Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/FQzfY2nh31SLyVUJKcCkPBBfGpk.roa
File:                     FQzfY2nh31SLyVUJKcCkPBBfGpk.roa (raw, json)
Hash identifier:          7a6vyy72kM+d6nNUhYH/+vCR7Vzt71A6pphcUhhl8CI=
Subject key identifier:   15:0C:DF:63:69:E1:DF:54:8B:C9:55:09:29:C0:A4:3C:10:5F:1A:99
Certificate issuer:       /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial:       019010E273D71A5BFDE9E7648684D0916E2E
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/FQzfY2nh31SLyVUJKcCkPBBfGpk.roa
Signing time:             Thu 13 Jun 2024 09:16:34 +0000
ROA not before:           Thu 13 Jun 2024 09:16:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211057
IP address blocks:        46.253.88.0/23 maxlen: 23
                          46.253.88.0/24 maxlen: 24
                          46.253.89.0/24 maxlen: 24
                          46.253.91.0/24 maxlen: 24
                          46.253.92.0/24 maxlen: 24
                          185.21.120.0/24 maxlen: 24
                          185.21.121.0/24 maxlen: 24
                          185.21.122.0/24 maxlen: 24
                          185.21.123.0/24 maxlen: 24
                          185.71.140.0/22 maxlen: 22
                          185.71.140.0/23 maxlen: 23
                          185.71.140.0/24 maxlen: 24
                          185.71.140.0/25 maxlen: 25
                          185.71.140.128/25 maxlen: 25
                          185.71.141.0/24 maxlen: 24
                          185.71.141.0/25 maxlen: 25
                          185.71.141.128/25 maxlen: 25
                          185.71.142.0/24 maxlen: 24
                          185.71.142.0/25 maxlen: 25
                          185.71.142.128/25 maxlen: 25
                          185.71.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:10:e2:73:d7:1a:5b:fd:e9:e7:64:86:84:d0:91:6e:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
        Validity
            Not Before: Jun 13 09:16:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=150cdf6369e1df548bc9550929c0a43c105f1a99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:01:d1:c9:68:0b:a0:14:f5:a5:94:db:4b:b6:
                    7e:15:4b:36:cb:ae:49:df:8b:49:09:2d:4f:83:fd:
                    6d:fe:0d:dc:ce:72:21:e3:81:4d:07:65:40:f7:97:
                    58:9e:8d:9f:5f:be:74:05:bc:63:18:83:29:aa:0d:
                    72:c6:57:fb:81:0d:5d:10:3c:ac:b3:02:fd:ec:2f:
                    a0:03:25:f2:e1:c8:f4:ab:e7:6e:fa:ce:81:9e:15:
                    08:1e:67:2f:c3:f7:a9:5b:22:3e:f3:b4:ed:f5:f3:
                    26:42:cc:18:da:c1:45:03:95:7f:58:1e:fa:b2:20:
                    75:b3:e3:24:56:9e:24:ed:ab:79:a7:99:7c:b6:a8:
                    2a:0b:5a:08:d6:b1:9a:64:8e:86:84:fe:f2:18:b2:
                    e8:32:87:71:73:e4:f4:32:34:17:3d:07:7c:e3:25:
                    83:35:01:c7:fa:0d:58:50:44:a7:58:e9:31:5f:59:
                    01:c0:10:06:5d:9f:ad:36:02:5b:e7:e3:c2:0a:43:
                    d1:4e:a1:ba:83:5e:ef:89:cb:d5:69:51:3f:8e:91:
