Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa
File:                     323630323a663965383a3a2f34302d3438203d3e203233323230.roa (raw, json)
Hash identifier:          o7t7aQ0n23jLALHFlLlykGYurCqs+mflZmJjr7Ale2U=
Subject key identifier:   A6:06:1B:1A:F7:8C:81:9F:1C:71:FC:8D:B5:2A:83:DA:6E:A0:5A:96
Certificate issuer:       /CN=d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992
Certificate serial:       028EE572D0B5375166A3CE9C7031836655A0CE69
Authority key identifier: C4:7A:79:9B:0B:26:9F:88:E8:38:1E:AD:F1:AA:22:E9:36:05:4D:F9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa
Signing time:             Wed 10 Apr 2024 23:50:57 +0000
ROA not before:           Wed 10 Apr 2024 23:45:57 +0000
ROA not after:            Wed 09 Apr 2025 23:50:57 +0000
asID:                     23220
IP address blocks:        2602:f9e8::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 26 Nov 2024 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:8e:e5:72:d0:b5:37:51:66:a3:ce:9c:70:31:83:66:55:a0:ce:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992
        Validity
            Not Before: Apr 10 23:45:57 2024 GMT
            Not After : Apr  9 23:50:57 2025 GMT
        Subject: CN=A6061B1AF78C819F1C71FC8DB52A83DA6EA05A96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:33:fa:96:cf:96:c6:80:04:99:3a:71:ad:eb:
                    50:16:63:20:6e:ab:ed:44:04:71:a7:da:a5:95:43:
                    bf:83:fc:9e:c9:20:a3:0e:1a:76:b8:5a:b8:55:80:
                    93:fb:c9:21:68:16:1e:3d:c4:eb:ae:16:52:b8:39:
                    26:3d:79:91:f0:e0:a2:f7:62:99:f8:5c:5c:b2:22:
                    79:85:f6:0b:1c:24:fd:09:5f:b0:c0:11:1a:4d:52:
                    c9:49:96:57:51:4d:8a:64:0e:17:fa:90:01:46:7c:
                    1e:18:c7:a6:7d:95:32:0a:66:e6:b3:d7:98:2d:44:
                    4e:2b:e9:35:c3:d5:4b:7c:3b:f6:44:63:18:28:c6:
                    30:be:65:99:cb:18:99:f7:5c:e0:da:21:af:31:e4:
                    9d:67:93:18:ea:8f:1c:30:08:32:b4:99:be:54:ff:
                    f5:d4:8e:e8:37:ab:4b:7a:35:b7:cc:d5:00:5c:2d:
                    84:2c:a6:1c:4f:81:bb:9c:82:4c:e3:51:41:43:a1:
                    94:eb:7e:f5:bf:57:fe:9a:bf:95:1b:99:6e:50:4a:
                    2d:ab:62:19:83:7e:a5:d1:28:d5:de:25:7d:d5:d3:
                    2e:39:96:e5:f8:66:ec:d3:03:23:53:3c:bb:89:5a:
                    3f:21:3d:dc:06:8d:12:63:58:ff:e5:6f:7f:66:f7:
                    62:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:06:1B:1A:F7:8C:81:9F:1C:71:FC:8D:B5:2A:83:DA:6E:A0:5A:96
            X509v3 Authority Key Identifier:
                keyid:C4:7A:79:9B:0B:26:9F:88:E8:38:1E:AD:F1:AA:22:E9:36:05:4D:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/C47A799B0B269F88E8381EADF1AA22E936054DF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/62dfe06a-d178-4b64-b19e-dc6d1fbf52b2/d73656ced88be2df26e8fedea78d903fa24d694b36bf9f1992.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/17/323630323a663965383a3a2f34302d3438203d3e203233323230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f9e8::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:84:73:66:1a:b2:6d:8d:f5:c7:e0:d3:8c:9f:a1:04:ce:20:
