Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/326131333a656534373a3a2f33322d3332203d3e20323132383137.roa
File:                     326131333a656534373a3a2f33322d3332203d3e20323132383137.roa (raw, json)
Hash identifier:          meeqL7FJn6dEvD3ppA0nPdjflGG9EU5SJcFNC+BgG1c=
Subject key identifier:   8F:75:1D:32:87:AB:FC:36:AE:D1:71:2E:27:54:54:51:EE:4F:5F:88
Certificate issuer:       /CN=9da23cc2cf88ae4585cf8aaf9a714a9ad2e6f198
Certificate serial:       35CE3CC557B6A56EB399FC8B22343024902EF4A4
Authority key identifier: 9D:A2:3C:C2:CF:88:AE:45:85:CF:8A:AF:9A:71:4A:9A:D2:E6:F1:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/naI8ws-IrkWFz4qvmnFKmtLm8Zg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/326131333a656534373a3a2f33322d3332203d3e20323132383137.roa
Signing time:             Sat 18 Nov 2023 02:20:26 +0000
ROA not before:           Sat 18 Nov 2023 02:15:26 +0000
ROA not after:            Sat 16 Nov 2024 02:20:26 +0000
asID:                     212817
IP address blocks:        2a13:ee47::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/9DA23CC2CF88AE4585CF8AAF9A714A9AD2E6F198.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/9DA23CC2CF88AE4585CF8AAF9A714A9AD2E6F198.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/naI8ws-IrkWFz4qvmnFKmtLm8Zg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 14:10:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:ce:3c:c5:57:b6:a5:6e:b3:99:fc:8b:22:34:30:24:90:2e:f4:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9da23cc2cf88ae4585cf8aaf9a714a9ad2e6f198
        Validity
            Not Before: Nov 18 02:15:26 2023 GMT
            Not After : Nov 16 02:20:26 2024 GMT
        Subject: CN=8F751D3287ABFC36AED1712E27545451EE4F5F88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:04:c8:bf:7c:8b:53:a0:49:b3:80:00:dc:c0:
                    52:80:fc:15:2e:7f:bc:8d:3f:36:1f:71:61:54:b6:
                    9e:a0:d5:61:d3:7d:9d:50:6c:89:db:4b:36:85:9a:
                    03:7a:dd:e7:7d:50:9c:c0:9f:7e:f4:b8:07:ef:f8:
                    46:5f:e9:4f:52:70:fc:87:20:24:cb:2f:49:ba:5f:
                    9f:9e:7b:a7:83:df:7d:16:c0:54:81:d4:b8:52:8b:
                    f4:c8:a0:1a:36:1c:10:96:7d:22:fd:5b:22:43:48:
                    18:78:b3:fd:d7:2b:d8:0f:2d:a9:19:c5:eb:5e:40:
                    6f:e1:41:3b:a9:8b:13:11:9d:41:2d:f5:f2:4f:2f:
                    39:63:69:24:63:c4:8e:ee:dd:b8:62:68:7d:aa:73:
                    a1:bb:85:4f:2b:b1:c8:b3:b4:29:4e:43:1e:4a:48:
                    30:a2:ad:98:85:55:32:d5:c7:4e:52:08:16:a5:66:
                    2c:32:eb:2b:3b:56:6e:ab:05:d2:2e:1e:8a:97:8a:
                    e5:00:ee:f9:79:fe:86:e3:1d:60:41:81:bf:fe:ae:
                    31:37:a5:4b:82:a4:3a:c0:d2:ce:f2:7b:8c:26:a7:
                    23:92:5e:d4:e7:f7:e0:e3:de:5d:48:64:d5:57:14:
                    92:b0:ee:3c:3e:47:e5:5f:c0:f0:e1:c5:23:e3:4e:
                    77:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:75:1D:32:87:AB:FC:36:AE:D1:71:2E:27:54:54:51:EE:4F:5F:88
            X509v3 Authority Key Identifier:
