Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199765.roa
File:                     AS199765.roa (raw, json)
Hash identifier:          1F1UPxWnvSE9zJjtxyNoylur1YB5UtsGyq70LY5t7jY=
Subject key identifier:   B9:14:43:AD:99:8F:B5:6E:05:EB:04:C1:30:3F:83:EB:74:C8:F2:A2
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       2B11519B10A249AB1357CDF70547557F640428A0
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199765.roa
Signing time:             Sat 13 Jan 2024 15:46:14 +0000
ROA not before:           Sat 13 Jan 2024 15:41:14 +0000
ROA not after:            Sat 11 Jan 2025 15:46:14 +0000
asID:                     199765
IP address blocks:        2a07:54c4:1757::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:11:51:9b:10:a2:49:ab:13:57:cd:f7:05:47:55:7f:64:04:28:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Jan 13 15:41:14 2024 GMT
            Not After : Jan 11 15:46:14 2025 GMT
        Subject: CN=B91443AD998FB56E05EB04C1303F83EB74C8F2A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:52:99:98:64:42:d3:ed:27:61:44:f7:f3:75:
                    6a:3c:8a:d4:4b:fc:45:84:70:38:9c:e1:c8:50:cc:
                    a3:e5:a6:f5:59:99:da:9f:92:90:45:7f:79:22:b7:
                    04:e2:c9:e6:3c:bf:06:7d:ae:5d:c7:5e:b6:d6:e1:
                    8b:98:c6:30:c1:98:06:e6:cc:b3:a3:b8:ec:f2:54:
                    16:2b:1b:9d:50:73:62:1e:82:e7:86:a9:cd:e8:14:
                    c3:a3:c7:d4:a8:48:aa:90:47:63:53:e0:52:a6:33:
                    87:cb:fa:43:17:d5:c6:49:d0:36:6b:64:c1:80:16:
                    87:89:06:55:cb:62:ae:29:ed:80:d4:a9:bc:ed:20:
                    40:f7:f8:75:06:b2:e0:e6:f0:2f:df:de:a7:44:78:
                    b2:14:38:08:65:28:2d:66:d7:ed:38:35:bc:c3:15:
                    c5:1c:83:0a:51:4b:90:9a:f7:a8:d1:a7:52:16:7e:
                    47:19:27:a7:01:eb:71:fe:1f:61:ba:50:36:36:62:
                    3f:93:1a:05:2b:74:0b:95:bd:c8:ce:58:21:dd:9b:
                    c8:a9:c2:73:db:6a:f8:aa:25:dc:0f:3e:bf:c9:e3:
                    bd:c1:3f:2d:44:3f:37:5e:a2:b7:6c:ba:8d:4a:e1:
                    ec:4b:2b:ea:d8:13:0a:bb:83:72:6d:f5:97:1d:0d:
                    12:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:14:43:AD:99:8F:B5:6E:05:EB:04:C1:30:3F:83:EB:74:C8:F2:A2
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199765.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c4:1757::/48

    Signature Algorithm: sha256WithRSAEncryption
         1a:15:79:7f:d7:1e:72:3e:bf:b6:1d:e7:e4:c1:ed:b1:ef:f0:
         74:48:92:7e:1f:93:31:c7:e3:71:07:f1:67:6f:c3:aa:29:71:
         da:7a:64:23:9b:1e:d8:ed:c6:1e:40:34:0f:80:42:d0:4a:05:
         6a:bf:85:6c:56:c1:03:42:7b:97:ec:64:84:a6:00:f4:6f:31:
         a6:5d:7c:f8:62:86:49:07:42:05:9b:04:f6:36:52:14:40:35:
         d8:ef:ef:ed:86:23:d2:9c:c1:3e:63:41:e6:74:ca:6f:d6:c3:
         cd:bc:b3:f1:52:5a:c0:17:e2:48:f8:27:2c:74:07:e7:c6:a2:
         f4:46:f0:e5:14:14:e1:2f:6d:98:cd:a2:19:0b:a7:40:c9:97:
         83:12:c0:99:e2:16:51:b0:f5:34:67:35:18:fa:ea:39:c4:2a:
         09:dd:68:71:af:8a:29:b1:55:c8:c5:a7:7e:38:61:b1:16:e5:
         8b:f7:0f:0b:d7:fe:8a:4a:b2:42:d1:1e:b6:e7:54:50:24:36:
         dd:6b:a4:fa:12:8d:1c:96:1e:19:1b:08:2c:70:56:7b:a8:cb:
         30:6f:dc:0c:c1:1a:20:72:6a:82:a6:ac:31:4a:2a:94:c9:73:
         94:bc:0d:ab:e8:c0:b1:bc:f7:0b:74:49:c2:d5:94:fa:fa:9c:
         21:b3:01:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKxFRmxCiSasTV833BUdVf2QEKKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDAxMTMxNTQxMTRaFw0yNTAxMTExNTQ2MTRaMDMxMTAvBgNV
BAMTKEI5MTQ0M0FEOTk4RkI1NkUwNUVCMDRDMTMwM0Y4M0VCNzRDOEYyQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvUpmYZELT7SdhRPfzdWo8itRL
/EWEcDic4chQzKPlpvVZmdqfkpBFf3kitwTiyeY8vwZ9rl3HXrbW4YuYxjDBmAbm
zLOjuOzyVBYrG51Qc2IegueGqc3oFMOjx9SoSKqQR2NT4FKmM4fL+kMX1cZJ0DZr
ZMGAFoeJBlXLYq4p7YDUqbztIED3+HUGsuDm8C/f3qdEeLIUOAhlKC1m1+04NbzD
FcUcgwpRS5Ca96jRp1IWfkcZJ6cB63H+H2G6UDY2Yj+TGgUrdAuVvcjOWCHdm8ip
wnPbaviqJdwPPr/J473BPy1EPzdeordsuo1K4exLK+rYEwq7g3Jt9ZcdDRLXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuRRDrZmPtW4F6wTBMD+D63TI8qIwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk5NzY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdXMA0GCSqGSIb3DQEBCwUAA4IBAQAaFXl/1x5yPr+2Hefkwe2x7/B0SJJ+H5Mx
x+NxB/Fnb8OqKXHaemQjmx7Y7cYeQDQPgELQSgVqv4VsVsEDQnuX7GSEpgD0bzGm
XXz4YoZJB0IFmwT2NlIUQDXY7+/thiPSnME+Y0HmdMpv1sPNvLPxUlrAF+JI+Ccs
dAfnxqL0RvDlFBThL22YzaIZC6dAyZeDEsCZ4hZRsPU0ZzUY+uo5xCoJ3Whxr4op
sVXIxad+OGGxFuWL9w8L1/6KSrJC0R6251RQJDbda6T6Eo0clh4ZGwgscFZ7qMsw
b9wMwRogcmqCpqwxSiqUyXOUvA2r6MCxvPcLdEnC1ZT6+pwhswFH
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org