Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130303a3a2f34302d3430203d3e20323134373233.roa
File:                     326130613a363034343a626130303a3a2f34302d3430203d3e20323134373233.roa (raw, json)
Hash identifier:          ISxPaIAr0w+jmJbBaEWXIEHSE+CHx0GTfYgpjz88GTc=
Subject key identifier:   FF:E8:E5:D0:CB:96:86:83:15:64:D4:98:EA:BD:25:9E:27:C5:CE:DE
Certificate issuer:       /CN=9D23854B1F61BA33A429367BF0A898D4E4A9A24C
Certificate serial:       734702900756797248F6274E9A91806963837E2C
Authority key identifier: 9D:23:85:4B:1F:61:BA:33:A4:29:36:7B:F0:A8:98:D4:E4:A9:A2:4C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130303a3a2f34302d3430203d3e20323134373233.roa
Signing time:             Sat 22 Jun 2024 16:16:13 +0000
ROA not before:           Sat 22 Jun 2024 16:11:13 +0000
ROA not after:            Sat 21 Jun 2025 16:16:13 +0000
asID:                     214723
IP address blocks:        2a0a:6044:ba00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 23:22:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:47:02:90:07:56:79:72:48:f6:27:4e:9a:91:80:69:63:83:7e:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9D23854B1F61BA33A429367BF0A898D4E4A9A24C
        Validity
            Not Before: Jun 22 16:11:13 2024 GMT
            Not After : Jun 21 16:16:13 2025 GMT
        Subject: CN=FFE8E5D0CB9686831564D498EABD259E27C5CEDE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c0:57:1c:92:15:de:3d:ce:30:cf:8c:27:3c:
                    64:61:ef:3a:77:d8:7d:7f:6d:15:6d:9b:cf:8e:65:
                    b0:c5:c9:20:19:ea:30:e4:21:03:82:b2:4b:26:35:
                    a7:03:75:26:0e:ab:72:5f:ee:94:fb:b3:3e:22:f5:
                    12:3e:a0:a0:94:82:15:71:53:02:a3:f7:c3:44:25:
                    1e:fa:b0:fe:fa:86:55:d5:b7:97:f7:d0:c9:28:9c:
                    95:02:95:b1:7c:e3:79:49:27:9a:49:ea:87:3a:62:
                    74:67:d0:b0:c2:e1:b0:2d:04:d1:aa:6d:42:05:ea:
                    23:a5:24:89:69:d6:9a:31:da:c1:89:97:8d:15:0e:
                    e8:e0:9e:d7:d1:69:5d:2f:10:ed:f7:91:ac:cf:20:
                    2d:4f:75:8b:84:99:fa:05:4e:8a:f9:60:fe:b5:1d:
                    2a:10:00:d2:8e:ad:05:0e:40:00:5c:65:52:34:95:
                    1f:bb:37:f0:6a:83:07:7f:d3:8d:81:5b:11:a2:50:
                    a9:51:d2:69:a3:54:48:55:57:7c:c6:98:79:d6:e7:
                    cc:92:c4:d9:5c:4c:97:78:26:ef:42:1d:e3:ab:a3:
                    ba:84:aa:7e:d1:55:9a:18:9a:a6:e7:a9:14:7a:6e:
                    7a:b1:84:fe:77:61:46:2a:44:c7:4c:07:e2:d7:cc:
                    c5:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E8:E5:D0:CB:96:86:83:15:64:D4:98:EA:BD:25:9E:27:C5:CE:DE
            X509v3 Authority Key Identifier:
                keyid:9D:23:85:4B:1F:61:BA:33:A4:29:36:7B:F0:A8:98:D4:E4:A9:A2:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130303a3a2f34302d3430203d3e20323134373233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:ba00::/40