                    41:2b:cc:32:e3:aa:2d:c8:44:e5:16:6e:46:d9:3c:
                    0f:de:4e:b8:a3:ad:f2:7a:d1:63:e5:4f:4c:18:43:
                    f1:bf:45:82:12:69:c0:42:a9:05:2e:f2:5c:bf:fa:
                    06:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:0C:DF:63:69:E1:DF:54:8B:C9:55:09:29:C0:A4:3C:10:5F:1A:99
            X509v3 Authority Key Identifier:
                keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/FQzfY2nh31SLyVUJKcCkPBBfGpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.253.88.0/23
                  46.253.91.0-46.253.92.255
                  185.21.120.0/22
                  185.71.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:31:d5:ec:d0:71:f2:05:90:8c:c6:b6:6e:a2:27:c8:37:9b:
         ad:d2:71:25:24:da:d7:12:76:db:ab:de:b9:2c:13:df:ad:b4:
         b6:4a:ac:48:eb:b3:be:a2:a9:89:ca:46:a0:71:69:eb:ff:15:
         fe:ff:32:4c:bd:51:a6:73:12:fa:89:52:a6:37:d6:1a:3b:4f:
         d8:12:ac:9b:0b:ef:61:0f:db:06:55:6e:24:74:c6:c2:b5:6f:
         50:c0:2b:a9:21:b0:17:61:9c:65:ac:d2:95:a7:42:df:8d:28:
         2e:75:8b:ee:61:09:30:7a:bc:a1:bc:70:0c:69:c6:b0:2a:e7:
         85:bd:0c:31:ea:6b:a2:07:bb:53:e2:30:1a:30:f5:a2:ee:0d:
         5e:39:96:70:5c:c3:9c:a4:8d:40:79:2a:0d:a9:f8:df:9f:58:
         ea:40:5f:87:e3:c9:1d:fa:07:07:4a:86:20:65:14:7d:eb:92:
         7f:44:65:3d:93:e6:74:71:e8:85:b0:6c:cf:93:27:d8:56:d1:
         85:bd:ac:34:6c:a6:c6:9d:d9:9b:9a:fd:9d:d6:75:96:4c:6d:
         0f:93:d9:4b:6e:42:4d:5f:f1:58:e9:61:28:37:5a:ba:9c:b2:
         a8:2a:bc:5c:3b:5b:50:b9:18:a5:9b:67:aa:c8:bb:40:48:58:
         52:d3:d4:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZAQ4nPXGlv96edkhoTQkW4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjQwNjEzMDkxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBjZGY2MzY5ZTFkZjU0OGJjOTU1MDkyOWMwYTQzYzEwNWYxYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQHRyWgLoBT1pZTbS7Z+FUs2y65J
34tJCS1Pg/1t/g3cznIh44FNB2VA95dYno2fX750BbxjGIMpqg1yxlf7gQ1dEDys
swL97C+gAyXy4cj0q+du+s6BnhUIHmcvw/epWyI+87Tt9fMmQswY2sFFA5V/WB76
siB1s+MkVp4k7at5p5l8tqgqC1oI1rGaZI6GhP7yGLLoModxc+T0MjQXPQd84yWD
NQHH+g1YUESnWOkxX1kBwBAGXZ+tNgJb5+PCCkPRTqG6g17vicvVaVE/jpFBK8wy
46otyETlFm5G2TwP3k64o63yetFj5U9MGEPxv0WCEmnAQqkFLvJcv/oGgQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBUM32Np4d9Ui8lVCSnApDwQXxqZMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvRlF6ZlkybmgzMVNMeVZVSktjQ2tQQkJmR3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLv1YMAwD
BAAu/VsDBAAu/VwDBAK5FXgDBAK5R4wwDQYJKoZIhvcNAQELBQADggEBAGEx1ezQ
cfIFkIzGtm6iJ8g3m63ScSUk2tcSdtur3rksE9+ttLZKrEjrs76iqYnKRqBxaev/
Ff7/Mky9UaZzEvqJUqY31ho7T9gSrJsL72EP2wZVbiR0xsK1b1DAK6khsBdhnGWs
0pWnQt+NKC51i+5hCTB6vKG8cAxpxrAq54W9DDHqa6IHu1PiMBow9aLuDV45lnBc
w5ykjUB5Kg2p+N+fWOpAX4fjyR36BwdKhiBlFH3rkn9EZT2T5nRx6IWwbM+TJ9hW
0YW9rDRspsad2Zua/Z3WdZZMbQ+T2UtuQk1f8VjpYSg3WrqcsqgqvFw7W1C5GKWb
Z6rIu0BIWFLT1KQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:28:39 2024 by rpki-client on console-ams.rpki-client.org