Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130323a3a2f34372d3438203d3e20323134373233.roa
File:                     326130613a363034343a626130323a3a2f34372d3438203d3e20323134373233.roa (raw, json)
Hash identifier:          TlfUIckGRAagg669M3xYDX52RxzXWa4zmUTL/zfVSIE=
Subject key identifier:   05:AB:F6:BF:76:E0:D8:05:EF:60:CB:BF:50:BA:35:EA:E1:51:A4:2A
Certificate issuer:       /CN=9D23854B1F61BA33A429367BF0A898D4E4A9A24C
Certificate serial:       339F8C11F4BD5F309A6BFAC4989A6B19D3A4DC74
Authority key identifier: 9D:23:85:4B:1F:61:BA:33:A4:29:36:7B:F0:A8:98:D4:E4:A9:A2:4C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130323a3a2f34372d3438203d3e20323134373233.roa
Signing time:             Wed 26 Jun 2024 12:20:24 +0000
ROA not before:           Wed 26 Jun 2024 12:15:24 +0000
ROA not after:            Wed 25 Jun 2025 12:20:24 +0000
asID:                     214723
IP address blocks:        2a0a:6044:ba02::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 23:22:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:9f:8c:11:f4:bd:5f:30:9a:6b:fa:c4:98:9a:6b:19:d3:a4:dc:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9D23854B1F61BA33A429367BF0A898D4E4A9A24C
        Validity
            Not Before: Jun 26 12:15:24 2024 GMT
            Not After : Jun 25 12:20:24 2025 GMT
        Subject: CN=05ABF6BF76E0D805EF60CBBF50BA35EAE151A42A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:de:98:c5:df:8d:7e:11:a0:0d:53:7d:89:
                    15:c7:49:e5:76:24:40:65:9c:f3:59:69:0c:b4:30:
                    92:23:7c:a0:78:ed:3a:e7:f8:89:1e:eb:4f:95:54:
                    79:a7:8e:8d:b2:d1:6c:eb:0e:42:91:8b:ad:54:53:
                    b0:82:ce:2f:2d:ac:51:0d:4b:f7:2e:70:48:81:bf:
                    15:5b:d6:bc:9e:d4:8e:9d:3e:bd:95:93:fc:d4:9c:
                    6d:ca:06:12:e0:38:4f:6e:2b:86:53:53:7a:5b:5a:
                    79:d3:d5:90:ad:5e:b9:ef:36:43:8e:9a:6b:d1:77:
                    37:bb:6e:1c:d2:66:1f:7a:75:d7:47:38:2a:c6:0a:
                    ab:ce:5d:81:ca:e2:74:fb:36:92:80:38:b2:5c:cd:
                    da:bc:bb:00:47:19:57:6e:7b:6a:24:4e:f2:99:f1:
                    35:11:06:ee:48:9a:f6:31:76:96:59:db:30:bc:01:
                    d6:c6:6f:60:6f:84:29:69:bd:6e:38:bf:3f:c0:73:
                    a4:28:f6:9b:ba:51:cd:3a:8c:0e:04:3a:d8:33:3e:
                    52:76:30:01:af:17:9d:87:c1:7f:e0:ad:69:20:fe:
                    2f:a6:29:96:9c:b2:dd:8d:a7:78:ca:6c:70:75:c3:
                    cb:cd:fb:49:ed:c8:1e:61:71:65:9c:a7:c2:21:a3:
                    3b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:AB:F6:BF:76:E0:D8:05:EF:60:CB:BF:50:BA:35:EA:E1:51:A4:2A
            X509v3 Authority Key Identifier:
                keyid:9D:23:85:4B:1F:61:BA:33:A4:29:36:7B:F0:A8:98:D4:E4:A9:A2:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/9D23854B1F61BA33A429367BF0A898D4E4A9A24C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d7e4592e-23c0-4ccc-94da-6c95807f83e7/1/326130613a363034343a626130323a3a2f34372d3438203d3e20323134373233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:ba02::/47

