Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/1-QRDY5lJl8Z_STA8d2D2hMwX1Mw.roa
File:                     1-QRDY5lJl8Z_STA8d2D2hMwX1Mw.roa (raw, json)
Hash identifier:          20X9hvEq2LU3NWJ4U2Yb8yYaqnTkfEm78sToX5FR59c=
Subject key identifier:   F9:04:43:63:99:49:97:C6:7F:49:30:3C:77:60:F6:84:CC:17:D4:CC
Certificate issuer:       /CN=e7739f08442e22446621b89a57639b3542ba34dc
Certificate serial:       01905B7B31F265F865F77CEADA9DD2424B05
Authority key identifier: E7:73:9F:08:44:2E:22:44:66:21:B8:9A:57:63:9B:35:42:BA:34:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/1-QRDY5lJl8Z_STA8d2D2hMwX1Mw.roa
Signing time:             Thu 27 Jun 2024 20:55:18 +0000
ROA not before:           Thu 27 Jun 2024 20:55:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47447
IP address blocks:        194.5.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:5b:7b:31:f2:65:f8:65:f7:7c:ea:da:9d:d2:42:4b:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7739f08442e22446621b89a57639b3542ba34dc
        Validity
            Not Before: Jun 27 20:55:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f9044363994997c67f49303c7760f684cc17d4cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a7:24:5b:45:0d:c7:75:9c:f7:6c:60:fa:ad:
                    5c:0b:e0:30:23:78:1b:b8:5a:11:71:63:83:ed:44:
                    90:72:13:59:89:f7:8a:9d:84:0c:a7:38:37:a9:4b:
                    da:95:b2:94:56:01:c3:7a:0f:1e:0c:7e:de:aa:13:
                    0d:d3:a7:80:03:86:5a:74:cc:bf:1d:f7:c1:ad:bc:
                    a5:fe:68:bd:c2:b2:0e:64:44:5f:a7:37:0e:5d:12:
                    94:e6:68:da:4a:7d:e9:61:7f:54:19:77:bc:4b:0b:
                    78:46:03:2a:98:76:69:c4:b0:35:23:ca:41:48:9e:
                    0b:38:2c:23:42:91:3f:64:b7:c3:15:e9:33:f6:1a:
                    16:fb:db:68:1a:bb:30:48:0f:1d:b9:b1:10:e4:37:
                    3e:16:22:06:ff:4e:fd:bc:73:9c:a7:60:e5:74:45:
                    d7:70:1f:41:b7:7e:04:c1:15:7d:97:45:e5:e7:4c:
                    f8:39:73:5f:60:2f:d2:60:db:55:cd:4b:b4:90:44:
                    48:01:b6:cf:9e:aa:32:1e:64:47:14:3c:c9:3a:f7:
                    81:eb:5b:1f:3f:9b:e8:9f:34:bb:8c:79:27:be:0b:
                    81:9c:ee:c4:3d:1e:21:51:16:f0:93:eb:84:24:4e:
                    33:f4:70:9c:61:a0:a5:02:d3:53:88:a6:d3:3b:26:
                    5b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:04:43:63:99:49:97:C6:7F:49:30:3C:77:60:F6:84:CC:17:D4:CC
            X509v3 Authority Key Identifier:
                keyid:E7:73:9F:08:44:2E:22:44:66:21:B8:9A:57:63:9B:35:42:BA:34:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53OfCEQuIkRmIbiaV2ObNUK6NNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/1-QRDY5lJl8Z_STA8d2D2hMwX1Mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e20d59-4454-4ec8-9677-5f2bf22e189d/1/53OfCEQuIkRmIbiaV2ObNUK6NNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.5.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:b8:2d:87:cc:59:43:64:27:5f:99:6e:c6:f1:a1:b7:b0:ec:
