Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/eJ5BYN6iyDU0kJabXum55XCXvNY.roa
File:                     eJ5BYN6iyDU0kJabXum55XCXvNY.roa (raw, json)
Hash identifier:          YbsaBk9M54/SmJh/71ywsaJesaVRhTcLpiaqzUSRdTg=
Subject key identifier:   78:9E:41:60:DE:A2:C8:35:34:90:96:9B:5E:E9:B9:E5:70:97:BC:D6
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       017FAC
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/eJ5BYN6iyDU0kJabXum55XCXvNY.roa
Signing time:             Sun 07 Apr 2024 13:21:03 +0000
ROA not before:           Sun 07 Apr 2024 13:21:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15562
IP address blocks:        2a0e:b240:118::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
                          rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 19 Jun 2024 02:04:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98220 (0x17fac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Apr  7 13:21:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=789E4160DEA2C8353490969B5EE9B9E57097BCD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:fb:d6:81:67:52:63:da:d9:31:a4:0a:b5:
                    50:f8:38:96:76:d0:6a:44:a8:ab:41:26:a0:a4:bb:
                    8a:3d:bc:5a:2e:76:6b:6a:cb:73:a4:c3:69:a5:07:
                    67:7e:44:b3:0e:45:b3:68:94:aa:e0:e1:97:a2:90:
                    27:d3:c2:ed:95:9c:7d:d2:8d:48:d4:7c:fb:9c:f2:
                    14:a6:4b:fb:cb:00:eb:3a:1f:e2:a5:0e:d2:4c:2c:
                    b2:52:cf:7c:a1:a3:2d:9d:34:80:29:08:57:f3:70:
                    e9:71:a8:e3:8e:ca:9c:07:f0:21:3b:a4:07:70:62:
                    70:0a:2a:1c:4c:5f:2c:55:5c:92:57:f6:72:a7:02:
                    7f:b1:cb:04:f8:16:85:11:51:2a:33:54:7e:b0:40:
                    4f:f1:7b:8c:39:93:ea:de:b7:23:a9:2c:d3:f2:5c:
                    5d:02:5a:69:a5:de:cf:a4:fd:c5:30:20:cc:12:0f:
                    a1:82:cf:60:aa:b7:0a:88:dd:15:f9:25:d7:3e:bd:
                    d7:c3:1f:e9:1c:9f:0e:9a:b1:cc:0d:70:83:2f:df:
                    a9:e9:b4:10:27:84:43:6d:c8:9c:f2:3d:9a:92:4f:
                    7f:5b:23:25:3c:f2:f1:1d:4a:63:0e:91:fa:62:42:
                    12:9a:8c:dc:d2:9a:d0:dd:e6:06:ee:95:f8:06:68:
                    3f:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:9E:41:60:DE:A2:C8:35:34:90:96:9B:5E:E9:B9:E5:70:97:BC:D6
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/eJ5BYN6iyDU0kJabXum55XCXvNY.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b240:118::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:3e:98:f7:cc:6b:f3:67:42:10:c4:1e:0a:ce:bb:02:40:fc:
         b7:5f:57:f3:a7:dd:3b:cf:7b:03:a1:53:f4:a1:7d:8c:10:50:
         40:1c:8f:76:88:37:d8:cb:f0:d2:ac:ed:60:19:8d:1a:24:cc:
         5c:03:31:17:aa:6c:c1:2f:58:c7:1f:36:03:f2:12:a1:43:4a:
         9e:27:0c:ec:fd:09:87:27:69:4e:35:5d:e1:c9:12:db:da:75:
         34:f1:cc:3d:fe:30:23:1a:7f:56:0f:4d:3e:47:e1:4b:97:fd:
         25:30:09:f2:96:2e:f6:d5:d9:04:20:18:b4:c6:73:a1:5f:19:
         72:db:d2:73:b2:c8:30:1b:e0:b6:25:b0:09:c4:35:66:e9:b1:
         a4:a0:3f:58:19:f6:bd:b1:32:1c:87:60:31:32:4f:6e:d9:df:
         8e:e6:38:66:d3:b9:c9:00:43:66:b9:3a:eb:ec:b7:ab:f7:68:
         92:53:cf:6a:f9:8c:4f:a3:7c:06:60:d7:df:75:65:aa:01:0e:
         45:8c:c3:80:4e:67:4f:c1:06:b4:3c:06:1f:33:e4:b9:88:a0:
         a8:e9:cb:41:d9:60:34:22:a7:72:72:db:cb:ae:ed:9f:b2:69:
         fa:96:17:90:f0:93:9d:a3:0d:74:16:06:3e:5d:c4:0b:47:4c:
         7b:44:78:97
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIDAX+sMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjQwNDA3
MTMyMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ODlFNDE2MERFQTJD
ODM1MzQ5MDk2OUI1RUU5QjlFNTcwOTdCQ0Q2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp0z71oFnUmPa2TGkCrVQ+DiWdtBqRKirQSagpLuKPbxaLnZr
astzpMNppQdnfkSzDkWzaJSq4OGXopAn08LtlZx90o1I1Hz7nPIUpkv7ywDrOh/i
pQ7STCyyUs98oaMtnTSAKQhX83DpcajjjsqcB/AhO6QHcGJwCiocTF8sVVySV/Zy
pwJ/scsE+BaFEVEqM1R+sEBP8XuMOZPq3rcjqSzT8lxdAlpppd7PpP3FMCDMEg+h
gs9gqrcKiN0V+SXXPr3Xwx/pHJ8OmrHMDXCDL9+p6bQQJ4RDbcic8j2akk9/WyMl
PPLxHUpjDpH6YkISmozc0prQ3eYG7pX4Bmg/8QIDAQABo4IBzzCCAcswHQYDVR0O
BBYEFHieQWDeosg1NJCWm17pueVwl7zWMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L2VKNUJZTjZpeURVMGtKYWJYdW01NVhDWHZOWS5yb2EwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAqDrJAARgwDQYJKoZIhvcNAQELBQADggEBAF0+mPfMa/Nn
QhDEHgrOuwJA/LdfV/On3TvPewOhU/ShfYwQUEAcj3aIN9jL8NKs7WAZjRokzFwD
MReqbMEvWMcfNgPyEqFDSp4nDOz9CYcnaU41XeHJEtvadTTxzD3+MCMaf1YPTT5H
4UuX/SUwCfKWLvbV2QQgGLTGc6FfGXLb0nOyyDAb4LYlsAnENWbpsaSgP1gZ9r2x
MhyHYDEyT27Z347mOGbTuckAQ2a5Ouvst6v3aJJTz2r5jE+jfAZg1991ZaoBDkWM
w4BOZ0/BBrQ8Bh8z5LmIoKjpy0HZYDQip3Jy28uu7Z+yafqWF5Dwk52jDXQWBj5d
xAtHTHtEeJc=
-----END CERTIFICATE-----
Generated at Tue Jun 18 20:43:58 2024 by rpki-client on console-fra.rpki-client.org