Route Origin Authorization

$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200241.roa
File:                     AS200241.roa (raw, json)
Hash identifier:          54GKYs0eLxNT06QHYRyxm2h7aldiKI9XgChKvBbG14o=
Subject key identifier:   C3:25:E8:84:68:5C:EC:C7:53:F6:4B:E2:1C:A6:74:73:77:EC:24:79
Certificate issuer:       /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial:       24D31D60BB08E56C1B621A2B919F58122A2680D0
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access:      rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200241.roa
Signing time:             Tue 13 Feb 2024 13:21:45 +0000
ROA not before:           Tue 13 Feb 2024 13:16:45 +0000
ROA not after:            Tue 11 Feb 2025 13:21:45 +0000
asID:                     200241
IP address blocks:        2a0f:9400:6300::/40 maxlen: 48
                          2a0f:9400:6300::/44 maxlen: 48
                          2a0f:9400:6310::/44 maxlen: 48
                          2a0f:9400:6550::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
                          rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:d3:1d:60:bb:08:e5:6c:1b:62:1a:2b:91:9f:58:12:2a:26:80:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
        Validity
            Not Before: Feb 13 13:16:45 2024 GMT
            Not After : Feb 11 13:21:45 2025 GMT
        Subject: CN=C325E884685CECC753F64BE21CA6747377EC2479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:db:32:6d:27:c8:e8:81:1d:30:9e:33:cd:6f:
                    01:74:da:f7:73:06:a5:08:cf:b4:d9:bf:ed:38:1b:
                    00:87:f3:bb:01:85:9f:da:2e:b6:85:21:75:d7:a9:
                    a7:2a:91:16:60:cf:ad:49:77:88:6e:2e:25:fd:d1:
                    fa:f4:c7:07:72:3d:fc:bb:67:23:56:42:86:d1:ad:
                    25:63:b7:d3:e1:2c:b6:95:7c:11:bd:68:2c:81:f1:
                    ec:29:f3:48:ba:17:28:99:93:6a:5b:fc:8b:31:bc:
                    f9:84:6e:ce:1d:ad:fc:19:b5:1c:86:94:13:61:c4:
                    e4:01:23:44:3a:ea:cb:22:f9:8a:c6:8d:0d:56:e0:
                    77:dd:66:60:ce:b6:7b:fd:25:90:94:31:6f:93:67:
                    3d:7c:e9:c2:83:5d:bf:c7:4c:95:ce:65:63:5a:47:
                    27:b3:29:04:a0:1b:73:62:e7:80:9e:cd:c1:0d:55:
                    85:92:01:30:33:7b:60:43:8c:18:e7:d2:76:07:86:
                    e0:40:8b:cf:9a:fa:34:b5:94:ba:cc:89:91:95:c7:
                    81:05:e3:98:26:31:31:91:40:cc:c0:4e:07:2f:26:
                    da:01:89:5c:76:f3:05:94:bc:a5:13:db:bb:0b:5d:
                    7b:1d:32:f8:6d:f1:f0:19:3d:2f:51:ea:cf:c0:b2:
                    13:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:25:E8:84:68:5C:EC:C7:53:F6:4B:E2:1C:A6:74:73:77:EC:24:79
            X509v3 Authority Key Identifier:
                keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS200241.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:9400:6300::/40
                  2a0f:9400:6550::/44

    Signature Algorithm: sha256WithRSAEncryption
         b0:b4:c8:02:3a:6c:3f:c9:e3:48:2f:b8:64:11:ce:80:eb:38:
         13:b4:53:12:ad:9e:27:af:0c:78:97:ad:fb:28:0f:96:28:90:
         4d:ee:4c:98:b7:4f:0c:96:b9:83:57:bf:66:03:3b:9f:54:e7:
         4a:81:1a:62:1f:60:4f:74:48:56:9b:bf:c4:a9:9e:ff:a4:21:
         8b:24:c5:2d:36:99:90:c9:73:48:b8:3b:1e:ee:5c:fb:90:86:
         f5:65:49:63:e6:d3:ba:2f:dd:22:ed:fe:4f:07:35:a0:71:61:
         3b:cb:c5:0e:8a:6d:b2:a7:68:c5:46:cd:2a:81:26:15:ab:cc:
         e8:27:86:bf:e2:16:da:32:0b:29:a7:77:d8:46:02:f7:a1:d6:
         a7:2f:ac:39:61:3b:1e:52:6f:99:38:0a:ad:23:a1:99:ae:3d:
         13:03:e3:c2:8a:85:5c:31:55:ad:3c:81:7f:1d:1c:45:49:1b:
         63:9f:e7:a0:f7:4e:cd:5d:7a:ef:ae:4c:fc:eb:26:69:07:fb:
         22:ff:0d:36:98:fd:4a:ba:03:2e:9f:2e:f3:5c:18:98:82:1f:
         4f:39:d2:1a:a9:7a:48:f0:73:3f:25:c9:e0:cc:d5:7a:24:83:
         24:b6:af:50:34:00:28:b1:03:6a:ba:c0:54:9b:ef:0c:3c:1d:
         e3:47:73:b2
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUJNMdYLsI5WwbYhorkZ9YEiomgNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNDAyMTMxMzE2NDVaFw0yNTAyMTExMzIxNDVaMDMxMTAvBgNV
BAMTKEMzMjVFODg0Njg1Q0VDQzc1M0Y2NEJFMjFDQTY3NDczNzdFQzI0NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2zJtJ8jogR0wnjPNbwF02vdz
BqUIz7TZv+04GwCH87sBhZ/aLraFIXXXqacqkRZgz61Jd4huLiX90fr0xwdyPfy7
ZyNWQobRrSVjt9PhLLaVfBG9aCyB8ewp80i6FyiZk2pb/IsxvPmEbs4drfwZtRyG
lBNhxOQBI0Q66ssi+YrGjQ1W4HfdZmDOtnv9JZCUMW+TZz186cKDXb/HTJXOZWNa
RyezKQSgG3Ni54CezcENVYWSATAze2BDjBjn0nYHhuBAi8+a+jS1lLrMiZGVx4EF
45gmMTGRQMzATgcvJtoBiVx28wWUvKUT27sLXXsdMvht8fAZPS9R6s/AshPTAgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUwyXohGhc7MdT9kviHKZ0c3fsJHkwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwMDI0MS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAqBggr
BgEFBQcBBwEB/wQbMBkwFwQCAAIwEQMGACoPlABjAwcEKg+UAGVQMA0GCSqGSIb3
DQEBCwUAA4IBAQCwtMgCOmw/yeNIL7hkEc6A6zgTtFMSrZ4nrwx4l637KA+WKJBN
7kyYt08MlrmDV79mAzufVOdKgRpiH2BPdEhWm7/EqZ7/pCGLJMUtNpmQyXNIuDse
7lz7kIb1ZUlj5tO6L90i7f5PBzWgcWE7y8UOim2yp2jFRs0qgSYVq8zoJ4a/4hba
Mgspp3fYRgL3odanL6w5YTseUm+ZOAqtI6GZrj0TA+PCioVcMVWtPIF/HRxFSRtj
n+eg907NXXrvrkz86yZpB/si/w02mP1KugMuny7zXBiYgh9POdIaqXpI8HM/Jcng
zNV6JIMktq9QNAAosQNqusBUm+8MPB3jR3Oy
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:34:43 2024 by rpki-client on console-fra.rpki-client.org