Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/6Y2fOpsFeMh9F72MLo1ZkTjUmBQ.roa
File:                     6Y2fOpsFeMh9F72MLo1ZkTjUmBQ.roa (raw, json)
Hash identifier:          Pp9UY2iKjgQEMK02tOvbtvZRAXvZWRcWK+KViXZPdQY=
Subject key identifier:   E9:8D:9F:3A:9B:05:78:C8:7D:17:BD:8C:2E:8D:59:91:38:D4:98:14
Certificate issuer:       /CN=060c9ec5d40586ed3255f0fc4fcb3157714dda15
Certificate serial:       018F4E36FB2D477B4BCBFE249D652D880251
Authority key identifier: 06:0C:9E:C5:D4:05:86:ED:32:55:F0:FC:4F:CB:31:57:71:4D:DA:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgyexdQFhu0yVfD8T8sxV3FN2hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/6Y2fOpsFeMh9F72MLo1ZkTjUmBQ.roa
Signing time:             Mon 06 May 2024 14:02:56 +0000
ROA not before:           Mon 06 May 2024 14:02:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202316
IP address blocks:        195.69.230.0/24 maxlen: 24
                          195.69.231.0/24 maxlen: 24
                          2a09:2880::/48 maxlen: 48
                          2a09:2881::/48 maxlen: 48
                          2a09:2882::/48 maxlen: 48
                          2a09:2883::/48 maxlen: 48
                          2a09:2884::/48 maxlen: 48
                          2a09:2885::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/BgyexdQFhu0yVfD8T8sxV3FN2hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/BgyexdQFhu0yVfD8T8sxV3FN2hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgyexdQFhu0yVfD8T8sxV3FN2hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 20:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4e:36:fb:2d:47:7b:4b:cb:fe:24:9d:65:2d:88:02:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=060c9ec5d40586ed3255f0fc4fcb3157714dda15
        Validity
            Not Before: May  6 14:02:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e98d9f3a9b0578c87d17bd8c2e8d599138d49814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b3:a5:70:3a:85:30:f9:7d:b9:b0:b7:98:86:
                    af:38:d2:eb:66:73:91:d6:a7:79:55:a3:2c:b4:a6:
                    89:96:cb:9f:7e:15:fd:17:6d:f9:c2:05:b5:c2:15:
                    6f:71:ba:4c:15:c8:1f:c2:88:3b:a2:28:0c:9f:53:
                    8b:d8:1c:13:54:ad:3f:d1:e1:67:ad:af:2e:c2:55:
                    68:8f:7e:4c:46:26:ee:d5:52:94:bc:4b:f1:f6:c7:
                    d8:56:59:a2:86:25:18:4d:d0:a7:98:f5:a5:e3:8f:
                    a2:e6:fd:5c:01:42:37:e7:2d:ff:ba:ce:0a:4f:37:
                    fb:39:43:08:81:b0:f0:5e:c9:09:f6:f7:b9:06:67:
                    00:6c:14:e0:f3:92:4a:48:cd:7b:1c:11:8d:e4:05:
                    b5:72:94:f0:e6:66:8d:78:36:03:57:66:6e:6c:0c:
                    d6:d8:ce:9f:ae:b0:d5:9c:84:ea:aa:47:6d:12:79:
                    93:0b:a0:8a:2f:69:45:6f:87:4b:4d:be:54:70:f3:
                    c7:5a:9d:6f:7b:4a:f5:c6:2e:54:48:28:0b:70:ac:
                    6e:65:11:8c:5a:0e:6e:85:2f:69:29:f5:5a:ff:c1:
                    74:26:51:42:35:cb:3c:c5:23:4f:d0:31:35:92:e7:
                    78:dc:f8:84:d5:f3:b6:8c:96:98:6f:c0:79:b3:8f:
                    c6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:8D:9F:3A:9B:05:78:C8:7D:17:BD:8C:2E:8D:59:91:38:D4:98:14
            X509v3 Authority Key Identifier:
                keyid:06:0C:9E:C5:D4:05:86:ED:32:55:F0:FC:4F:CB:31:57:71:4D:DA:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgyexdQFhu0yVfD8T8sxV3FN2hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/6Y2fOpsFeMh9F72MLo1ZkTjUmBQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/ae3a3e-2c0c-405e-bcd7-9e0a513deef2/1/BgyexdQFhu0yVfD8T8sxV3FN2hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.69.230.0/23
                IPv6:
                  2a09:2880::/48
                  2a09:2881::/48
                  2a09:2882::/48
                  2a09:2883::/48
                  2a09:2884::/48
                  2a09:2885::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:2b:27:f8:ef:16:ce:4b:11:9e:11:e8:95:b1:79:65:ae:f8:
         1d:34:bf:d8:89:bd:c6:8e:91:41:53:6f:bb:e3:5f:ae:43:4a:
         53:b8:6e:b5:13:00:60:23:fd:78:b5:be:13:58:5d:fa:c6:66:
         1e:c9:d7:99:ab:30:53:1f:48:82:82:12:33:5f:a9:ee:50:b3:
         c7:9b:f8:2f:f5:0c:f9:dd:7e:9d:b7:4c:84:63:b2:4b:d1:0a:
         e6:12:50:3b:b7:4e:0e:4b:07:d3:8f:b1:0b:b1:c6:da:40:62:
         e0:2c:47:57:e8:6a:6a:12:f1:94:91:73:c7:ce:0e:49:c2:3d:
         0c:cd:60:23:8e:17:4d:7e:25:98:6f:67:5c:d3:41:79:41:b8:
         e0:dc:d2:ee:00:32:c4:28:2b:e0:d8:d0:b1:99:25:e0:00:0b:
         31:56:ab:93:19:65:1e:2b:d9:84:de:46:55:9a:77:00:c1:88:
         19:df:8b:3a:95:ad:cb:86:3a:5a:18:e6:0f:79:da:9b:86:4c:
         f9:9a:bd:77:8b:78:e0:ea:55:81:35:58:e0:7b:b2:33:2c:10:
         97:9f:9e:d6:5b:fb:00:82:a1:c2:0b:02:18:04:d3:bc:3c:fb:
         70:57:ec:c2:b3:61:36:61:dc:f9:2c:20:b2:dd:a3:cb:9a:e1:
         5e:82:95:14
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY9ONvstR3tLy/4knWUtiAJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MGM5ZWM1ZDQwNTg2ZWQzMjU1ZjBmYzRmY2IzMTU3NzE0
ZGRhMTUwHhcNMjQwNTA2MTQwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThkOWYzYTliMDU3OGM4N2QxN2JkOGMyZThkNTk5MTM4ZDQ5ODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbOlcDqFMPl9ubC3mIavONLrZnOR
1qd5VaMstKaJlsuffhX9F235wgW1whVvcbpMFcgfwog7oigMn1OL2BwTVK0/0eFn
ra8uwlVoj35MRibu1VKUvEvx9sfYVlmihiUYTdCnmPWl44+i5v1cAUI35y3/us4K
Tzf7OUMIgbDwXskJ9ve5BmcAbBTg85JKSM17HBGN5AW1cpTw5maNeDYDV2ZubAzW
2M6frrDVnITqqkdtEnmTC6CKL2lFb4dLTb5UcPPHWp1ve0r1xi5USCgLcKxuZRGM
Wg5uhS9pKfVa/8F0JlFCNcs8xSNP0DE1kud43PiE1fO2jJaYb8B5s4/GwQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOmNnzqbBXjIfRe9jC6NWZE41JgUMB8GA1UdIwQY
MBaAFAYMnsXUBYbtMlXw/E/LMVdxTdoVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmd5ZXhkUUZodTB5VmZEOFQ4c3hWM0ZOMmhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hZTNhM2UtMmMwYy00MDVlLWJjZDct
OWUwYTUxM2RlZWYyLzEvNlkyZk9wc0ZlTWg5RjcyTUxvMVprVGpVbUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hZTNhM2UtMmMwYy00MDVlLWJjZDctOWUwYTUxM2RlZWYy
LzEvQmd5ZXhkUUZodTB5VmZEOFQ4c3hWM0ZOMmhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQBw0XmMDwE
AgACMDYDBwAqCSiAAAADBwAqCSiBAAADBwAqCSiCAAADBwAqCSiDAAADBwAqCSiE
AAADBwAqCSiFAAAwDQYJKoZIhvcNAQELBQADggEBACcrJ/jvFs5LEZ4R6JWxeWWu
+B00v9iJvcaOkUFTb7vjX65DSlO4brUTAGAj/Xi1vhNYXfrGZh7J15mrMFMfSIKC
EjNfqe5Qs8eb+C/1DPndfp23TIRjskvRCuYSUDu3Tg5LB9OPsQuxxtpAYuAsR1fo
amoS8ZSRc8fODknCPQzNYCOOF01+JZhvZ1zTQXlBuODc0u4AMsQoK+DY0LGZJeAA
CzFWq5MZZR4r2YTeRlWadwDBiBnfizqVrcuGOloY5g952puGTPmavXeLeODqVYE1
WOB7sjMsEJefntZb+wCCocILAhgE07w8+3BX7MKzYTZh3PksILLdo8ua4V6ClRQ=
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:00:45 2024 by rpki-client on console-fra.rpki-client.org