Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FWpioDTpkxe5mDuX51D0Dche-sw.roa
File:                     FWpioDTpkxe5mDuX51D0Dche-sw.roa (raw, json)
Hash identifier:          uzqG2OvkK97ui8Ug4cXGbwsTxZ0H9VZFK87UZtAH82Y=
Subject key identifier:   15:6A:62:A0:34:E9:93:17:B9:98:3B:97:E7:50:F4:0D:C8:5E:FA:CC
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018F179DDF959570A1385DF776D3D9E32060
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FWpioDTpkxe5mDuX51D0Dche-sw.roa
Signing time:             Thu 25 Apr 2024 23:36:13 +0000
ROA not before:           Thu 25 Apr 2024 23:36:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215080
IP address blocks:        2a0c:9a40:8590::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:17:9d:df:95:95:70:a1:38:5d:f7:76:d3:d9:e3:20:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Apr 25 23:36:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=156a62a034e99317b9983b97e750f40dc85efacc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e4:00:60:aa:af:1a:84:4f:27:d7:55:5f:17:
                    cf:7d:f9:fa:8b:c7:91:c4:97:ff:6a:ed:f2:8a:a6:
                    91:b2:49:bc:0e:04:5a:6e:30:a8:dc:88:d1:86:d7:
                    fb:7a:7f:8a:34:fb:29:7b:e1:3a:89:f9:42:1b:e2:
                    3c:2f:97:83:40:41:85:b7:be:5b:54:97:e5:ee:35:
                    34:12:81:38:db:88:37:e8:89:4a:80:d5:2f:2f:63:
                    e8:d0:4c:60:2b:f3:d5:d7:8a:d7:0b:43:a8:f1:a1:
                    7b:bf:fc:b2:9b:68:76:9d:eb:35:e1:ef:09:19:d4:
                    c0:03:d9:46:c9:1d:cf:0c:e0:91:78:80:18:e1:f4:
                    a5:e6:9f:cb:44:92:a2:b1:4e:53:87:36:1a:e6:de:
                    aa:39:02:b6:bb:21:16:48:4d:71:80:cf:4e:93:c6:
                    7a:b9:db:85:a7:48:93:2a:d7:10:23:40:93:70:0e:
                    37:6d:1d:6d:40:97:49:fd:18:57:f5:23:14:93:a7:
                    8e:e0:68:12:1c:50:e8:e3:f9:91:8f:e3:75:df:c4:
                    bf:60:a0:f6:02:38:60:3c:d5:66:a9:45:4c:5b:6b:
                    70:31:99:bb:fa:23:c9:55:19:de:0c:7e:16:b2:d9:
                    9a:57:81:1d:aa:76:3a:75:79:0a:f0:57:8e:a8:61:
                    ea:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:6A:62:A0:34:E9:93:17:B9:98:3B:97:E7:50:F4:0D:C8:5E:FA:CC
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FWpioDTpkxe5mDuX51D0Dche-sw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8590::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:2d:1d:ef:36:2f:04:af:84:0e:97:fd:51:5b:d9:69:ce:1a:
         8b:67:e3:27:24:9e:71:37:ea:30:07:eb:cf:95:1f:51:ce:46:
         14:56:ed:70:93:fe:54:97:6c:3c:b8:6a:7a:19:25:9a:2a:f9:
         ad:a1:f8:1f:10:25:08:3f:c2:fa:91:98:23:5d:89:5c:26:e7:
         67:bd:e8:85:0a:e9:48:e6:92:3f:6c:bb:9c:f3:a5:2c:ac:cf:
         73:1d:59:18:37:fd:ec:8e:6a:2c:96:32:20:5e:2b:20:95:89:
         97:00:fc:6b:fb:47:47:06:ad:6d:9a:82:ee:a4:da:68:9a:4f:
         33:a9:a0:b5:7b:47:1a:23:34:f3:85:b3:a1:e9:bc:0b:e2:10:
         ae:02:b0:02:8b:d6:0b:ba:33:60:6a:d2:bc:ec:8d:95:bc:4e:
         7a:15:bc:7f:56:a4:f3:0a:e7:30:0d:eb:05:89:20:fa:67:10:
         66:79:40:06:f6:95:bc:8e:65:7c:04:d8:58:c6:6f:64:c1:f2:
         1d:59:0d:ed:36:ca:cc:fa:4b:ca:a0:0e:3b:66:ef:9e:84:c3:
         11:3a:6f:ae:93:08:24:d5:bd:16:76:20:d5:61:b6:13:02:50:
         42:9d:1b:01:9b:f3:a3:28:e5:8b:39:e5:ed:24:d1:f2:8d:f0:
         33:1f:ae:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8Xnd+VlXChOF33dtPZ4yBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwNDI1MjMzNjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZhNjJhMDM0ZTk5MzE3Yjk5ODNiOTdlNzUwZjQwZGM4NWVmYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieQAYKqvGoRPJ9dVXxfPffn6i8eR
xJf/au3yiqaRskm8DgRabjCo3IjRhtf7en+KNPspe+E6iflCG+I8L5eDQEGFt75b
VJfl7jU0EoE424g36IlKgNUvL2Po0ExgK/PV14rXC0Oo8aF7v/yym2h2nes14e8J
GdTAA9lGyR3PDOCReIAY4fSl5p/LRJKisU5ThzYa5t6qOQK2uyEWSE1xgM9Ok8Z6
uduFp0iTKtcQI0CTcA43bR1tQJdJ/RhX9SMUk6eO4GgSHFDo4/mRj+N138S/YKD2
AjhgPNVmqUVMW2twMZm7+iPJVRneDH4WstmaV4EdqnY6dXkK8FeOqGHqQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBVqYqA06ZMXuZg7l+dQ9A3IXvrMMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRldwaW9EVHBreGU1bUR1WDUxRDBEY2hlLXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQApLR3vNi8Er4QOl/1RW9lpzhqLZ+MnJJ5xN+ow
B+vPlR9RzkYUVu1wk/5Ul2w8uGp6GSWaKvmtofgfECUIP8L6kZgjXYlcJudnveiF
CulI5pI/bLuc86UsrM9zHVkYN/3sjmosljIgXisglYmXAPxr+0dHBq1tmoLupNpo
mk8zqaC1e0caIzTzhbOh6bwL4hCuArACi9YLujNgatK87I2VvE56Fbx/VqTzCucw
DesFiSD6ZxBmeUAG9pW8jmV8BNhYxm9kwfIdWQ3tNsrM+kvKoA47Zu+ehMMROm+u
kwgk1b0WdiDVYbYTAlBCnRsBm/OjKOWLOeXtJNHyjfAzH67F
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:21 2024 by rpki-client on console-ams.rpki-client.org