Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
File:                     326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa (raw, json)
Hash identifier:          Ev3rOkqZsW7zdikCCUw3UiV18aO5+Lr8u68oqxdnuog=
Subject key identifier:   42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7
Certificate issuer:       /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial:       21402E5265A2C853965BB936EF2C640AB0F7AF9B
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
Signing time:             Mon 25 Mar 2024 11:47:41 +0000
ROA not before:           Mon 25 Mar 2024 11:42:41 +0000
ROA not after:            Mon 24 Mar 2025 11:47:41 +0000
asID:                     203511
IP address blocks:        2a0f:85c1:7f0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:40:2e:52:65:a2:c8:53:96:5b:b9:36:ef:2c:64:0a:b0:f7:af:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
        Validity
            Not Before: Mar 25 11:42:41 2024 GMT
            Not After : Mar 24 11:47:41 2025 GMT
        Subject: CN=4278EEA8BEAFA0A8A165F03C59A54A1B5FB5B1E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:96:d5:23:b7:63:e1:03:c0:78:1d:1b:78:81:
                    60:d8:0a:2d:43:3c:7c:a3:2b:3a:ac:c3:f3:3a:65:
                    5e:ed:bf:34:b5:1c:2b:08:65:9f:6a:0a:00:ef:c2:
                    ba:b9:f5:0d:2e:70:98:c3:ed:31:71:f3:78:f3:36:
                    65:e5:2a:ab:3a:78:23:77:f7:da:2a:46:ec:a0:41:
                    7d:cb:34:f3:ae:8c:2b:c5:2b:ae:2f:0c:ca:e7:84:
                    16:17:01:06:80:e2:e0:12:fb:78:aa:18:8f:22:54:
                    0d:78:69:5c:96:c0:d6:29:1e:8e:6c:6a:5f:59:f5:
                    52:7a:a6:ea:29:59:94:c0:e2:07:15:85:a4:a6:6c:
                    17:9e:60:e9:bb:77:25:be:ce:99:6c:bc:88:f5:4c:
                    ce:8c:c8:2e:0f:5b:29:2d:11:d2:df:f6:49:71:50:
                    1e:0f:2a:04:ea:e7:b5:45:2b:03:03:e2:f8:57:03:
                    b5:56:0c:0c:77:1d:87:98:d4:37:0d:57:28:69:4d:
                    2f:41:b1:c9:1a:56:ad:62:27:34:f9:2d:1e:9e:3c:
                    53:ae:44:0d:4b:fb:db:af:79:79:58:4c:9d:7f:3e:
                    ac:fa:d9:55:82:4a:aa:a6:55:7e:c1:40:0d:03:80:
                    44:b0:43:32:80:1f:76:ab:12:6f:14:a9:67:bb:db:
                    2f:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7
            X509v3 Authority Key Identifier:
                keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:7f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:83:5f:c8:8a:e4:28:5e:53:91:49:92:e0:2b:8f:b1:9a:78:
         61:d4:5a:5a:5d:e8:92:0c:0d:3f:bf:7b:2a:9e:b9:b9:27:d3:
         64:cf:ba:35:ec:6c:af:ef:89:77:aa:6d:04:7f:98:f8:ad:ab:
         cd:d5:c3:6b:57:54:8e:6b:cb:2a:b6:72:98:99:3c:5d:22:55:
         07:ab:76:e2:69:0f:de:3e:40:8a:b6:60:75:38:00:0c:5d:d0:
         32:e6:9f:9c:a6:35:a6:88:8f:0e:b2:34:37:37:ed:53:0e:d1:
         f7:5e:71:51:3b:96:41:3e:96:cb:1b:35:28:bc:5a:2b:2e:1f:
         df:9e:c0:82:29:0e:44:15:6c:68:07:a4:50:de:f9:8e:d1:2a:
         eb:74:54:81:71:32:f0:ad:36:5e:d0:00:df:f5:da:3c:f9:d3:
         8d:55:19:e8:fb:ac:e4:79:6a:ac:29:a5:a5:b8:01:cb:cc:c4:
         db:6e:87:02:3e:0b:6a:44:b3:ec:8e:a0:1e:6e:1a:21:57:fc:
         84:28:1c:a7:ac:f1:3e:c3:7e:46:a1:21:18:02:51:64:96:99:
         38:94:2f:8b:cd:64:69:03:43:60:45:ef:40:59:91:5b:78:ee:
         cf:83:0f:e9:09:e8:39:65:af:48:5b:27:44:0d:d3:59:5b:a7:
         a5:ba:e5:69
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUIUAuUmWiyFOWW7k27yxkCrD3r5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNDAzMjUxMTQyNDFaFw0yNTAzMjQxMTQ3NDFaMDMxMTAvBgNV
BAMTKDQyNzhFRUE4QkVBRkEwQThBMTY1RjAzQzU5QTU0QTFCNUZCNUIxRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGltUjt2PhA8B4HRt4gWDYCi1D
PHyjKzqsw/M6ZV7tvzS1HCsIZZ9qCgDvwrq59Q0ucJjD7TFx83jzNmXlKqs6eCN3
99oqRuygQX3LNPOujCvFK64vDMrnhBYXAQaA4uAS+3iqGI8iVA14aVyWwNYpHo5s
al9Z9VJ6puopWZTA4gcVhaSmbBeeYOm7dyW+zplsvIj1TM6MyC4PWyktEdLf9klx
UB4PKgTq57VFKwMD4vhXA7VWDAx3HYeY1DcNVyhpTS9BsckaVq1iJzT5LR6ePFOu
RA1L+9uveXlYTJ1/Pqz62VWCSqqmVX7BQA0DgESwQzKAH3arEm8UqWe72y/xAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUQnjuqL6voKihZfA8WaVKG1+1secwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz
MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8DANBgkqhkiG9w0BAQsFAAOCAQEAEoNf
yIrkKF5TkUmS4CuPsZp4YdRaWl3okgwNP797Kp65uSfTZM+6Nexsr++Jd6ptBH+Y
+K2rzdXDa1dUjmvLKrZymJk8XSJVB6t24mkP3j5AirZgdTgADF3QMuafnKY1poiP
DrI0NzftUw7R915xUTuWQT6Wyxs1KLxaKy4f357AgikORBVsaAekUN75jtEq63RU
gXEy8K02XtAA3/XaPPnTjVUZ6Pus5HlqrCmlpbgBy8zE226HAj4LakSz7I6gHm4a
IVf8hCgcp6zxPsN+RqEhGAJRZJaZOJQvi81kaQNDYEXvQFmRW3juz4MP6QnoOWWv
SFsnRA3TWVunpbrlaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:42:17 2024 by rpki-client on console-ams.rpki-client.org