         45:ba:1f:0c:13:b3:cb:96:e2:45:c8:7a:4a:0f:22:ce:7c:49:
         41:cb:ca:a0:2c:0c:b2:02:ff:fe:22:f4:86:d7:b4:d5:92:27:
         86:bd:97:5d:ba:5a:b7:5b:b6:90:af:ca:c8:62:4a:43:a8:01:
         9e:c8:54:69:c3:da:fb:29:65:77:d1:cb:c1:18:c6:a9:d2:cd:
         8d:33:6f:27:1f:ef:48:9a:5a:10:6f:0a:de:49:ec:a4:73:da:
         a5:53:f6:7a:23:70:b2:16:bc:ad:8e:22:1f:e4:64:00:c3:d4:
         0c:f2:a3:88:f1:e5:c7:c5:54:2b:d0:49:74:50:d9:58:c8:2a:
         c7:9d:0b:da:d3:db:a8:28:ea:0e:66:db:bc:d4:39:eb:1e:22:
         25:55:cf:91:c8:05:90:54:51:00:f7:d2:91:7f:65:67:f5:1b:
         74:da:7a:2f:dd:9b:f0:91:df:12:24:ba:88:82:07:c6:02:35:
         f3:e1:e8:b6:20:9b:fe:36:0e:c1:64:e1:ca:34:f7:fc:c0:1c:
         42:a1:41:52:18:aa:49:b8:29:94:0b:5d:ba:99:9c:81:05:45:
         2c:1c:ba:e0:7f:3c:99:f7:a0:41:77:4d:5f:8a:5b:09:6c:69:
         16:9c:ce:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBbezHyZfhl93zq2p3SQksFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NzM5ZjA4NDQyZTIyNDQ2NjIxYjg5YTU3NjM5YjM1NDJi
YTM0ZGMwHhcNMjQwNjI3MjA1NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA0NDM2Mzk5NDk5N2M2N2Y0OTMwM2M3NzYwZjY4NGNjMTdkNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqckW0UNx3Wc92xg+q1cC+AwI3gb
uFoRcWOD7USQchNZifeKnYQMpzg3qUvalbKUVgHDeg8eDH7eqhMN06eAA4ZadMy/
HffBrbyl/mi9wrIOZERfpzcOXRKU5mjaSn3pYX9UGXe8Swt4RgMqmHZpxLA1I8pB
SJ4LOCwjQpE/ZLfDFekz9hoW+9toGrswSA8dubEQ5Dc+FiIG/079vHOcp2DldEXX
cB9Bt34EwRV9l0Xl50z4OXNfYC/SYNtVzUu0kERIAbbPnqoyHmRHFDzJOveB61sf
P5vonzS7jHknvguBnO7EPR4hURbwk+uEJE4z9HCcYaClAtNTiKbTOyZb8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkEQ2OZSZfGf0kwPHdg9oTMF9TMMB8GA1UdIwQY
MBaAFOdznwhELiJEZiG4mldjmzVCujTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNPZkNFUXVJa1JtSWJpYVYyT2JOVUs2Tk53LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lMjBkNTktNDQ1NC00ZWM4LTk2Nzct
NWYyYmYyMmUxODlkLzEvMS1RUkRZNWxKbDhaX1NUQThkMkQyaE13WDFNdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvZTIwZDU5LTQ0NTQtNGVjOC05Njc3LTVmMmJmMjJlMTg5
ZC8xLzUzT2ZDRVF1SWtSbUliaWFWMk9iTlVLNk5Ody5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIFPjAN
BgkqhkiG9w0BAQsFAAOCAQEAVLgth8xZQ2QnX5luxvGht7DsRbofDBOzy5biRch6
Sg8iznxJQcvKoCwMsgL//iL0hte01ZInhr2XXbpat1u2kK/KyGJKQ6gBnshUacPa
+ylld9HLwRjGqdLNjTNvJx/vSJpaEG8K3knspHPapVP2eiNwsha8rY4iH+RkAMPU
DPKjiPHlx8VUK9BJdFDZWMgqx50L2tPbqCjqDmbbvNQ56x4iJVXPkcgFkFRRAPfS
kX9lZ/UbdNp6L92b8JHfEiS6iIIHxgI18+HotiCb/jYOwWThyjT3/MAcQqFBUhiq
SbgplAtdupmcgQVFLBy64H88mfegQXdNX4pbCWxpFpzOFw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:33:05 2024 by rpki-client on console-fra.rpki-client.org