Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
File:                     323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa (raw, json)
Hash identifier:          qPQeu/7M50ShpMjQ7Dkik+VbeEdUIQ58WUoPL4CU+wI=
Subject key identifier:   27:9E:13:0A:94:4E:E4:BD:C2:28:36:3D:43:10:02:DD:0A:26:5F:D8
Certificate issuer:       /CN=547bc28c92a229a5ac78c0de287d89ce37726409
Certificate serial:       1C7416B6184D374B7F29A99CA1EAE6865BD031E4
Authority key identifier: 54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa
Signing time:             Mon 19 Aug 2024 16:06:57 +0000
ROA not before:           Mon 19 Aug 2024 16:01:57 +0000
ROA not after:            Mon 18 Aug 2025 16:06:57 +0000
asID:                     60431
IP address blocks:        2001:678:cb0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 15:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:74:16:b6:18:4d:37:4b:7f:29:a9:9c:a1:ea:e6:86:5b:d0:31:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=547bc28c92a229a5ac78c0de287d89ce37726409
        Validity
            Not Before: Aug 19 16:01:57 2024 GMT
            Not After : Aug 18 16:06:57 2025 GMT
        Subject: CN=279E130A944EE4BDC228363D431002DD0A265FD8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ea:30:4e:8d:62:a4:b5:21:d6:6f:25:bf:91:
                    10:4e:94:2a:68:10:42:e2:71:fc:a8:42:ed:01:65:
                    a3:86:62:13:39:c0:c4:4f:3d:36:88:d8:f2:d1:37:
                    75:56:35:3b:41:6b:bc:60:10:8e:54:a6:03:e8:47:
                    a5:12:b1:bd:31:71:5e:86:50:5d:2c:6a:0c:17:f4:
                    d3:cb:71:b4:ce:08:74:20:5a:ec:28:53:7e:cd:d4:
                    02:91:4b:08:3b:6b:1f:ce:bf:ec:0e:8a:0f:ee:cb:
                    65:e1:09:c2:e8:ba:1d:6e:df:18:f2:c1:36:6b:3d:
                    a0:fc:41:76:92:f8:51:d4:4b:a1:f6:40:75:47:56:
                    8f:c0:9e:d7:c4:8c:48:65:c5:44:1c:71:90:da:61:
                    ec:1d:77:f2:0d:42:ef:50:40:df:f3:1c:9f:4f:e7:
                    68:08:c2:f6:e9:8a:18:42:a7:f8:98:b7:c2:8c:97:
                    8c:d5:23:08:4f:1b:d1:10:9a:23:59:17:22:b6:f8:
                    df:ff:03:fb:43:67:66:f7:64:ca:b4:d6:31:18:2c:
                    a5:9a:71:13:51:0d:b8:d1:51:35:27:83:22:b2:15:
                    07:43:ec:12:c1:f8:17:c2:3f:03:99:a2:29:c2:5d:
                    97:29:0b:2e:44:c8:07:3c:dc:cb:75:7f:eb:0c:2a:
                    c0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:9E:13:0A:94:4E:E4:BD:C2:28:36:3D:43:10:02:DD:0A:26:5F:D8
            X509v3 Authority Key Identifier:
                keyid:54:7B:C2:8C:92:A2:29:A5:AC:78:C0:DE:28:7D:89:CE:37:72:64:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/547BC28C92A229A5AC78C0DE287D89CE37726409.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHvCjJKiKaWseMDeKH2JzjdyZAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/df49d7f7-bb3f-4187-be29-59ef2d89039a/0/323030313a3637383a6362303a3a2f34382d3438203d3e203630343331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:cb0::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:3c:2a:7d:6f:e8:ab:ee:d4:de:68:dd:a9:8b:5e:cf:66:88:
