Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e20323134343732.roa
File:                     326131343a3763373a3a2f33322d3332203d3e20323134343732.roa (raw, json)
Hash identifier:          Ef4dAYWfaPQvKuF3OIGOnbUwHvUYdr+wmPFftYOZVVk=
Subject key identifier:   C2:DA:3D:53:A3:E9:0E:06:6A:B4:0F:B1:61:1C:F1:F2:23:0D:CD:BB
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       0264D510A1EC42E77B3DA6E40957C2BFB0407CB7
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e20323134343732.roa
Signing time:             Thu 02 Oct 2025 17:20:14 +0000
ROA not before:           Thu 02 Oct 2025 17:15:14 +0000
ROA not after:            Thu 01 Oct 2026 17:20:14 +0000
asID:                     214472
IP address blocks:        2a14:7c7::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:64:d5:10:a1:ec:42:e7:7b:3d:a6:e4:09:57:c2:bf:b0:40:7c:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Oct  2 17:15:14 2025 GMT
            Not After : Oct  1 17:20:14 2026 GMT
        Subject: CN=C2DA3D53A3E90E066AB40FB1611CF1F2230DCDBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8e:82:f8:78:e7:5e:5e:bb:15:ef:47:ee:b2:
                    90:59:3a:05:5d:9e:44:5c:39:29:a1:f5:13:dd:d7:
                    af:72:e2:32:71:5d:f8:a5:40:b5:d8:0f:fd:23:29:
                    e7:20:b8:29:f7:52:40:dd:79:8a:a0:10:07:02:30:
                    3f:a2:d5:1c:7b:20:14:95:e3:0c:42:01:30:cb:37:
                    d0:19:09:73:2b:b3:48:de:a9:95:dc:1a:ac:c6:6a:
                    2e:c1:2d:a4:95:c8:27:20:23:e7:05:f3:48:54:77:
                    ee:b5:f9:c4:85:a7:b0:57:7d:27:fa:5e:4c:55:25:
                    0f:b2:2e:11:32:f3:3a:d6:59:81:82:7f:65:23:2c:
                    d6:d8:26:30:da:ce:e6:71:74:39:70:72:8f:b0:18:
                    2a:e5:83:7e:d9:3c:8a:4d:b2:fc:3c:29:b1:9c:36:
                    92:66:9c:57:d2:d7:b2:4c:86:6b:5c:03:22:6c:52:
                    5e:1c:b7:b3:73:50:3e:05:8b:28:27:86:ff:dd:e8:
                    9e:90:ba:fe:22:f4:be:4e:5d:78:5a:53:8b:a1:d1:
                    b9:fa:e1:7f:a7:85:74:34:75:43:71:63:21:07:d7:
                    ec:5c:7c:bb:93:4e:a9:ac:7e:db:05:80:81:17:f4:
                    70:3b:12:41:2c:2d:6d:07:f5:95:bb:cf:7c:cb:ad:
                    0a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:DA:3D:53:A3:E9:0E:06:6A:B4:0F:B1:61:1C:F1:F2:23:0D:CD:BB
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763373a3a2f33322d3332203d3e20323134343732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:20:4c:fc:42:5e:d8:69:d4:b1:d4:3d:56:b4:f3:2e:87:b4:
         cb:a8:1c:04:61:7a:01:1c:ef:85:63:c8:21:8d:e4:1c:b2:30:
         3c:42:04:cd:ab:24:00:03:83:5e:17:72:cc:61:75:73:1c:d2:
         75:f1:1e:f4:f5:1e:e5:33:86:f8:a0:b1:a2:cd:07:97:c9:5b:
         00:b4:7f:91:a0:85:04:22:4a:d6:de:84:73:9d:5e:49:09:bf:
         53:4d:d3:e0:3f:5b:25:02:cf:3f:29:57:6a:33:a4:fc:18:98:
         e8:d3:98:a7:48:a0:e9:b0:dd:db:fc:93:51:26:c0:fa:f0:0a:
         10:05:d4:c5:e0:8e:b5:ed:dd:61:6d:43:2f:f2:65:b7:89:bf:
         5a:99:cb:37:5a:d9:5b:d0:4a:9a:51:b8:68:89:b0:83:55:aa:
         a3:74:c4:c5:87:22:d2:a3:4f:6f:c8:8b:7d:4f:38:4c:08:ad:
         7c:c2:25:cc:ee:60:a1:a1:90:5e:d5:c0:12:fa:99:c1:b7:95:
         3a:00:87:63:2a:6b:a4:06:89:b4:a6:56:95:19:5d:ab:3b:be:
         b1:63:bc:46:16:00:ae:74:3b:42:96:4f:f3:66:ad:26:3f:53:
         65:5a:6f:64:60:5f:18:9e:e1:43:a6:81:46:4c:96:be:6c:59:
         6d:07:43:73
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUAmTVEKHsQud7PabkCVfCv7BAfLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTEwMDIxNzE1MTRaFw0yNjEwMDExNzIwMTRaMDMxMTAvBgNV
BAMTKEMyREEzRDUzQTNFOTBFMDY2QUI0MEZCMTYxMUNGMUYyMjMwRENEQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNjoL4eOdeXrsV70fuspBZOgVd
nkRcOSmh9RPd169y4jJxXfilQLXYD/0jKecguCn3UkDdeYqgEAcCMD+i1Rx7IBSV
4wxCATDLN9AZCXMrs0jeqZXcGqzGai7BLaSVyCcgI+cF80hUd+61+cSFp7BXfSf6
XkxVJQ+yLhEy8zrWWYGCf2UjLNbYJjDazuZxdDlwco+wGCrlg37ZPIpNsvw8KbGc
NpJmnFfS17JMhmtcAyJsUl4ct7NzUD4Fiygnhv/d6J6Quv4i9L5OXXhaU4uh0bn6
4X+nhXQ0dUNxYyEH1+xcfLuTTqmsftsFgIEX9HA7EkEsLW0H9ZW7z3zLrQrxAgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUwto9U6PpDgZqtA+xYRzx8iMNzbswHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuGY3JzeW5jOi8v
cmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5pcm91dGUvMS8zMjYxMzEzNDNhMzc2
MzM3M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM0MzQzNzMyLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAKhQHxzANBgkqhkiG9w0BAQsFAAOCAQEAMCBM/EJe2GnUsdQ9VrTzLoe0y6gc
BGF6ARzvhWPIIY3kHLIwPEIEzaskAAODXhdyzGF1cxzSdfEe9PUe5TOG+KCxos0H
l8lbALR/kaCFBCJK1t6Ec51eSQm/U03T4D9bJQLPPylXajOk/BiY6NOYp0ig6bDd
2/yTUSbA+vAKEAXUxeCOte3dYW1DL/Jlt4m/WpnLN1rZW9BKmlG4aImwg1Wqo3TE
xYci0qNPb8iLfU84TAitfMIlzO5goaGQXtXAEvqZwbeVOgCHYyprpAaJtKZWlRld
qzu+sWO8RhYArnQ7QpZP82atJj9TZVpvZGBfGJ7hQ6aBRkyWvmxZbQdDcw==
-----END CERTIFICATE-----