Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/PVgLB-qRDOCGIGdYGny7A0cNCzs.roa
File:                     PVgLB-qRDOCGIGdYGny7A0cNCzs.roa (raw, json)
Hash identifier:          cdzb9evWHk4AegHxHwXP9MEfgZPBDfnw+ED/wcjSoss=
Subject key identifier:   3D:58:0B:07:EA:91:0C:E0:86:20:67:58:1A:7C:BB:03:47:0D:0B:3B
Certificate issuer:       /CN=d7301f772753d80a7b62c2d213d347a3b9ebe885
Certificate serial:       018CC56EEB532595E6B88D6B69BD2ACAA1F3
Authority key identifier: D7:30:1F:77:27:53:D8:0A:7B:62:C2:D2:13:D3:47:A3:B9:EB:E8:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1zAfdydT2Ap7YsLSE9NHo7nr6IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/PVgLB-qRDOCGIGdYGny7A0cNCzs.roa
Signing time:             Mon 01 Jan 2024 14:30:29 +0000
ROA not before:           Mon 01 Jan 2024 14:30:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        194.180.26.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/1zAfdydT2Ap7YsLSE9NHo7nr6IU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/1zAfdydT2Ap7YsLSE9NHo7nr6IU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1zAfdydT2Ap7YsLSE9NHo7nr6IU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:eb:53:25:95:e6:b8:8d:6b:69:bd:2a:ca:a1:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7301f772753d80a7b62c2d213d347a3b9ebe885
        Validity
            Not Before: Jan  1 14:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3d580b07ea910ce0862067581a7cbb03470d0b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:72:72:8d:06:c7:89:b4:31:ed:4e:ce:d9:
                    df:5e:fc:28:3a:b7:7c:26:39:2f:3e:54:88:f7:bd:
                    47:c4:92:08:21:cb:de:20:6c:90:21:d7:d4:31:70:
                    27:a5:33:ba:b6:aa:7b:ff:9c:b6:d9:3c:7b:c0:b0:
                    9e:63:92:02:41:d9:14:20:c9:44:7d:19:b8:1f:d1:
                    6b:e7:86:ea:1d:d3:f7:e5:fb:22:7a:31:be:f4:05:
                    0f:3d:d4:27:a8:a2:8d:f1:89:34:51:4b:99:7c:13:
                    63:3b:48:cc:92:77:c1:db:72:29:bf:72:21:8f:2f:
                    ba:16:00:d5:a4:e7:bd:dd:67:e4:9e:17:98:43:a4:
                    f2:8d:ea:c3:e2:37:32:e6:9b:8b:02:1e:df:43:e7:
                    4d:2d:29:a8:51:4d:15:9e:85:bb:e8:d1:43:2c:e8:
                    b8:09:79:eb:be:ec:4b:59:20:36:35:7e:a9:5d:4e:
                    ef:cd:e4:22:8c:f5:89:df:49:1e:ce:82:dc:54:8c:
                    d0:6e:c1:9e:9d:fd:50:ef:30:a1:89:b1:3d:3d:e3:
                    9f:13:8f:f0:00:62:4c:08:40:46:8e:c3:ba:41:c4:
                    26:5e:0e:bf:bb:6e:70:66:fe:f9:71:7a:09:15:f8:
                    82:81:e2:a5:ab:65:d7:94:36:3d:63:12:ae:5c:ac:
                    07:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:58:0B:07:EA:91:0C:E0:86:20:67:58:1A:7C:BB:03:47:0D:0B:3B
            X509v3 Authority Key Identifier:
                keyid:D7:30:1F:77:27:53:D8:0A:7B:62:C2:D2:13:D3:47:A3:B9:EB:E8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zAfdydT2Ap7YsLSE9NHo7nr6IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/PVgLB-qRDOCGIGdYGny7A0cNCzs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/77d6ee-a8e1-4b01-83cb-2f6769e75f24/1/1zAfdydT2Ap7YsLSE9NHo7nr6IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:94:f0:d5:b0:ef:6d:04:6a:fc:30:7c:c1:82:f4:a5:d2:18:
         94:20:99:ee:a7:77:d8:9a:74:ec:5c:b9:f8:b5:8e:c2:12:23:
         bd:8d:1f:1d:23:62:ca:64:de:c5:04:78:4a:45:33:a2:a6:cc:
         56:67:8f:07:30:55:8e:fa:10:7f:bf:92:03:5c:39:e9:96:9a:
         a6:42:ed:d7:d8:d9:d6:24:ba:9d:0b:1e:c0:54:b2:4c:35:36:
         ab:32:a0:a7:47:13:59:e3:8e:6a:84:c9:78:fa:bd:fe:21:18:
         a6:d7:eb:06:37:98:f1:4c:19:aa:d6:23:4a:6c:48:94:04:95:
         48:f7:fd:0b:bc:13:2d:83:a0:99:c3:d6:ba:16:86:99:59:02:
         7c:d6:b6:0d:19:f7:13:47:5a:4f:7a:c3:93:d1:08:6b:bc:70:
         9d:50:4e:ed:22:83:52:73:a1:73:3c:94:dd:12:3a:4e:07:cd:
         c4:15:b9:82:11:bc:c6:e3:99:03:9b:6e:4d:1e:26:0f:4d:2b:
         5a:63:e2:cd:70:a7:56:54:73:19:56:17:83:b8:df:26:31:8e:
         b2:11:49:12:27:ac:69:e1:08:c7:63:6a:76:fc:a0:d8:85:e4:
         94:f8:a0:e5:65:82:19:3a:52:fc:56:80:78:10:06:3e:40:51:
         3c:31:0d:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbutTJZXmuI1rab0qyqHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzAxZjc3Mjc1M2Q4MGE3YjYyYzJkMjEzZDM0N2EzYjll
YmU4ODUwHhcNMjQwMTAxMTQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU4MGIwN2VhOTEwY2UwODYyMDY3NTgxYTdjYmIwMzQ3MGQwYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBJyco0Gx4m0Me1OztnfXvwoOrd8
JjkvPlSI971HxJIIIcveIGyQIdfUMXAnpTO6tqp7/5y22Tx7wLCeY5ICQdkUIMlE
fRm4H9Fr54bqHdP35fsiejG+9AUPPdQnqKKN8Yk0UUuZfBNjO0jMknfB23Ipv3Ih
jy+6FgDVpOe93WfknheYQ6TyjerD4jcy5puLAh7fQ+dNLSmoUU0VnoW76NFDLOi4
CXnrvuxLWSA2NX6pXU7vzeQijPWJ30kezoLcVIzQbsGenf1Q7zChibE9PeOfE4/w
AGJMCEBGjsO6QcQmXg6/u25wZv75cXoJFfiCgeKlq2XXlDY9YxKuXKwHtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1YCwfqkQzghiBnWBp8uwNHDQs7MB8GA1UdIwQY
MBaAFNcwH3cnU9gKe2LC0hPTR6O56+iFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpBZmR5ZFQyQXA3WXNMU0U5TkhvN25yNklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83N2Q2ZWUtYThlMS00YjAxLTgzY2It
MmY2NzY5ZTc1ZjI0LzEvUFZnTEItcVJET0NHSUdkWUdueTdBMGNOQ3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83N2Q2ZWUtYThlMS00YjAxLTgzY2ItMmY2NzY5ZTc1ZjI0
LzEvMXpBZmR5ZFQyQXA3WXNMU0U5TkhvN25yNklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwrQaMA0G
CSqGSIb3DQEBCwUAA4IBAQAXlPDVsO9tBGr8MHzBgvSl0hiUIJnup3fYmnTsXLn4
tY7CEiO9jR8dI2LKZN7FBHhKRTOipsxWZ48HMFWO+hB/v5IDXDnplpqmQu3X2NnW
JLqdCx7AVLJMNTarMqCnRxNZ445qhMl4+r3+IRim1+sGN5jxTBmq1iNKbEiUBJVI
9/0LvBMtg6CZw9a6FoaZWQJ81rYNGfcTR1pPesOT0QhrvHCdUE7tIoNSc6FzPJTd
EjpOB83EFbmCEbzG45kDm25NHiYPTStaY+LNcKdWVHMZVheDuN8mMY6yEUkSJ6xp
4QjHY2p2/KDYheSU+KDlZYIZOlL8VoB4EAY+QFE8MQ1o
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:02 2024 by rpki-client on console-fra.rpki-client.org