Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa
File:                     2BzP0Hk0faRtUkNou8yNsGsijl4.roa (raw, json)
Hash identifier:          RHlBBE8sYyiSvLuwrv2BJXyJwvm8cetgz79PRBnhmx8=
Subject key identifier:   D8:1C:CF:D0:79:34:7D:A4:6D:52:43:68:BB:CC:8D:B0:6B:22:8E:5E
Certificate issuer:       /CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Certificate serial:       018E51CF9FBF833BDBF7D250D44E01A35A5D
Authority key identifier: 3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa
Signing time:             Mon 18 Mar 2024 13:45:45 +0000
ROA not before:           Mon 18 Mar 2024 13:45:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203500
IP address blocks:        185.178.184.0/24 maxlen: 24
                          185.178.185.0/24 maxlen: 24
                          185.178.186.0/24 maxlen: 24
                          193.25.200.0/24 maxlen: 24
                          2a07:6780::/29 maxlen: 29
                          2a0a:6680:bee::/48 maxlen: 48
                          2a0a:6680:1000::/36 maxlen: 36
                          2a0a:6680:1979::/48 maxlen: 48
                          2a0a:6680:2000::/36 maxlen: 36
                          2a0a:6680:b300::/40 maxlen: 40
                          2a0a:6680:bee1::/48 maxlen: 48
                          2a0a:6680:bee5::/48 maxlen: 48
                          2a0a:6680:bee6::/48 maxlen: 48
                          2a0a:6680:cc91::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:cf:9f:bf:83:3b:db:f7:d2:50:d4:4e:01:a3:5a:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
        Validity
            Not Before: Mar 18 13:45:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d81ccfd079347da46d524368bbcc8db06b228e5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e6:7a:c2:50:9c:f1:ee:34:72:2c:0c:43:84:
                    7c:50:12:bb:23:43:d1:d9:2e:d5:1e:6e:74:6c:2e:
                    9e:e2:ba:2a:ea:46:60:44:20:ea:1f:1d:3f:e9:d0:
                    15:3b:99:61:06:96:9b:cc:68:dc:ae:24:d7:03:92:
                    94:30:e2:a2:0b:0f:bc:0b:0c:67:6d:41:52:24:05:
                    d0:ce:a3:74:10:cf:df:2d:53:b9:21:4d:f9:0b:25:
                    62:89:bc:e9:ca:51:7a:8b:13:fd:5d:72:4c:75:56:
                    47:cc:da:05:3b:b5:00:80:1d:99:bf:01:7a:1b:ed:
                    88:20:5e:a4:be:70:21:a3:fe:ea:bb:b4:95:51:53:
                    4d:77:80:c6:85:82:60:96:c7:77:f6:75:84:a5:a9:
                    b9:22:76:d5:7d:4c:5f:2a:47:64:9d:e9:c4:07:f2:
                    7e:a9:ac:64:07:5e:7c:67:42:9e:93:79:71:22:c0:
                    69:97:03:3f:6c:6d:c8:a7:d6:b5:04:12:cc:63:03:
                    a7:c2:62:b8:c8:df:d0:67:09:ce:ea:da:30:4a:12:
                    76:a1:90:bb:a1:3b:6c:ad:ce:f9:87:4e:8c:68:e0:
                    4f:30:9d:21:bc:76:2b:1c:42:b8:64:1a:33:33:9f:
                    18:93:28:f6:9b:67:67:3b:1f:55:46:68:b2:e5:b8:
                    bb:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:1C:CF:D0:79:34:7D:A4:6D:52:43:68:BB:CC:8D:B0:6B:22:8E:5E
            X509v3 Authority Key Identifier:
                keyid:3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.178.184.0-185.178.186.255
                  193.25.200.0/24
                IPv6:
                  2a07:6780::/29
                  2a0a:6680:bee::/48
                  2a0a:6680:1000::-2a0a:6680:2fff:ffff:ffff:ffff:ffff:ffff
                  2a0a:6680:b300::/40
                  2a0a:6680:bee1::/48
                  2a0a:6680:bee5::-2a0a:6680:bee6:ffff:ffff:ffff:ffff:ffff
                  2a0a:6680:cc91::/48

    Signature Algorithm: sha256WithRSAEncryption
         80:93:bf:dc:19:38:ed:02:75:a3:70:43:55:52:10:73:9e:e5:
         49:6f:f7:a1:4c:de:7d:80:27:ee:fa:50:59:56:b6:60:84:c5:
         dc:9c:0e:48:08:7e:85:b1:2b:16:5f:2e:42:13:a5:40:e8:2c:
         d4:d0:f6:b6:96:96:b4:45:a3:16:a3:30:1b:42:62:30:91:e0:
         46:af:ef:38:ee:ce:8c:96:f4:12:57:72:d0:ad:91:97:75:c8:
         98:9e:ad:6d:3e:55:f6:f8:1f:05:64:d3:b9:88:55:d7:75:ed:
         3a:87:ec:4d:07:1f:e1:d1:31:d1:37:0a:92:b6:21:0c:a7:04:
         5b:14:d1:86:8c:b1:4a:15:98:3c:27:21:ad:28:1b:d0:41:ea:
         1c:60:7c:f7:b9:df:4a:2c:cc:60:fc:5a:e7:2e:88:67:e7:65:
         2b:24:24:38:aa:7c:57:8a:8c:12:17:ba:22:b3:92:bb:74:85:
         54:b4:b6:38:1d:b0:9b:cb:ff:5f:b8:f7:cd:34:75:20:e1:e9:
         65:2c:ae:be:06:cc:11:0e:38:1b:86:5b:fa:63:99:a7:b7:c1:
         75:ec:a3:85:d2:bb:e2:c0:29:9e:54:16:f2:bf:2f:f9:67:c9:
         53:00:38:05:72:81:57:9c:9e:e1:95:17:85:59:d1:09:7d:7b:
         4a:13:0a:8f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY5Rz5+/gzvb99JQ1E4Bo1pdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzc4ZjMzZThlMTE4NzMyNzY2N2ZhOTRmZDc0NDZiOGQ5
MWU1YjQwHhcNMjQwMzE4MTM0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFjY2ZkMDc5MzQ3ZGE0NmQ1MjQzNjhiYmNjOGRiMDZiMjI4ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeZ6wlCc8e40ciwMQ4R8UBK7I0PR
2S7VHm50bC6e4roq6kZgRCDqHx0/6dAVO5lhBpabzGjcriTXA5KUMOKiCw+8Cwxn
bUFSJAXQzqN0EM/fLVO5IU35CyViibzpylF6ixP9XXJMdVZHzNoFO7UAgB2ZvwF6
G+2IIF6kvnAho/7qu7SVUVNNd4DGhYJglsd39nWEpam5InbVfUxfKkdknenEB/J+
qaxkB158Z0Kek3lxIsBplwM/bG3Ip9a1BBLMYwOnwmK4yN/QZwnO6towShJ2oZC7
oTtsrc75h06MaOBPMJ0hvHYrHEK4ZBozM58Ykyj2m2dnOx9VRmiy5bi70QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNgcz9B5NH2kbVJDaLvMjbBrIo5eMB8GA1UdIwQY
MBaAFDrHjzPo4RhzJ2Z/qU/XRGuNkeW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEt
ZGMwMWY0YjRiYWU0LzEvMkJ6UDBIazBmYVJ0VWtOb3U4eU5zR3Npamw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEtZGMwMWY0YjRiYWU0
LzEvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwGgQCAAEwFDAMAwQDubK4
AwQAubK6AwQAwRnIMFYEAgACMFADBQMqB2eAAwcAKgpmgAvuMBADBgQqCmaAEAMG
BCoKZoAgAwYAKgpmgLMDBwAqCmaAvuEwEgMHACoKZoC+5QMHACoKZoC+5gMHACoK
ZoDMkTANBgkqhkiG9w0BAQsFAAOCAQEAgJO/3Bk47QJ1o3BDVVIQc57lSW/3oUze
fYAn7vpQWVa2YITF3JwOSAh+hbErFl8uQhOlQOgs1ND2tpaWtEWjFqMwG0JiMJHg
Rq/vOO7OjJb0Eldy0K2Rl3XImJ6tbT5V9vgfBWTTuYhV13XtOofsTQcf4dEx0TcK
krYhDKcEWxTRhoyxShWYPCchrSgb0EHqHGB897nfSizMYPxa5y6IZ+dlKyQkOKp8
V4qMEhe6IrOSu3SFVLS2OB2wm8v/X7j3zTR1IOHpZSyuvgbMEQ44G4Zb+mOZp7fB
deyjhdK74sApnlQW8r8v+WfJUwA4BXKBV5ye4ZUXhVnRCX17ShMKjw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:08 2024 by rpki-client on console-fra.rpki-client.org