Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS48581.roa
File:                     AS48581.roa (raw, json)
Hash identifier:          H1U8SmvOSt5pu4c+iGkGGrm+jdYQC03QTl7Cx0EhviM=
Subject key identifier:   37:6F:3C:B2:FD:FD:82:E9:5A:95:62:01:5A:FC:85:93:F8:32:00:06
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       107624E924C3CA23F16E8E3744FC6D8547F6DD8B
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS48581.roa
Signing time:             Tue 19 Sep 2023 02:14:55 +0000
ROA not before:           Tue 19 Sep 2023 02:09:55 +0000
ROA not after:            Tue 17 Sep 2024 02:14:55 +0000
asID:                     48581
IP address blocks:        2a07:54c2:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:76:24:e9:24:c3:ca:23:f1:6e:8e:37:44:fc:6d:85:47:f6:dd:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Sep 19 02:09:55 2023 GMT
            Not After : Sep 17 02:14:55 2024 GMT
        Subject: CN=376F3CB2FDFD82E95A9562015AFC8593F8320006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6d:c4:14:e7:fe:e9:b7:25:46:d2:90:b4:ce:
                    c7:d7:8a:a8:69:51:2b:70:fd:e9:07:e5:73:2e:86:
                    25:67:a8:28:80:b4:42:93:ee:2b:5c:05:35:46:53:
                    0e:e9:d5:5d:8b:6c:a1:c6:59:e2:9c:0d:cf:92:a3:
                    d9:80:e8:ff:07:c5:4d:63:30:7b:a1:96:e0:3c:d9:
                    c2:01:d6:55:0d:ea:8f:e7:b0:9a:08:74:19:e5:cc:
                    92:e5:b0:d9:e6:44:f8:7e:27:0a:e6:52:f8:79:f5:
                    93:4d:25:35:66:b8:67:12:31:14:e4:25:68:27:0a:
                    1f:60:89:2f:9c:1b:e4:a3:cb:f3:b6:9f:28:c2:0d:
                    be:67:68:eb:05:dc:44:b4:37:17:b1:19:04:58:e8:
                    83:4f:2d:c5:cb:b4:a7:d4:b9:70:23:dd:3f:ec:1b:
                    04:b9:a4:44:3d:24:40:6f:bc:c5:df:ab:be:d3:81:
                    00:6b:82:b3:1e:d3:84:7c:df:30:b0:63:9b:2a:ba:
                    d6:44:45:6a:d9:70:10:4a:ca:b1:7a:78:90:3f:9b:
                    b8:5a:08:f7:f7:c8:c3:21:02:fa:ee:56:a5:ef:94:
                    20:21:cf:f5:3b:ae:41:c7:8b:90:eb:e4:70:e5:de:
                    24:53:db:0e:97:dd:c0:49:2f:10:e2:52:87:23:e6:
                    0d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:6F:3C:B2:FD:FD:82:E9:5A:95:62:01:5A:FC:85:93:F8:32:00:06
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS48581.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c2:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:56:81:94:4c:71:b6:73:25:f8:23:ce:88:14:0c:ad:1f:1b:
         37:d5:40:4d:66:bc:d2:51:7f:f4:b4:1f:62:36:32:6e:68:e6:
         21:5b:50:81:47:24:0b:02:64:ac:84:42:73:c7:de:05:10:1f:
         71:6c:94:48:c6:fa:1f:17:7b:32:a4:73:3d:30:2c:5c:09:38:
         26:e8:f1:3b:4b:ae:22:2a:35:b5:c2:0c:df:e3:68:c7:64:38:
         de:a3:2a:ae:6c:eb:5f:5c:70:e4:69:2c:05:8d:bb:47:93:35:
         51:8e:31:f8:fd:bf:0f:10:46:86:3d:3d:24:3f:bb:a5:9f:86:
         1c:1f:ed:c7:ca:0f:fb:3b:4c:40:41:4f:6b:ad:4f:ba:a1:b1:
         08:ec:d2:07:d5:1c:5a:d3:16:69:da:9f:c1:e0:eb:ec:b2:87:
         c1:d5:9a:a0:59:93:6b:ab:0e:e6:3c:5e:87:a8:1c:50:e2:37:
         d1:6a:17:61:85:c3:63:ad:05:f4:73:2b:02:88:66:d4:7a:41:
         fb:10:d1:48:6f:bb:e0:61:f3:a0:76:f3:6d:c4:c2:25:84:0c:
         57:c3:82:2c:e9:8a:74:4d:fa:4c:46:97:93:81:06:f7:54:c4:
         04:a1:a9:63:7d:81:fb:a4:dc:80:0f:de:23:b9:53:6e:68:8f:
         48:70:fe:c0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUEHYk6STDyiPxbo43RPxthUf23YswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MTkwMjA5NTVaFw0yNDA5MTcwMjE0NTVaMDMxMTAvBgNV
BAMTKDM3NkYzQ0IyRkRGRDgyRTk1QTk1NjIwMTVBRkM4NTkzRjgzMjAwMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClbcQU5/7ptyVG0pC0zsfXiqhp
UStw/ekH5XMuhiVnqCiAtEKT7itcBTVGUw7p1V2LbKHGWeKcDc+So9mA6P8HxU1j
MHuhluA82cIB1lUN6o/nsJoIdBnlzJLlsNnmRPh+JwrmUvh59ZNNJTVmuGcSMRTk
JWgnCh9giS+cG+Sjy/O2nyjCDb5naOsF3ES0NxexGQRY6INPLcXLtKfUuXAj3T/s
GwS5pEQ9JEBvvMXfq77TgQBrgrMe04R83zCwY5squtZERWrZcBBKyrF6eJA/m7ha
CPf3yMMhAvruVqXvlCAhz/U7rkHHi5Dr5HDl3iRT2w6X3cBJLxDiUocj5g09AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUN288sv39gulalWIBWvyFk/gyAAYwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNDg1ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBAJxWgZRMcbZzJfgjzogUDK0fGzfVQE1mvNJR
f/S0H2I2Mm5o5iFbUIFHJAsCZKyEQnPH3gUQH3FslEjG+h8XezKkcz0wLFwJOCbo
8TtLriIqNbXCDN/jaMdkON6jKq5s619ccORpLAWNu0eTNVGOMfj9vw8QRoY9PSQ/
u6Wfhhwf7cfKD/s7TEBBT2utT7qhsQjs0gfVHFrTFmnan8Hg6+yyh8HVmqBZk2ur
DuY8XoeoHFDiN9FqF2GFw2OtBfRzKwKIZtR6QfsQ0Uhvu+Bh86B2823EwiWEDFfD
gizpinRN+kxGl5OBBvdUxAShqWN9gfuk3IAP3iO5U25oj0hw/sA=
-----END CERTIFICATE-----
Generated at Sat May 18 03:05:16 2024 by rpki-client on console-fra.rpki-client.org