Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa
File:                     AS60639.roa (raw, json)
Hash identifier:          w2/l/pURb7dHqjZLWgrmQb8tDlr9ZIwR8n8nECmr94I=
Subject key identifier:   0E:7D:39:BE:9D:6E:A0:D2:98:77:E0:1F:A8:D2:B6:A8:69:64:02:C8
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       0267CF39FB07561D619747FD33B8A5D1E6551CDA
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa
Signing time:             Sat 10 Feb 2024 22:10:29 +0000
ROA not before:           Sat 10 Feb 2024 22:05:29 +0000
ROA not after:            Sat 08 Feb 2025 22:10:29 +0000
asID:                     60639
IP address blocks:        2a07:54c7:7000::/36 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:67:cf:39:fb:07:56:1d:61:97:47:fd:33:b8:a5:d1:e6:55:1c:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Feb 10 22:05:29 2024 GMT
            Not After : Feb  8 22:10:29 2025 GMT
        Subject: CN=0E7D39BE9D6EA0D29877E01FA8D2B6A8696402C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:d1:da:23:a1:d0:b3:30:67:69:de:6d:0b:ae:
                    3f:54:38:98:f4:88:b9:83:ff:85:43:81:9d:ef:7c:
                    32:2f:30:a8:99:33:61:11:9e:a6:08:02:90:f2:27:
                    9f:2e:b2:9f:fb:62:a9:a6:10:42:59:b4:53:d4:0b:
                    14:72:63:c3:04:e0:fb:4f:4e:71:47:03:5d:a8:43:
                    0b:d0:93:73:a5:ff:16:ca:f1:de:08:03:7e:3f:94:
                    4a:85:07:1f:b3:d4:29:d7:96:8a:1e:3e:8b:c3:39:
                    bf:1c:d9:5b:9f:93:2f:f2:7f:80:96:f0:a1:8a:f8:
                    fb:5a:13:1a:de:2e:7c:f5:56:9c:a4:33:1b:35:f8:
                    e4:9f:0e:5c:f8:95:51:b1:f8:fc:52:fd:0e:42:d0:
                    b9:00:f0:e4:85:3a:59:6c:ca:d2:b7:b2:a3:de:63:
                    8c:07:e2:5d:f1:01:e5:8d:82:fa:4c:d6:71:42:de:
                    97:07:d3:ad:4f:73:e5:ef:50:43:c9:06:a7:8c:3a:
                    cf:be:27:7d:ae:41:2e:83:89:2f:c4:37:5a:a0:b5:
                    17:6e:45:56:aa:ec:e0:19:6d:7d:06:82:91:26:53:
                    27:b0:5d:51:8a:f6:84:25:d7:d5:11:06:76:5a:75:
                    2e:57:b2:93:cf:7b:80:ec:03:5e:11:5b:fb:ad:cc:
                    27:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7D:39:BE:9D:6E:A0:D2:98:77:E0:1F:A8:D2:B6:A8:69:64:02:C8
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:7000::/36

    Signature Algorithm: sha256WithRSAEncryption
         2b:4f:b8:61:4a:e6:c6:57:34:d9:48:89:64:b1:c7:b6:1a:fc:
         e1:e4:a7:00:8c:0c:a5:5b:86:a6:cf:1b:a9:96:9c:33:48:e1:
         46:c6:c6:01:b7:63:e8:a7:ff:47:82:33:5e:d6:85:f7:6a:85:
         0e:44:59:50:5d:31:1e:15:e8:ee:fa:ee:e3:7e:4f:18:4c:d1:
         71:c5:93:8c:af:43:9a:53:09:db:e3:c4:fe:3d:33:1a:c5:c3:
         0a:fe:e3:40:45:8b:e9:0d:55:68:ad:97:85:f2:5c:25:ff:2a:
         a2:dc:20:bf:6a:0f:e8:62:26:ec:e7:57:f9:a2:ef:5b:aa:bb:
         45:29:d5:67:4a:32:c5:e6:b9:a5:6f:f6:fc:00:29:32:d8:b1:
         dc:02:29:31:1f:4f:cd:d1:f6:51:87:f9:a9:10:83:12:96:9b:
         0f:03:74:96:ba:9f:d2:bc:c4:5c:f1:e3:b8:6d:e3:cd:e8:c1:
         a0:52:1d:08:35:a0:d2:59:ab:19:cc:02:9f:65:e8:4a:a3:97:
         47:d2:92:fa:05:7c:e5:70:ca:7a:57:23:cc:77:95:88:09:9f:
         c7:c7:a7:5d:8d:87:19:e6:d5:f0:75:66:47:c1:1f:88:d2:28:
         99:3f:fe:af:eb:e4:b1:a0:28:73:2f:60:80:f4:0a:e4:51:9c:
         00:0b:73:97
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAmfPOfsHVh1hl0f9M7il0eZVHNowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDAyMTAyMjA1MjlaFw0yNTAyMDgyMjEwMjlaMDMxMTAvBgNV
BAMTKDBFN0QzOUJFOUQ2RUEwRDI5ODc3RTAxRkE4RDJCNkE4Njk2NDAyQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD00dojodCzMGdp3m0Lrj9UOJj0
iLmD/4VDgZ3vfDIvMKiZM2ERnqYIApDyJ58usp/7YqmmEEJZtFPUCxRyY8ME4PtP
TnFHA12oQwvQk3Ol/xbK8d4IA34/lEqFBx+z1CnXlooePovDOb8c2Vufky/yf4CW
8KGK+PtaExreLnz1VpykMxs1+OSfDlz4lVGx+PxS/Q5C0LkA8OSFOllsytK3sqPe
Y4wH4l3xAeWNgvpM1nFC3pcH061Pc+XvUEPJBqeMOs++J32uQS6DiS/EN1qgtRdu
RVaq7OAZbX0GgpEmUyewXVGK9oQl19URBnZadS5XspPPe4DsA14RW/utzCc1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUDn05vp1uoNKYd+AfqNK2qGlkAsgwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNjA2Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqB1TH
cDANBgkqhkiG9w0BAQsFAAOCAQEAK0+4YUrmxlc02UiJZLHHthr84eSnAIwMpVuG
ps8bqZacM0jhRsbGAbdj6Kf/R4IzXtaF92qFDkRZUF0xHhXo7vru435PGEzRccWT
jK9DmlMJ2+PE/j0zGsXDCv7jQEWL6Q1VaK2XhfJcJf8qotwgv2oP6GIm7OdX+aLv
W6q7RSnVZ0oyxea5pW/2/AApMtix3AIpMR9PzdH2UYf5qRCDEpabDwN0lrqf0rzE
XPHjuG3jzejBoFIdCDWg0lmrGcwCn2XoSqOXR9KS+gV85XDKelcjzHeViAmfx8en
XY2HGebV8HVmR8EfiNIomT/+r+vksaAocy9ggPQK5FGcAAtzlw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:36 2024 by rpki-client on console-ams.rpki-client.org