Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6631303a3a2f34342d3438203d3e20313531353434.roa
File:                     326131343a373538313a6631303a3a2f34342d3438203d3e20313531353434.roa (raw, json)
Hash identifier:          g9TtSZQVqXGrrHa9XoS7OyNSn0AJz3QMFNN4jFexusk=
Subject key identifier:   F6:CB:47:E5:26:E7:87:F1:8C:75:3E:DB:6F:7B:14:90:F0:A8:35:72
Certificate issuer:       /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial:       62EB1E8BC862514E731D986D1B3D8861CB9ED5A1
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6631303a3a2f34342d3438203d3e20313531353434.roa
Signing time:             Fri 17 May 2024 15:05:17 +0000
ROA not before:           Fri 17 May 2024 15:00:17 +0000
ROA not after:            Fri 16 May 2025 15:05:17 +0000
asID:                     151544
IP address blocks:        2a14:7581:f10::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:eb:1e:8b:c8:62:51:4e:73:1d:98:6d:1b:3d:88:61:cb:9e:d5:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
        Validity
            Not Before: May 17 15:00:17 2024 GMT
            Not After : May 16 15:05:17 2025 GMT
        Subject: CN=F6CB47E526E787F18C753EDB6F7B1490F0A83572
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7d:5d:e1:02:2d:1c:84:86:44:ee:f5:f3:dc:
                    2b:23:cc:10:24:63:72:d2:58:4b:81:70:cd:c8:bd:
                    8b:06:a3:5c:d1:b2:c5:1b:9f:0b:22:21:fe:34:a6:
                    a6:08:a3:76:39:fb:44:4a:27:62:c6:e7:2f:5e:82:
                    dc:d5:22:28:5d:ef:1c:11:f1:6d:e6:0b:0f:74:c7:
                    1e:82:c3:b2:4c:06:30:3c:bd:40:aa:e1:00:8a:06:
                    7e:a8:1d:34:98:ba:f1:48:f0:d7:a1:d7:6a:84:2f:
                    aa:e9:18:b8:35:30:e9:ec:dc:6e:b5:ec:5c:b7:31:
                    bc:23:bd:15:30:de:cb:5e:95:8d:1b:2f:dc:bc:50:
                    d3:9f:aa:b8:13:97:37:10:23:93:ab:8b:e4:ee:42:
                    bc:5a:08:fa:45:71:01:80:8e:a6:ca:e4:5e:72:42:
                    80:c9:8a:0b:d1:29:bd:5f:63:96:78:6d:83:cf:83:
                    20:f6:9b:1c:d7:40:1a:50:01:9e:ce:4f:8a:8e:c2:
                    8b:09:f3:96:df:82:a4:e7:1c:51:97:30:fd:85:44:
                    16:0f:02:d8:80:dd:88:ef:c0:55:35:63:7c:77:1a:
                    b7:4c:cc:25:35:73:80:f5:c7:fb:5e:83:83:08:d1:
                    5e:de:e7:40:68:66:03:81:fb:10:02:e7:4a:9b:7b:
                    ee:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:CB:47:E5:26:E7:87:F1:8C:75:3E:DB:6F:7B:14:90:F0:A8:35:72
            X509v3 Authority Key Identifier:
                keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6631303a3a2f34342d3438203d3e20313531353434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:f10::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:43:c8:dc:26:18:34:04:da:82:a0:d4:c8:52:59:bb:8a:5f:
         59:33:75:fc:ae:0a:23:c9:bd:18:14:e2:eb:0b:55:73:bf:d4:
         b5:37:b2:cc:bb:ba:77:57:e3:1f:f6:78:33:f4:35:02:02:b2:
         4f:ab:aa:dc:ed:61:d6:5e:bc:c8:64:6d:9c:9b:35:4e:2f:78:
         8c:62:3c:61:ad:b3:b0:4c:c0:68:ef:f7:4d:eb:e5:73:fb:14:
         67:1b:23:5f:13:ec:a6:2d:16:0d:a8:2d:e8:55:8a:77:4f:dd:
         fb:1d:53:78:11:39:15:d3:b4:e2:53:77:ab:12:96:28:f3:7f:
         9d:d1:cb:cb:73:96:35:2a:0a:47:79:f9:dd:47:ec:f1:c5:54:
         75:5f:7d:f1:53:af:84:79:51:c7:18:97:d5:cb:25:2f:e3:05:
         ff:7f:91:38:e3:c2:12:36:91:3b:b5:ca:db:4b:2f:3b:d0:f3:
         c9:7d:da:05:fc:c9:9f:a7:6e:25:80:ad:42:c5:c4:ea:80:15:
         e4:37:a0:7f:36:c9:40:b9:86:a5:b0:39:ef:77:2e:19:a6:c1:
         d8:ea:21:75:39:6b:80:a4:e9:8d:0b:04:75:f9:8b:e8:82:4b:
         5f:23:35:8b:4d:fe:d3:59:35:68:bf:aa:5a:80:cb:4e:a6:57:
         f4:a2:34:2e
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUYusei8hiUU5zHZhtGz2IYcue1aEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDA1MTcxNTAwMTdaFw0yNTA1MTYxNTA1MTdaMDMxMTAvBgNV
BAMTKEY2Q0I0N0U1MjZFNzg3RjE4Qzc1M0VEQjZGN0IxNDkwRjBBODM1NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9fV3hAi0chIZE7vXz3CsjzBAk
Y3LSWEuBcM3IvYsGo1zRssUbnwsiIf40pqYIo3Y5+0RKJ2LG5y9egtzVIihd7xwR
8W3mCw90xx6Cw7JMBjA8vUCq4QCKBn6oHTSYuvFI8Neh12qEL6rpGLg1MOns3G61
7Fy3MbwjvRUw3stelY0bL9y8UNOfqrgTlzcQI5Ori+TuQrxaCPpFcQGAjqbK5F5y
QoDJigvRKb1fY5Z4bYPPgyD2mxzXQBpQAZ7OT4qOwosJ85bfgqTnHFGXMP2FRBYP
AtiA3YjvwFU1Y3x3GrdMzCU1c4D1x/teg4MI0V7e50BoZgOB+xAC50qbe+5tAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQU9stH5Sbnh/GMdT7bb3sUkPCoNXIwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjMxMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMTM1MzEzNTM0MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwQqFHWBDxAwDQYJKoZIhvcNAQELBQADggEBAGpDyNwmGDQE2oKg1MhS
WbuKX1kzdfyuCiPJvRgU4usLVXO/1LU3ssy7undX4x/2eDP0NQICsk+rqtztYdZe
vMhkbZybNU4veIxiPGGts7BMwGjv903r5XP7FGcbI18T7KYtFg2oLehVindP3fsd
U3gRORXTtOJTd6sSlijzf53Ry8tzljUqCkd5+d1H7PHFVHVfffFTr4R5UccYl9XL
JS/jBf9/kTjjwhI2kTu1yttLLzvQ88l92gX8yZ+nbiWArULFxOqAFeQ3oH82yUC5
hqWwOe93LhmmwdjqIXU5a4Ck6Y0LBHX5i+iCS18jNYtN/tNZNWi/qlqAy06mV/Si
NC4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org