Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/323630323a663764653a3a2f34302d3438203d3e203236393534.roa
File:                     323630323a663764653a3a2f34302d3438203d3e203236393534.roa (raw, json)
Hash identifier:          nc0OfcCKdw/6xTqKkcylPBA4tjafxEa+iXIGeRNqKAA=
Subject key identifier:   BA:11:33:E1:91:C5:C5:EC:C4:12:4E:A8:19:01:E4:89:AB:10:28:3E
Certificate issuer:       /CN=324ffe39a98a0146b503d8a015ca2c2e767cf3d0b9fde6231b
Certificate serial:       0DDE9637AE992F7C2BAB76249E5B93A776139189
Authority key identifier: 3F:CD:3A:83:9E:A1:41:7F:D9:88:F3:DD:FD:04:54:19:7F:AA:F4:7A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e/324ffe39a98a0146b503d8a015ca2c2e767cf3d0b9fde6231b.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/323630323a663764653a3a2f34302d3438203d3e203236393534.roa
Signing time:             Thu 02 Oct 2025 16:21:19 +0000
ROA not before:           Thu 02 Oct 2025 16:16:19 +0000
ROA not after:            Thu 01 Oct 2026 16:21:19 +0000
asID:                     26954
IP address blocks:        2602:f7de::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/3FCD3A839EA1417FD988F3DDFD0454197FAAF47A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/3FCD3A839EA1417FD988F3DDFD0454197FAAF47A.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e/324ffe39a98a0146b503d8a015ca2c2e767cf3d0b9fde6231b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e/51cd99f7-2f42-4dec-b2c6-09bafaa3780e.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e/51cd99f7-2f42-4dec-b2c6-09bafaa3780e.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/69fd0156-bb1f-48b6-bf32-c9492286f195.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/69fd0156-bb1f-48b6-bf32-c9492286f195.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:41:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:de:96:37:ae:99:2f:7c:2b:ab:76:24:9e:5b:93:a7:76:13:91:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=324ffe39a98a0146b503d8a015ca2c2e767cf3d0b9fde6231b
        Validity
            Not Before: Oct  2 16:16:19 2025 GMT
            Not After : Oct  1 16:21:19 2026 GMT
        Subject: CN=BA1133E191C5C5ECC4124EA81901E489AB10283E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:6e:13:4a:ee:70:15:0a:ea:23:62:3f:9f:a7:
                    7e:dc:42:62:70:06:41:de:b0:3a:2a:6d:66:18:d9:
                    8a:d4:a2:97:ac:60:0c:f1:d7:f0:c4:cd:2e:b5:46:
                    92:a4:6d:57:86:fb:a1:9f:7f:97:aa:48:c7:9f:e1:
                    f2:d3:7f:29:10:b3:67:cc:e4:d0:d1:40:a0:29:80:
                    1b:94:00:73:7d:81:d2:d8:b2:f6:53:1d:9f:9b:e3:
                    75:e3:76:bd:9b:7f:20:70:07:2a:cb:f7:17:c5:40:
                    68:dd:d3:cd:0f:34:91:07:bf:9c:84:c5:25:31:9c:
                    b3:e8:39:2b:b5:0d:c5:b4:22:1a:47:dc:d8:55:ad:
                    fa:98:e9:ab:4d:ba:1a:79:95:84:80:4c:77:50:16:
                    80:08:11:a5:09:59:10:6f:fb:e2:8b:54:00:a0:27:
                    19:6c:9f:93:d7:0c:6f:37:5f:73:03:20:a5:b0:50:
                    90:ac:df:30:20:a0:d9:b1:7f:f8:47:e3:26:b6:90:
                    26:0f:3e:cf:3a:ec:ad:fe:ed:62:c5:11:c9:2e:7d:
                    f5:9c:26:28:14:69:1e:fb:df:30:d1:74:24:b6:79:
                    c9:f3:8a:a8:0b:9b:cc:59:d1:e1:42:d4:83:d3:14:
                    86:fe:41:fa:d2:4c:2c:e0:f9:be:35:6e:9e:dd:92:
                    1b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:11:33:E1:91:C5:C5:EC:C4:12:4E:A8:19:01:E4:89:AB:10:28:3E