         9d:d4:31:ce:42:9b:ae:62:23:86:8d:e4:9a:1b:e8:c9:7e:71:
         1e:58:59:dd:97:5f:b3:55:ad:80:e9:cc:d8:f3:26:42:ad:83:
         4f:68:74:6d:99:7d:c9:83:5d:77:96:83:79:f4:66:df:8d:ac:
         62:2e:fc:dc:c7:3b:98:8d:5d:80:90:f4:be:ae:10:c5:7a:7f:
         52:73:bf:56:6a:2a:0e:b7:c5:b1:c9:8f:c1:b9:43:fb:be:70:
         53:6c:a1:0e:c3:d6:6e:52:ff:e9:a8:37:fa:a1:a6:ec:1f:fe:
         05:be:4a:c5:09:44:c0:ac:c2:d3:14:d9:a6:15:35:d1:4c:95:
         ab:14:b0:5f:ac:f8:e4:aa:0d:d9:65:b8:82:fd:f2:74:1d:e2:
         88:b5:8f:5b:93:e5:c2:c1:36:8a:2b:c2:86:e7:3e:63:7f:46:
         53:07:bb:8f:37:e4:03:42:0f:6e:36:b1:fb:a2:b3:d1:ec:46:
         f9:6e:64:bd:1c:90:16:00:8c:a9:36:32:02:90:20:5d:5d:54:
         15:47:c9:bb:3a:b8:f4:0a:3b:e1:5c:6c:46:ea:b3:f4:6c:7c:
         50:5a:60:e3:59:83:eb:d5:06:60:9a:bf:5d:d6:23:1d:53:84:
         f9:cb:5f:21
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIUAo7lctC1N1Fmo86ccDGDZlWgzmkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDczNjU2Y2VkODhiZTJkZjI2ZThmZWRlYTc4ZDkwM2Zh
MjRkNjk0YjM2YmY5ZjE5OTIwHhcNMjQwNDEwMjM0NTU3WhcNMjUwNDA5MjM1MDU3
WjAzMTEwLwYDVQQDEyhBNjA2MUIxQUY3OEM4MTlGMUM3MUZDOERCNTJBODNEQTZF
QTA1QTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TP6ls+WxoAE
mTpxretQFmMgbqvtRARxp9qllUO/g/yeySCjDhp2uFq4VYCT+8khaBYePcTrrhZS
uDkmPXmR8OCi92KZ+FxcsiJ5hfYLHCT9CV+wwBEaTVLJSZZXUU2KZA4X+pABRnwe
GMemfZUyCmbms9eYLUROK+k1w9VLfDv2RGMYKMYwvmWZyxiZ91zg2iGvMeSdZ5MY
6o8cMAgytJm+VP/11I7oN6tLejW3zNUAXC2ELKYcT4G7nIJM41FBQ6GU6371v1f+
mr+VG5luUEotq2IZg36l0SjV3iV91dMuOZbl+Gbs0wMjUzy7iVo/IT3cBo0SY1j/
5W9/ZvdiOwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFKYGGxr3jIGfHHH8jbUqg9pu
oFqWMB8GA1UdIwQYMBaAFMR6eZsLJp+I6DgerfGqIuk2BU35MA4GA1UdDwEB/wQE
AwIHgDCBlwYDVR0fBIGPMIGMMIGJoIGGoIGDhoGAcnN5bmM6Ly9yc3luYy5wYWFz
LnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hZTZlZGVlYy0wOGJhLTRjZGUtODk3
OS00ZmFlYTRiMWJjMTIvMTcvQzQ3QTc5OUIwQjI2OUY4OEU4MzgxRUFERjFBQTIy
RTkzNjA1NERGOS5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB
03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvODcxZGE0MGYtNzkz
YS00YTQ1LWEwYTktOTc4MTQ4MzIxYTA3LzYyZGZlMDZhLWQxNzgtNGI2NC1iMTll
LWRjNmQxZmJmNTJiMi9kNzM2NTZjZWQ4OGJlMmRmMjZlOGZlZGVhNzhkOTAzZmEy
NGQ2OTRiMzZiZjlmMTk5Mi5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEF
BQcwC4aBjHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvYWU2ZWRlZWMtMDhiYS00Y2RlLTg5NzktNGZhZWE0YjFiYzEyLzE3LzMyMzYz
MDMyM2E2NjM5NjUzODNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzMzMjMyMzAu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQ
MA4EAgACMAgDBgAmAvnoADANBgkqhkiG9w0BAQsFAAOCAQEAMIRzZhqybY31x+DT
jJ+hBM4gndQxzkKbrmIjho3kmhvoyX5xHlhZ3Zdfs1WtgOnM2PMmQq2DT2h0bZl9
yYNdd5aDefRm342sYi783Mc7mI1dgJD0vq4QxXp/UnO/VmoqDrfFscmPwblD+75w
U2yhDsPWblL/6ag3+qGm7B/+Bb5KxQlEwKzC0xTZphU10UyVqxSwX6z45KoN2WW4
gv3ydB3iiLWPW5PlwsE2iivChuc+Y39GUwe7jzfkA0IPbjax+6Kz0exG+W5kvRyQ
FgCMqTYyApAgXV1UFUfJuzq49Ao74VxsRuqz9Gx8UFpg41mD69UGYJq/XdYjHVOE
+ctfIQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:20:30 2024 by rpki-client on console-fra.rpki-client.org