Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/moWhX2-PyftqPm_UXIKN3cUuTOs.roa
File:                     moWhX2-PyftqPm_UXIKN3cUuTOs.roa (raw, json)
Hash identifier:          Vovu35QI7AEjRxBEpBZk9ImKmwec+BB8kPWiN/0H6vQ=
Subject key identifier:   9A:85:A1:5F:6F:8F:C9:FB:6A:3E:6F:D4:5C:82:8D:DD:C5:2E:4C:EB
Certificate issuer:       /CN=dc0bde1467895c6f3a47197eac58ca13ae4bb78d
Certificate serial:       018F95B1BE0B417DFDF4715A50286C2CD276
Authority key identifier: DC:0B:DE:14:67:89:5C:6F:3A:47:19:7E:AC:58:CA:13:AE:4B:B7:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/moWhX2-PyftqPm_UXIKN3cUuTOs.roa
Signing time:             Mon 20 May 2024 11:10:04 +0000
ROA not before:           Mon 20 May 2024 11:10:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49824
IP address blocks:        95.141.245.0/24 maxlen: 24
                          2a14:7280::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 14 Jun 2024 02:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:95:b1:be:0b:41:7d:fd:f4:71:5a:50:28:6c:2c:d2:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc0bde1467895c6f3a47197eac58ca13ae4bb78d
        Validity
            Not Before: May 20 11:10:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a85a15f6f8fc9fb6a3e6fd45c828dddc52e4ceb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:97:ed:fb:7d:31:37:25:3e:ea:48:25:f0:fb:
                    8c:d9:2c:9c:0f:ae:42:65:dc:73:5d:a5:ad:0a:6b:
                    65:f2:ec:7e:a7:a6:33:14:d3:e5:e0:81:3d:82:ba:
                    ec:fe:ab:0d:c9:2f:2f:0f:c2:ca:11:4b:5b:1a:11:
                    f0:c7:7a:12:66:00:71:b8:50:5c:ff:1f:19:1a:ed:
                    ea:4d:38:49:f2:e3:6f:eb:1a:43:de:55:26:89:4f:
                    6a:a3:14:44:0a:e1:6d:32:a2:d5:f2:e3:36:0b:ef:
                    72:d7:f1:4f:f9:4e:83:d8:b2:a8:8d:7f:33:34:67:
                    2f:4d:23:ad:9a:ec:9d:5d:11:ad:40:8d:2c:8a:f1:
                    97:a2:6b:fb:92:44:f0:26:c8:6d:29:ea:63:86:50:
                    d5:a7:90:a3:a4:d1:f2:bc:87:fb:98:a2:09:d6:47:
                    89:c0:fb:16:ce:e7:15:38:f7:30:7d:2e:21:7b:f8:
                    31:d2:6d:8d:28:e5:47:cb:12:4e:17:d8:b1:31:67:
                    ba:45:8f:9e:50:84:1c:2f:9e:43:40:0a:98:68:51:
                    c4:49:b2:86:26:98:da:d6:59:d0:8d:f0:f7:b0:5c:
                    19:87:01:09:e3:55:09:04:7e:79:50:ca:26:59:0f:
                    37:ba:a7:a2:49:f2:e1:d9:39:a6:dd:f2:cd:e1:80:
                    28:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:85:A1:5F:6F:8F:C9:FB:6A:3E:6F:D4:5C:82:8D:DD:C5:2E:4C:EB
            X509v3 Authority Key Identifier:
                keyid:DC:0B:DE:14:67:89:5C:6F:3A:47:19:7E:AC:58:CA:13:AE:4B:B7:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/moWhX2-PyftqPm_UXIKN3cUuTOs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.141.245.0/24