            X509v3 Authority Key Identifier:
                keyid:3F:CD:3A:83:9E:A1:41:7F:D9:88:F3:DD:FD:04:54:19:7F:AA:F4:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/3FCD3A839EA1417FD988F3DDFD0454197FAAF47A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/51cd99f7-2f42-4dec-b2c6-09bafaa3780e/324ffe39a98a0146b503d8a015ca2c2e767cf3d0b9fde6231b.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/1/323630323a663764653a3a2f34302d3438203d3e203236393534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f7de::/40

    Signature Algorithm: sha256WithRSAEncryption
         6a:06:99:9a:65:41:44:b5:48:d0:9b:f2:0b:2d:6c:62:54:b5:
         2a:db:2a:48:db:83:83:50:71:cb:c0:56:ee:98:7d:8d:9d:4f:
         c0:21:52:66:f3:17:5c:c8:b5:c5:6d:75:38:0f:13:8d:07:62:
         c2:90:88:06:21:87:29:7e:81:39:1e:aa:c9:9c:40:28:24:52:
         07:e9:ab:69:43:8c:45:bd:3f:24:41:6e:5c:1c:cd:c7:52:69:
         f5:48:ee:9f:9c:ef:53:b0:a2:b3:4c:8d:6a:e6:10:2f:3b:98:
         93:48:70:88:2b:2d:44:8a:b2:3c:5f:92:9e:33:9d:92:50:55:
         2b:62:2b:5d:e7:63:0b:70:58:42:a4:d0:41:c3:4e:33:94:3e:
         6a:f9:3f:1d:b6:9b:1a:6a:9e:f1:44:74:81:0d:94:9f:97:f5:
         66:ab:b1:82:e9:0c:3d:24:88:40:54:8a:8c:3c:48:fd:4c:49:
         8e:3f:b0:23:73:15:72:31:09:8b:3b:b1:b7:a3:89:39:98:1f:
         51:a6:3e:57:07:bd:e0:ac:10:1d:35:50:9d:80:84:1b:11:97:
         52:08:8a:b8:aa:f9:78:09:19:f9:ad:d7:c9:24:aa:81:ff:c0:
         34:b1:b9:9a:f8:eb:c7:51:81:e1:16:38:56:a6:73:7f:fc:a1:
         56:13:16:b9
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUDd6WN66ZL3wrq3YknluTp3YTkYkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMzI0ZmZlMzlhOThhMDE0NmI1MDNkOGEwMTVjYTJjMmU3
NjdjZjNkMGI5ZmRlNjIzMWIwHhcNMjUxMDAyMTYxNjE5WhcNMjYxMDAxMTYyMTE5
WjAzMTEwLwYDVQQDEyhCQTExMzNFMTkxQzVDNUVDQzQxMjRFQTgxOTAxRTQ4OUFC
MTAyODNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W4TSu5wFQrq
I2I/n6d+3EJicAZB3rA6Km1mGNmK1KKXrGAM8dfwxM0utUaSpG1Xhvuhn3+XqkjH
n+Hy038pELNnzOTQ0UCgKYAblABzfYHS2LL2Ux2fm+N143a9m38gcAcqy/cXxUBo
3dPNDzSRB7+chMUlMZyz6DkrtQ3FtCIaR9zYVa36mOmrTboaeZWEgEx3UBaACBGl
CVkQb/vii1QAoCcZbJ+T1wxvN19zAyClsFCQrN8wIKDZsX/4R+MmtpAmDz7POuyt
/u1ixRHJLn31nCYoFGke+98w0XQktnnJ84qoC5vMWdHhQtSD0xSG/kH60kws4Pm+
NW6e3ZIbBQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFLoRM+GRxcXsxBJOqBkB5Imr
ECg+MB8GA1UdIwQYMBaAFD/NOoOeoUF/2Yjz3f0EVBl/qvR6MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5
LTBhYjcwZTQ4MTViYi8xLzNGQ0QzQTgzOUVBMTQxN0ZEOTg4RjNEREZEMDQ1NDE5
N0ZBQUY0N0EuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzY5ZmQwMTU2LWJiMWYt
NDhiNi1iZjMyLWM5NDkyMjg2ZjE5NS81MWNkOTlmNy0yZjQyLTRkZWMtYjJjNi0w
OWJhZmFhMzc4MGUvMzI0ZmZlMzlhOThhMDE0NmI1MDNkOGEwMTVjYTJjMmU3Njdj
ZjNkMGI5ZmRlNjIzMWIuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4MTViYi8xLzMyMzYzMDMy
M2E2NjM3NjQ2NTNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzYzOTM1MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAmAvfeADANBgkqhkiG9w0BAQsFAAOCAQEAagaZmmVBRLVI0JvyCy1s
YlS1KtsqSNuDg1Bxy8BW7ph9jZ1PwCFSZvMXXMi1xW11OA8TjQdiwpCIBiGHKX6B
OR6qyZxAKCRSB+mraUOMRb0/JEFuXBzNx1Jp9Ujun5zvU7Cis0yNauYQLzuYk0hw
iCstRIqyPF+SnjOdklBVK2IrXedjC3BYQqTQQcNOM5Q+avk/HbabGmqe8UR0gQ2U
n5f1ZquxgukMPSSIQFSKjDxI/UxJjj+wI3MVcjEJizuxt6OJOZgfUaY+Vwe94KwQ
HTVQnYCEGxGXUgiKuKr5eAkZ+a3XySSqgf/ANLG5mvjrx1GB4RY4VqZzf/yhVhMW
uQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:08:36 2025 by rpki-client