Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/6VU21stBMIMsFOnf6r_56y6PPVE.roa
File:                     6VU21stBMIMsFOnf6r_56y6PPVE.roa (raw, json)
Hash identifier:          kv8XSS4xDkQkfJbyKhIEJBFOQD3SgYZH1tThhUU6egI=
Subject key identifier:   E9:55:36:D6:CB:41:30:83:2C:14:E9:DF:EA:BF:F9:EB:2E:8F:3D:51
Certificate issuer:       /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial:       018FC49B4AC5E3D5C6CF93B61F4931B996A0
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/6VU21stBMIMsFOnf6r_56y6PPVE.roa
Signing time:             Wed 29 May 2024 13:47:42 +0000
ROA not before:           Wed 29 May 2024 13:47:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     26042
IP address blocks:        194.110.246.0/24 maxlen: 24
                          2a11:2a47::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c4:9b:4a:c5:e3:d5:c6:cf:93:b6:1f:49:31:b9:96:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
        Validity
            Not Before: May 29 13:47:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e95536d6cb4130832c14e9dfeabff9eb2e8f3d51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:82:ea:96:c2:c0:e4:63:41:2c:9e:9b:94:47:
                    f8:7d:7f:b5:f8:d8:13:0a:90:90:93:ce:c9:d2:8f:
                    ac:24:58:d5:6e:18:2e:26:e8:7f:fb:1e:3a:df:cf:
                    07:a2:f3:3c:d5:da:a2:c8:96:f1:07:55:56:9b:ba:
                    4b:01:de:85:19:76:f7:dc:ed:ba:1a:1b:a5:9e:38:
                    53:7e:73:e6:12:a0:5c:68:25:e0:0c:dc:44:6e:6d:
                    73:02:a1:ef:1d:11:ad:27:9e:5f:97:12:6d:69:d7:
                    f7:a7:ba:f7:ef:e9:51:b4:3b:7e:c3:ac:91:17:9d:
                    f7:71:c5:54:ff:75:43:c0:c0:d3:f5:87:82:6a:66:
                    54:24:3c:e0:db:63:07:38:a0:33:a9:92:c3:00:01:
                    c2:7c:d1:60:2f:b9:37:f9:82:f1:f7:82:42:2e:59:
                    a0:d7:92:13:7d:91:d3:8c:42:08:c3:7c:5a:3b:08:
                    ea:b2:0e:9d:c7:92:30:2c:da:c8:90:a8:2f:6d:cc:
                    45:a3:d8:aa:fa:99:63:cf:32:32:09:1d:38:bb:2c:
                    f8:94:20:10:12:bb:43:6d:d7:2b:b9:b5:4b:03:2f:
                    24:86:37:4c:9d:69:73:6a:5b:f9:61:4c:5b:01:6a:
                    2c:d8:90:df:6b:8b:13:16:f3:ad:90:9e:fd:97:0a:
                    37:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:55:36:D6:CB:41:30:83:2C:14:E9:DF:EA:BF:F9:EB:2E:8F:3D:51
            X509v3 Authority Key Identifier:
                keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/6VU21stBMIMsFOnf6r_56y6PPVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.110.246.0/24
                IPv6:
                  2a11:2a47::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:ff:24:34:70:4d:05:52:f6:03:28:7b:87:4a:30:35:8e:72:
         6e:53:b6:9b:91:ca:4f:25:87:7e:41:9c:22:de:8f:8f:fe:c7:
         0f:3f:02:e8:24:93:5d:81:7c:e7:66:d0:54:0d:c9:dc:db:a9:
         79:bf:7f:f7:7b:da:fb:a1:dc:95:32:18:98:66:54:a8:96:53:
         d5:6e:04:86:fe:ae:79:52:ea:b7:6b:49:98:22:62:a9:54:6b:
         5a:11:48:db:11:f6:52:81:1b:40:40:f4:a2:5b:a9:fe:63:d4:
         20:47:5b:4c:5c:b4:c5:14:8c:73:6b:9a:10:21:db:8d:7e:06:
         86:11:4c:02:f4:d3:84:73:c7:14:80:9c:5f:80:8b:07:b5:d6:
         aa:41:03:c3:c1:19:ea:e5:1a:c0:cd:d7:0b:0a:be:69:31:a1:
         c3:a0:4c:f2:6e:73:a1:b5:be:4b:c9:70:cc:30:3a:27:e7:8e:
         af:da:44:1f:24:e3:c4:84:83:b5:c4:cd:4c:c2:46:cc:85:d5:
         e3:1f:11:38:ba:ab:f6:8e:2d:11:b4:d3:f5:5a:62:82:bb:c5:
         ef:42:af:84:60:7d:6d:86:08:01:54:67:9c:15:f9:30:b2:64:
         08:a3:73:46:c8:c1:9c:cb:83:e6:40:ec:82:6f:b6:d6:ee:57:
         30:52:52:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/Em0rF49XGz5O2H0kxuZagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwNTI5MTM0NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTU1MzZkNmNiNDEzMDgzMmMxNGU5ZGZlYWJmZjllYjJlOGYzZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzILqlsLA5GNBLJ6blEf4fX+1+NgT
CpCQk87J0o+sJFjVbhguJuh/+x46388HovM81dqiyJbxB1VWm7pLAd6FGXb33O26
GhulnjhTfnPmEqBcaCXgDNxEbm1zAqHvHRGtJ55flxJtadf3p7r37+lRtDt+w6yR
F533ccVU/3VDwMDT9YeCamZUJDzg22MHOKAzqZLDAAHCfNFgL7k3+YLx94JCLlmg
15ITfZHTjEIIw3xaOwjqsg6dx5IwLNrIkKgvbcxFo9iq+pljzzIyCR04uyz4lCAQ
ErtDbdcrubVLAy8khjdMnWlzalv5YUxbAWos2JDfa4sTFvOtkJ79lwo3uQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOlVNtbLQTCDLBTp3+q/+esujz1RMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvNlZVMjFzdEJNSU1zRk9uZjZyXzU2eTZQUFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwm72MA0E
AgACMAcDBQAqESpHMA0GCSqGSIb3DQEBCwUAA4IBAQAb/yQ0cE0FUvYDKHuHSjA1
jnJuU7abkcpPJYd+QZwi3o+P/scPPwLoJJNdgXznZtBUDcnc26l5v3/3e9r7odyV
MhiYZlSollPVbgSG/q55Uuq3a0mYImKpVGtaEUjbEfZSgRtAQPSiW6n+Y9QgR1tM
XLTFFIxza5oQIduNfgaGEUwC9NOEc8cUgJxfgIsHtdaqQQPDwRnq5RrAzdcLCr5p
MaHDoEzybnOhtb5LyXDMMDon546v2kQfJOPEhIO1xM1MwkbMhdXjHxE4uqv2ji0R
tNP1WmKCu8XvQq+EYH1thggBVGecFfkwsmQIo3NGyMGcy4PmQOyCb7bW7lcwUlJG
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:33:00 2024 by rpki-client on console-fra.rpki-client.org