Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa
File:                     jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa (raw, json)
Hash identifier:          tmRgLgrl+/5S+YJf5sXC+tp2iaM9jnDGNJY2RBurEFA=
Subject key identifier:   8D:E6:F6:10:9F:FA:21:13:1E:C1:D6:85:93:74:4D:60:99:71:4D:C6
Certificate issuer:       /CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
Certificate serial:       018CC801B2FFA64C61AB7987C97EEE4071FB
Authority key identifier: 2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa
Signing time:             Tue 02 Jan 2024 02:30:03 +0000
ROA not before:           Tue 02 Jan 2024 02:30:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39232
IP address blocks:        78.111.48.0/21 maxlen: 21
                          78.111.48.0/20 maxlen: 20
                          185.81.82.0/23 maxlen: 23
                          185.81.80.0/22 maxlen: 22
                          185.81.80.0/23 maxlen: 23
                          78.111.56.0/21 maxlen: 21
                          2a03:7740::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:b2:ff:a6:4c:61:ab:79:87:c9:7e:ee:40:71:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e827c87cbbfc261a274e9cb1b095026a80c6136
        Validity
            Not Before: Jan  2 02:30:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8de6f6109ffa21131ec1d68593744d6099714dc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d0:55:33:ba:32:21:cc:b3:80:e1:22:96:e4:
                    23:8d:ad:c6:e8:a9:2c:15:02:da:76:d2:96:ca:12:
                    75:73:35:83:a3:ae:59:2b:52:c1:83:76:37:15:11:
                    ff:a0:19:c8:2c:57:ba:7f:e8:8b:dc:bf:77:5a:90:
                    71:48:b5:c0:a7:e3:e3:b8:5c:a1:65:51:a9:0e:7c:
                    fe:81:b8:30:be:38:63:9e:65:c2:b2:18:d8:01:28:
                    94:92:25:a0:ee:42:45:64:ae:56:4b:94:9f:50:66:
                    28:7f:02:03:a7:74:fd:6b:78:05:84:55:19:c4:03:
                    71:69:6c:66:d9:65:af:40:5c:e3:bf:a2:5b:0d:81:
                    6a:16:41:14:74:12:2f:6e:37:77:be:c1:73:5e:9e:
                    33:a3:bd:f2:84:82:d2:d5:b9:07:1a:ac:9b:42:3f:
                    5c:c5:ca:0f:a8:4a:5e:ea:04:aa:b3:1c:01:0f:e8:
                    0f:19:5c:39:9b:bd:d8:9e:10:9d:2a:fa:36:43:01:
                    03:ae:ea:a8:c3:a1:d6:fa:53:1d:fb:95:fc:8c:f3:
                    71:66:c4:02:66:a2:e9:6e:40:fa:81:61:f5:d4:18:
                    64:a5:2d:9d:b5:5b:f6:d9:80:10:aa:88:d7:6e:3d:
                    d8:09:f4:68:24:2b:24:20:fc:29:45:02:71:04:14:
                    9f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:E6:F6:10:9F:FA:21:13:1E:C1:D6:85:93:74:4D:60:99:71:4D:C6
            X509v3 Authority Key Identifier:
