Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/326130373a353463373a343034303a3a2f34322d3432203d3e20323136303839.roa
File:                     326130373a353463373a343034303a3a2f34322d3432203d3e20323136303839.roa (raw, json)
Hash identifier:          KxgINFYAMSV7tw3ULIKjMLrpW3Cp0WaSMgcsoG74MhE=
Subject key identifier:   F4:C5:ED:FC:E1:5B:BB:63:3A:C4:C2:AC:40:C6:62:FB:0F:B7:15:39
Certificate issuer:       /CN=C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3
Certificate serial:       3F3DCDD8F6F9E739BD44C50FAB5891038CB4B355
Authority key identifier: C3:08:5C:3C:31:F2:D4:5E:DE:2A:7F:FB:B1:96:5B:BF:15:4E:69:B3
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/326130373a353463373a343034303a3a2f34322d3432203d3e20323136303839.roa
Signing time:             Sun 05 Nov 2023 04:00:58 +0000
ROA not before:           Sun 05 Nov 2023 03:55:58 +0000
ROA not after:            Sun 03 Nov 2024 04:00:58 +0000
asID:                     216089
IP address blocks:        2a07:54c7:4040::/42 maxlen: 42

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 07:17:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:3d:cd:d8:f6:f9:e7:39:bd:44:c5:0f:ab:58:91:03:8c:b4:b3:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3
        Validity
            Not Before: Nov  5 03:55:58 2023 GMT
            Not After : Nov  3 04:00:58 2024 GMT
        Subject: CN=F4C5EDFCE15BBB633AC4C2AC40C662FB0FB71539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2a:2b:7b:e3:c7:25:43:dd:27:49:0f:ee:94:
                    85:96:a1:9d:56:b7:a1:56:01:12:b5:45:1f:8c:3e:
                    07:35:79:1c:c2:4a:a2:57:e2:de:79:eb:45:d6:48:
                    07:97:85:86:2a:d6:e5:5f:03:aa:33:8a:4f:e7:c7:
                    33:88:88:5c:cd:b3:45:2d:cb:cb:35:e2:b4:f5:f6:
                    0a:dc:5f:38:71:74:53:73:61:c3:54:1b:e6:75:ef:
                    b6:be:da:ad:4a:3d:17:37:a1:4f:45:8b:70:ec:cb:
                    95:96:75:65:35:ff:a2:7b:e9:62:bc:fa:2f:b8:1c:
                    e2:52:d1:ce:00:e3:fe:2c:49:b4:d7:18:69:fc:ee:
                    05:97:c5:81:63:f9:a2:14:55:7a:7b:02:3a:3f:7d:
                    81:7c:88:aa:ac:b4:b8:53:4d:05:7d:44:32:89:76:
                    61:98:29:8f:4b:2c:e0:63:f1:7b:6f:17:b8:fd:10:
                    b8:20:3f:70:20:fb:11:15:8c:15:38:61:57:44:d8:
                    2b:6f:32:cb:90:0e:cd:73:80:42:a1:08:9b:8b:cc:
                    0f:b6:9d:99:ae:c9:fe:eb:bb:4d:79:a3:fc:f9:a8:
                    3d:fa:a0:e4:4b:db:39:4a:cd:28:08:72:35:88:96:
                    81:84:a5:56:6b:9a:2f:ae:6c:59:48:05:7a:dc:94:
                    77:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:C5:ED:FC:E1:5B:BB:63:3A:C4:C2:AC:40:C6:62:FB:0F:B7:15:39
            X509v3 Authority Key Identifier:
                keyid:C3:08:5C:3C:31:F2:D4:5E:DE:2A:7F:FB:B1:96:5B:BF:15:4E:69:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/C3085C3C31F2D45EDE2A7FFBB1965BBF154E69B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bcbbf0bf-a2e0-42a4-8293-711496eb66d2/1/326130373a353463373a343034303a3a2f34322d3432203d3e20323136303839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:4040::/42

