Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f33362d3336203d3e203133363436.roa
File:                     323630323a666136653a3a2f33362d3336203d3e203133363436.roa (raw, json)
Hash identifier:          UDd+t9EsJDfNHobscIjEAVbA3kTERYkXQAx3CJo6hDs=
Subject key identifier:   4B:2A:4E:09:8A:46:F1:DB:B6:57:50:C5:9C:6F:69:9C:13:C1:D6:B3
Certificate issuer:       /CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
Certificate serial:       7BE925CC3E3EC01ADF457F3CEC5DF163EB33E8E3
Authority key identifier: 6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f33362d3336203d3e203133363436.roa
Signing time:             Fri 15 May 2026 23:39:02 +0000
ROA not before:           Fri 15 May 2026 23:34:02 +0000
ROA not after:            Fri 14 May 2027 23:39:02 +0000
asID:                     13646
IP address blocks:        2602:fa6e::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/829fb872-15bb-4a4e-9ed9-259960b049bd.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/829fb872-15bb-4a4e-9ed9-259960b049bd.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:31:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:e9:25:cc:3e:3e:c0:1a:df:45:7f:3c:ec:5d:f1:63:eb:33:e8:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
        Validity
            Not Before: May 15 23:34:02 2026 GMT
            Not After : May 14 23:39:02 2027 GMT
        Subject: CN=4B2A4E098A46F1DBB65750C59C6F699C13C1D6B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ba:1e:b5:df:b1:43:bd:99:32:64:5f:71:32:
                    96:df:51:70:cb:28:8f:20:30:f2:77:9b:02:b4:e3:
                    cc:22:e1:bf:75:9c:b6:a4:87:59:e0:2d:7a:91:1a:
                    b5:1f:0a:33:4c:da:b5:f8:8f:a9:29:ab:09:b6:13:
                    21:bd:fe:55:ae:90:28:44:83:65:7a:9f:7e:b8:b1:
                    b1:53:9e:ba:a9:33:10:78:93:4e:3f:61:2f:48:2b:
                    dc:0e:3f:76:59:bb:e8:3d:45:2c:5e:5e:52:1a:4b:
                    a6:d7:52:57:46:d8:b4:34:d1:95:e8:e2:e2:e3:61:
                    27:f4:4f:3d:1e:c9:6a:37:f6:a6:88:e7:e6:c3:c7:
                    9f:28:1e:6d:69:6b:63:5d:b3:85:d5:1c:ef:e0:14:
                    ee:99:61:4e:03:02:2c:81:8c:87:9a:a6:9f:2a:ee:
                    f1:a4:87:f6:28:3f:2c:a7:71:33:9c:38:8d:9b:e5:
                    14:1b:e7:a6:10:22:97:75:db:ad:8b:f7:e8:22:04:
                    f8:8a:8d:f3:d7:80:6b:22:a7:92:7b:df:e1:3c:9e:
                    9a:8b:fe:18:0d:3f:d3:f9:5c:9d:e9:1e:9c:88:5e:
                    45:a1:e9:db:b6:eb:52:42:da:50:1b:92:1a:c0:47:
                    1c:02:16:a8:18:23:9f:c1:b1:af:74:f7:09:41:3f:
                    19:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:2A:4E:09:8A:46:F1:DB:B6:57:50:C5:9C:6F:69:9C:13:C1:D6:B3
            X509v3 Authority Key Identifier:
