Route Origin Authorization

$ rpki-client -vvf rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa
File:                     326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa (raw, json)
Hash identifier:          TOp9JkY/rGz/SJLd45bT6LAcClPYdoP1k2wrFPRdbfQ=
Subject key identifier:   B6:3E:7E:18:17:33:A5:FE:7C:77:81:8D:26:F0:AE:AB:3B:74:E6:71
Certificate issuer:       /CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
Certificate serial:       633BD1FB81CD21DA5BC71797D6AE6F22C3D81E68
Authority key identifier: 60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
Subject info access:      rsync://rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa
Signing time:             Sun 03 Aug 2025 16:37:52 +0000
ROA not before:           Sun 03 Aug 2025 16:32:52 +0000
ROA not after:            Sun 02 Aug 2026 16:37:52 +0000
asID:                     57984
IP address blocks:        2a0b:2f07:abcd::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl
                          rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 09:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:3b:d1:fb:81:cd:21:da:5b:c7:17:97:d6:ae:6f:22:c3:d8:1e:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60183287eb08ece0c65fa49a3f45621c612ddbd1
        Validity
            Not Before: Aug  3 16:32:52 2025 GMT
            Not After : Aug  2 16:37:52 2026 GMT
        Subject: CN=B63E7E181733A5FE7C77818D26F0AEAB3B74E671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:2b:d0:5b:0c:a1:34:25:99:ce:e5:be:24:19:
                    b5:9b:e3:a2:5b:e7:af:f0:33:5e:bf:e4:df:df:c8:
                    4e:6c:bb:b3:1b:42:f4:16:09:5f:6e:da:3a:da:df:
                    4b:01:e3:08:b8:ad:1c:d7:70:8d:21:a3:31:ed:1a:
                    4d:a3:85:91:8b:0e:4f:81:2d:d1:7f:2f:2c:bf:67:
                    09:72:1c:d0:3a:b8:d3:f1:05:0d:87:4a:e0:a9:68:
                    f8:85:96:d0:a8:03:cc:16:c3:d0:ba:37:5e:34:74:
                    5d:f7:8d:79:9d:e7:16:77:20:9e:83:ce:5f:71:f6:
                    8f:ae:bc:14:d8:1e:93:6c:f8:15:d5:c8:ef:d6:18:
                    32:af:75:19:24:a7:0c:69:48:ed:c2:33:03:90:9e:
                    84:2a:a4:7c:ed:ec:d7:f1:25:d3:54:1c:3d:3d:7e:
                    9d:37:b8:59:79:38:6d:c7:3f:2d:55:de:48:37:dd:
                    a6:5d:f9:1f:8b:14:e9:d8:cc:52:ef:5a:a5:fa:50:
                    8e:ea:99:d4:25:1b:7e:ee:25:91:00:1c:e3:88:6e:
                    44:a4:96:12:f3:d6:d2:ff:75:b9:d3:f3:0c:da:49:
                    27:b7:ea:fe:3b:95:45:66:18:d9:97:5e:de:bc:b4:
                    e9:40:9d:2d:85:f0:26:ea:90:bb:48:22:03:0b:44:
                    1e:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:3E:7E:18:17:33:A5:FE:7C:77:81:8D:26:F0:AE:AB:3B:74:E6:71
            X509v3 Authority Key Identifier:
                keyid:60:18:32:87:EB:08:EC:E0:C6:5F:A4:9A:3F:45:62:1C:61:2D:DB:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.xindi.eu/repo/XINDI/0/60183287EB08ECE0C65FA49A3F45621C612DDBD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YBgyh-sI7ODGX6SaP0ViHGEt29E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.xindi.eu/repo/XINDI/0/326130623a326630373a616263643a3a2f34382d3438203d3e203537393834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:2f07:abcd::/48

    Signature Algorithm: sha256WithRSAEncryption
         bb:a9:b3:ba:0f:26:ac:a9:5a:9d:e9:fb:c1:cd:2a:29:08:8f:
         61:f7:e0:5d:36:28:9b:0e:ea:c0:15:b0:2a:4a:57:68:ab:fe:
         d3:60:90:ba:00:29:7f:1e:42:ee:d3:58:c1:3a:18:37:d1:61:
         46:ca:f9:48:ed:28:65:39:43:17:7f:4e:81:c2:7c:8f:f7:2a:
         ac:59:0f:63:d6:d8:ac:d3:f1:6b:39:83:8a:ba:54:80:a3:5e:
         f8:80:bf:dd:a8:f8:03:e3:59:fd:d2:43:bd:d7:0b:5f:39:41:
         84:e0:2a:6d:91:b8:3d:7d:d4:40:be:7f:17:e6:9a:62:ea:c7:
         3c:6a:c5:68:41:23:2e:75:c3:4e:55:71:72:08:80:55:2e:fe:
         35:25:cb:34:9e:dd:bb:20:5b:6b:68:ab:07:77:2b:78:84:94:
         b6:63:69:f3:93:7e:fe:2c:cd:5e:ff:e6:26:8c:e8:2a:51:02:
         fb:1e:ad:85:0f:aa:8b:87:fb:3f:ae:1a:10:fd:07:dc:2f:bb:
         c8:cf:5d:bb:9b:26:22:d2:b4:85:5e:4a:12:77:61:49:3b:85:
         78:5b:c2:58:79:67:8f:b4:63:6d:16:4b:1a:fb:09:a0:7d:ee:
         5c:27:7f:9e:3e:36:cb:65:a1:4b:b4:22:cf:7f:a8:73:8d:e1:
         6a:c7:e6:61
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUYzvR+4HNIdpbxxeX1q5vIsPYHmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjAxODMyODdlYjA4ZWNlMGM2NWZhNDlhM2Y0NTYyMWM2
MTJkZGJkMTAeFw0yNTA4MDMxNjMyNTJaFw0yNjA4MDIxNjM3NTJaMDMxMTAvBgNV
BAMTKEI2M0U3RTE4MTczM0E1RkU3Qzc3ODE4RDI2RjBBRUFCM0I3NEU2NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvK9BbDKE0JZnO5b4kGbWb46Jb
56/wM16/5N/fyE5su7MbQvQWCV9u2jra30sB4wi4rRzXcI0hozHtGk2jhZGLDk+B
LdF/Lyy/ZwlyHNA6uNPxBQ2HSuCpaPiFltCoA8wWw9C6N140dF33jXmd5xZ3IJ6D
zl9x9o+uvBTYHpNs+BXVyO/WGDKvdRkkpwxpSO3CMwOQnoQqpHzt7NfxJdNUHD09
fp03uFl5OG3HPy1V3kg33aZd+R+LFOnYzFLvWqX6UI7qmdQlG37uJZEAHOOIbkSk
lhLz1tL/dbnT8wzaSSe36v47lUVmGNmXXt68tOlAnS2F8CbqkLtIIgMLRB4rAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUtj5+GBczpf58d4GNJvCuqzt05nEwHwYDVR0j
BBgwFoAUYBgyh+sI7ODGX6SaP0ViHGEt29EwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraS54aW5kaS5ldS9yZXBvL1hJTkRJLzAv
NjAxODMyODdFQjA4RUNFMEM2NUZBNDlBM0Y0NTYyMUM2MTJEREJEMS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL1lCZ3loLXNJN09ER1g2U2FQMFZpSEdFdDI5RS5j
ZXIwgYEGCCsGAQUFBwELBHUwczBxBggrBgEFBQcwC4ZlcnN5bmM6Ly9ycGtpLnhp
bmRpLmV1L3JlcG8vWElOREkvMC8zMjYxMzA2MjNhMzI2NjMwMzczYTYxNjI2MzY0
M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNzM5MzgzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoL
LwerzTANBgkqhkiG9w0BAQsFAAOCAQEAu6mzug8mrKlanen7wc0qKQiPYffgXTYo
mw7qwBWwKkpXaKv+02CQugApfx5C7tNYwToYN9FhRsr5SO0oZTlDF39OgcJ8j/cq
rFkPY9bYrNPxazmDirpUgKNe+IC/3aj4A+NZ/dJDvdcLXzlBhOAqbZG4PX3UQL5/
F+aaYurHPGrFaEEjLnXDTlVxcgiAVS7+NSXLNJ7duyBba2irB3creISUtmNp85N+
/izNXv/mJozoKlEC+x6thQ+qi4f7P64aEP0H3C+7yM9du5smItK0hV5KEndhSTuF
eFvCWHlnj7RjbRZLGvsJoH3uXCd/nj42y2WhS7Qiz3+oc43hasfmYQ==
-----END CERTIFICATE-----