                IPv6:
                  2a14:7280::/29

    Signature Algorithm: sha256WithRSAEncryption
         a4:f2:80:d2:7b:3c:c8:b8:85:f2:90:ec:23:af:94:38:f7:58:
         89:b7:68:28:65:c9:02:bb:e5:aa:d7:81:bb:24:05:85:b4:c5:
         53:40:b1:fd:2b:70:09:68:3b:db:f9:75:03:b2:1c:94:65:1c:
         73:cb:36:2e:30:e9:1c:a5:bb:02:eb:93:1a:9d:1f:b9:9e:ab:
         c8:5d:f4:4e:26:70:49:a9:b3:42:bd:6b:93:52:8b:30:72:db:
         b0:93:32:9b:f8:49:5f:17:b0:10:89:b2:ff:b8:89:eb:0e:3f:
         d8:00:92:55:a5:c5:98:b7:5a:97:07:db:af:49:80:f1:6d:91:
         f6:1e:ca:4d:2f:00:94:bc:c0:53:51:49:19:55:42:10:e7:ee:
         0d:87:b0:bf:d6:14:9c:99:99:a2:24:28:4e:29:e6:d7:3e:4b:
         b3:d7:54:22:15:84:91:e9:7b:4a:c2:9e:64:da:c7:40:63:f9:
         35:b3:49:a8:32:79:f8:a3:aa:e0:3d:c3:06:56:e3:0a:c9:01:
         0a:50:94:c3:7e:9a:c4:2b:a6:9f:2e:35:1b:74:19:d6:58:4f:
         00:ce:41:a5:e7:bb:a8:ea:58:d5:4b:0e:72:8f:3f:55:8c:bc:
         05:fb:7e:9d:67:d0:89:dd:65:01:ab:09:73:a5:78:cc:60:24:
         39:bd:3c:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+Vsb4LQX399HFaUChsLNJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGJkZTE0Njc4OTVjNmYzYTQ3MTk3ZWFjNThjYTEzYWU0
YmI3OGQwHhcNMjQwNTIwMTExMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg1YTE1ZjZmOGZjOWZiNmEzZTZmZDQ1YzgyOGRkZGM1MmU0Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppft+30xNyU+6kgl8PuM2SycD65C
ZdxzXaWtCmtl8ux+p6YzFNPl4IE9grrs/qsNyS8vD8LKEUtbGhHwx3oSZgBxuFBc
/x8ZGu3qTThJ8uNv6xpD3lUmiU9qoxRECuFtMqLV8uM2C+9y1/FP+U6D2LKojX8z
NGcvTSOtmuydXRGtQI0sivGXomv7kkTwJshtKepjhlDVp5CjpNHyvIf7mKIJ1keJ
wPsWzucVOPcwfS4he/gx0m2NKOVHyxJOF9ixMWe6RY+eUIQcL55DQAqYaFHESbKG
Jpja1lnQjfD3sFwZhwEJ41UJBH55UMomWQ83uqeiSfLh2Tmm3fLN4YAokwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJqFoV9vj8n7aj5v1FyCjd3FLkzrMB8GA1UdIwQY
MBaAFNwL3hRniVxvOkcZfqxYyhOuS7eNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0F2ZUZHZUpYRzg2UnhsLXJGaktFNjVMdDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZjA2M2YtOTQ5My00NmYxLWFjZDEt
MzFjN2ZiNDcxNWY2LzEvbW9XaFgyLVB5ZnRxUG1fVVhJS04zY1V1VE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jZjA2M2YtOTQ5My00NmYxLWFjZDEtMzFjN2ZiNDcxNWY2
LzEvM0F2ZUZHZUpYRzg2UnhsLXJGaktFNjVMdDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAX431MA0E
AgACMAcDBQMqFHKAMA0GCSqGSIb3DQEBCwUAA4IBAQCk8oDSezzIuIXykOwjr5Q4
91iJt2goZckCu+Wq14G7JAWFtMVTQLH9K3AJaDvb+XUDshyUZRxzyzYuMOkcpbsC
65ManR+5nqvIXfROJnBJqbNCvWuTUoswctuwkzKb+ElfF7AQibL/uInrDj/YAJJV
pcWYt1qXB9uvSYDxbZH2HspNLwCUvMBTUUkZVUIQ5+4Nh7C/1hScmZmiJChOKebX
Pkuz11QiFYSR6XtKwp5k2sdAY/k1s0moMnn4o6rgPcMGVuMKyQEKUJTDfprEK6af
LjUbdBnWWE8AzkGl57uo6ljVSw5yjz9VjLwF+36dZ9CJ3WUBqwlzpXjMYCQ5vTxb
-----END CERTIFICATE-----
Generated at Thu Jun 13 09:08:35 2024 by rpki-client on console-fra.rpki-client.org