Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa
File:                     IPeB_4oFUosWM_xpZez_bTsnFr4.roa (raw, json)
Hash identifier:          uGGbyq/v5AW/NTT8wHa5ucEHEe+2ry5QXVT1i+SbQlw=
Subject key identifier:   20:F7:81:FF:8A:05:52:8B:16:33:FC:69:65:EC:FF:6D:3B:27:16:BE
Certificate issuer:       /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial:       018CCA2A3955EFCA99849E015996B765D088
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa
Signing time:             Tue 02 Jan 2024 12:33:33 +0000
ROA not before:           Tue 02 Jan 2024 12:33:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212865
IP address blocks:        185.82.103.0/24 maxlen: 24
                          2a05:8f00:8::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:39:55:ef:ca:99:84:9e:01:59:96:b7:65:d0:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
        Validity
            Not Before: Jan  2 12:33:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=20f781ff8a05528b1633fc6965ecff6d3b2716be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cc:ba:de:b4:e7:ae:21:13:0c:bf:4d:48:ca:
                    a4:ba:c2:dd:d9:55:89:3a:a9:b1:1e:2e:9e:fb:26:
                    8a:65:35:43:2e:84:13:87:31:c8:67:c9:09:60:53:
                    e1:7a:7f:b9:d4:89:72:66:c4:a5:cf:85:a9:b2:05:
                    f4:fd:69:12:0c:e9:2b:68:66:0c:e3:d7:40:80:b0:
                    24:d1:05:10:9f:e4:ec:4e:79:cd:09:4c:df:d6:de:
                    65:85:17:67:21:5e:00:fd:9a:0e:aa:92:4f:3a:d9:
                    d0:0d:af:bf:ca:64:84:b7:07:b2:9b:68:8f:4f:24:
                    29:17:42:1b:5a:30:3c:84:2a:28:cd:ea:e2:0a:55:
                    54:6c:53:1e:e1:39:cb:4a:39:c7:78:6a:3c:89:fc:
                    75:91:19:8f:82:1c:24:0b:6b:9e:82:55:82:24:4d:
                    7c:b0:2e:8e:77:96:e3:7b:41:e8:d8:3c:0b:7b:90:
                    9e:f6:ac:d2:1a:5f:9c:86:97:18:94:44:2e:23:29:
                    8d:d1:ab:75:3b:d6:47:15:e8:de:24:74:d9:3c:4a:
                    51:83:c1:2e:41:2f:7a:15:c2:56:c5:56:01:48:99:
                    00:55:3d:0e:3e:2a:9e:59:e5:ba:af:a6:4f:6c:d0:
                    ba:e7:c8:0a:5c:c0:08:5f:fd:9b:28:13:5d:04:ac:
                    37:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:F7:81:FF:8A:05:52:8B:16:33:FC:69:65:EC:FF:6D:3B:27:16:BE
            X509v3 Authority Key Identifier:
                keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.103.0/24
                IPv6:
                  2a05:8f00:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:80:db:15:53:7c:cd:f5:0c:ba:ff:cb:3e:be:c7:9f:0c:64:
         a6:3c:7a:2a:ad:8d:ad:ce:37:dc:57:c2:f0:17:d3:c0:be:d0:
         7e:64:b5:99:20:a3:c7:5d:d7:9b:fd:98:97:1b:0a:3c:26:cb:
         b2:89:5f:f4:9a:24:12:7b:04:e2:b0:58:be:8f:11:6d:91:89:
         43:98:f3:43:85:1b:b2:25:50:1d:4a:72:6a:50:f4:69:cd:aa:
         5e:a1:a9:f0:c3:d8:32:79:24:00:4d:a9:c4:c3:d0:a5:78:8c:
         f5:04:11:08:10:78:13:c2:ad:d3:62:e3:4d:2c:fa:f5:0e:c9:
         81:12:9d:30:3f:36:48:f5:35:5d:d7:9e:e7:10:58:6b:8d:0f:
         3d:fb:da:d4:6a:8e:af:93:13:a1:5c:31:19:f9:d7:71:8a:76:
         16:5c:ea:6b:08:07:07:52:47:43:ec:33:31:5a:31:7e:9b:d3:
         dd:9d:60:a8:9a:7f:fc:ba:c1:7d:c1:b4:60:20:11:03:96:c1:
         64:e6:8f:c6:8e:da:c0:56:a0:54:e3:73:05:fa:17:3f:e7:93:
         72:fe:2a:b9:2c:8a:7b:67:27:13:d3:d1:0b:67:34:ac:62:0a:
         f3:9d:8d:03:be:75:61:fa:d8:3e:3a:99:f7:bb:c6:b1:c3:5f:
         07:fe:c8:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKjlV78qZhJ4BWZa3ZdCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY3ODFmZjhhMDU1MjhiMTYzM2ZjNjk2NWVjZmY2ZDNiMjcxNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8y63rTnriETDL9NSMqkusLd2VWJ
OqmxHi6e+yaKZTVDLoQThzHIZ8kJYFPhen+51IlyZsSlz4WpsgX0/WkSDOkraGYM
49dAgLAk0QUQn+TsTnnNCUzf1t5lhRdnIV4A/ZoOqpJPOtnQDa+/ymSEtweym2iP
TyQpF0IbWjA8hCoozeriClVUbFMe4TnLSjnHeGo8ifx1kRmPghwkC2ueglWCJE18
sC6Od5bje0Ho2DwLe5Ce9qzSGl+chpcYlEQuIymN0at1O9ZHFejeJHTZPEpRg8Eu
QS96FcJWxVYBSJkAVT0OPiqeWeW6r6ZPbNC658gKXMAIX/2bKBNdBKw3hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCD3gf+KBVKLFjP8aWXs/207Jxa+MB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvSVBlQl80b0ZVb3NXTV94cFplel9iVHNuRnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuVJnMA8E
AgACMAkDBwAqBY8AAAgwDQYJKoZIhvcNAQELBQADggEBAJeA2xVTfM31DLr/yz6+
x58MZKY8eiqtja3ON9xXwvAX08C+0H5ktZkgo8dd15v9mJcbCjwmy7KJX/SaJBJ7
BOKwWL6PEW2RiUOY80OFG7IlUB1KcmpQ9GnNql6hqfDD2DJ5JABNqcTD0KV4jPUE
EQgQeBPCrdNi400s+vUOyYESnTA/Nkj1NV3XnucQWGuNDz372tRqjq+TE6FcMRn5
13GKdhZc6msIBwdSR0PsMzFaMX6b092dYKiaf/y6wX3BtGAgEQOWwWTmj8aO2sBW
oFTjcwX6Fz/nk3L+KrksintnJxPT0QtnNKxiCvOdjQO+dWH62D46mfe7xrHDXwf+
yFI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:57:29 2024 by rpki-client on console-fra.rpki-client.org