Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766353a3a2f34382d3438203d3e20323135373631.roa
File:                     326130663a383563313a3766353a3a2f34382d3438203d3e20323135373631.roa (raw, json)
Hash identifier:          byQYxxoRiZMkalXd6RzudJTQa4Ua3fqFXKXTWNIB1fs=
Subject key identifier:   97:39:96:C8:1F:C3:47:18:00:C8:FA:01:B7:2A:40:33:17:49:55:A3
Certificate issuer:       /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial:       799EEBE984CEFDBA5B868F2C73198AA8A7306BC3
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766353a3a2f34382d3438203d3e20323135373631.roa
Signing time:             Thu 04 Sep 2025 21:45:14 +0000
ROA not before:           Thu 04 Sep 2025 21:40:14 +0000
ROA not after:            Thu 03 Sep 2026 21:45:14 +0000
asID:                     215761
IP address blocks:        2a0f:85c1:7f5::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:9e:eb:e9:84:ce:fd:ba:5b:86:8f:2c:73:19:8a:a8:a7:30:6b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
        Validity
            Not Before: Sep  4 21:40:14 2025 GMT
            Not After : Sep  3 21:45:14 2026 GMT
        Subject: CN=973996C81FC3471800C8FA01B72A4033174955A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:01:20:09:45:fc:b1:66:9c:a8:30:ff:f1:b2:
                    f9:95:9d:bc:6b:f9:dc:64:24:5c:f7:84:e2:b1:cf:
                    a5:af:f2:92:70:9b:3e:64:70:86:96:c4:a9:12:7a:
                    17:bf:03:85:c3:ef:02:2d:94:3d:50:1e:0a:18:73:
                    ba:d0:7e:f6:02:92:e6:63:b0:cf:c4:32:1c:d4:fb:
                    60:84:30:67:e7:28:34:84:f5:c9:c1:2c:cf:43:22:
                    e6:18:9c:74:8e:8b:08:a9:f5:6e:52:c8:18:57:09:
                    d6:2f:f3:0e:0c:5c:f5:fe:be:6e:21:8b:30:56:ba:
                    44:2e:12:60:33:ba:0f:e2:e2:1e:56:d2:01:16:2c:
                    0c:69:94:a7:86:eb:e7:db:5b:9a:4a:cb:d8:b3:ff:
                    dc:b4:88:15:e7:c4:f4:16:76:fd:b7:19:c4:d8:13:
                    55:c1:a2:f0:14:72:fd:48:9a:17:7f:c2:1a:61:6c:
                    c3:4d:bf:5e:80:9b:65:32:c2:aa:fb:69:0a:fd:6e:
                    04:a9:39:a4:42:2d:0a:29:1a:dc:51:50:77:96:55:
                    be:96:46:44:40:00:e5:3d:67:48:aa:dd:3e:8d:cf:
                    32:d3:f9:40:a2:3a:0b:d4:52:79:e4:47:a0:3e:89:
                    e5:69:5c:20:a7:a4:2d:64:99:43:4b:61:ef:29:c7:
                    b1:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:39:96:C8:1F:C3:47:18:00:C8:FA:01:B7:2A:40:33:17:49:55:A3
            X509v3 Authority Key Identifier:
                keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766353a3a2f34382d3438203d3e20323135373631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:7f5::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:2c:29:76:62:07:01:81:5d:8f:12:9d:2d:f2:54:60:29:8d:
         35:aa:58:79:d4:d2:fb:25:93:31:4c:30:55:e8:36:56:4d:78:
         eb:23:72:6f:1f:d4:d5:7c:b7:7b:10:28:a2:2a:9d:dd:61:23:
         b3:86:39:37:eb:79:cf:4c:e8:04:33:95:46:7a:dd:33:eb:14:
         6b:1a:6a:66:fa:07:38:c0:c1:7e:07:77:8f:a2:86:43:6f:6b:
         47:9c:dd:c1:12:39:38:0d:7b:b6:09:42:41:2e:63:d0:26:3d:
         8c:f7:76:9d:97:f7:0f:43:a3:a0:81:9b:82:ec:77:0f:38:48:
         43:2d:73:53:db:ef:7f:5d:0e:a9:88:32:e5:fe:63:bf:09:d2:
         63:62:af:43:a9:60:33:8f:f3:2b:af:6b:6b:4c:e2:f1:bd:e6:
         04:79:27:ce:f5:d0:55:a8:96:5a:76:40:56:20:7d:cb:d4:20:
         38:d5:99:7c:84:dc:df:af:c3:44:81:5b:63:a0:de:0f:62:10:
         d6:08:cc:9b:d4:04:2a:f6:fa:84:b4:7d:2f:4b:af:59:e7:01:
         e9:32:af:cc:07:f2:5d:8b:94:aa:83:a7:af:91:53:25:36:a2:
         f9:13:64:e7:c5:99:a6:29:9d:86:a7:4f:b2:2b:80:32:ef:e1:
         03:61:da:1c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUeZ7r6YTO/bpbho8scxmKqKcwa8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNTA5MDQyMTQwMTRaFw0yNjA5MDMyMTQ1MTRaMDMxMTAvBgNV
BAMTKDk3Mzk5NkM4MUZDMzQ3MTgwMEM4RkEwMUI3MkE0MDMzMTc0OTU1QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmASAJRfyxZpyoMP/xsvmVnbxr
+dxkJFz3hOKxz6Wv8pJwmz5kcIaWxKkSehe/A4XD7wItlD1QHgoYc7rQfvYCkuZj
sM/EMhzU+2CEMGfnKDSE9cnBLM9DIuYYnHSOiwip9W5SyBhXCdYv8w4MXPX+vm4h
izBWukQuEmAzug/i4h5W0gEWLAxplKeG6+fbW5pKy9iz/9y0iBXnxPQWdv23GcTY
E1XBovAUcv1Imhd/whphbMNNv16Am2Uywqr7aQr9bgSpOaRCLQopGtxRUHeWVb6W
RkRAAOU9Z0iq3T6NzzLT+UCiOgvUUnnkR6A+ieVpXCCnpC1kmUNLYe8px7HRAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUlzmWyB/DRxgAyPoBtypAMxdJVaMwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3
MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM3MzYzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH9TANBgkqhkiG9w0BAQsFAAOCAQEADiwp
dmIHAYFdjxKdLfJUYCmNNapYedTS+yWTMUwwVeg2Vk146yNybx/U1Xy3exAooiqd
3WEjs4Y5N+t5z0zoBDOVRnrdM+sUaxpqZvoHOMDBfgd3j6KGQ29rR5zdwRI5OA17
tglCQS5j0CY9jPd2nZf3D0OjoIGbgux3DzhIQy1zU9vvf10OqYgy5f5jvwnSY2Kv
Q6lgM4/zK69ra0zi8b3mBHknzvXQVaiWWnZAViB9y9QgONWZfITc36/DRIFbY6De
D2IQ1gjMm9QEKvb6hLR9L0uvWecB6TKvzAfyXYuUqoOnr5FTJTai+RNk58WZpimd
hqdPsiuAMu/hA2HaHA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:17:06 2025 by rpki-client