         9c:47:95:31:04:85:e2:a1:44:88:7b:3c:36:4e:1d:38:e0:4b:
         de:79:7f:1f:a0:60:5a:d7:17:38:c7:c4:4b:26:f4:71:5b:21:
         14:8e:e1:e1:20:fe:ba:c6:e7:c5:80:75:6b:93:be:d1:c3:41:
         c0:f5:94:83:00:5b:90:19:a2:2b:1d:1b:8a:12:57:54:d9:a7:
         f9:47:76:15:fb:2d:28:32:3c:31:ec:77:30:fd:e2:44:bd:2e:
         1c:cb:74:87:a4:d1:70:28:82:b1:5e:aa:57:18:ee:2c:d0:e0:
         bb:47:fc:9b:66:8f:46:e6:26:be:e9:5e:6d:3b:30:56:25:b4:
         65:87:d7:e5:e8:e5:51:0b:23:af:1f:07:e5:3e:e8:1e:7a:5f:
         25:ba:43:2f:c0:8e:40:ab:80:9a:f0:f1:95:c6:2e:80:bd:2d:
         62:0a:ee:78:51:8e:f9:d0:40:b8:1f:1f:31:1a:67:bc:ab:f6:
         b2:64:3b:37:8e:85:07:2a:98:78:95:bb:0d:c0:79:bd:33:ac:
         35:f2:b9:d7:27:07:55:cd:47:e8:58:3b:17:50:72:ab:04:42:
         47:38:96:46:e3:32:77:d5:4f:12:cd:59:06:e9:ae:15:a4:c1:
         cc:b5:06:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHHQWthhNN0t/KamcoermhlvQMeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTQ3YmMyOGM5MmEyMjlhNWFjNzhjMGRlMjg3ZDg5Y2Uz
NzcyNjQwOTAeFw0yNDA4MTkxNjAxNTdaFw0yNTA4MTgxNjA2NTdaMDMxMTAvBgNV
BAMTKDI3OUUxMzBBOTQ0RUU0QkRDMjI4MzYzRDQzMTAwMkREMEEyNjVGRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6jBOjWKktSHWbyW/kRBOlCpo
EELicfyoQu0BZaOGYhM5wMRPPTaI2PLRN3VWNTtBa7xgEI5UpgPoR6USsb0xcV6G
UF0sagwX9NPLcbTOCHQgWuwoU37N1AKRSwg7ax/Ov+wOig/uy2XhCcLouh1u3xjy
wTZrPaD8QXaS+FHUS6H2QHVHVo/AntfEjEhlxUQccZDaYewdd/INQu9QQN/zHJ9P
52gIwvbpihhCp/iYt8KMl4zVIwhPG9EQmiNZFyK2+N//A/tDZ2b3ZMq01jEYLKWa
cRNRDbjRUTUngyKyFQdD7BLB+BfCPwOZoinCXZcpCy5EyAc83Mt1f+sMKsCFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJ54TCpRO5L3CKDY9QxAC3QomX9gwHwYDVR0j
BBgwFoAUVHvCjJKiKaWseMDeKH2JzjdyZAkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGY0OWQ3ZjctYmIzZi00MTg3LWJlMjktNTllZjJkODkw
MzlhLzAvNTQ3QkMyOEM5MkEyMjlBNUFDNzhDMERFMjg3RDg5Q0UzNzcyNjQwOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZIdkNqSktpS2FXc2VNRGVLSDJKempk
eVpBay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGY0OWQ3Zjct
YmIzZi00MTg3LWJlMjktNTllZjJkODkwMzlhLzAvMzIzMDMwMzEzYTM2MzczODNh
NjM2MjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzYzMDM0MzMzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBngMsDANBgkqhkiG9w0BAQsFAAOCAQEAXjwqfW/oq+7U3mjdqYtez2aI
nEeVMQSF4qFEiHs8Nk4dOOBL3nl/H6BgWtcXOMfESyb0cVshFI7h4SD+usbnxYB1
a5O+0cNBwPWUgwBbkBmiKx0bihJXVNmn+Ud2FfstKDI8Mex3MP3iRL0uHMt0h6TR
cCiCsV6qVxjuLNDgu0f8m2aPRuYmvulebTswViW0ZYfX5ejlUQsjrx8H5T7oHnpf
JbpDL8COQKuAmvDxlcYugL0tYgrueFGO+dBAuB8fMRpnvKv2smQ7N46FByqYeJW7
DcB5vTOsNfK51ycHVc1H6Fg7F1ByqwRCRziWRuMyd9VPEs1ZBumuFaTBzLUGdA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:11:00 2024 by rpki-client on console-ams.rpki-client.org