                keyid:6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f33362d3336203d3e203133363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa6e::/36

    Signature Algorithm: sha256WithRSAEncryption
         0b:94:4e:6d:ac:52:cf:a1:1e:8a:9f:fd:36:71:1e:f5:e9:99:
         31:cb:f4:5f:4e:61:ec:d3:dd:97:cb:f8:3f:8d:a1:48:ab:5e:
         e0:96:c9:ab:5b:eb:4d:62:84:c9:c3:94:f0:8f:13:90:bc:d2:
         0d:f7:f7:1c:cc:7d:85:b1:ed:ba:12:07:c9:f4:62:69:95:86:
         20:d3:28:28:a7:7e:f3:0a:d0:4d:0e:a0:db:55:52:80:21:b5:
         1d:20:ea:62:31:41:c8:7e:c6:62:ef:30:1d:92:db:fa:6c:6f:
         02:23:fa:0c:c0:01:f3:10:6b:92:23:47:13:d8:e2:69:fc:b1:
         77:50:f2:3b:c7:87:90:e9:4a:d8:c1:ad:0e:27:f7:03:68:5a:
         f1:3d:6f:08:ab:cd:7e:86:cf:3d:f7:7a:49:8c:43:6f:5f:da:
         00:ab:8d:f2:81:34:00:cd:23:bc:f7:43:09:03:19:a2:d5:f5:
         20:ce:2c:59:b4:7a:e7:7d:2c:f4:3e:e6:26:d4:bb:f5:9f:6a:
         12:cd:cf:c9:a4:b4:73:dc:c4:77:e2:0b:13:8c:6f:77:d6:45:
         c7:da:0e:43:66:6c:fb:17:56:e7:6d:cf:69:1f:d5:50:fe:2a:
         e3:86:d0:ef:6d:e2:2f:be:83:74:bd:3b:d2:75:c9:79:52:70:
         32:65:70:f3
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUe+klzD4+wBrfRX887F3xY+sz6OMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIw
MjY3OTY2MDExMmJlOWEyZDcwHhcNMjYwNTE1MjMzNDAyWhcNMjcwNTE0MjMzOTAy
WjAzMTEwLwYDVQQDEyg0QjJBNEUwOThBNDZGMURCQjY1NzUwQzU5QzZGNjk5QzEz
QzFENkIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7oetd+xQ72Z
MmRfcTKW31FwyyiPIDDyd5sCtOPMIuG/dZy2pIdZ4C16kRq1HwozTNq1+I+pKasJ
thMhvf5VrpAoRINlep9+uLGxU566qTMQeJNOP2EvSCvcDj92WbvoPUUsXl5SGkum
11JXRti0NNGV6OLi42En9E89HslqN/amiOfmw8efKB5taWtjXbOF1Rzv4BTumWFO
AwIsgYyHmqafKu7xpIf2KD8sp3EznDiNm+UUG+emECKXdduti/foIgT4io3z14Br
IqeSe9/hPJ6ai/4YDT/T+Vyd6R6ciF5FoenbtutSQtpQG5IawEccAhaoGCOfwbGv
dPcJQT8Z5QIDAQABo4ICzTCCAskwHQYDVR0OBBYEFEsqTgmKRvHbtldQxZxvaZwT
wdazMB8GA1UdIwQYMBaAFGpvbsJypevcGCQcLITR2f6UwSWqMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC83LzZBNkY2RUMyNzJBNUVCREMxODI0MUMyQzg0RDFEOUZF
OTRDMTI1QUEuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTIt
NDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84MjlmYjg3Mi0xNWJiLTRhNGUtOWVkOS0y
NTk5NjBiMDQ5YmQvNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIwMjY3
OTY2MDExMmJlOWEyZDcuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC83LzMyMzYzMDMy
M2E2NjYxMzY2NTNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDMxMzMzNjM0MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQmAvpuADANBgkqhkiG9w0BAQsFAAOCAQEAC5RObaxSz6Eeip/9NnEe
9emZMcv0X05h7NPdl8v4P42hSKte4JbJq1vrTWKEycOU8I8TkLzSDff3HMx9hbHt
uhIHyfRiaZWGINMoKKd+8wrQTQ6g21VSgCG1HSDqYjFByH7GYu8wHZLb+mxvAiP6
DMAB8xBrkiNHE9jiafyxd1DyO8eHkOlK2MGtDif3A2ha8T1vCKvNfobPPfd6SYxD
b1/aAKuN8oE0AM0jvPdDCQMZotX1IM4sWbR6530s9D7mJtS79Z9qEs3PyaS0c9zE
d+ILE4xvd9ZFx9oOQ2Zs+xdW523PaR/VUP4q44bQ723iL76DdL070nXJeVJwMmVw
8w==
-----END CERTIFICATE-----