Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/6W93lFrGV_Mjvgugrwu2lf3sEfk.roa
File:                     6W93lFrGV_Mjvgugrwu2lf3sEfk.roa (raw, json)
Hash identifier:          fb1nqotd63O1qSQgRQucKJB3j7FU8YJQB+94LqwQ9hg=
Subject key identifier:   E9:6F:77:94:5A:C6:57:F3:23:BE:0B:A0:AF:0B:B6:95:FD:EC:11:F9
Certificate issuer:       /CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
Certificate serial:       018FBEA087B919B5D48FE457D84AF0A9206A
Authority key identifier: 21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/6W93lFrGV_Mjvgugrwu2lf3sEfk.roa
Signing time:             Tue 28 May 2024 09:55:42 +0000
ROA not before:           Tue 28 May 2024 09:55:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213336
IP address blocks:        45.148.176.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:be:a0:87:b9:19:b5:d4:8f:e4:57:d8:4a:f0:a9:20:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21c1672dbbbf7165a6a83b3227a7119f0d31e8ee
        Validity
            Not Before: May 28 09:55:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e96f77945ac657f323be0ba0af0bb695fdec11f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e5:3f:4e:ca:6c:79:0f:bd:44:7a:b4:45:85:
                    92:3f:2c:88:4e:64:33:ed:8c:7e:97:23:88:4c:34:
                    7a:93:92:93:63:f4:f3:d0:61:3a:5f:5f:e6:c9:d3:
                    bf:6d:11:20:d1:6f:35:9c:ea:35:a7:6b:ae:01:5a:
                    4b:64:2e:33:8d:48:bd:06:5c:fc:a2:1a:5c:af:eb:
                    b2:5f:03:d0:9a:5e:c9:fb:dd:69:fd:c6:66:20:7f:
                    91:cf:94:a2:5c:19:44:5a:a4:89:cc:ff:47:9a:19:
                    14:c3:c2:61:14:7d:79:de:55:b3:7c:a6:27:09:82:
                    6c:29:c8:8f:a6:65:e8:c5:54:df:23:b6:aa:e3:a1:
                    43:e9:e2:82:34:73:8b:e2:11:54:6f:ae:06:d8:25:
                    63:84:87:1c:d2:14:de:36:5d:82:6d:53:9b:56:6b:
                    10:67:3e:16:de:3e:c2:51:52:89:e0:78:47:42:94:
                    2e:a4:e2:a2:ca:71:8d:0d:48:9f:bd:b1:1b:f2:90:
                    92:85:aa:44:63:0b:50:d6:f6:52:8a:6a:e0:35:35:
                    b2:d6:3d:0c:1c:82:cd:90:65:06:dd:f7:a8:9c:45:
                    28:18:26:20:bf:9a:7a:85:cc:d4:5b:94:cb:e5:33:
                    18:23:d2:98:f5:11:64:0d:04:04:5c:c7:82:b0:f6:
                    56:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:6F:77:94:5A:C6:57:F3:23:BE:0B:A0:AF:0B:B6:95:FD:EC:11:F9
            X509v3 Authority Key Identifier:
                keyid:21:C1:67:2D:BB:BF:71:65:A6:A8:3B:32:27:A7:11:9F:0D:31:E8:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/6W93lFrGV_Mjvgugrwu2lf3sEfk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c05d4c-96d3-4b57-ae34-3477c7fcd4d9/1/IcFnLbu_cWWmqDsyJ6cRnw0x6O4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         12:82:ab:38:83:69:a5:1f:54:5a:61:0e:dd:40:ed:eb:0e:0b:
         b2:e9:0f:4d:b5:51:a8:c7:f6:c9:1f:70:55:3e:cc:52:f7:9e:
         29:54:1b:f9:67:36:0c:d8:a3:4d:6f:ed:d1:82:81:c1:7e:60:
         11:30:09:25:18:e0:7b:d6:ed:ca:95:88:22:16:6f:3a:62:bb:
         c7:d5:f4:58:65:f3:d0:dd:0e:16:d1:1b:6c:1f:30:44:74:e9:
         19:d4:12:66:09:ad:ac:1a:99:d9:bd:33:f7:ee:f7:b4:a1:71:
         dd:80:62:1d:7c:c0:54:eb:25:e4:13:69:65:6d:20:ef:9e:b3:
         f6:18:5a:df:dd:a6:32:20:2f:c3:44:0f:a4:bf:9a:58:08:38:
         f2:67:e4:28:8c:a9:d5:65:a8:05:11:69:a1:aa:c8:34:30:83:
         8e:15:bb:09:86:27:92:11:ed:6e:8c:ed:d5:61:06:c6:17:50:
         5d:c6:e7:df:81:e0:8c:b4:4e:57:bd:db:db:b6:5d:fa:87:1e:
         b1:d0:96:e8:41:47:ac:b3:ef:4d:8a:87:b0:0d:9f:92:43:50:
         e5:87:81:97:20:da:73:62:53:a6:f2:1e:1b:5e:a2:64:40:2c:
         67:ad:1c:fc:6a:2f:6f:90:c4:82:fd:ae:91:e8:07:17:e8:6f:
         e9:a1:77:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY++oIe5GbXUj+RX2ErwqSBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzE2NzJkYmJiZjcxNjVhNmE4M2IzMjI3YTcxMTlmMGQz
MWU4ZWUwHhcNMjQwNTI4MDk1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZmNzc5NDVhYzY1N2YzMjNiZTBiYTBhZjBiYjY5NWZkZWMxMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uU/TspseQ+9RHq0RYWSPyyITmQz
7Yx+lyOITDR6k5KTY/Tz0GE6X1/mydO/bREg0W81nOo1p2uuAVpLZC4zjUi9Blz8
ohpcr+uyXwPQml7J+91p/cZmIH+Rz5SiXBlEWqSJzP9HmhkUw8JhFH153lWzfKYn
CYJsKciPpmXoxVTfI7aq46FD6eKCNHOL4hFUb64G2CVjhIcc0hTeNl2CbVObVmsQ
Zz4W3j7CUVKJ4HhHQpQupOKiynGNDUifvbEb8pCShapEYwtQ1vZSimrgNTWy1j0M
HILNkGUG3feonEUoGCYgv5p6hczUW5TL5TMYI9KY9RFkDQQEXMeCsPZWlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOlvd5RaxlfzI74LoK8LtpX97BH5MB8GA1UdIwQY
MBaAFCHBZy27v3Flpqg7MienEZ8NMejuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNGbkxidV9jV1dtcURzeUo2Y1JudzB4Nk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jMDVkNGMtOTZkMy00YjU3LWFlMzQt
MzQ3N2M3ZmNkNGQ5LzEvNlc5M2xGckdWX01qdmd1Z3J3dTJsZjNzRWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jMDVkNGMtOTZkMy00YjU3LWFlMzQtMzQ3N2M3ZmNkNGQ5
LzEvSWNGbkxidV9jV1dtcURzeUo2Y1JudzB4Nk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZSwMA0G
CSqGSIb3DQEBCwUAA4IBAQASgqs4g2mlH1RaYQ7dQO3rDguy6Q9NtVGox/bJH3BV
PsxS954pVBv5ZzYM2KNNb+3RgoHBfmARMAklGOB71u3KlYgiFm86YrvH1fRYZfPQ
3Q4W0RtsHzBEdOkZ1BJmCa2sGpnZvTP37ve0oXHdgGIdfMBU6yXkE2llbSDvnrP2
GFrf3aYyIC/DRA+kv5pYCDjyZ+QojKnVZagFEWmhqsg0MIOOFbsJhieSEe1ujO3V
YQbGF1BdxuffgeCMtE5Xvdvbtl36hx6x0JboQUess+9NioewDZ+SQ1Dlh4GXINpz
YlOm8h4bXqJkQCxnrRz8ai9vkMSC/a6R6AcX6G/poXds
-----END CERTIFICATE-----