Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34382e302f32342d3234203d3e203630393439.roa
File:                     33312e362e34382e302f32342d3234203d3e203630393439.roa (raw, json)
Hash identifier:          ExldcQafpZh7ZTrXrE/z9aUHEdyWLn6QKstwpsJn/84=
Subject key identifier:   ED:73:BC:F5:E5:BB:08:73:72:FE:42:83:F0:96:C0:FF:F1:E4:8A:0A
Certificate issuer:       /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial:       462F58793EEFB2C129687440F6D56B0481651A6F
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34382e302f32342d3234203d3e203630393439.roa
Signing time:             Thu 01 Feb 2024 06:17:27 +0000
ROA not before:           Thu 01 Feb 2024 06:12:27 +0000
ROA not after:            Thu 30 Jan 2025 06:17:27 +0000
asID:                     60949
IP address blocks:        31.6.48.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:2f:58:79:3e:ef:b2:c1:29:68:74:40:f6:d5:6b:04:81:65:1a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
        Validity
            Not Before: Feb  1 06:12:27 2024 GMT
            Not After : Jan 30 06:17:27 2025 GMT
        Subject: CN=ED73BCF5E5BB087372FE4283F096C0FFF1E48A0A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:c9:bb:17:45:95:79:83:4a:32:1e:79:a1:2b:
                    6a:da:07:3e:d3:5e:7b:ee:ed:e3:9c:c3:18:87:f5:
                    cc:96:89:97:f8:63:dc:fa:bb:2b:22:ad:73:ca:b9:
                    0a:3a:10:65:10:7c:ca:f5:66:a6:e0:9d:eb:bd:f6:
                    50:82:2a:a7:43:f5:69:4e:0e:69:cd:3a:58:ce:60:
                    7b:16:4b:b9:c2:1f:1f:85:cf:bb:d9:23:46:e4:23:
                    e2:9d:91:10:e5:20:a4:d9:bf:e8:ee:8d:5e:21:2f:
                    8d:f9:e3:d2:37:20:86:79:c6:4b:30:67:9f:be:da:
                    20:8c:f3:6f:91:52:df:98:df:3f:91:71:6c:15:b1:
                    c9:e5:a5:71:6a:aa:24:e1:c6:da:ee:a1:13:c0:4a:
                    32:08:f4:74:e8:55:dd:c9:4b:92:12:fe:e8:37:78:
                    52:96:7e:fd:6d:1f:bd:8b:e4:03:de:11:f2:90:94:
                    e3:4d:c2:56:8f:18:e8:cf:66:32:d2:00:00:1b:53:
                    4e:ae:17:9e:59:13:24:68:d7:df:76:2e:02:c4:fd:
                    4a:ab:87:46:d9:90:e3:3a:01:09:26:b6:3a:2f:88:
                    e5:60:ad:e3:b8:dd:40:fd:13:bf:f2:df:9e:a9:78:
                    51:d6:31:9a:91:c7:4d:f3:92:6f:30:1a:ce:89:24:
                    09:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:73:BC:F5:E5:BB:08:73:72:FE:42:83:F0:96:C0:FF:F1:E4:8A:0A
            X509v3 Authority Key Identifier:
                keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e34382e302f32342d3234203d3e203630393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:b7:99:b9:f4:32:bd:4a:5b:2a:5f:8b:80:72:7f:ea:59:60:
         66:a0:cd:e5:1d:ed:60:a6:11:8c:01:22:46:ca:f9:71:42:ae:
         aa:25:9e:b7:48:eb:64:c2:5a:3c:ff:14:ab:99:31:8c:2f:8b:
         0b:42:b1:6b:50:93:c8:e7:51:d5:12:26:bf:77:c6:e5:7a:b4:
         44:6f:a9:37:7d:2b:fc:9c:33:5d:cc:49:db:87:e3:c9:5a:d6:
         53:4a:d4:52:d5:d5:72:a9:ab:66:3f:ee:62:67:bf:f3:29:ee:
         e9:2b:35:e9:05:58:5e:16:a3:ed:6e:02:17:99:54:46:fd:ca:
         9a:d9:bf:b7:d1:b8:5a:84:f6:fc:0b:e2:8c:e3:8e:01:38:3b:
         34:0b:21:11:b1:d0:75:ae:cc:1e:66:39:2b:77:91:b1:4f:d0:
         dd:3d:9f:b6:7b:f5:8f:1f:e5:ab:ba:a4:09:66:d2:af:b9:54:
         af:17:44:88:e6:82:38:a6:31:f9:2d:3d:7b:96:db:76:14:ff:
         37:b2:9d:32:b0:a0:3c:d0:61:1e:09:f5:67:3f:7e:36:3e:e6:
         71:a9:5d:e1:90:16:3a:f7:78:f0:1e:d4:24:98:cd:b9:0a:2e:
         e2:49:a1:93:09:cf:e4:2a:b3:d7:25:6e:8d:fb:2c:fb:6b:f3:
         c3:01:ed:70
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURi9YeT7vssEpaHRA9tVrBIFlGm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDAyMDEwNjEyMjdaFw0yNTAxMzAwNjE3MjdaMDMxMTAvBgNV
BAMTKEVENzNCQ0Y1RTVCQjA4NzM3MkZFNDI4M0YwOTZDMEZGRjFFNDhBMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpybsXRZV5g0oyHnmhK2raBz7T
Xnvu7eOcwxiH9cyWiZf4Y9z6uysirXPKuQo6EGUQfMr1Zqbgneu99lCCKqdD9WlO
DmnNOljOYHsWS7nCHx+Fz7vZI0bkI+KdkRDlIKTZv+jujV4hL43549I3IIZ5xksw
Z5++2iCM82+RUt+Y3z+RcWwVscnlpXFqqiThxtruoRPASjII9HToVd3JS5IS/ug3
eFKWfv1tH72L5APeEfKQlONNwlaPGOjPZjLSAAAbU06uF55ZEyRo1992LgLE/Uqr
h0bZkOM6AQkmtjoviOVgreO43UD9E7/y356peFHWMZqRx03zkm8wGs6JJAlbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU7XO89eW7CHNy/kKD8JbA//HkigowHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM0MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzkzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwYwMA0G
CSqGSIb3DQEBCwUAA4IBAQCJt5m59DK9SlsqX4uAcn/qWWBmoM3lHe1gphGMASJG
yvlxQq6qJZ63SOtkwlo8/xSrmTGML4sLQrFrUJPI51HVEia/d8blerREb6k3fSv8
nDNdzEnbh+PJWtZTStRS1dVyqatmP+5iZ7/zKe7pKzXpBVheFqPtbgIXmVRG/cqa
2b+30bhahPb8C+KM444BODs0CyERsdB1rsweZjkrd5GxT9DdPZ+2e/WPH+WruqQJ
ZtKvuVSvF0SI5oI4pjH5LT17ltt2FP83sp0ysKA80GEeCfVnP342PuZxqV3hkBY6
93jwHtQkmM25Ci7iSaGTCc/kKrPXJW6N+yz7a/PDAe1w
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:26 2024 by rpki-client on console-ams.rpki-client.org