Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-tCnuTKx3QD_6wCBK2aEDMGEFSU.roa
File:                     1-tCnuTKx3QD_6wCBK2aEDMGEFSU.roa (raw, json)
Hash identifier:          hVhn4wpPPrwogAqf0r5ufIfXA/KLA61EKizCUem196M=
Subject key identifier:   FA:D0:A7:B9:32:B1:DD:00:FF:EB:00:81:2B:66:84:0C:C1:84:15:25
Certificate issuer:       /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial:       018CC4249E0D9491CBD8183F737FAE7DF4F3
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-tCnuTKx3QD_6wCBK2aEDMGEFSU.roa
Signing time:             Mon 01 Jan 2024 08:29:43 +0000
ROA not before:           Mon 01 Jan 2024 08:29:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     983
IP address blocks:        77.37.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:9e:0d:94:91:cb:d8:18:3f:73:7f:ae:7d:f4:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
        Validity
            Not Before: Jan  1 08:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fad0a7b932b1dd00ffeb00812b66840cc1841525
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:28:e5:31:32:1c:2e:65:bd:dd:5f:8b:a6:9c:
                    cc:e5:ac:50:2d:d9:d8:7d:3c:8b:3f:68:ad:31:7d:
                    0e:40:5f:9c:c7:1b:43:c7:b5:5a:5a:5e:e0:5f:86:
                    51:fd:ab:16:e1:36:a3:3c:70:fd:7c:63:dc:02:f7:
                    1d:de:b4:7e:45:70:e0:d0:4b:18:90:89:77:6c:80:
                    d5:38:bb:81:5a:34:52:03:46:cd:e7:0f:a5:12:a5:
                    fd:42:91:6f:27:4d:e6:a1:a1:e2:d6:8b:f3:34:29:
                    83:8b:62:72:4d:18:44:f9:99:07:cb:4c:73:0d:10:
                    95:c3:f2:00:4c:71:ce:9e:d7:93:77:19:1a:30:76:
                    d4:ba:06:97:ec:6e:e2:3f:b3:5c:88:5a:9a:fd:d9:
                    ad:71:72:bd:71:36:ff:e5:a3:3b:ef:0f:ea:8d:1a:
                    f5:fb:82:8b:dd:9a:e5:63:e3:78:ec:6d:e5:63:85:
                    64:e7:27:2a:f3:1f:80:88:ec:87:4d:b0:9d:73:a1:
                    16:0d:c6:0f:43:61:8f:e3:4a:2b:73:8a:86:f7:a0:
                    7f:c9:d4:a2:5e:7c:d2:5d:46:93:f7:24:dc:4f:ba:
                    e2:7a:1d:52:63:c4:50:14:49:38:aa:45:3c:eb:f9:
                    52:4d:a2:82:3b:a5:17:8d:e0:15:22:0b:a9:6c:62:
                    0c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D0:A7:B9:32:B1:DD:00:FF:EB:00:81:2B:66:84:0C:C1:84:15:25
            X509v3 Authority Key Identifier:
                keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-tCnuTKx3QD_6wCBK2aEDMGEFSU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.37.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:5f:53:8e:1c:e2:fb:22:fc:ef:f6:bb:8b:4f:fc:53:3e:30:
         26:ca:80:74:06:b8:8f:54:f2:ed:37:98:1d:87:de:b2:d0:34:
         bb:29:08:53:07:8c:26:57:6b:d0:42:03:ae:bd:0f:d6:e0:cd:
         51:9e:1e:48:c6:5c:36:16:3f:17:75:ca:98:f8:33:2a:5f:b5:
         22:fa:86:25:e3:4f:47:e3:eb:d4:e7:92:7d:41:ff:f0:a8:2f:
         35:7b:40:fa:e8:27:1c:ca:d2:7e:0c:08:37:89:46:72:f4:41:
         50:0a:c8:e0:8c:ab:6f:43:b0:7a:e6:db:c1:1a:fa:51:75:43:
         74:b3:7d:65:c8:44:61:37:17:24:d4:8a:99:cd:4b:ca:5b:89:
         37:37:a9:7a:f5:9d:2b:07:31:e8:42:2b:86:ee:78:30:20:69:
         dc:bb:2e:87:a6:08:de:ed:ca:68:11:8a:e2:60:9f:5b:e4:96:
         4b:36:e1:cc:14:b6:c4:43:b2:00:e1:8b:14:8d:cf:6d:2d:22:
         0f:2e:2f:32:f8:8f:59:d8:73:27:66:5e:9c:82:0f:3d:69:e0:
         50:77:8a:f4:73:be:a3:d7:a0:4e:ae:f9:0a:56:60:12:0a:ad:
         6f:26:a2:ef:c3:bf:f2:29:2c:be:47:a6:8b:0c:a9:78:f5:04:
         39:be:64:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJJ4NlJHL2Bg/c3+uffTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMTAxMDgyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQwYTdiOTMyYjFkZDAwZmZlYjAwODEyYjY2ODQwY2MxODQxNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCjlMTIcLmW93V+LppzM5axQLdnY
fTyLP2itMX0OQF+cxxtDx7VaWl7gX4ZR/asW4TajPHD9fGPcAvcd3rR+RXDg0EsY
kIl3bIDVOLuBWjRSA0bN5w+lEqX9QpFvJ03moaHi1ovzNCmDi2JyTRhE+ZkHy0xz
DRCVw/IATHHOnteTdxkaMHbUugaX7G7iP7NciFqa/dmtcXK9cTb/5aM77w/qjRr1
+4KL3ZrlY+N47G3lY4Vk5ycq8x+AiOyHTbCdc6EWDcYPQ2GP40orc4qG96B/ydSi
XnzSXUaT9yTcT7rieh1SY8RQFEk4qkU86/lSTaKCO6UXjeAVIgupbGIMkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrQp7kysd0A/+sAgStmhAzBhBUlMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvMS10Q251VEt4M1FEXzZ3Q0JLMmFFRE1HRUZTVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvYmU2NmU0LWYxNGItNGIzMS1iZGFmLTQ0MTQ1NThmZGNi
Yi8xL3czaThPOU5RN3R4UE4zd2lSVmF5VU5wdDNtOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE0lTTAN
BgkqhkiG9w0BAQsFAAOCAQEAil9Tjhzi+yL87/a7i0/8Uz4wJsqAdAa4j1Ty7TeY
HYfestA0uykIUweMJldr0EIDrr0P1uDNUZ4eSMZcNhY/F3XKmPgzKl+1IvqGJeNP
R+Pr1OeSfUH/8KgvNXtA+ugnHMrSfgwIN4lGcvRBUArI4Iyrb0OweubbwRr6UXVD
dLN9ZchEYTcXJNSKmc1LyluJNzepevWdKwcx6EIrhu54MCBp3Lsuh6YI3u3KaBGK
4mCfW+SWSzbhzBS2xEOyAOGLFI3PbS0iDy4vMviPWdhzJ2ZenIIPPWngUHeK9HO+
o9egTq75ClZgEgqtbyai78O/8iksvkemiwypePUEOb5kJQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:52:56 2024 by rpki-client on console-ams.rpki-client.org