    Signature Algorithm: sha256WithRSAEncryption
         2d:55:14:da:41:c2:ea:aa:13:93:cf:a4:28:22:4d:4c:6b:7e:
         d5:cc:b3:c9:72:d5:20:a0:6e:56:08:45:1c:78:66:3e:ce:40:
         71:eb:a0:28:08:a2:fb:b2:5c:27:1c:33:fd:62:0d:5e:d1:e4:
         97:1f:20:f8:09:1d:d1:fd:4f:bf:55:84:b2:df:07:5a:58:21:
         ac:b5:ef:c1:2d:bc:2b:69:d7:04:b7:52:1e:18:b8:d8:42:69:
         3f:5d:d5:a3:e7:90:3a:71:f8:1c:5b:dd:df:61:c6:77:58:d8:
         10:bb:23:8e:4d:2a:4a:b4:40:54:bd:40:1a:e1:f1:9c:65:59:
         b4:58:db:9c:a9:3e:74:f6:3d:a9:ce:cd:84:79:63:dc:79:6a:
         44:39:94:de:db:1c:a9:39:9b:27:8a:51:8d:fe:da:b6:aa:4d:
         fa:d3:43:0a:8e:62:1d:76:f5:14:8c:6e:be:43:b5:b2:95:00:
         61:3d:14:89:ac:80:ef:40:bf:13:ba:52:87:11:0d:10:5d:32:
         e9:a2:bd:2e:33:09:87:c0:7b:9a:cf:db:e8:d6:4b:d7:a0:9f:
         28:36:2d:93:31:c6:40:8d:6b:40:2e:67:60:45:6a:3f:b8:02:
         c9:76:59:15:41:4b:61:83:cc:c4:be:9a:fe:a6:93:36:bb:9b:
         c8:63:7d:76
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUPz3N2Pb55zm9RMUPq1iRA4y0s1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzMwODVDM0MzMUYyRDQ1RURFMkE3RkZCQjE5NjVCQkYx
NTRFNjlCMzAeFw0yMzExMDUwMzU1NThaFw0yNDExMDMwNDAwNThaMDMxMTAvBgNV
BAMTKEY0QzVFREZDRTE1QkJCNjMzQUM0QzJBQzQwQzY2MkZCMEZCNzE1MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRKit748clQ90nSQ/ulIWWoZ1W
t6FWARK1RR+MPgc1eRzCSqJX4t5560XWSAeXhYYq1uVfA6ozik/nxzOIiFzNs0Ut
y8s14rT19grcXzhxdFNzYcNUG+Z177a+2q1KPRc3oU9Fi3Dsy5WWdWU1/6J76WK8
+i+4HOJS0c4A4/4sSbTXGGn87gWXxYFj+aIUVXp7Ajo/fYF8iKqstLhTTQV9RDKJ
dmGYKY9LLOBj8XtvF7j9ELggP3Ag+xEVjBU4YVdE2CtvMsuQDs1zgEKhCJuLzA+2
nZmuyf7ru015o/z5qD36oORL2zlKzSgIcjWIloGEpVZrmi+ubFlIBXrclHdlAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU9MXt/OFbu2M6xMKsQMZi+w+3FTkwHwYDVR0j
BBgwFoAUwwhcPDHy1F7eKn/7sZZbvxVOabMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmNiYmYwYmYtYTJlMC00MmE0LTgyOTMtNzExNDk2ZWI2
NmQyLzEvQzMwODVDM0MzMUYyRDQ1RURFMkE3RkZCQjE5NjVCQkYxNTRFNjlCMy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9DMzA4NUMzQzMxRjJENDVFREUyQTdGRkJC
MTk2NUJCRjE1NEU2OUIzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iY2JiZjBiZi1hMmUwLTQyYTQtODI5My03MTE0OTZlYjY2ZDIvMS8zMjYxMzAz
NzNhMzUzNDYzMzczYTM0MzAzNDMwM2EzYTJmMzQzMjJkMzQzMjIwM2QzZTIwMzIz
MTM2MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcGKgdUx0BAMA0GCSqGSIb3DQEBCwUAA4IBAQAt
VRTaQcLqqhOTz6QoIk1Ma37VzLPJctUgoG5WCEUceGY+zkBx66AoCKL7slwnHDP9
Yg1e0eSXHyD4CR3R/U+/VYSy3wdaWCGste/BLbwradcEt1IeGLjYQmk/XdWj55A6
cfgcW93fYcZ3WNgQuyOOTSpKtEBUvUAa4fGcZVm0WNucqT509j2pzs2EeWPceWpE
OZTe2xypOZsnilGN/tq2qk3600MKjmIddvUUjG6+Q7WylQBhPRSJrIDvQL8TulKH
EQ0QXTLpor0uMwmHwHuaz9vo1kvXoJ8oNi2TMcZAjWtALmdgRWo/uALJdlkVQUth
g8zEvpr+ppM2u5vIY312
-----END CERTIFICATE-----
Generated at Fri Jun 14 23:05:49 2024 by rpki-client on console-ams.rpki-client.org