Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/infiniroute-nerdscave/0/326131343a3763343a3a2f33322d3332203d3e2030.roa
File:                     326131343a3763343a3a2f33322d3332203d3e2030.roa (raw, json)
Hash identifier:          DvK3+OsZtXBuuWX645HJ8LJ2R44gA1brMiNGMLENOQ0=
Subject key identifier:   EE:23:C1:AD:D7:D7:12:D5:39:6E:DB:25:61:01:3C:B1:A7:09:16:14
Certificate issuer:       /CN=2DC6464BC863F4B338647A68C390021651EE36B3
Certificate serial:       25F7FAFF8CA2B32AE7ED358488A6BF946AAA8B49
Authority key identifier: 2D:C6:46:4B:C8:63:F4:B3:38:64:7A:68:C3:90:02:16:51:EE:36:B3
Authority info access:    rsync://repo.rpki.space/repo/Infiniroute/1/2DC6464BC863F4B338647A68C390021651EE36B3.cer
Subject info access:      rsync://repo.rpki.space/repo/infiniroute-nerdscave/0/326131343a3763343a3a2f33322d3332203d3e2030.roa
Signing time:             Tue 30 Sep 2025 19:43:50 +0000
ROA not before:           Tue 30 Sep 2025 19:38:50 +0000
ROA not after:            Tue 29 Sep 2026 19:43:50 +0000
asID:                     0
IP address blocks:        2a14:7c4::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/infiniroute-nerdscave/0/2DC6464BC863F4B338647A68C390021651EE36B3.crl
                          rsync://repo.rpki.space/repo/infiniroute-nerdscave/0/2DC6464BC863F4B338647A68C390021651EE36B3.mft
                          rsync://repo.rpki.space/repo/Infiniroute/1/2DC6464BC863F4B338647A68C390021651EE36B3.cer
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:f7:fa:ff:8c:a2:b3:2a:e7:ed:35:84:88:a6:bf:94:6a:aa:8b:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2DC6464BC863F4B338647A68C390021651EE36B3
        Validity
            Not Before: Sep 30 19:38:50 2025 GMT
            Not After : Sep 29 19:43:50 2026 GMT
        Subject: CN=EE23C1ADD7D712D5396EDB2561013CB1A7091614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f4:66:85:42:f7:20:de:2d:f7:ec:34:39:6d:
                    86:bf:5c:e4:e6:e6:7d:00:92:05:40:52:5f:30:60:
                    1f:17:dd:0f:78:65:01:b5:67:33:dd:05:a7:28:71:
                    f7:35:fa:30:91:7e:80:f3:8f:18:af:4a:f7:8b:53:
                    70:96:1c:6c:f8:3b:6b:eb:f5:f2:e6:0c:7f:31:67:
                    cc:ce:df:a9:12:f6:68:17:4e:cc:a1:26:73:f3:0d:
                    aa:de:f5:3b:51:a1:c3:32:4a:a1:7b:f2:b2:39:59:
                    9f:39:0f:45:fa:46:93:2f:35:30:4d:37:7b:88:d5:
                    b8:32:d2:0f:79:41:d6:01:07:80:4b:f6:1a:9c:5c:
                    84:54:c9:22:b8:95:01:f4:74:23:4b:3f:a8:dd:12:
                    3a:e4:d7:75:f6:b0:ce:c1:11:e4:3d:ff:c7:a0:ac:
                    4c:98:31:af:1e:53:b9:d4:42:1f:2b:b0:29:50:2f:
                    42:50:22:83:d4:e5:a3:00:2c:de:f7:f1:53:ad:54:
                    4b:1f:af:fe:18:48:d9:f5:39:bc:c1:92:d0:7a:70:
                    87:94:65:da:7a:b0:15:00:eb:2c:ad:02:18:04:62:
                    c8:27:11:49:87:6e:28:68:30:04:0e:72:10:1c:41:
                    71:3f:d7:32:6e:1f:73:02:96:76:2e:c8:34:9f:36:
                    73:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:23:C1:AD:D7:D7:12:D5:39:6E:DB:25:61:01:3C:B1:A7:09:16:14
            X509v3 Authority Key Identifier:
