Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356633353a3a2f34382d3438203d3e203538333339.roa
File:                     326130353a646663313a356633353a3a2f34382d3438203d3e203538333339.roa (raw, json)
Hash identifier:          X8FhjwX0/UDo3xonQsBS/tYWsiU5s7aHp7GNSuRbrxc=
Subject key identifier:   0B:CB:C1:8F:39:41:3D:6C:2E:40:15:B0:B0:CC:20:63:37:C3:E4:11
Certificate issuer:       /CN=4824CF994FD8A36F35B03D1AC69C7B4F5756B19C
Certificate serial:       67B81AE6F86971B992890231A6E0E03E498D7EE6
Authority key identifier: 48:24:CF:99:4F:D8:A3:6F:35:B0:3D:1A:C6:9C:7B:4F:57:56:B1:9C
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356633353a3a2f34382d3438203d3e203538333339.roa
Signing time:             Tue 04 Jun 2024 08:06:24 +0000
ROA not before:           Tue 04 Jun 2024 08:01:24 +0000
ROA not after:            Tue 03 Jun 2025 08:06:24 +0000
asID:                     58339
IP address blocks:        2a05:dfc1:5f35::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:b8:1a:e6:f8:69:71:b9:92:89:02:31:a6:e0:e0:3e:49:8d:7e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4824CF994FD8A36F35B03D1AC69C7B4F5756B19C
        Validity
            Not Before: Jun  4 08:01:24 2024 GMT
            Not After : Jun  3 08:06:24 2025 GMT
        Subject: CN=0BCBC18F39413D6C2E4015B0B0CC206337C3E411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0a:4a:99:c7:a8:61:74:9a:ff:c2:c4:c7:e1:
                    e0:38:4c:01:96:22:00:d4:5a:27:55:31:b7:57:81:
                    fe:bf:c7:54:aa:4c:48:ef:70:17:30:ed:1a:7a:6f:
                    c8:61:f7:e9:a5:ad:0f:0d:db:24:a2:03:b6:8a:f3:
                    e8:25:89:95:5c:08:cc:d7:f3:d2:a8:53:2a:4b:28:
                    09:68:c3:a2:b1:ec:3c:15:98:b0:ed:7f:43:f3:f9:
                    95:15:9d:a3:15:e5:1a:64:fd:6f:98:ec:3a:51:a1:
                    f8:2b:5d:26:c3:df:e8:ae:1b:92:65:b6:82:1b:cf:
                    be:67:0d:f6:10:71:0b:0a:f3:4f:56:16:e9:5f:96:
                    da:0e:f6:8d:06:ea:3b:a0:f0:e3:c9:c6:94:f0:d5:
                    8a:a0:cb:3e:8d:75:7f:8e:a4:36:5f:85:c8:8b:fb:
                    c3:9b:96:77:9a:4a:af:b1:24:e3:7d:b1:91:ec:ed:
                    83:3b:ea:16:ed:33:d7:8b:77:34:40:b7:e7:f6:6b:
                    b4:08:9d:5c:f7:5c:a8:07:92:36:31:9d:a4:fa:1e:
                    56:4e:a3:3c:f0:c2:65:ad:33:bb:20:42:18:58:23:
                    5b:60:a6:63:0e:6a:51:4a:fa:6e:9b:4d:91:1d:b4:
                    af:b3:35:e2:d1:e4:74:7d:c3:9b:77:99:a3:2e:a7:
                    09:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:CB:C1:8F:39:41:3D:6C:2E:40:15:B0:B0:CC:20:63:37:C3:E4:11
            X509v3 Authority Key Identifier:
                keyid:48:24:CF:99:4F:D8:A3:6F:35:B0:3D:1A:C6:9C:7B:4F:57:56:B1:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356633353a3a2f34382d3438203d3e203538333339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:5f35::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:31:58:bd:9c:7f:66:18:e2:23:20:7d:94:f5:09:ac:4a:bc:
         2c:b5:34:78:4a:52:3f:34:71:76:94:17:6e:b0:fc:da:da:21:
         26:aa:3b:d9:34:20:86:e5:ab:3d:74:59:ca:2b:af:12:04:ec:
         dd:b1:81:cc:02:63:54:cd:64:7f:a1:4e:dc:7b:c2:07:da:78:
         cf:db:bd:f5:06:c9:5f:50:10:4b:3f:91:f7:26:5b:0b:34:a1:
         48:db:f7:f4:f7:d4:26:f9:d2:ce:58:9a:d7:cc:03:67:4d:bf:
         47:7b:8c:ee:b4:cd:c7:b1:b5:2e:ca:a1:5a:f1:43:ff:06:2f:
         76:78:82:b3:0a:f1:91:84:30:42:82:a6:2e:c2:e6:8d:80:71:
         7c:72:3c:fa:cb:78:b9:79:b7:dc:94:41:41:4c:64:e9:b0:0e:
         5c:46:b4:54:b2:0d:f7:d3:c7:28:e0:be:70:a5:bf:f0:21:08:
         0a:9f:d0:4b:20:d0:21:65:c6:58:35:c4:fa:da:b0:53:c4:ee:
         53:9f:30:43:68:52:aa:6f:5b:75:9a:c5:2e:c5:9f:ea:c8:42:
         8f:53:67:18:c2:ee:85:db:38:b2:0e:c2:13:5b:42:df:59:36:
         9d:81:fc:0c:b1:57:9e:b6:78:3d:09:4c:73:4e:97:31:b1:63:
         3e:e9:2b:f1
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUZ7ga5vhpcbmSiQIxpuDgPkmNfuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDgyNENGOTk0RkQ4QTM2RjM1QjAzRDFBQzY5QzdCNEY1
NzU2QjE5QzAeFw0yNDA2MDQwODAxMjRaFw0yNTA2MDMwODA2MjRaMDMxMTAvBgNV
BAMTKDBCQ0JDMThGMzk0MTNENkMyRTQwMTVCMEIwQ0MyMDYzMzdDM0U0MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqCkqZx6hhdJr/wsTH4eA4TAGW
IgDUWidVMbdXgf6/x1SqTEjvcBcw7Rp6b8hh9+mlrQ8N2ySiA7aK8+gliZVcCMzX
89KoUypLKAlow6Kx7DwVmLDtf0Pz+ZUVnaMV5Rpk/W+Y7DpRofgrXSbD3+iuG5Jl
toIbz75nDfYQcQsK809WFulfltoO9o0G6jug8OPJxpTw1Yqgyz6NdX+OpDZfhciL
+8OblneaSq+xJON9sZHs7YM76hbtM9eLdzRAt+f2a7QInVz3XKgHkjYxnaT6HlZO
ozzwwmWtM7sgQhhYI1tgpmMOalFK+m6bTZEdtK+zNeLR5HR9w5t3maMupwnTAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUC8vBjzlBPWwuQBWwsMwgYzfD5BEwHwYDVR0j
BBgwFoAUSCTPmU/Yo281sD0axpx7T1dWsZwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWNlY2ZkYzctNmRiOS00MjViLWFjYWUtN2UyMGZiZTZl
MTI5LzAvNDgyNENGOTk0RkQ4QTM2RjM1QjAzRDFBQzY5QzdCNEY1NzU2QjE5Qy5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzQ4MjRDRjk5NEZEOEEz
NkYzNUIwM0QxQUM2OUM3QjRGNTc1NkIxOUMuY2VyMIG1BggrBgEFBQcBCwSBqDCB
pTCBogYIKwYBBQUHMAuGgZVyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5L2FjZWNmZGM3LTZkYjktNDI1Yi1hY2FlLTdlMjBmYmU2ZTEy
OS8wLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzU2NjMzMzUzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzNTM4MzMzMzM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXfwV81MA0GCSqGSIb3DQEB
CwUAA4IBAQBcMVi9nH9mGOIjIH2U9QmsSrwstTR4SlI/NHF2lBdusPza2iEmqjvZ
NCCG5as9dFnKK68SBOzdsYHMAmNUzWR/oU7ce8IH2njP2731BslfUBBLP5H3JlsL
NKFI2/f099Qm+dLOWJrXzANnTb9He4zutM3HsbUuyqFa8UP/Bi92eIKzCvGRhDBC
gqYuwuaNgHF8cjz6y3i5ebfclEFBTGTpsA5cRrRUsg3308co4L5wpb/wIQgKn9BL
INAhZcZYNcT62rBTxO5TnzBDaFKqb1t1msUuxZ/qyEKPU2cYwu6F2ziyDsITW0Lf
WTadgfwMsVeetng9CUxzTpcxsWM+6Svx
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org