                keyid:9D:A2:3C:C2:CF:88:AE:45:85:CF:8A:AF:9A:71:4A:9A:D2:E6:F1:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/9DA23CC2CF88AE4585CF8AAF9A714A9AD2E6F198.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naI8ws-IrkWFz4qvmnFKmtLm8Zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a4c6bdc5-eb4e-4b6e-95f6-62790e57f3be/0/326131333a656534373a3a2f33322d3332203d3e20323132383137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:ee47::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:9f:e9:b1:b0:2d:37:f2:a9:d8:41:f7:74:dd:c6:e5:56:c6:
         e5:62:b0:10:01:80:a6:73:46:22:8f:51:0e:72:8e:61:cc:e0:
         df:e9:04:b9:ba:9e:cb:87:56:9d:79:bc:60:ef:b0:06:af:cf:
         f3:ad:43:e3:bb:c3:02:ac:45:09:95:bb:dd:dc:d4:66:11:ee:
         f3:8d:85:f4:b2:d3:46:1a:15:42:4f:1b:bc:ca:31:e0:5a:b1:
         61:9e:55:67:fa:04:78:f3:02:5c:f0:dd:e7:eb:1a:80:15:47:
         48:91:7b:09:47:62:0e:8e:8e:3a:09:0e:a3:fd:74:7f:3c:aa:
         14:8e:fc:74:90:dc:65:30:37:ab:ee:dd:b6:54:4e:8c:cb:f8:
         e3:fd:90:71:d4:37:4b:cd:a6:43:a5:6a:42:86:42:49:ae:af:
         de:4a:d7:ca:72:5d:e2:ff:70:f4:31:72:97:1b:86:f3:86:2d:
         82:ed:4b:a0:c4:7a:f2:be:22:d0:71:d0:c0:b8:58:a5:77:eb:
         51:c5:23:c7:17:c4:aa:dd:9e:b3:14:77:6c:11:d7:3d:c6:f1:
         e5:77:c7:27:4b:cc:3c:7b:13:2f:94:19:9f:04:ae:70:df:9d:
         1b:a7:cc:43:db:97:df:d1:1d:75:09:5d:d3:da:66:1b:64:68:
         37:6a:b2:56
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUNc48xVe2pW6zmfyLIjQwJJAu9KQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRhMjNjYzJjZjg4YWU0NTg1Y2Y4YWFmOWE3MTRhOWFk
MmU2ZjE5ODAeFw0yMzExMTgwMjE1MjZaFw0yNDExMTYwMjIwMjZaMDMxMTAvBgNV
BAMTKDhGNzUxRDMyODdBQkZDMzZBRUQxNzEyRTI3NTQ1NDUxRUU0RjVGODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5BMi/fItToEmzgADcwFKA/BUu
f7yNPzYfcWFUtp6g1WHTfZ1QbInbSzaFmgN63ed9UJzAn370uAfv+EZf6U9ScPyH
ICTLL0m6X5+ee6eD330WwFSB1LhSi/TIoBo2HBCWfSL9WyJDSBh4s/3XK9gPLakZ
xeteQG/hQTupixMRnUEt9fJPLzljaSRjxI7u3bhiaH2qc6G7hU8rsciztClOQx5K
SDCirZiFVTLVx05SCBalZiwy6ys7Vm6rBdIuHoqXiuUA7vl5/objHWBBgb/+rjE3
pUuCpDrA0s7ye4wmpyOSXtTn9+Dj3l1IZNVXFJKw7jw+R+VfwPDhxSPjTnenAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUj3UdMoer/Dau0XEuJ1RUUe5PX4gwHwYDVR0j
BBgwFoAUnaI8ws+IrkWFz4qvmnFKmtLm8ZgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTRjNmJkYzUtZWI0ZS00YjZlLTk1ZjYtNjI3OTBlNTdm
M2JlLzAvOURBMjNDQzJDRjg4QUU0NTg1Q0Y4QUFGOUE3MTRBOUFEMkU2RjE5OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25hSTh3cy1JcmtXRno0cXZtbkZLbXRM
bThaZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTRjNmJkYzUt
ZWI0ZS00YjZlLTk1ZjYtNjI3OTBlNTdmM2JlLzAvMzI2MTMxMzMzYTY1NjUzNDM3
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTMyMzgzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPuRzANBgkqhkiG9w0BAQsFAAOCAQEAG5/psbAtN/Kp2EH3dN3G5VbG5WKwEAGA
pnNGIo9RDnKOYczg3+kEubqey4dWnXm8YO+wBq/P861D47vDAqxFCZW73dzUZhHu
842F9LLTRhoVQk8bvMox4FqxYZ5VZ/oEePMCXPDd5+sagBVHSJF7CUdiDo6OOgkO
o/10fzyqFI78dJDcZTA3q+7dtlROjMv44/2QcdQ3S82mQ6VqQoZCSa6v3krXynJd
4v9w9DFylxuG84Ytgu1LoMR68r4i0HHQwLhYpXfrUcUjxxfEqt2esxR3bBHXPcbx
5XfHJ0vMPHsTL5QZnwSucN+dG6fMQ9uX39EddQld09pmG2RoN2qyVg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 20:32:52 2024 by rpki-client on console-ams.rpki-client.org