Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/u5IjkA_xEw5JkCM3HES9boCvpvU.roa
File:                     u5IjkA_xEw5JkCM3HES9boCvpvU.roa (raw, json)
Hash identifier:          dJgCPgQU3uz6ocNTUix0n6jsUwYxWUQxgwikRBJ1Wos=
Subject key identifier:   BB:92:23:90:0F:F1:13:0E:49:90:23:37:1C:44:BD:6E:80:AF:A6:F5
Certificate issuer:       /CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Certificate serial:       018F8174C4E41383537C70F1DBFD44B7B0B7
Authority key identifier: CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/u5IjkA_xEw5JkCM3HES9boCvpvU.roa
Signing time:             Thu 16 May 2024 12:51:04 +0000
ROA not before:           Thu 16 May 2024 12:51:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        91.227.208.0/24 maxlen: 24
                          185.64.72.0/24 maxlen: 24
                          185.64.73.0/24 maxlen: 24
                          185.64.74.0/24 maxlen: 24
                          185.64.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 09:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:81:74:c4:e4:13:83:53:7c:70:f1:db:fd:44:b7:b0:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
        Validity
            Not Before: May 16 12:51:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb9223900ff1130e499023371c44bd6e80afa6f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:4c:3f:da:f6:f4:78:bb:ef:0f:0e:1b:a0:8a:
                    83:33:d4:5e:45:5e:15:b8:21:36:70:8e:2b:2a:93:
                    be:18:b8:cb:f4:5b:45:72:9a:24:7f:48:36:c9:a8:
                    bd:3d:91:bc:8b:70:51:79:40:fd:39:5f:23:f9:fd:
                    f8:d4:1f:54:07:25:2f:c7:0e:3d:3c:23:64:9c:59:
                    1b:57:f3:3b:44:9b:bd:1f:0d:80:1d:b0:cd:06:d3:
                    7a:28:b3:ea:46:ee:10:ee:e9:79:a1:a0:b6:95:b4:
                    5d:fa:00:6e:7b:4c:21:63:52:19:99:73:9d:49:fe:
                    99:24:44:03:fb:e2:fe:06:8a:33:e4:f2:92:5b:a9:
                    80:41:05:15:7d:21:3d:a5:38:18:73:1d:79:d8:e9:
                    4c:43:56:71:b4:e5:43:65:84:89:cf:87:68:2a:db:
                    6c:3d:d0:a2:b7:87:d2:34:87:db:c6:46:c1:75:fa:
                    59:63:8c:5e:ac:07:54:ef:8e:f8:67:05:e5:4b:cc:
                    b5:08:4d:11:2e:31:e9:39:32:12:03:7a:59:60:27:
                    e6:b8:be:a1:c3:17:f8:2d:bc:01:78:d8:ea:41:cd:
                    4f:36:00:c2:09:f6:c5:4a:0e:81:fb:04:97:25:2a:
                    19:16:55:35:69:71:a3:25:50:fb:05:ce:89:24:2d:
                    4a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:92:23:90:0F:F1:13:0E:49:90:23:37:1C:44:BD:6E:80:AF:A6:F5
            X509v3 Authority Key Identifier:
                keyid:CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/u5IjkA_xEw5JkCM3HES9boCvpvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.227.208.0/24
                  185.64.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:b4:80:cd:3b:20:69:99:b0:fd:92:4d:42:21:f7:f3:77:63:
         5c:8c:27:82:25:cd:aa:ba:cb:39:a7:1d:3f:46:72:77:2b:66:
         20:d7:00:74:87:61:e2:ac:d1:95:de:07:f8:18:28:7b:2c:11:
         ea:36:de:84:b9:15:ac:80:f5:25:d2:6b:ba:03:60:8f:5f:d4:
         4a:d7:eb:bb:c0:84:c5:8d:3a:e5:47:f2:77:52:16:96:bd:d3:
         d2:32:da:ed:65:e8:54:b0:e3:d3:b0:23:7a:90:55:8a:e0:dd:
         f2:dc:05:91:39:ef:47:c6:7a:05:08:de:2d:19:76:c7:eb:f1:
         53:61:33:54:a2:10:da:82:43:19:59:ea:68:9e:60:89:c4:17:
         b5:a4:5c:eb:7a:c7:41:49:c3:c8:ec:58:ac:1e:49:da:1a:17:
         77:79:41:5d:22:00:d9:92:94:f6:c9:a9:f3:67:4b:c8:5b:5e:
         9b:86:b5:31:90:f7:25:55:bd:68:61:9d:1e:bb:83:2f:1d:f4:
         67:05:07:47:d9:0a:54:01:99:fb:1a:87:bf:d5:a9:d3:04:12:
         54:f9:92:19:64:5a:b8:99:89:d9:70:21:3e:29:eb:09:79:0a:
         84:61:90:e2:fe:7a:3c:cd:f5:8c:57:a8:03:cc:ea:de:07:1e:
         ab:e6:01:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+BdMTkE4NTfHDx2/1Et7C3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWE0YWRlZTgwYjA2NTE5Y2U0MGRkM2QxM2YyOGJhOWY1
NzU5NTcwHhcNMjQwNTE2MTI1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkyMjM5MDBmZjExMzBlNDk5MDIzMzcxYzQ0YmQ2ZTgwYWZhNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uw/2vb0eLvvDw4boIqDM9ReRV4V
uCE2cI4rKpO+GLjL9FtFcpokf0g2yai9PZG8i3BReUD9OV8j+f341B9UByUvxw49
PCNknFkbV/M7RJu9Hw2AHbDNBtN6KLPqRu4Q7ul5oaC2lbRd+gBue0whY1IZmXOd
Sf6ZJEQD++L+Booz5PKSW6mAQQUVfSE9pTgYcx152OlMQ1ZxtOVDZYSJz4doKtts
PdCit4fSNIfbxkbBdfpZY4xerAdU7474ZwXlS8y1CE0RLjHpOTISA3pZYCfmuL6h
wxf4LbwBeNjqQc1PNgDCCfbFSg6B+wSXJSoZFlU1aXGjJVD7Bc6JJC1KYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLuSI5AP8RMOSZAjNxxEvW6Ar6b1MB8GA1UdIwQY
MBaAFM3qSt7oCwZRnOQN09E/KLqfV1lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUt
MDU2YzdiZjZkN2Q4LzEvdTVJamtBX3hFdzVKa0NNM0hFUzlib0N2cHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUtMDU2YzdiZjZkN2Q4
LzEvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+PQAwQC
uUBIMA0GCSqGSIb3DQEBCwUAA4IBAQCUtIDNOyBpmbD9kk1CIffzd2NcjCeCJc2q
uss5px0/RnJ3K2Yg1wB0h2HirNGV3gf4GCh7LBHqNt6EuRWsgPUl0mu6A2CPX9RK
1+u7wITFjTrlR/J3UhaWvdPSMtrtZehUsOPTsCN6kFWK4N3y3AWROe9HxnoFCN4t
GXbH6/FTYTNUohDagkMZWeponmCJxBe1pFzresdBScPI7FisHknaGhd3eUFdIgDZ
kpT2yanzZ0vIW16bhrUxkPclVb1oYZ0eu4MvHfRnBQdH2QpUAZn7Goe/1anTBBJU
+ZIZZFq4mYnZcCE+KesJeQqEYZDi/no8zfWMV6gDzOreBx6r5gEi
-----END CERTIFICATE-----
Generated at Mon Jun 17 12:06:49 2024 by rpki-client on console-fra.rpki-client.org