    Signature Algorithm: sha256WithRSAEncryption
         18:97:d7:cd:6a:15:b1:6f:00:be:29:f4:ed:18:89:33:34:b1:
         40:a2:15:b7:ab:5e:fe:9f:54:76:ba:c1:d1:48:98:ca:08:60:
         3c:5b:16:4c:d6:c2:5d:e0:cd:8f:ea:c4:43:f1:02:24:8f:29:
         0c:06:65:3b:21:c1:09:75:cd:24:9b:6b:33:03:d5:5d:1d:1c:
         e5:d6:cd:7f:c1:31:fa:6a:bf:4f:25:9b:b4:07:52:3c:fa:bb:
         85:90:17:11:00:5c:4c:4b:c5:25:70:c6:a5:af:56:c9:e9:9b:
         67:d8:4d:98:0b:78:03:ac:25:ca:eb:7d:f6:b8:a1:b5:f4:04:
         99:c7:3d:42:fe:9b:6a:e7:4b:0a:e5:14:17:7d:88:78:ce:d4:
         29:33:08:02:31:55:f2:0f:8c:f5:e3:2c:d5:65:4e:0b:e1:2c:
         d1:a8:47:98:41:59:9e:4e:14:15:65:ce:7d:3f:3c:28:1c:cc:
         d5:1c:a7:ab:6d:6b:70:52:33:d3:ef:b4:85:76:ef:49:a1:6b:
         19:ad:0c:87:bf:8d:6a:b8:9a:42:5d:fe:29:c8:56:79:d2:13:
         fb:d7:69:9d:68:cf:17:f9:01:ee:a5:4b:f8:e4:85:59:04:66:
         4c:15:65:f5:c0:30:82:da:49:d7:5c:d3:b2:66:9d:d6:ed:90:
         48:3e:16:96
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUM5+MEfS9XzCaa/rEmJprGdOk3HQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQyMzg1NEIxRjYxQkEzM0E0MjkzNjdCRjBBODk4RDRF
NEE5QTI0QzAeFw0yNDA2MjYxMjE1MjRaFw0yNTA2MjUxMjIwMjRaMDMxMTAvBgNV
BAMTKDA1QUJGNkJGNzZFMEQ4MDVFRjYwQ0JCRjUwQkEzNUVBRTE1MUE0MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzQt6Yxd+NfhGgDVN9iRXHSeV2
JEBlnPNZaQy0MJIjfKB47Trn+Ike60+VVHmnjo2y0WzrDkKRi61UU7CCzi8trFEN
S/cucEiBvxVb1rye1I6dPr2Vk/zUnG3KBhLgOE9uK4ZTU3pbWnnT1ZCtXrnvNkOO
mmvRdze7bhzSZh96dddHOCrGCqvOXYHK4nT7NpKAOLJczdq8uwBHGVdue2okTvKZ
8TURBu5ImvYxdpZZ2zC8AdbGb2BvhClpvW44vz/Ac6Qo9pu6Uc06jA4EOtgzPlJ2
MAGvF52HwX/grWkg/i+mKZacst2Np3jKbHB1w8vN+0ntyB5hcWWcp8IhozvZAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUBav2v3bg2AXvYMu/ULo16uFRpCowHwYDVR0j
BBgwFoAUnSOFSx9hujOkKTZ78KiY1OSpokwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDdlNDU5MmUtMjNjMC00Y2NjLTk0ZGEtNmM5NTgwN2Y4
M2U3LzEvOUQyMzg1NEIxRjYxQkEzM0E0MjkzNjdCRjBBODk4RDRFNEE5QTI0Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC85RDIzODU0QjFGNjFCQTMzQTQyOTM2N0JG
MEE4OThENEU0QTlBMjRDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kN2U0NTkyZS0yM2MwLTRjY2MtOTRkYS02Yzk1ODA3ZjgzZTcvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYyNjEzMDMyM2EzYTJmMzQzNzJkMzQzODIwM2QzZTIwMzIz
MTM0MzczMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcBKgpgRLoCMA0GCSqGSIb3DQEBCwUAA4IBAQAY
l9fNahWxbwC+KfTtGIkzNLFAohW3q17+n1R2usHRSJjKCGA8WxZM1sJd4M2P6sRD
8QIkjykMBmU7IcEJdc0km2szA9VdHRzl1s1/wTH6ar9PJZu0B1I8+ruFkBcRAFxM
S8UlcMalr1bJ6Ztn2E2YC3gDrCXK6332uKG19ASZxz1C/ptq50sK5RQXfYh4ztQp
MwgCMVXyD4z14yzVZU4L4SzRqEeYQVmeThQVZc59PzwoHMzVHKerbWtwUjPT77SF
du9JoWsZrQyHv41quJpCXf4pyFZ50hP712mdaM8X+QHupUv45IVZBGZMFWX1wDCC
2knXXNOyZp3W7ZBIPhaW
-----END CERTIFICATE-----
Generated at Mon Nov 4 13:10:05 2024 by rpki-client on console-fra.rpki-client.org