Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/rWOAbIpzGCqQdXIVzmzNOIqs9M8.roa
File:                     rWOAbIpzGCqQdXIVzmzNOIqs9M8.roa (raw, json)
Hash identifier:          zO4kfJZ27Onb2pTvjOHSvjh3dJzDY02hMAy8EQurg5w=
Subject key identifier:   AD:63:80:6C:8A:73:18:2A:90:75:72:15:CE:6C:CD:38:8A:AC:F4:CF
Certificate issuer:       /CN=16e49258dc76546dc595084d2593e181cd47983f
Certificate serial:       018CC794FBC3A8F2620B456ABE39CC6BB400
Authority key identifier: 16:E4:92:58:DC:76:54:6D:C5:95:08:4D:25:93:E1:81:CD:47:98:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FuSSWNx2VG3FlQhNJZPhgc1HmD8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/rWOAbIpzGCqQdXIVzmzNOIqs9M8.roa
Signing time:             Tue 02 Jan 2024 00:31:18 +0000
ROA not before:           Tue 02 Jan 2024 00:31:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     28839
IP address blocks:        193.138.94.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/FuSSWNx2VG3FlQhNJZPhgc1HmD8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/FuSSWNx2VG3FlQhNJZPhgc1HmD8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FuSSWNx2VG3FlQhNJZPhgc1HmD8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:fb:c3:a8:f2:62:0b:45:6a:be:39:cc:6b:b4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16e49258dc76546dc595084d2593e181cd47983f
        Validity
            Not Before: Jan  2 00:31:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ad63806c8a73182a90757215ce6ccd388aacf4cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a3:a1:c0:2b:c8:b3:4e:eb:a8:2c:a2:d6:5e:
                    cf:6b:78:77:55:ac:05:dc:cf:4c:ba:a2:3e:d8:f2:
                    95:21:66:fb:cd:ac:25:74:c9:bd:17:71:40:7f:11:
                    dd:7d:27:de:ef:57:e9:da:db:c4:fd:94:8c:d0:ee:
                    ee:06:b0:6d:a2:ae:0f:03:db:c8:c0:ec:b7:a3:58:
                    3a:55:ea:c0:2b:58:42:6b:ab:ad:cd:d4:f1:01:d5:
                    ac:99:90:cb:72:2e:d1:b8:62:aa:bd:ec:81:6a:93:
                    97:ba:dd:a9:47:52:b0:20:7f:f5:43:a5:3e:03:64:
                    ec:57:65:b0:dc:ed:51:0b:ae:8e:91:0d:af:1f:99:
                    d8:99:18:f8:8f:fe:5f:86:b1:7b:73:f3:e0:b1:84:
                    32:3e:03:92:5a:76:07:90:52:c8:42:a0:8f:32:e5:
                    4b:2b:d1:bc:a5:12:c8:a7:5f:87:18:3b:2d:3e:fe:
                    9c:45:23:f0:a9:bc:5a:15:73:94:c5:32:13:cf:6a:
                    68:a5:60:bd:34:69:59:4c:fc:68:32:5f:c6:d4:4a:
                    ff:a4:1d:5e:6a:4d:bd:23:c5:85:ef:15:8d:58:15:
                    ca:01:6a:cf:32:23:20:61:b6:d8:46:d0:f6:5a:6c:
                    f6:19:bd:69:39:c5:4e:e4:47:73:97:c7:9a:05:76:
                    40:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:63:80:6C:8A:73:18:2A:90:75:72:15:CE:6C:CD:38:8A:AC:F4:CF
            X509v3 Authority Key Identifier:
