Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a393130303a3a2f34342d3438203d3e20323135333137.roa
File:                     326131343a3763303a393130303a3a2f34342d3438203d3e20323135333137.roa (raw, json)
Hash identifier:          tsogUKFLe9FbYTMJfL6vEKquF2D0WujqbgvPVhdhqsc=
Subject key identifier:   09:0B:56:35:90:08:38:0E:27:31:76:49:FB:FD:D6:1D:A3:AA:55:62
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       7AABB6471A840274A49A90D96EE3D8F5D71DEA39
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a393130303a3a2f34342d3438203d3e20323135333137.roa
Signing time:             Tue 29 Apr 2025 15:19:16 +0000
ROA not before:           Tue 29 Apr 2025 15:14:16 +0000
ROA not after:            Tue 28 Apr 2026 15:19:16 +0000
asID:                     215317
IP address blocks:        2a14:7c0:9100::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 19:17:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:ab:b6:47:1a:84:02:74:a4:9a:90:d9:6e:e3:d8:f5:d7:1d:ea:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Apr 29 15:14:16 2025 GMT
            Not After : Apr 28 15:19:16 2026 GMT
        Subject: CN=090B56359008380E27317649FBFDD61DA3AA5562
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d4:8c:83:2a:24:64:4e:b6:54:66:52:bc:e2:
                    0d:7d:a9:de:92:d8:e6:57:43:64:47:b0:4d:04:48:
                    49:10:d3:70:d3:fc:20:2a:91:24:af:d0:c0:89:f4:
                    89:27:3f:15:f2:00:97:dc:23:64:f2:99:e8:b1:c9:
                    33:b5:1c:65:a7:c8:d0:af:7d:9f:a5:f4:86:20:5f:
                    58:8a:a3:5a:fb:66:c5:74:ad:6a:76:6a:bc:11:e9:
                    ae:93:8d:ed:8c:2c:f3:95:e2:42:51:99:2f:db:85:
                    cd:76:80:35:87:1b:72:9c:a3:3c:d1:f1:30:57:ff:
                    ae:d1:fb:65:57:8a:61:76:a9:ea:b2:c9:ca:09:da:
                    88:54:83:43:5b:c2:4f:ac:9a:e7:15:47:ff:0d:29:
                    d6:1e:c6:42:0e:7c:88:ed:50:58:99:f4:c1:fb:84:
                    ed:7d:b1:c1:9d:2c:8e:f1:92:58:e3:fb:0a:a5:9b:
                    6d:35:0c:20:19:15:59:e2:9a:a5:f2:e4:24:d8:66:
                    cb:70:c7:cf:3c:ca:45:b3:bc:70:94:b7:74:9c:3e:
                    af:03:c7:53:82:f7:97:84:83:e5:cc:57:2c:3c:69:
                    1d:47:58:e7:3d:d7:b0:7d:96:b0:fc:49:00:f7:15:
                    e6:c4:1d:e1:c1:2c:c0:31:17:82:b3:61:01:33:10:
                    e4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:0B:56:35:90:08:38:0E:27:31:76:49:FB:FD:D6:1D:A3:AA:55:62
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a393130303a3a2f34342d3438203d3e20323135333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:9100::/44

    Signature Algorithm: sha256WithRSAEncryption
         9f:c5:85:8f:db:66:c4:8b:3a:de:74:26:9e:e9:83:8b:2e:83:
         3b:ed:55:e5:ef:e0:58:b1:3d:63:62:97:15:dc:d2:9b:15:d6:
         60:76:04:48:35:ec:04:a6:f0:2c:57:52:35:05:7a:64:53:cd:
         c8:c6:6a:d8:0d:f9:2a:84:a3:58:ff:8e:4c:80:a7:e1:3d:ee:
         4a:a4:77:4f:55:35:9b:b4:3a:52:fb:90:43:26:3f:6a:a4:28:
         b6:77:49:fc:e7:1e:99:5c:a5:90:e5:72:25:89:09:3c:67:96:
         8d:cd:97:8c:3a:cd:f6:52:00:b9:e4:de:a9:bb:e5:58:96:af:
         2d:64:fb:7d:d6:37:99:f5:e6:0a:a2:03:ed:da:aa:4c:eb:0f:
         89:40:0d:8e:60:52:ea:a6:fd:93:7c:69:34:ca:55:a6:a5:ba:
         47:f8:c9:d9:d2:e7:ee:90:2b:ce:01:cc:f3:ea:37:69:36:3d:
         32:27:b5:0f:3f:8e:50:5a:91:6d:b8:60:80:14:80:b9:1b:34:
         f7:ed:f9:d1:cd:7f:1f:cd:b2:2a:b8:69:fa:50:77:16:fc:1c:
         e0:6e:ee:1d:70:75:f3:54:21:67:2a:bd:b5:86:c3:9a:21:51:
         48:97:fa:90:2d:66:03:01:18:ec:85:e2:39:73:41:86:5c:03:
         14:8a:a0:bd
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUequ2RxqEAnSkmpDZbuPY9dcd6jkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTA0MjkxNTE0MTZaFw0yNjA0MjgxNTE5MTZaMDMxMTAvBgNV
BAMTKDA5MEI1NjM1OTAwODM4MEUyNzMxNzY0OUZCRkRENjFEQTNBQTU1NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO1IyDKiRkTrZUZlK84g19qd6S
2OZXQ2RHsE0ESEkQ03DT/CAqkSSv0MCJ9IknPxXyAJfcI2TymeixyTO1HGWnyNCv
fZ+l9IYgX1iKo1r7ZsV0rWp2arwR6a6Tje2MLPOV4kJRmS/bhc12gDWHG3KcozzR
8TBX/67R+2VXimF2qeqyycoJ2ohUg0Nbwk+smucVR/8NKdYexkIOfIjtUFiZ9MH7
hO19scGdLI7xkljj+wqlm201DCAZFVnimqXy5CTYZstwx888ykWzvHCUt3ScPq8D
x1OC95eEg+XMVyw8aR1HWOc917B9lrD8SQD3FebEHeHBLMAxF4KzYQEzEOQDAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUCQtWNZAIOA4nMXZJ+/3WHaOqVWIwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzkzMTMwMzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMxMzUzMzMx
Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQqFAfAkQAwDQYJKoZIhvcNAQELBQADggEBAJ/FhY/bZsSL
Ot50Jp7pg4sugzvtVeXv4FixPWNilxXc0psV1mB2BEg17ASm8CxXUjUFemRTzcjG
atgN+SqEo1j/jkyAp+E97kqkd09VNZu0OlL7kEMmP2qkKLZ3SfznHplcpZDlciWJ
CTxnlo3Nl4w6zfZSALnk3qm75ViWry1k+33WN5n15gqiA+3aqkzrD4lADY5gUuqm
/ZN8aTTKVaalukf4ydnS5+6QK84BzPPqN2k2PTIntQ8/jlBakW24YIAUgLkbNPft
+dHNfx/Nsiq4afpQdxb8HOBu7h1wdfNUIWcqvbWGw5ohUUiX+pAtZgMBGOyF4jlz
QYZcAxSKoL0=
-----END CERTIFICATE-----