Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
File:                     36322e3130362e37322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier:          sUT5EV9k1L/jQGDNWlfcLLbBnnCO0pFntUTPU25VrVk=
Subject key identifier:   C4:EB:66:1F:49:79:1D:54:E9:54:B8:21:3D:1C:1B:36:9C:45:06:B8
Certificate issuer:       /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial:       1A5114DD3251571A0B38A3FF6F33CFF27BF79A3F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa
Signing time:             Thu 21 Dec 2023 16:14:43 +0000
ROA not before:           Thu 21 Dec 2023 16:09:43 +0000
ROA not after:            Thu 19 Dec 2024 16:14:43 +0000
asID:                     201341
IP address blocks:        62.106.72.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:51:14:dd:32:51:57:1a:0b:38:a3:ff:6f:33:cf:f2:7b:f7:9a:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
        Validity
            Not Before: Dec 21 16:09:43 2023 GMT
            Not After : Dec 19 16:14:43 2024 GMT
        Subject: CN=C4EB661F49791D54E954B8213D1C1B369C4506B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1b:7c:d9:3c:fe:1f:1d:00:8b:74:a1:35:1d:
                    d5:23:51:5b:09:60:d2:c0:af:d8:30:d9:9a:c1:a2:
                    83:09:4a:86:8d:60:77:ac:a1:e2:9a:7b:6c:81:e1:
                    78:c9:9d:41:43:44:5f:e4:1c:60:4b:55:a1:74:99:
                    9c:c3:81:85:d0:27:60:37:b9:08:67:a5:55:73:9d:
                    60:31:89:2d:00:35:a8:61:72:b6:57:5f:3f:34:88:
                    b6:8d:b1:f1:a7:38:52:d2:6e:6e:fc:8e:fd:6e:13:
                    df:6d:97:74:a5:99:e1:18:20:57:ab:40:79:60:03:
                    cb:1a:89:9b:08:a5:89:7e:26:87:85:56:f2:61:c8:
                    a9:a0:5a:08:93:e0:11:47:da:e0:d4:6c:47:9d:27:
                    5c:57:7d:d8:06:f6:d7:90:64:f4:fe:9f:c5:9b:42:
                    dd:23:55:30:03:ad:3b:a1:e5:a3:c0:68:5e:b2:78:
                    94:43:e9:65:f7:50:02:29:5b:8d:37:06:d8:17:61:
                    23:95:cd:c5:b6:39:cb:cb:93:a5:24:85:71:63:ee:
                    ac:b3:00:b4:4d:2f:5a:b1:2b:7b:21:b6:54:4a:1b:
                    13:dd:cb:dc:8e:10:f7:b9:9a:88:91:63:e1:ad:49:
                    37:b3:97:90:80:f4:cf:c7:ee:20:20:95:45:81:84:
                    49:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:EB:66:1F:49:79:1D:54:E9:54:B8:21:3D:1C:1B:36:9C:45:06:B8
            X509v3 Authority Key Identifier:
                keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/36322e3130362e37322e302f32342d3234203d3e20323031333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.106.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:44:c9:a9:58:b8:a9:de:ae:62:ce:19:1e:3a:22:20:4a:94:
         3a:9c:4f:c3:ca:cc:23:7d:05:ad:90:cc:93:54:c3:7e:e0:1b:
         42:d6:70:24:22:33:e7:63:d6:b2:20:a6:7b:b0:50:09:7e:b3:
         65:87:de:0c:83:73:9e:10:87:21:86:3f:f6:14:a7:31:df:5e:
         70:5a:01:67:eb:f9:fe:00:3f:ef:54:e4:65:4b:2a:64:86:4c:
         e3:8c:72:d2:e9:24:91:5e:8d:c4:72:e3:2b:bb:97:49:84:56:
         3a:8f:93:8f:a3:57:eb:3b:69:d8:4b:37:8c:69:e5:c3:2d:eb:
         ff:1f:83:c5:45:87:dc:6b:e4:5a:85:4b:0b:af:12:89:51:b6:
         89:dd:ae:be:fe:1e:23:a7:ff:34:01:6b:d2:f7:f0:b6:12:76:
         ae:cc:0b:50:82:e7:3c:47:88:87:63:72:f2:9c:37:49:24:f4:
         41:0c:6b:d1:f6:58:ff:48:36:b4:75:a7:12:1d:d4:a8:aa:9c:
         4e:71:ff:24:36:3e:fb:7b:d6:d7:73:d6:21:20:cf:2f:72:8d:
         e3:18:bd:d0:0f:1e:d3:a8:92:83:9d:9a:30:33:10:80:43:3b:
         79:22:45:a0:f7:87:07:1b:cd:f1:4a:d3:92:23:b7:b0:c6:da:
         94:f0:17:64
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUGlEU3TJRVxoLOKP/bzPP8nv3mj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjExNjA5NDNaFw0yNDEyMTkxNjE0NDNaMDMxMTAvBgNV
BAMTKEM0RUI2NjFGNDk3OTFENTRFOTU0QjgyMTNEMUMxQjM2OUM0NTA2QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0G3zZPP4fHQCLdKE1HdUjUVsJ
YNLAr9gw2ZrBooMJSoaNYHesoeKae2yB4XjJnUFDRF/kHGBLVaF0mZzDgYXQJ2A3
uQhnpVVznWAxiS0ANahhcrZXXz80iLaNsfGnOFLSbm78jv1uE99tl3SlmeEYIFer
QHlgA8saiZsIpYl+JoeFVvJhyKmgWgiT4BFH2uDUbEedJ1xXfdgG9teQZPT+n8Wb
Qt0jVTADrTuh5aPAaF6yeJRD6WX3UAIpW403BtgXYSOVzcW2OcvLk6UkhXFj7qyz
ALRNL1qxK3shtlRKGxPdy9yOEPe5moiRY+GtSTezl5CA9M/H7iAglUWBhEl1AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUxOtmH0l5HVTpVLghPRwbNpxFBrgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNjMyMmUzMTMwMzYy
ZTM3MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA+akgwDQYJKoZIhvcNAQELBQADggEBAHhEyalYuKnermLOGR46IiBKlDqc
T8PKzCN9Ba2QzJNUw37gG0LWcCQiM+dj1rIgpnuwUAl+s2WH3gyDc54QhyGGP/YU
pzHfXnBaAWfr+f4AP+9U5GVLKmSGTOOMctLpJJFejcRy4yu7l0mEVjqPk4+jV+s7
adhLN4xp5cMt6/8fg8VFh9xr5FqFSwuvEolRtondrr7+HiOn/zQBa9L38LYSdq7M
C1CC5zxHiIdjcvKcN0kk9EEMa9H2WP9INrR1pxId1KiqnE5x/yQ2Pvt71tdz1iEg
zy9yjeMYvdAPHtOokoOdmjAzEIBDO3kiRaD3hwcbzfFK05Ijt7DG2pTwF2Q=
-----END CERTIFICATE-----
Generated at Sat Jun 15 07:40:42 2024 by rpki-client on console-fra.rpki-client.org