Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60900.roa
File:                     AS60900.roa (raw, json)
Hash identifier:          N8U4GB1O+wiHbJGxCw/ymRFXesVUmTeRr08V1nKf0hA=
Subject key identifier:   D9:D7:EA:0A:E9:47:8F:61:0D:04:24:C8:15:24:16:1A:99:52:27:CB
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       51D3A07AAA31B5C5F77D24C9E595EE490288305C
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60900.roa
Signing time:             Tue 20 Aug 2024 02:31:57 +0000
ROA not before:           Tue 20 Aug 2024 02:26:57 +0000
ROA not after:            Tue 19 Aug 2025 02:31:57 +0000
asID:                     60900
IP address blocks:        2a07:54c2:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 09 Oct 2024 19:56:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:d3:a0:7a:aa:31:b5:c5:f7:7d:24:c9:e5:95:ee:49:02:88:30:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Aug 20 02:26:57 2024 GMT
            Not After : Aug 19 02:31:57 2025 GMT
        Subject: CN=D9D7EA0AE9478F610D0424C81524161A995227CB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:3b:f1:83:6e:32:c1:91:cc:1d:a4:5d:a3:08:
                    3f:1d:8d:ac:5f:08:83:a6:3b:cd:f0:1e:ad:c7:bb:
                    a7:89:38:e0:89:e3:74:d6:11:0c:dc:45:5f:fd:9f:
                    79:fd:be:13:59:a9:90:88:b6:ce:42:fd:b8:5b:81:
                    d7:d2:6d:31:1b:c5:40:c7:6f:c3:a8:e9:bf:66:d8:
                    88:10:11:21:1e:cf:a4:6f:8e:9b:14:19:ca:e3:d3:
                    5f:bb:9b:21:5d:1f:11:88:23:31:3f:dc:f2:9f:68:
                    d4:d8:10:2b:75:bc:58:68:b3:fc:a4:99:b5:33:0b:
                    ee:40:af:9d:a8:c3:aa:3a:f6:ca:89:95:17:a7:5b:
                    9c:e0:17:68:40:fb:05:b2:f0:8a:dc:be:57:96:ec:
                    31:a5:79:8c:d3:9c:7b:0c:36:c3:2e:3f:b7:c2:c0:
                    70:69:3d:28:6b:b8:99:14:b4:00:e2:6d:c5:06:57:
                    99:9c:78:db:39:ea:4a:d7:6e:4a:0e:07:5e:ca:aa:
                    1b:61:00:11:62:c0:17:32:2a:a4:b7:87:28:b3:81:
                    2b:59:7a:56:5a:0d:67:20:d4:17:db:cd:f2:bd:c5:
                    dc:38:6b:26:d4:47:6f:24:a2:f5:28:dc:2f:80:ab:
                    c4:ba:ec:98:b8:ca:7f:76:7f:55:7a:4d:b4:ae:74:
                    03:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:D7:EA:0A:E9:47:8F:61:0D:04:24:C8:15:24:16:1A:99:52:27:CB
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60900.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c2:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         68:80:21:2e:f5:69:3b:96:53:ac:3f:da:39:75:d8:6f:54:16:
         67:a5:8e:68:da:16:e5:41:9d:e3:bc:ed:47:05:49:b8:e0:b8:
         b3:04:c4:d8:e6:33:c2:94:8c:79:1c:73:40:7f:5d:1d:da:b6:
         22:ae:3b:59:2a:e3:76:e0:e3:47:cd:da:c7:71:5c:2c:41:3f:
         7d:fc:49:a2:e8:ea:6c:5e:50:17:01:29:8f:a4:33:29:69:77:
         0e:2a:62:3c:6b:6c:61:d9:aa:19:a2:cc:46:dd:8b:60:07:aa:
         d6:40:d3:e1:ca:ca:41:72:db:f3:61:9a:46:74:f7:eb:63:ec:
         6d:fd:dc:99:18:5e:a4:59:eb:8c:a5:8d:dd:9e:ab:39:39:d1:
         88:39:20:d4:44:ef:ce:bf:be:f7:c8:41:51:89:5b:6a:5e:79:
         b2:be:5d:03:67:32:3e:12:95:63:04:7a:26:91:e8:8d:d6:a6:
         cb:93:f6:9b:64:ff:f8:fe:4e:17:75:02:40:ef:0c:1a:b3:07:
         f5:76:f0:ab:d9:f5:a2:90:ae:75:cd:3e:22:10:16:44:5b:27:
         93:da:44:b6:3d:74:b1:f7:de:07:63:c8:34:6f:46:51:93:d0:
         e4:eb:20:2c:f0:b2:f5:f1:50:ff:bb:6a:1e:53:14:b2:06:ca:
         6d:02:ee:8f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUUdOgeqoxtcX3fSTJ5ZXuSQKIMFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTdaFw0yNTA4MTkwMjMxNTdaMDMxMTAvBgNV
BAMTKEQ5RDdFQTBBRTk0NzhGNjEwRDA0MjRDODE1MjQxNjFBOTk1MjI3Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1O/GDbjLBkcwdpF2jCD8djaxf
CIOmO83wHq3Hu6eJOOCJ43TWEQzcRV/9n3n9vhNZqZCIts5C/bhbgdfSbTEbxUDH
b8Oo6b9m2IgQESEez6RvjpsUGcrj01+7myFdHxGIIzE/3PKfaNTYECt1vFhos/yk
mbUzC+5Ar52ow6o69sqJlRenW5zgF2hA+wWy8IrcvleW7DGleYzTnHsMNsMuP7fC
wHBpPShruJkUtADibcUGV5mceNs56krXbkoOB17KqhthABFiwBcyKqS3hyizgStZ
elZaDWcg1BfbzfK9xdw4aybUR28kovUo3C+Aq8S67Ji4yn92f1V6TbSudAOPAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU2dfqCulHj2ENBCTIFSQWGplSJ8swHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNjA5MDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBAGiAIS71aTuWU6w/2jl12G9UFmeljmjaFuVB
neO87UcFSbjguLMExNjmM8KUjHkcc0B/XR3atiKuO1kq43bg40fN2sdxXCxBP338
SaLo6mxeUBcBKY+kMylpdw4qYjxrbGHZqhmizEbdi2AHqtZA0+HKykFy2/NhmkZ0
9+tj7G393JkYXqRZ64yljd2eqzk50Yg5INRE786/vvfIQVGJW2peebK+XQNnMj4S
lWMEeiaR6I3WpsuT9ptk//j+Thd1AkDvDBqzB/V28KvZ9aKQrnXNPiIQFkRbJ5Pa
RLY9dLH33gdjyDRvRlGT0OTrICzwsvXxUP+7ah5TFLIGym0C7o8=
-----END CERTIFICATE-----
Generated at Wed Oct 9 08:19:33 2024 by rpki-client on console-fra.rpki-client.org