    Signature Algorithm: sha256WithRSAEncryption
         98:a3:3a:53:a7:85:59:c0:fd:40:1f:9e:10:5f:71:a3:28:4a:
         f7:b8:a2:71:94:63:c1:9f:e7:76:12:a3:64:f0:a4:a4:51:22:
         fa:64:ba:fc:d7:59:69:d4:b9:39:e2:e2:cd:70:50:9e:db:c4:
         c4:c3:de:11:30:44:54:9d:c4:15:0c:30:31:b7:9a:7b:96:c9:
         13:fa:2e:22:76:5c:06:68:c1:e2:b1:1e:58:cd:82:bc:73:d0:
         70:96:82:e7:25:ac:ea:ac:6b:de:f5:fc:08:32:78:50:5c:3d:
         be:50:5e:3a:aa:06:bc:94:78:90:bc:a2:51:3e:5e:aa:c3:1c:
         15:f6:6a:4e:ec:c6:a0:6e:47:b6:8b:ee:5f:ef:01:b6:3e:d5:
         c5:dd:66:f8:e8:45:c8:e3:d2:96:bb:f2:e9:79:2a:16:f4:ba:
         44:7a:6a:7b:36:34:ea:99:9b:c8:42:8c:7e:17:b0:04:0c:fc:
         a1:87:ba:be:5e:c9:24:43:8f:41:da:fe:5d:69:c0:07:dc:c8:
         a5:cc:ee:35:8d:97:8f:f0:cf:01:ec:3f:4b:f2:2b:cf:b5:fa:
         ff:de:f7:ff:15:00:c4:e5:38:a4:a6:63:80:db:2d:f4:e2:9b:
         89:63:0a:8b:fd:47:fc:84:87:6c:b2:7d:1b:0b:c9:45:8e:2f:
         fa:2e:ec:d5
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUc0cCkAdWeXJI9idOmpGAaWODfiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQyMzg1NEIxRjYxQkEzM0E0MjkzNjdCRjBBODk4RDRF
NEE5QTI0QzAeFw0yNDA2MjIxNjExMTNaFw0yNTA2MjExNjE2MTNaMDMxMTAvBgNV
BAMTKEZGRThFNUQwQ0I5Njg2ODMxNTY0RDQ5OEVBQkQyNTlFMjdDNUNFREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwwFcckhXePc4wz4wnPGRh7zp3
2H1/bRVtm8+OZbDFySAZ6jDkIQOCsksmNacDdSYOq3Jf7pT7sz4i9RI+oKCUghVx
UwKj98NEJR76sP76hlXVt5f30MkonJUClbF843lJJ5pJ6oc6YnRn0LDC4bAtBNGq
bUIF6iOlJIlp1pox2sGJl40VDujgntfRaV0vEO33kazPIC1PdYuEmfoFTor5YP61
HSoQANKOrQUOQABcZVI0lR+7N/Bqgwd/042BWxGiUKlR0mmjVEhVV3zGmHnW58yS
xNlcTJd4Ju9CHeOro7qEqn7RVZoYmqbnqRR6bnqxhP53YUYqRMdMB+LXzMUDAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU/+jl0MuWhoMVZNSY6r0lnifFzt4wHwYDVR0j
BBgwFoAUnSOFSx9hujOkKTZ78KiY1OSpokwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDdlNDU5MmUtMjNjMC00Y2NjLTk0ZGEtNmM5NTgwN2Y4
M2U3LzEvOUQyMzg1NEIxRjYxQkEzM0E0MjkzNjdCRjBBODk4RDRFNEE5QTI0Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC85RDIzODU0QjFGNjFCQTMzQTQyOTM2N0JG
MEE4OThENEU0QTlBMjRDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kN2U0NTkyZS0yM2MwLTRjY2MtOTRkYS02Yzk1ODA3ZjgzZTcvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYyNjEzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTM0MzczMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgRLowDQYJKoZIhvcNAQELBQADggEBAJij
OlOnhVnA/UAfnhBfcaMoSve4onGUY8Gf53YSo2TwpKRRIvpkuvzXWWnUuTni4s1w
UJ7bxMTD3hEwRFSdxBUMMDG3mnuWyRP6LiJ2XAZoweKxHljNgrxz0HCWguclrOqs
a971/AgyeFBcPb5QXjqqBryUeJC8olE+XqrDHBX2ak7sxqBuR7aL7l/vAbY+1cXd
ZvjoRcjj0pa78ul5Khb0ukR6ans2NOqZm8hCjH4XsAQM/KGHur5eySRDj0Ha/l1p
wAfcyKXM7jWNl4/wzwHsP0vyK8+1+v/e9/8VAMTlOKSmY4DbLfTim4ljCov9R/yE
h2yyfRsLyUWOL/ou7NU=
-----END CERTIFICATE-----
Generated at Mon Nov 4 13:10:05 2024 by rpki-client on console-fra.rpki-client.org