Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa
File:                     spdFtkDzTd95_Q0jDZtbBL7Da_0.roa (raw, json)
Hash identifier:          LFFIgiq69LVWW/JZ89pEpDBpXGX1BpHa/ml7OEy/FpM=
Subject key identifier:   B2:97:45:B6:40:F3:4D:DF:79:FD:0D:23:0D:9B:5B:04:BE:C3:6B:FD
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018D3AC8C2593894E44230A379E99AF3AADB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa
Signing time:             Wed 24 Jan 2024 09:24:11 +0000
ROA not before:           Wed 24 Jan 2024 09:24:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215707
IP address blocks:        94.156.74.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:3a:c8:c2:59:38:94:e4:42:30:a3:79:e9:9a:f3:aa:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan 24 09:24:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b29745b640f34ddf79fd0d230d9b5b04bec36bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:2b:21:6b:72:98:97:f2:dc:92:b0:74:72:6a:
                    e4:49:56:3c:a0:57:eb:10:6e:1f:96:a5:f4:b0:4a:
                    f9:1c:9a:39:dc:5a:a6:a4:cc:f3:5f:ed:89:64:cc:
                    c0:37:98:54:79:20:81:9e:73:d6:0a:2a:9a:d2:64:
                    c2:1e:6b:4e:ec:f8:eb:35:5a:fb:86:26:e6:cb:30:
                    74:3f:3e:a6:d2:03:a1:86:01:df:b5:f5:83:80:0f:
                    04:ca:aa:99:17:b3:97:93:8f:27:44:4b:80:6e:0a:
                    77:d9:bb:32:f4:ba:4e:ee:59:94:d9:42:cb:4b:03:
                    1d:b9:ab:e4:ac:a9:75:fb:b3:2c:00:b6:a5:d4:0c:
                    4a:8d:c9:e7:23:40:71:97:87:68:56:5f:8d:b1:af:
                    af:f0:2b:79:74:e7:0f:2f:ff:cd:3b:b2:eb:6f:91:
                    b0:45:ef:64:08:03:78:01:a5:2c:e3:53:01:ec:98:
                    2c:3e:49:15:82:cb:66:bf:0d:92:b6:dd:de:84:85:
                    4b:c1:a5:14:96:10:64:2b:96:de:dd:d0:2d:ac:2f:
                    4e:92:2b:5d:b5:a4:0d:59:2f:d6:73:8d:10:5b:89:
                    46:0e:2f:4d:23:4e:88:2d:0d:60:03:be:0f:49:54:
                    9c:d6:d2:50:1f:f4:f1:aa:9a:bf:41:9b:7b:5b:f5:
                    55:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:97:45:B6:40:F3:4D:DF:79:FD:0D:23:0D:9B:5B:04:BE:C3:6B:FD
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/spdFtkDzTd95_Q0jDZtbBL7Da_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:d7:58:89:32:00:9d:c2:ea:2b:b5:29:07:f6:19:26:3c:3d:
         4b:75:f7:d7:a2:a7:6c:b4:a1:b3:72:3c:9d:b2:0c:4a:cd:97:
         04:d5:d1:bd:ef:44:35:0a:a2:55:3f:b8:50:9d:08:81:33:91:
         df:90:41:06:e5:9d:aa:e9:6b:74:e6:8d:01:8f:d1:87:7e:1d:
         12:6e:ad:9e:65:5a:a4:13:07:72:c4:7f:c5:14:5e:11:77:83:
         d4:57:38:52:85:ed:ee:46:63:81:c9:d0:99:70:a7:bf:cb:25:
         55:f3:bd:36:8f:97:d6:63:5c:3f:b6:ae:30:af:d0:ae:12:7b:
         48:f2:b9:b7:5d:4a:53:d4:56:51:7f:20:ff:5d:5c:7e:d0:91:
         ec:59:77:07:2f:ee:98:e4:11:da:3a:df:38:da:83:b5:f3:7a:
         6b:9e:60:09:a1:0a:b6:0d:7b:11:38:e3:fc:c7:20:39:4f:83:
         59:ba:9e:6a:bb:f6:be:80:84:88:64:74:b7:9a:8c:95:56:35:
         e0:0e:85:ae:62:62:27:4d:43:c9:3e:ce:62:8d:6d:ec:c9:ce:
         a7:69:30:38:c3:a9:af:5a:78:c4:a4:a0:e1:f6:18:88:ec:b7:
         37:58:e0:2e:48:6e:09:da:9f:2b:f1:21:b5:e5:b5:28:3c:b6:
         84:bb:db:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY06yMJZOJTkQjCjeema86rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI0MDkyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk3NDViNjQwZjM0ZGRmNzlmZDBkMjMwZDliNWIwNGJlYzM2YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhisha3KYl/LckrB0cmrkSVY8oFfr
EG4flqX0sEr5HJo53FqmpMzzX+2JZMzAN5hUeSCBnnPWCiqa0mTCHmtO7PjrNVr7
hibmyzB0Pz6m0gOhhgHftfWDgA8EyqqZF7OXk48nREuAbgp32bsy9LpO7lmU2ULL
SwMduavkrKl1+7MsALal1AxKjcnnI0Bxl4doVl+Nsa+v8Ct5dOcPL//NO7Lrb5Gw
Re9kCAN4AaUs41MB7JgsPkkVgstmvw2Stt3ehIVLwaUUlhBkK5be3dAtrC9Okitd
taQNWS/Wc40QW4lGDi9NI06ILQ1gA74PSVSc1tJQH/Txqpq/QZt7W/VVUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKXRbZA803fef0NIw2bWwS+w2v9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc3BkRnRrRHpUZDk1X1EwakRadGJCTDdEYV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpxKMA0G
CSqGSIb3DQEBCwUAA4IBAQAC11iJMgCdwuortSkH9hkmPD1LdffXoqdstKGzcjyd
sgxKzZcE1dG970Q1CqJVP7hQnQiBM5HfkEEG5Z2q6Wt05o0Bj9GHfh0Sbq2eZVqk
EwdyxH/FFF4Rd4PUVzhShe3uRmOBydCZcKe/yyVV8702j5fWY1w/tq4wr9CuEntI
8rm3XUpT1FZRfyD/XVx+0JHsWXcHL+6Y5BHaOt842oO183prnmAJoQq2DXsROOP8
xyA5T4NZup5qu/a+gISIZHS3moyVVjXgDoWuYmInTUPJPs5ijW3syc6naTA4w6mv
WnjEpKDh9hiI7Lc3WOAuSG4J2p8r8SG15bUoPLaEu9s/
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:58 2024 by rpki-client on console-ams.rpki-client.org