Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa
File:                     IWkosv1oceI1aAT6MuaBeykPnDE.roa (raw, json)
Hash identifier:          Zt1zR/MujgpAImrsB9MGSD/MhSE58xHF3n6xOhC/j7E=
Subject key identifier:   21:69:28:B2:FD:68:71:E2:35:68:04:FA:32:E6:81:7B:29:0F:9C:31
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018D796C4636F40FBFD2EA9B78882E29C882
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa
Signing time:             Mon 05 Feb 2024 13:19:15 +0000
ROA not before:           Mon 05 Feb 2024 13:19:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39134
IP address blocks:        85.8.185.0/24 maxlen: 24
                          185.184.53.0/24 maxlen: 24
                          193.47.42.0/24 maxlen: 24
                          193.47.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:79:6c:46:36:f4:0f:bf:d2:ea:9b:78:88:2e:29:c8:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Feb  5 13:19:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=216928b2fd6871e2356804fa32e6817b290f9c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9e:81:01:55:b4:90:20:81:54:a3:88:30:36:
                    2d:cd:02:83:5b:4e:c8:7e:22:7b:6a:22:0b:9d:f5:
                    bd:53:01:13:d0:48:d1:91:4e:59:6a:c1:fd:76:90:
                    a9:36:27:80:b0:02:d0:9f:0c:90:89:8a:62:53:7b:
                    c0:44:92:0c:f9:59:b3:5c:4e:6b:a2:7e:11:ff:d5:
                    a1:39:8b:b2:3e:64:bb:72:0f:b8:ee:4f:c8:93:14:
                    af:d7:6c:78:01:a3:17:c6:b3:82:ea:2b:43:e6:71:
                    1f:7b:6e:a7:fe:be:c3:60:3e:99:af:b3:3b:6a:44:
                    b3:90:76:d4:77:f9:da:e0:21:24:97:4e:fc:cd:fe:
                    82:ca:c3:be:f3:57:48:6c:72:3b:6e:a7:be:2a:75:
                    d5:7e:00:69:ae:22:53:91:ed:5b:ed:fb:6a:77:5f:
                    3e:5a:7c:59:7e:3d:6d:6e:b4:58:a8:66:d9:68:6c:
                    82:31:b8:5a:33:6a:83:17:d6:f0:4d:59:0e:79:77:
                    a6:a4:85:83:0b:fc:9b:cc:c6:fe:73:e4:49:f7:9d:
                    3e:af:ab:93:ce:73:07:02:f0:6c:72:e5:88:ad:18:
                    a6:d0:6b:89:31:55:16:0b:e9:2c:42:66:ba:94:5e:
                    48:51:0c:b2:47:ca:b8:dc:6f:f5:85:f0:b7:d9:0b:
                    6c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:69:28:B2:FD:68:71:E2:35:68:04:FA:32:E6:81:7B:29:0F:9C:31
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.8.185.0/24
                  185.184.53.0/24
                  193.47.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1d:6f:b2:46:92:61:a5:80:db:fd:02:4b:1c:6c:7a:f7:1b:38:
         f0:8f:69:dd:2b:da:e5:6e:14:55:3c:6a:26:6f:c1:64:50:6e:
         f3:88:68:b0:f3:c2:80:fc:44:23:c7:58:59:45:83:80:61:28:
         4b:e9:17:1a:ca:71:c1:98:41:8a:74:d4:64:e3:d3:10:7f:4b:
         19:af:e5:42:df:11:3b:7c:83:2d:7f:be:df:c1:c3:a2:5f:8c:
         45:14:1b:0a:b3:b5:ff:4c:1e:8d:7b:0e:da:01:a7:33:78:a9:
         ae:ce:3d:e3:3b:c7:0c:a2:e8:fa:17:f5:58:28:48:3a:70:1f:
         ba:42:35:83:85:c1:bf:b3:57:8a:be:e4:f2:97:cf:5a:d4:5a:
         2e:f2:e5:67:db:2e:75:e6:59:1e:31:cd:c4:24:17:a5:7f:aa:
         6b:a6:69:ac:b4:69:92:dc:65:c0:11:b3:be:17:a5:91:21:24:
         c8:17:5b:e4:07:3c:3c:de:9f:e9:1f:0a:e4:ff:b8:24:e9:76:
         03:2c:49:5c:4c:6a:03:1a:14:a5:30:9f:b8:6f:01:a3:74:22:
         20:b4:10:fc:98:07:a4:05:5d:65:07:0b:9d:85:46:dd:0c:0f:
         e9:e0:8b:5c:d0:6d:af:f8:56:ef:85:5c:93:ce:ea:0b:92:1a:
         1e:eb:97:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY15bEY29A+/0uqbeIguKciCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMjA1MTMxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY5MjhiMmZkNjg3MWUyMzU2ODA0ZmEzMmU2ODE3YjI5MGY5YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt56BAVW0kCCBVKOIMDYtzQKDW07I
fiJ7aiILnfW9UwET0EjRkU5ZasH9dpCpNieAsALQnwyQiYpiU3vARJIM+VmzXE5r
on4R/9WhOYuyPmS7cg+47k/IkxSv12x4AaMXxrOC6itD5nEfe26n/r7DYD6Zr7M7
akSzkHbUd/na4CEkl078zf6CysO+81dIbHI7bqe+KnXVfgBpriJTke1b7ftqd18+
WnxZfj1tbrRYqGbZaGyCMbhaM2qDF9bwTVkOeXempIWDC/ybzMb+c+RJ950+r6uT
znMHAvBscuWIrRim0GuJMVUWC+ksQma6lF5IUQyyR8q43G/1hfC32QtsbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFpKLL9aHHiNWgE+jLmgXspD5wxMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSVdrb3N2MW9jZUkxYUFUNk11YUJleWtQbkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQi5AwQA
ubg1AwQBwS8qMA0GCSqGSIb3DQEBCwUAA4IBAQAdb7JGkmGlgNv9AkscbHr3Gzjw
j2ndK9rlbhRVPGomb8FkUG7ziGiw88KA/EQjx1hZRYOAYShL6RcaynHBmEGKdNRk
49MQf0sZr+VC3xE7fIMtf77fwcOiX4xFFBsKs7X/TB6New7aAaczeKmuzj3jO8cM
ouj6F/VYKEg6cB+6QjWDhcG/s1eKvuTyl89a1Fou8uVn2y515lkeMc3EJBelf6pr
pmmstGmS3GXAEbO+F6WRISTIF1vkBzw83p/pHwrk/7gk6XYDLElcTGoDGhSlMJ+4
bwGjdCIgtBD8mAekBV1lBwudhUbdDA/p4Itc0G2v+FbvhVyTzuoLkhoe65ej
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:16:36 2024 by rpki-client on console-ams.rpki-client.org