roa (raw, json)
Hash identifier:          7PSjICATlOrIno7niUtbDiDSvzVUdhGHIbcTdupdIAo=
Subject key identifier:   81:01:2F:D5:9E:AC:06:D1:62:5B:D5:7E:CD:59:BA:0F:13:73:2C:44
Certificate issuer:       /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial:       0379F0A8C4BE65B3FFED2730DBE2DFBCF8AEBCA8
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e312e302f32342d3234203d3e20323135333632.roa
Signing time:             Mon 18 Mar 2024 16:04:55 +0000
ROA not before:           Mon 18 Mar 2024 15:59:55 +0000
ROA not after:            Mon 17 Mar 2025 16:04:55 +0000
asID:                     215362
IP address blocks:        31.6.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:79:f0:a8:c4:be:65:b3:ff:ed:27:30:db:e2:df:bc:f8:ae:bc:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
        Validity
            Not Before: Mar 18 15:59:55 2024 GMT
            Not After : Mar 17 16:04:55 2025 GMT
        Subject: CN=81012FD59EAC06D1625BD57ECD59BA0F13732C44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c7:ba:a8:93:8c:00:57:42:3d:d7:1a:a6:c7:
                    d7:45:e5:91:c6:6f:84:45:86:38:90:79:49:ff:a1:
                    5a:7b:4f:75:ef:66:3b:be:d8:29:d8:12:d7:fa:e0:
                    87:41:be:8f:18:70:da:ef:58:49:66:c7:5f:6b:0f:
                    54:35:0d:1b:e5:d3:c6:0a:9a:b6:2a:7c:83:d7:ab:
                    92:cd:34:87:65:ec:86:e8:b0:e1:d3:3a:bf:52:32:
                    c9:53:5d:5f:44:b0:6d:cf:34:b3:93:95:a3:b5:20:
                    73:2f:c2:3b:7c:c4:ce:d1:24:3f:dc:a4:7d:7d:03:
                    5d:e1:3d:c2:7d:fb:ed:6a:e0:75:a7:57:aa:ce:e4:
                    1b:42:61:1f:16:67:78:ca:4d:b0:70:29:cc:2e:39:
                    ba:1d:cf:81:4f:b0:72:78:9a:3a:09:5d:e0:da:0b:
                    4c:06:ad:e3:eb:8b:8a:c3:b3:38:02:ff:22:c2:2f:
                    79:5e:e4:4c:eb:16:21:be:69:65:80:77:7c:7b:c9:
                    16:d5:18:b7:44:51:6d:91:90:a1:73:77:3e:69:75:
                    db:4c:ad:e7:33:f9:21:8a:d8:b3:d8:88:d3:34:1c:
                    24:b8:9f:ba:07:64:57:43:b8:6d:e5:ce:b7:58:89:
                    2c:43:ab:9d:a9:04:e0:70:85:c2:8d:93:24:ed:48:
                    cc:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:01:2F:D5:9E:AC:06:D1:62:5B:D5:7E:CD:59:BA:0F:13:73:2C:44
            X509v3 Authority Key Identifier:
                keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e312e302f32342d3234203d3e20323135333632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:8a:0d:4c:96:79:55:04:2a:d7:61:5f:c7:90:95:84:ac:39:
         dc:9e:30:88:41:35:8a:78:31:c0:d0:c9:fe:3a:d1:ed:05:fb:
         ad:31:f3:57:1b:f9:7c:7d:5c:1b:b6:63:32:ef:a6:2f:dc:73:
         bc:2e:01:19:0c:f9:03:5e:56:0f:94:18:98:65:9f:c2:0f:b4:
         00:77:93:29:0c:40:50:2e:ae:ff:fd:8e:ba:84:04:84:d5:f2:
         37:20:f5:08:36:1a:28:64:d5:c1:05:3f:7f:6d:24:a5:b2:49:
         f0:44:d5:3f:72:fd:84:57:70:49:74:40:ad:e6:4f:37:0e:2c:
         9b:a8:ba:47:b1:d1:4f:8f:5a:ae:55:6b:8d:e0:3e:09:52:b6:
         f6:52:00:78:38:82:e3:ac:23:9b:8a:51:82:3e:53:c7:08:29:
         ab:3a:02:18:00:b9:7f:1f:5b:6b:5e:e3:e9:86:2e:70:fa:c1:
         39:40:aa:c4:50:3b:7c:1a:93:b7:44:b1:29:19:5a:32:01:f4:
         5a:f0:40:46:e0:93:91:c3:0f:92:04:7f:44:ea:a5:10:28:75:
         00:91:c2:2f:de:89:48:cd:a8:8c:99:14:53:08:88:55:70:db:
         24:d7:14:54:d7:2d:76:64:0f:33:43:29:ca:57:b5:3b:1a:31:
         19:54:d6:9f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUA3nwqMS+ZbP/7Scw2+LfvPiuvKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDAzMTgxNTU5NTVaFw0yNTAzMTcxNjA0NTVaMDMxMTAvBgNV
BAMTKDgxMDEyRkQ1OUVBQzA2RDE2MjVCRDU3RUNENTlCQTBGMTM3MzJDNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdx7qok4wAV0I91xqmx9dF5ZHG
b4RFhjiQeUn/oVp7T3XvZju+2CnYEtf64IdBvo8YcNrvWElmx19rD1Q1DRvl08YK
mrYqfIPXq5LNNIdl7IbosOHTOr9SMslTXV9EsG3PNLOTlaO1IHMvwjt8xM7RJD/c
pH19A13hPcJ9++1q4HWnV6rO5BtCYR8WZ3jKTbBwKcwuObodz4FPsHJ4mjoJXeDa
C0wGrePri4rDszgC/yLCL3le5EzrFiG+aWWAd3x7yRbVGLdEUW2RkKFzdz5pddtM
recz+SGK2LPYiNM0HCS4n7oHZFdDuG3lzrdYiSxDq52pBOBwhcKNkyTtSMwHAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUgQEv1Z6sBtFiW9V+zVm6DxNzLEQwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMxMmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzMzNjMyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYBMA0G
CSqGSIb3DQEBCwUAA4IBAQAxig1MlnlVBCrXYV/HkJWErDncnjCIQTWKeDHA0Mn+
OtHtBfutMfNXG/l8fVwbtmMy76Yv3HO8LgEZDPkDXlYPlBiYZZ/CD7QAd5MpDEBQ
Lq7//Y66hASE1fI3IPUINhooZNXBBT9/bSSlsknwRNU/cv2EV3BJdECt5k83Diyb
qLpHsdFPj1quVWuN4D4JUrb2UgB4OILjrCObilGCPlPHCCmrOgIYALl/H1trXuPp
hi5w+sE5QKrEUDt8GpO3RLEpGVoyAfRa8EBG4JORww+SBH9E6qUQKHUAkcIv3olI
zaiMmRRTCIhVcNsk1xRU1y12ZA8zQynKV7U7GjEZVNaf
-----END CERTIFICATE-----
Generated at Thu Nov 21 17:13:49 2024 by rpki-client on console-ams.rpki-client.org