Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/1-GpAX9O1Pkj7SgEPSRVBrHvipOw.roa
File:                     1-GpAX9O1Pkj7SgEPSRVBrHvipOw.roa (raw, json)
Hash identifier:          t5Ps7ERwSkQblc2ZFCj0BJ5b+TmBCeVBQHv9hyVAr1c=
Subject key identifier:   F8:6A:40:5F:D3:B5:3E:48:FB:4A:01:0F:49:15:41:AC:7B:E2:A4:EC
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       018CC726239E814FD03C9B824B322C658340
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/1-GpAX9O1Pkj7SgEPSRVBrHvipOw.roa
Signing time:             Mon 01 Jan 2024 22:30:14 +0000
ROA not before:           Mon 01 Jan 2024 22:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44812
IP address blocks:        2a0e:dfc2::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:23:9e:81:4f:d0:3c:9b:82:4b:32:2c:65:83:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Jan  1 22:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f86a405fd3b53e48fb4a010f491541ac7be2a4ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:85:80:05:ac:fb:2b:37:01:9f:c7:f5:e4:29:
                    bb:a7:f7:e7:c1:c7:c6:0a:f1:dc:f7:c8:9c:38:3e:
                    94:d4:06:05:0e:8d:24:98:7c:fe:3c:92:0d:f0:59:
                    12:78:dc:b3:50:b1:16:e2:02:ef:55:ea:45:46:8d:
                    e6:d4:68:ef:fb:d1:9c:d8:a3:91:c7:05:28:9e:a0:
                    04:00:72:11:45:7d:28:de:50:2e:fa:2d:49:1f:5e:
                    1b:8f:cc:6f:2f:3c:ad:01:04:de:32:60:e3:28:c8:
                    5e:16:f1:ab:71:ff:45:31:9d:77:f0:d8:07:3e:bb:
                    15:fc:e4:84:1b:c6:bc:5d:99:ef:1a:8a:6b:6f:46:
                    ad:45:0d:e7:af:6a:59:09:55:c5:80:cd:55:97:60:
                    f8:15:5f:6a:24:40:e2:d7:3f:86:44:99:44:02:65:
                    c1:a9:0b:e2:41:a8:ff:fd:0d:8b:e2:e0:d1:9b:f6:
                    2b:f0:c5:38:e8:a9:bd:b9:32:cf:8e:0f:6c:90:4b:
                    04:d1:41:ac:67:0e:53:96:1e:70:38:6a:3b:23:74:
                    36:4a:cc:0b:eb:b5:fc:f8:05:16:04:da:e2:fc:99:
                    dd:8e:e2:35:59:e2:06:1a:12:3f:af:e6:63:ec:d3:
                    2e:33:6c:16:d2:4c:19:e8:a3:a1:11:be:e7:0f:83:
                    c6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:6A:40:5F:D3:B5:3E:48:FB:4A:01:0F:49:15:41:AC:7B:E2:A4:EC
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/1-GpAX9O1Pkj7SgEPSRVBrHvipOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:dfc2::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:47:43:5a:1c:40:45:60:d1:f5:54:b8:c4:f7:b5:86:10:88:
         4d:ae:fc:33:4d:68:03:5a:6f:df:bb:1e:c1:c3:4f:cd:0f:4e:
         55:7e:89:77:01:e4:02:5e:fb:bc:a4:ef:11:73:e2:a5:95:56:
         5c:cc:72:9d:9f:1a:cc:48:e9:ca:90:25:71:5c:41:6e:d1:ae:
         7b:29:3d:9e:d3:03:95:60:b9:f7:30:10:bf:08:00:a3:f7:c0:
         44:eb:69:d8:0f:31:39:92:5d:56:ad:da:7e:ca:82:bc:a7:a8:
         1f:b3:9d:42:28:e9:8c:eb:37:2f:48:02:af:eb:89:5e:b9:7b:
         8f:94:2b:88:6b:8f:52:fd:cc:41:b9:34:3b:75:34:75:88:38:
         27:c2:27:16:6c:1f:06:57:d9:b2:d5:bf:e9:21:bf:b6:3e:79:
         cb:d6:e7:6b:36:09:4e:b7:8a:a2:7b:81:6e:d8:0f:58:99:e5:
         4f:39:f0:a5:ae:33:11:87:65:e8:11:26:ca:87:02:44:7d:4c:
         45:92:8c:d2:2e:c7:78:be:9a:40:3a:1d:cd:7e:ec:e3:3e:a3:
         3c:75:7a:0d:46:b5:1b:57:5f:08:09:8a:10:e5:81:7a:dd:b7:
         25:18:04:f3:2b:21:fc:57:3f:3c:c2:59:47:82:a0:f2:c7:9d:
         31:18:0f:b5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHJiOegU/QPJuCSzIsZYNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTAxMjIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODZhNDA1ZmQzYjUzZTQ4ZmI0YTAxMGY0OTE1NDFhYzdiZTJhNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIWABaz7KzcBn8f15Cm7p/fnwcfG
CvHc98icOD6U1AYFDo0kmHz+PJIN8FkSeNyzULEW4gLvVepFRo3m1Gjv+9Gc2KOR
xwUonqAEAHIRRX0o3lAu+i1JH14bj8xvLzytAQTeMmDjKMheFvGrcf9FMZ138NgH
PrsV/OSEG8a8XZnvGoprb0atRQ3nr2pZCVXFgM1Vl2D4FV9qJEDi1z+GRJlEAmXB
qQviQaj//Q2L4uDRm/Yr8MU46Km9uTLPjg9skEsE0UGsZw5Tlh5wOGo7I3Q2SswL
67X8+AUWBNri/JndjuI1WeIGGhI/r+Zj7NMuM2wW0kwZ6KOhEb7nD4PGFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPhqQF/TtT5I+0oBD0kVQax74qTsMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvMS1HcEFYOU8xUGtqN1NnRVBTUlZCckh2aXBPdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDgvOTUxNGVkLTI3NmUtNGFiYS04OTdlLWE0NDEwZTEwYjZm
NS8xLzkxMkxVb0ZmUHlZVDZVaVpMc24tWmc5cFNiUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoO38Iw
DQYJKoZIhvcNAQELBQADggEBAIdHQ1ocQEVg0fVUuMT3tYYQiE2u/DNNaANab9+7
HsHDT80PTlV+iXcB5AJe+7yk7xFz4qWVVlzMcp2fGsxI6cqQJXFcQW7RrnspPZ7T
A5VgufcwEL8IAKP3wETradgPMTmSXVat2n7KgrynqB+znUIo6YzrNy9IAq/riV65
e4+UK4hrj1L9zEG5NDt1NHWIOCfCJxZsHwZX2bLVv+khv7Y+ecvW52s2CU63iqJ7
gW7YD1iZ5U858KWuMxGHZegRJsqHAkR9TEWSjNIux3i+mkA6Hc1+7OM+ozx1eg1G
tRtXXwgJihDlgXrdtyUYBPMrIfxXPzzCWUeCoPLHnTEYD7U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:57 2024 by rpki-client on console-ams.rpki-client.org