                keyid:2D:C6:46:4B:C8:63:F4:B3:38:64:7A:68:C3:90:02:16:51:EE:36:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/infiniroute-nerdscave/0/2DC6464BC863F4B338647A68C390021651EE36B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo.rpki.space/repo/Infiniroute/1/2DC6464BC863F4B338647A68C390021651EE36B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/infiniroute-nerdscave/0/326131343a3763343a3a2f33322d3332203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c4::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:15:8e:a3:d4:57:18:b4:2c:13:44:21:42:03:a5:b5:f8:ca:
         fe:2c:d8:96:3c:60:68:8f:d5:0f:dc:82:3d:32:d5:0b:99:d3:
         67:cb:2c:cd:f1:3d:d5:14:df:3e:7b:29:df:5c:c8:12:f8:e6:
         7d:35:07:b5:a8:52:2a:f5:cf:37:f1:c8:f4:07:f3:25:8a:05:
         12:23:d1:f2:7b:f2:25:81:5d:12:95:a8:e4:70:5e:8c:eb:d5:
         1d:6a:2f:eb:45:c3:05:c5:12:d9:30:2d:ee:6e:dc:5b:19:72:
         17:1c:38:b4:b3:0a:c3:d2:ee:b1:a2:89:de:c8:ab:ea:84:41:
         74:c8:87:2e:af:42:ad:94:e0:42:aa:9d:64:e4:ca:b2:2e:a2:
         34:5b:3f:8c:81:65:a8:50:10:32:07:74:de:18:1e:b6:1f:87:
         fb:6f:bc:2f:b7:4e:26:3c:2a:d3:20:af:17:a2:db:e3:cd:8f:
         26:a2:7e:d7:a6:6f:db:53:09:83:b0:07:ce:23:4b:a0:ae:16:
         94:a9:b3:de:73:c9:54:86:9c:f5:70:8f:33:92:7d:72:89:f7:
         f1:59:9b:10:9b:d8:2c:f1:d7:27:86:83:7d:a7:2d:2f:fa:08:
         4a:ad:12:14:68:ca:b1:51:4c:27:3f:88:64:55:20:32:be:45:
         80:84:9b:86
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUJff6/4yisyrn7TWEiKa/lGqqi0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkRDNjQ2NEJDODYzRjRCMzM4NjQ3QTY4QzM5MDAyMTY1
MUVFMzZCMzAeFw0yNTA5MzAxOTM4NTBaFw0yNjA5MjkxOTQzNTBaMDMxMTAvBgNV
BAMTKEVFMjNDMUFERDdENzEyRDUzOTZFREIyNTYxMDEzQ0IxQTcwOTE2MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd9GaFQvcg3i337DQ5bYa/XOTm
5n0AkgVAUl8wYB8X3Q94ZQG1ZzPdBacocfc1+jCRfoDzjxivSveLU3CWHGz4O2vr
9fLmDH8xZ8zO36kS9mgXTsyhJnPzDare9TtRocMySqF78rI5WZ85D0X6RpMvNTBN
N3uI1bgy0g95QdYBB4BL9hqcXIRUySK4lQH0dCNLP6jdEjrk13X2sM7BEeQ9/8eg
rEyYMa8eU7nUQh8rsClQL0JQIoPU5aMALN738VOtVEsfr/4YSNn1ObzBktB6cIeU
Zdp6sBUA6yytAhgEYsgnEUmHbihoMAQOchAcQXE/1zJuH3MClnYuyDSfNnMxAgMB
AAGjggH6MIIB9jAdBgNVHQ4EFgQU7iPBrdfXEtU5btslYQE8sacJFhQwHwYDVR0j
BBgwFoAULcZGS8hj9LM4ZHpow5ACFlHuNrMwDgYDVR0PAQH/BAQDAgeAMHIGA1Ud
HwRrMGkwZ6BloGOGYXJzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vaW5maW5p
cm91dGUtbmVyZHNjYXZlLzAvMkRDNjQ2NEJDODYzRjRCMzM4NjQ3QTY4QzM5MDAy
MTY1MUVFMzZCMy5jcmwwcwYIKwYBBQUHAQEEZzBlMGMGCCsGAQUFBzAChldyc3lu
YzovL3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMkRDNjQ2NEJD
ODYzRjRCMzM4NjQ3QTY4QzM5MDAyMTY1MUVFMzZCMy5jZXIwfwYIKwYBBQUHAQsE
czBxMG8GCCsGAQUFBzALhmNyc3luYzovL3JlcG8ucnBraS5zcGFjZS9yZXBvL2lu
ZmluaXJvdXRlLW5lcmRzY2F2ZS8wLzMyNjEzMTM0M2EzNzYzMzQzYTNhMmYzMzMy
MmQzMzMyMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoUB8QwDQYJKoZIhvcNAQELBQAD
ggEBAIwVjqPUVxi0LBNEIUIDpbX4yv4s2JY8YGiP1Q/cgj0y1QuZ02fLLM3xPdUU
3z57Kd9cyBL45n01B7WoUir1zzfxyPQH8yWKBRIj0fJ78iWBXRKVqORwXozr1R1q
L+tFwwXFEtkwLe5u3FsZchccOLSzCsPS7rGiid7Iq+qEQXTIhy6vQq2U4EKqnWTk
yrIuojRbP4yBZahQEDIHdN4YHrYfh/tvvC+3TiY8KtMgrxei2+PNjyaiftemb9tT
CYOwB84jS6CuFpSps95zyVSGnPVwjzOSfXKJ9/FZmxCb2Czx1yeGg32nLS/6CEqt
EhRoyrFRTCc/iGRVIDK+RYCEm4Y=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:29:44 2025 by rpki-client