Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa
File:                     AS206216.roa (raw, json)
Hash identifier:          dP/nuMD9xWjN6UpeYP6FlcttKUbhQ6IRkqr/+XZxChw=
Subject key identifier:   89:B1:EA:50:16:1D:50:51:07:BF:53:7A:22:F3:A6:A1:0B:04:48:4C
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       53EBA325ED600F2C90176137ED5AFC18C9DEC276
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa
Signing time:             Tue 20 Aug 2024 02:31:53 +0000
ROA not before:           Tue 20 Aug 2024 02:26:53 +0000
ROA not after:            Tue 19 Aug 2025 02:31:53 +0000
asID:                     206216
IP address blocks:        2a07:54c4:174f::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Oct 2024 23:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:eb:a3:25:ed:60:0f:2c:90:17:61:37:ed:5a:fc:18:c9:de:c2:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Aug 20 02:26:53 2024 GMT
            Not After : Aug 19 02:31:53 2025 GMT
        Subject: CN=89B1EA50161D505107BF537A22F3A6A10B04484C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d4:2e:36:70:a9:b9:98:74:b4:9b:fe:d2:da:
                    45:e9:18:a4:20:c6:37:37:31:39:10:bd:09:2a:61:
                    ce:b0:bf:05:42:39:a4:0c:f2:35:90:a9:10:22:5a:
                    54:f7:fa:e0:64:9b:5e:2c:d4:7b:8c:99:5a:9a:5d:
                    af:cc:38:d1:25:96:7d:3f:08:94:4b:33:8f:3b:3b:
                    1f:be:46:4a:94:b8:d4:d0:c2:da:27:6d:51:37:82:
                    c1:2a:fe:aa:64:0a:f6:99:99:47:63:af:25:dc:fc:
                    1e:8e:dc:e2:34:b7:97:60:55:7a:07:55:4c:bb:5b:
                    5b:35:91:03:7d:63:1e:80:ab:fc:8d:29:1b:d4:bc:
                    27:9b:b6:0e:0c:bb:ea:cd:e1:be:9b:1b:87:74:20:
                    c7:38:02:02:fd:90:50:62:9d:74:06:ab:a6:79:2f:
                    8f:23:63:d8:00:81:13:6b:b9:f5:7d:52:b9:77:4d:
                    77:f1:21:55:64:7e:ed:82:6f:18:e3:57:38:70:98:
                    f7:81:8a:b8:d6:e0:af:c0:42:cb:c4:90:94:d3:48:
                    7f:29:62:78:eb:7b:17:3b:d8:61:0a:33:a3:04:83:
                    86:d6:c7:43:9a:a3:22:3f:b7:1c:92:d4:90:ee:38:
                    cc:ff:32:f2:45:6e:59:01:14:40:6d:99:9e:a9:a7:
                    3f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:B1:EA:50:16:1D:50:51:07:BF:53:7A:22:F3:A6:A1:0B:04:48:4C
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206216.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c4:174f::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:22:61:51:05:4b:8f:00:de:12:ec:96:0f:21:bd:28:c3:21:
         98:9e:a7:72:f6:89:cf:ee:e8:97:84:8e:3a:61:70:b7:5e:a5:
         21:f6:76:8f:c7:e9:34:de:59:c7:0e:fe:8b:98:ab:a1:62:ef:
         d2:4c:fb:bf:27:33:a2:87:a4:74:2e:ba:2f:bf:1d:ec:e8:2d:
         88:e3:f6:56:e7:bd:8b:3f:a6:40:f1:29:2c:ca:f6:d9:ba:fb:
         ee:34:3f:07:91:bf:64:6c:14:f1:48:95:f3:16:02:0e:e9:f2:
         78:2d:30:83:2e:50:17:25:61:13:ad:0d:f9:2a:ac:3a:f1:c5:
         e6:10:76:66:0e:a3:a5:d8:26:b2:23:55:8e:8b:13:cc:34:c0:
         e5:30:eb:cf:6e:51:62:d4:84:a2:6e:f7:2a:18:7c:fc:ef:1c:
         8d:31:07:43:0a:b2:15:14:e4:d3:4e:d5:4a:2a:cc:60:d3:7b:
         db:29:87:0d:22:57:a5:b1:e8:a7:eb:6f:0e:e5:b1:b8:26:85:
         5b:cf:90:4c:ad:20:9b:fd:cb:a0:4e:58:a7:e4:ff:2e:f5:4d:
         1e:cf:37:4c:30:fd:ee:45:db:b5:05:ce:38:91:5e:54:71:13:
         71:60:26:d7:45:d5:03:bc:e2:5c:39:ac:3f:81:b1:02:2e:7d:
         0d:c0:54:e1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU+ujJe1gDyyQF2E37Vr8GMnewnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKDg5QjFFQTUwMTYxRDUwNTEwN0JGNTM3QTIyRjNBNkExMEIwNDQ4NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC71C42cKm5mHS0m/7S2kXpGKQg
xjc3MTkQvQkqYc6wvwVCOaQM8jWQqRAiWlT3+uBkm14s1HuMmVqaXa/MONElln0/
CJRLM487Ox++RkqUuNTQwtonbVE3gsEq/qpkCvaZmUdjryXc/B6O3OI0t5dgVXoH
VUy7W1s1kQN9Yx6Aq/yNKRvUvCebtg4Mu+rN4b6bG4d0IMc4AgL9kFBinXQGq6Z5
L48jY9gAgRNrufV9Url3TXfxIVVkfu2CbxjjVzhwmPeBirjW4K/AQsvEkJTTSH8p
Ynjrexc72GEKM6MEg4bWx0OaoyI/txyS1JDuOMz/MvJFblkBFEBtmZ6ppz9VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUibHqUBYdUFEHv1N6IvOmoQsESEwwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA2MjE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdPMA0GCSqGSIb3DQEBCwUAA4IBAQBsImFRBUuPAN4S7JYPIb0owyGYnqdy9onP
7uiXhI46YXC3XqUh9naPx+k03lnHDv6LmKuhYu/STPu/JzOih6R0Lrovvx3s6C2I
4/ZW572LP6ZA8SksyvbZuvvuND8Hkb9kbBTxSJXzFgIO6fJ4LTCDLlAXJWETrQ35
Kqw68cXmEHZmDqOl2CayI1WOixPMNMDlMOvPblFi1ISibvcqGHz87xyNMQdDCrIV
FOTTTtVKKsxg03vbKYcNIlelsein628O5bG4JoVbz5BMrSCb/cugTlin5P8u9U0e
zzdMMP3uRdu1Bc44kV5UcRNxYCbXRdUDvOJcOaw/gbECLn0NwFTh
-----END CERTIFICATE-----
Generated at Wed Oct 30 08:32:06 2024 by rpki-client on console-ams.rpki-client.org