Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356638353a3a2f34382d3438203d3e20313338313930.roa
File:                     326130353a646663313a356638353a3a2f34382d3438203d3e20313338313930.roa (raw, json)
Hash identifier:          PbjGQaJ4uX6rd1DPG4Fa9NofqNgG0jB8DooLSt80wXs=
Subject key identifier:   F4:26:DB:77:69:42:92:38:94:8F:02:A5:23:C4:FC:E9:9F:78:06:02
Certificate issuer:       /CN=4824CF994FD8A36F35B03D1AC69C7B4F5756B19C
Certificate serial:       1F4253A56E0A387D7B5CEAC4E8BEC8095AB09AE7
Authority key identifier: 48:24:CF:99:4F:D8:A3:6F:35:B0:3D:1A:C6:9C:7B:4F:57:56:B1:9C
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356638353a3a2f34382d3438203d3e20313338313930.roa
Signing time:             Tue 04 Jun 2024 08:06:25 +0000
ROA not before:           Tue 04 Jun 2024 08:01:25 +0000
ROA not after:            Tue 03 Jun 2025 08:06:25 +0000
asID:                     138190
IP address blocks:        2a05:dfc1:5f85::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 04:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:42:53:a5:6e:0a:38:7d:7b:5c:ea:c4:e8:be:c8:09:5a:b0:9a:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4824CF994FD8A36F35B03D1AC69C7B4F5756B19C
        Validity
            Not Before: Jun  4 08:01:25 2024 GMT
            Not After : Jun  3 08:06:25 2025 GMT
        Subject: CN=F426DB7769429238948F02A523C4FCE99F780602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6c:6b:ac:a0:ab:32:f2:16:95:dc:fb:4c:df:
                    c4:c5:95:2f:d5:ee:51:fa:2f:6c:8e:2b:5a:0b:d0:
                    38:0a:cc:51:b4:d3:57:37:f4:87:04:f2:c8:df:3a:
                    af:08:3b:e8:44:e9:b8:85:56:1f:80:fb:2e:93:93:
                    d8:ed:cc:5b:65:d4:3c:90:a8:67:16:05:49:d3:f5:
                    b2:7f:a0:61:e7:7f:08:03:39:fc:18:ef:7f:ac:60:
                    84:71:66:9d:eb:3a:c1:9b:19:46:eb:f8:59:b9:4e:
                    36:1f:d5:00:ff:3b:49:98:95:50:91:7b:1e:1a:d5:
                    5f:43:25:10:e3:7d:2b:25:cc:26:b1:20:89:0d:36:
                    45:a1:fb:4b:6f:92:fc:29:45:42:a5:5c:5e:ce:ed:
                    ce:68:0b:a9:9b:3e:8e:13:3f:0a:99:89:56:0f:44:
                    4c:6a:7d:73:c0:2c:10:5b:2a:61:67:c9:86:cd:68:
                    cb:84:97:38:45:1f:dc:c6:14:b7:e6:01:98:67:32:
                    95:c3:7c:88:a0:90:77:2b:ff:a7:87:28:18:84:20:
                    cc:c5:1c:0a:00:e1:d0:20:eb:3f:9e:ab:98:5c:0b:
                    0f:9c:30:de:b1:9f:eb:72:dd:43:2d:0e:d2:3c:dd:
                    cc:da:19:25:87:0b:a5:4c:f4:5e:3a:1d:86:82:c5:
                    7a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:26:DB:77:69:42:92:38:94:8F:02:A5:23:C4:FC:E9:9F:78:06:02
            X509v3 Authority Key Identifier:
                keyid:48:24:CF:99:4F:D8:A3:6F:35:B0:3D:1A:C6:9C:7B:4F:57:56:B1:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/4824CF994FD8A36F35B03D1AC69C7B4F5756B19C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/acecfdc7-6db9-425b-acae-7e20fbe6e129/0/326130353a646663313a356638353a3a2f34382d3438203d3e20313338313930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:5f85::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:5b:0b:ed:0d:65:65:13:83:4b:c0:6f:a6:c8:91:fd:d5:6d:
         24:bc:69:17:97:3f:41:e9:28:1a:e7:73:6d:e3:87:a0:1c:7f:
         43:e0:7c:a0:00:01:b7:78:92:92:6b:40:db:cd:95:ff:e8:16:
         bd:b9:2c:1a:9f:7a:ea:6d:53:ac:f3:d7:8a:42:c3:c5:8d:73:
         3c:2f:3d:97:0b:fe:b7:7a:bd:09:b2:44:92:ed:26:05:fd:84:
         b9:57:5b:8a:8d:d4:1b:e3:06:26:9a:50:05:b5:60:03:73:46:
         03:8e:24:f3:92:88:07:e6:61:f0:da:97:5e:04:53:b3:ab:2a:
         51:1c:cd:f2:a1:24:6f:a0:cd:66:dc:f6:6c:63:c1:90:e2:7a:
         90:67:06:dc:5f:4b:b8:95:6b:01:b4:6d:d0:9a:12:28:c3:14:
         b9:58:1e:79:25:03:d0:1c:ad:f4:39:de:8a:e0:79:ee:cc:a8:
         c7:f2:ce:5f:5e:cf:31:27:bd:39:31:90:8a:2f:e9:b0:b2:fc:
         f1:a4:c4:f9:ed:a6:2e:81:28:fb:b6:97:51:69:4a:e6:7b:ea:
         03:fc:c5:11:44:ac:a5:52:27:78:41:43:92:ae:1d:cb:85:14:
         73:01:fe:f2:6c:24:15:cc:63:c2:c4:92:dd:a8:4a:cd:de:56:
         82:dd:93:e6
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUH0JTpW4KOH17XOrE6L7ICVqwmucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDgyNENGOTk0RkQ4QTM2RjM1QjAzRDFBQzY5QzdCNEY1
NzU2QjE5QzAeFw0yNDA2MDQwODAxMjVaFw0yNTA2MDMwODA2MjVaMDMxMTAvBgNV
BAMTKEY0MjZEQjc3Njk0MjkyMzg5NDhGMDJBNTIzQzRGQ0U5OUY3ODA2MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0bGusoKsy8haV3PtM38TFlS/V
7lH6L2yOK1oL0DgKzFG001c39IcE8sjfOq8IO+hE6biFVh+A+y6Tk9jtzFtl1DyQ
qGcWBUnT9bJ/oGHnfwgDOfwY73+sYIRxZp3rOsGbGUbr+Fm5TjYf1QD/O0mYlVCR
ex4a1V9DJRDjfSslzCaxIIkNNkWh+0tvkvwpRUKlXF7O7c5oC6mbPo4TPwqZiVYP
RExqfXPALBBbKmFnyYbNaMuElzhFH9zGFLfmAZhnMpXDfIigkHcr/6eHKBiEIMzF
HAoA4dAg6z+eq5hcCw+cMN6xn+ty3UMtDtI83czaGSWHC6VM9F46HYaCxXr9AgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQU9Cbbd2lCkjiUjwKlI8T86Z94BgIwHwYDVR0j
BBgwFoAUSCTPmU/Yo281sD0axpx7T1dWsZwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWNlY2ZkYzctNmRiOS00MjViLWFjYWUtN2UyMGZiZTZl
MTI5LzAvNDgyNENGOTk0RkQ4QTM2RjM1QjAzRDFBQzY5QzdCNEY1NzU2QjE5Qy5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzQ4MjRDRjk5NEZEOEEz
NkYzNUIwM0QxQUM2OUM3QjRGNTc1NkIxOUMuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5L2FjZWNmZGM3LTZkYjktNDI1Yi1hY2FlLTdlMjBmYmU2ZTEy
OS8wLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzU2NjM4MzUzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMTMzMzgzMTM5MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBd/BX4UwDQYJKoZIhvcN
AQELBQADggEBAEBbC+0NZWUTg0vAb6bIkf3VbSS8aReXP0HpKBrnc23jh6Acf0Pg
fKAAAbd4kpJrQNvNlf/oFr25LBqfeuptU6zz14pCw8WNczwvPZcL/rd6vQmyRJLt
JgX9hLlXW4qN1BvjBiaaUAW1YANzRgOOJPOSiAfmYfDal14EU7OrKlEczfKhJG+g
zWbc9mxjwZDiepBnBtxfS7iVawG0bdCaEijDFLlYHnklA9AcrfQ53orgee7MqMfy
zl9ezzEnvTkxkIov6bCy/PGkxPntpi6BKPu2l1FpSuZ76gP8xRFErKVSJ3hBQ5Ku
HcuFFHMB/vJsJBXMY8LEkt2oSs3eVoLdk+Y=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:50:40 2024 by rpki-client on console-fra.rpki-client.org