                keyid:16:E4:92:58:DC:76:54:6D:C5:95:08:4D:25:93:E1:81:CD:47:98:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FuSSWNx2VG3FlQhNJZPhgc1HmD8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/rWOAbIpzGCqQdXIVzmzNOIqs9M8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/0f16f7-1455-43db-acb4-8327a952b2b8/1/FuSSWNx2VG3FlQhNJZPhgc1HmD8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.138.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:d6:da:93:60:8c:4a:a7:c1:00:7e:66:5e:70:ab:11:48:93:
         e4:96:a6:f1:0f:bf:5f:7b:d3:a6:83:2b:12:fc:31:fd:90:0e:
         a7:ea:87:f2:8d:7e:75:4c:65:e1:61:94:d8:86:0c:77:23:53:
         b0:e6:0e:88:67:69:4e:71:c7:fd:42:e0:e2:e0:f0:fc:0d:48:
         57:22:44:60:d8:66:44:77:e6:40:a2:12:ea:70:cb:55:d9:65:
         fc:41:c8:16:5c:cf:33:72:8d:c3:f4:8d:1f:f6:ef:34:58:43:
         f9:92:5e:96:2f:0b:b9:3a:41:0e:9d:e2:00:80:48:1f:66:a0:
         d7:79:cc:46:0a:24:72:49:75:05:c6:7e:9c:66:8d:d5:19:07:
         5a:25:19:ae:02:5c:4a:04:d3:90:00:2f:a1:fe:0d:20:55:eb:
         39:46:33:1a:9e:49:5a:c2:0a:6c:2a:ca:df:6a:09:eb:b2:59:
         08:76:e5:31:e6:5c:a7:50:56:ba:cf:77:22:98:fb:61:0b:8f:
         8d:95:e0:32:6a:ae:03:61:fc:bb:5a:ab:a8:81:04:4d:f5:ec:
         fe:a8:fd:bf:79:31:d8:5d:90:ab:9e:8f:ba:ef:76:e7:c3:6a:
         d3:9c:a9:d2:cb:41:87:64:7f:e1:8d:b1:a6:f3:6f:ed:4d:0e:
         df:02:a8:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlPvDqPJiC0VqvjnMa7QAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZTQ5MjU4ZGM3NjU0NmRjNTk1MDg0ZDI1OTNlMTgxY2Q0
Nzk4M2YwHhcNMjQwMTAyMDAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDYzODA2YzhhNzMxODJhOTA3NTcyMTVjZTZjY2QzODhhYWNmNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KOhwCvIs07rqCyi1l7Pa3h3VawF
3M9MuqI+2PKVIWb7zawldMm9F3FAfxHdfSfe71fp2tvE/ZSM0O7uBrBtoq4PA9vI
wOy3o1g6VerAK1hCa6utzdTxAdWsmZDLci7RuGKqveyBapOXut2pR1KwIH/1Q6U+
A2TsV2Ww3O1RC66OkQ2vH5nYmRj4j/5fhrF7c/PgsYQyPgOSWnYHkFLIQqCPMuVL
K9G8pRLIp1+HGDstPv6cRSPwqbxaFXOUxTITz2popWC9NGlZTPxoMl/G1Er/pB1e
ak29I8WF7xWNWBXKAWrPMiMgYbbYRtD2Wmz2Gb1pOcVO5Edzl8eaBXZAPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1jgGyKcxgqkHVyFc5szTiKrPTPMB8GA1UdIwQY
MBaAFBbkkljcdlRtxZUITSWT4YHNR5g/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnVTU1dOeDJWRzNGbFFoTkpaUGhnYzFIbUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wZjE2ZjctMTQ1NS00M2RiLWFjYjQt
ODMyN2E5NTJiMmI4LzEvcldPQWJJcHpHQ3FRZFhJVnptek5PSXFzOU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wZjE2ZjctMTQ1NS00M2RiLWFjYjQtODMyN2E5NTJiMmI4
LzEvRnVTU1dOeDJWRzNGbFFoTkpaUGhnYzFIbUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYpeMA0G
CSqGSIb3DQEBCwUAA4IBAQAa1tqTYIxKp8EAfmZecKsRSJPklqbxD79fe9OmgysS
/DH9kA6n6ofyjX51TGXhYZTYhgx3I1Ow5g6IZ2lOccf9QuDi4PD8DUhXIkRg2GZE
d+ZAohLqcMtV2WX8QcgWXM8zco3D9I0f9u80WEP5kl6WLwu5OkEOneIAgEgfZqDX
ecxGCiRySXUFxn6cZo3VGQdaJRmuAlxKBNOQAC+h/g0gVes5RjManklawgpsKsrf
agnrslkIduUx5lynUFa6z3cimPthC4+NleAyaq4DYfy7WquogQRN9ez+qP2/eTHY
XZCrno+673bnw2rTnKnSy0GHZH/hjbGm82/tTQ7fAqgZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:50:59 2024 by rpki-client on console-fra.rpki-client.org