Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa
File:                     8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa (raw, json)
Hash identifier:          oZJmpkuuIunIB8+2Ss2UVVZCnn33Xx3obI2MsnwpRQU=
Subject key identifier:   F2:EC:4A:15:02:D5:DC:75:7B:BC:4C:75:96:F5:6E:2A:F0:69:C9:FE
Certificate issuer:       /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial:       018CC6B925C62CC2493E185B2C6F875242A9
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa
Signing time:             Mon 01 Jan 2024 20:31:11 +0000
ROA not before:           Mon 01 Jan 2024 20:31:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44881
IP address blocks:        185.117.30.0/23 maxlen: 23
                          185.117.28.0/22 maxlen: 22
                          93.94.232.0/21 maxlen: 21
                          109.68.208.0/22 maxlen: 22
                          2a05:ce80::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 10:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:25:c6:2c:c2:49:3e:18:5b:2c:6f:87:52:42:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
        Validity
            Not Before: Jan  1 20:31:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2ec4a1502d5dc757bbc4c7596f56e2af069c9fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c8:ed:0e:d5:c6:70:39:6b:5f:0b:b7:c9:9e:
                    d2:21:41:1a:75:4e:02:94:c3:fc:91:cf:f1:dd:53:
                    eb:e8:a5:c5:7a:82:be:dc:85:bb:0c:82:55:d7:16:
                    a4:d2:8e:32:91:61:bf:e2:ed:ae:bf:da:08:9b:4b:
                    5a:d5:50:b1:d9:f0:01:12:af:24:8a:c2:40:95:ad:
                    5e:0e:b3:8c:a5:97:62:0c:a9:bf:bf:ae:c2:2e:51:
                    6f:c4:94:d0:16:fb:d2:e0:5c:d7:59:5d:2e:95:aa:
                    5b:85:34:b1:9f:ed:f9:ab:28:4e:9e:4f:cf:83:31:
                    78:11:8c:46:58:04:0c:e9:45:7f:80:6b:13:4d:e1:
                    c7:56:92:03:1f:6d:26:b5:1d:96:66:14:26:0b:27:
                    aa:9b:79:6f:1f:b9:c9:ee:95:88:d9:77:a8:1f:f0:
                    86:5b:b7:1c:b6:29:b0:1a:e7:ce:e5:f9:d9:80:26:
                    a5:83:39:b8:bb:fd:d8:cf:e7:4e:fe:07:31:a7:b2:
                    37:7e:7b:11:fc:e1:22:71:47:93:95:63:49:64:b9:
                    f4:76:ef:16:a7:21:b9:c3:48:a0:d2:b8:43:4f:35:
                    3d:19:9f:85:ec:8d:58:43:75:57:cf:e0:4f:04:87:
                    c1:41:24:0c:21:6f:18:8e:c2:53:3b:6a:23:43:1e:
                    a9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:EC:4A:15:02:D5:DC:75:7B:BC:4C:75:96:F5:6E:2A:F0:69:C9:FE
            X509v3 Authority Key Identifier:
                keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8uxKFQLV3HV7vEx1lvVuKvBpyf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.94.232.0/21
                  109.68.208.0/22
                  185.117.28.0/22
                IPv6:
                  2a05:ce80::/36

    Signature Algorithm: sha256WithRSAEncryption
         89:2e:1f:21:b2:df:7a:04:66:f1:8a:96:b9:d0:83:6f:65:c4:
         0f:6e:f2:50:31:02:c0:85:3f:56:11:40:05:f8:9b:2d:df:f3:
         3f:a9:57:85:2f:14:fe:06:11:c7:4a:61:eb:e2:d5:35:99:a5:
         a5:3f:67:cd:85:eb:07:d2:13:cf:64:78:9c:72:0e:7c:62:2c:
         36:c1:1a:82:15:7f:73:7b:50:2b:42:21:e9:4b:c3:62:59:56:
         0f:3a:6a:97:ee:81:8e:b2:e4:25:f0:92:03:2d:c2:fd:97:d9:
         25:a3:0d:89:3b:66:84:52:4a:c5:c0:68:d0:fa:19:d6:43:b7:
         67:09:bc:36:4a:4b:b2:12:c3:6b:2a:81:b1:35:48:26:13:ab:
         24:0a:8e:3a:db:8b:4b:f4:89:6d:5f:d5:fb:43:55:2a:c2:75:
         c6:31:0e:db:68:b5:9c:b7:c1:74:9d:1a:0f:87:fb:3a:d0:49:
         2b:ec:b6:cb:b2:e3:77:91:fa:c5:bb:4b:6d:b1:4c:e6:1d:af:
         5a:8b:74:11:8e:42:42:17:04:03:a5:ff:db:00:f0:f3:82:98:
         19:6f:b0:e9:c2:a7:ca:d8:db:99:d3:ea:75:ff:cd:70:a8:ae:
         c2:0a:65:43:31:dd:6c:ba:87:d8:6c:7a:6c:20:08:cf:4a:9d:
         47:b1:87:07
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGuSXGLMJJPhhbLG+HUkKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVjNGExNTAyZDVkYzc1N2JiYzRjNzU5NmY1NmUyYWYwNjljOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8jtDtXGcDlrXwu3yZ7SIUEadU4C
lMP8kc/x3VPr6KXFeoK+3IW7DIJV1xak0o4ykWG/4u2uv9oIm0ta1VCx2fABEq8k
isJAla1eDrOMpZdiDKm/v67CLlFvxJTQFvvS4FzXWV0ulapbhTSxn+35qyhOnk/P
gzF4EYxGWAQM6UV/gGsTTeHHVpIDH20mtR2WZhQmCyeqm3lvH7nJ7pWI2XeoH/CG
W7cctimwGufO5fnZgCalgzm4u/3Yz+dO/gcxp7I3fnsR/OEicUeTlWNJZLn0du8W
pyG5w0ig0rhDTzU9GZ+F7I1YQ3VXz+BPBIfBQSQMIW8YjsJTO2ojQx6p3wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPLsShUC1dx1e7xMdZb1birwacn+MB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvOHV4S0ZRTFYzSFY3dkV4MWx2VnVLdkJweWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXV7oAwQC
bUTQAwQCuXUcMA4EAgACMAgDBgQqBc6AADANBgkqhkiG9w0BAQsFAAOCAQEAiS4f
IbLfegRm8YqWudCDb2XED27yUDECwIU/VhFABfibLd/zP6lXhS8U/gYRx0ph6+LV
NZmlpT9nzYXrB9ITz2R4nHIOfGIsNsEaghV/c3tQK0Ih6UvDYllWDzpql+6BjrLk
JfCSAy3C/ZfZJaMNiTtmhFJKxcBo0PoZ1kO3Zwm8NkpLshLDayqBsTVIJhOrJAqO
OtuLS/SJbV/V+0NVKsJ1xjEO22i1nLfBdJ0aD4f7OtBJK+y2y7Ljd5H6xbtLbbFM
5h2vWot0EY5CQhcEA6X/2wDw84KYGW+w6cKnytjbmdPqdf/NcKiuwgplQzHdbLqH
2Gx6bCAIz0qdR7GHBw==
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:54:42 2024 by rpki-client on console-ams.rpki-client.org