                keyid:2E:82:7C:87:CB:BF:C2:61:A2:74:E9:CB:1B:09:50:26:A8:0C:61:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoJ8h8u_wmGidOnLGwlQJqgMYTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/jeb2EJ_6IRMewdaFk3RNYJlxTcY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7b20bd-fc4e-4cbf-ad1b-24fa10965e85/1/LoJ8h8u_wmGidOnLGwlQJqgMYTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.111.48.0/20
                  185.81.80.0/22
                IPv6:
                  2a03:7740::/32

    Signature Algorithm: sha256WithRSAEncryption
         a0:be:ea:b2:59:e2:47:cd:f6:f2:34:32:7b:61:36:9e:cb:be:
         e4:01:07:35:03:09:38:3a:cd:21:73:2b:a5:c1:38:a0:87:bf:
         3c:b8:3d:db:01:c4:52:15:62:5f:25:fe:32:94:8c:60:4c:19:
         30:99:a3:e6:2e:22:b0:7c:f6:69:e7:b1:3b:37:d8:85:a9:16:
         9e:8f:8a:d1:c5:20:93:eb:98:f4:8c:84:3c:0c:5c:80:a6:57:
         be:13:a5:fe:08:15:44:96:a8:89:77:c5:0d:87:62:e2:da:e9:
         98:f0:c6:d0:89:0f:00:f6:68:52:99:f6:4c:6e:2c:c6:bc:7d:
         62:3e:db:97:3b:01:0d:6c:14:44:11:47:a8:f5:75:bc:6c:56:
         3d:f1:53:41:f8:98:a0:95:87:05:5f:d9:1e:c3:07:5c:ae:62:
         89:7c:87:3f:5f:90:dd:9f:ad:38:7a:56:bd:96:8c:19:2c:ce:
         55:f8:d5:d6:47:86:53:8e:e3:83:7a:aa:24:1e:73:73:ec:e7:
         f1:dc:c7:a1:52:5d:5b:d5:ed:96:05:e9:86:0c:72:ce:bd:ca:
         e2:87:12:04:58:a5:1a:ef:77:c4:bb:f7:0f:96:50:d4:34:40:
         94:f8:58:b0:cd:72:c2:16:a7:fa:7b:a9:c2:e6:19:f0:25:db:
         99:be:e4:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAbL/pkxhq3mHyX7uQHH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI3Yzg3Y2JiZmMyNjFhMjc0ZTljYjFiMDk1MDI2YTgw
YzYxMzYwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGU2ZjYxMDlmZmEyMTEzMWVjMWQ2ODU5Mzc0NGQ2MDk5NzE0ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNBVM7oyIcyzgOEiluQjja3G6Kks
FQLadtKWyhJ1czWDo65ZK1LBg3Y3FRH/oBnILFe6f+iL3L93WpBxSLXAp+PjuFyh
ZVGpDnz+gbgwvjhjnmXCshjYASiUkiWg7kJFZK5WS5SfUGYofwIDp3T9a3gFhFUZ
xANxaWxm2WWvQFzjv6JbDYFqFkEUdBIvbjd3vsFzXp4zo73yhILS1bkHGqybQj9c
xcoPqEpe6gSqsxwBD+gPGVw5m73YnhCdKvo2QwEDruqow6HW+lMd+5X8jPNxZsQC
ZqLpbkD6gWH11BhkpS2dtVv22YAQqojXbj3YCfRoJCskIPwpRQJxBBSfHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI3m9hCf+iETHsHWhZN0TWCZcU3GMB8GA1UdIwQY
MBaAFC6CfIfLv8JhonTpyxsJUCaoDGE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWIt
MjRmYTEwOTY1ZTg1LzEvamViMkVKXzZJUk1ld2RhRmszUk5ZSmx4VGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83YjIwYmQtZmM0ZS00Y2JmLWFkMWItMjRmYTEwOTY1ZTg1
LzEvTG9KOGg4dV93bUdpZE9uTEd3bFFKcWdNWVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETm8wAwQC
uVFQMA0EAgACMAcDBQAqA3dAMA0GCSqGSIb3DQEBCwUAA4IBAQCgvuqyWeJHzfby
NDJ7YTaey77kAQc1Awk4Os0hcyulwTigh788uD3bAcRSFWJfJf4ylIxgTBkwmaPm
LiKwfPZp57E7N9iFqRaej4rRxSCT65j0jIQ8DFyAple+E6X+CBVElqiJd8UNh2Li
2umY8MbQiQ8A9mhSmfZMbizGvH1iPtuXOwENbBREEUeo9XW8bFY98VNB+JiglYcF
X9kewwdcrmKJfIc/X5Ddn604ela9lowZLM5V+NXWR4ZTjuODeqokHnNz7Ofx3Meh
Ul1b1e2WBemGDHLOvcrihxIEWKUa73fEu/cPllDUNECU+FiwzXLCFqf6e6nC5hnw
JduZvuQa
-----END CERTIFICATE-----
Generated at Sat Jun 15 14:25:03 2024 by rpki-client on console-fra.rpki-client.org