Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/wOnG5ppm1Mn_j1L3p4nbdG7laoE.roa
File:                     wOnG5ppm1Mn_j1L3p4nbdG7laoE.roa (raw, json)
Hash identifier:          LinuIucovKnV0xldOUEF/fs9yo7RSzbzWlUlSJOQwfI=
Subject key identifier:   C0:E9:C6:E6:9A:66:D4:C9:FF:8F:52:F7:A7:89:DB:74:6E:E5:6A:81
Certificate issuer:       /CN=f8d3e9daedb6ba426b6816d1c90f379223be7576
Certificate serial:       018CCA2BC809CF6698CF3B32723B298969B3
Authority key identifier: F8:D3:E9:DA:ED:B6:BA:42:6B:68:16:D1:C9:0F:37:92:23:BE:75:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-NPp2u22ukJraBbRyQ83kiO-dXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/wOnG5ppm1Mn_j1L3p4nbdG7laoE.roa
Signing time:             Tue 02 Jan 2024 12:35:15 +0000
ROA not before:           Tue 02 Jan 2024 12:35:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213117
IP address blocks:        92.119.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/1-NPp2u22ukJraBbRyQ83kiO-dXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/1-NPp2u22ukJraBbRyQ83kiO-dXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-NPp2u22ukJraBbRyQ83kiO-dXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:c8:09:cf:66:98:cf:3b:32:72:3b:29:89:69:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8d3e9daedb6ba426b6816d1c90f379223be7576
        Validity
            Not Before: Jan  2 12:35:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0e9c6e69a66d4c9ff8f52f7a789db746ee56a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d8:bd:57:32:23:ee:4b:ed:79:32:48:0a:9e:
                    95:67:1a:45:4e:f8:35:35:fb:ce:33:ff:4e:e5:f4:
                    af:30:6c:5c:f9:36:d0:a3:ae:bb:66:6e:7f:24:a1:
                    ec:2d:29:7c:ba:64:58:8b:a0:48:1b:f9:1d:fb:3a:
                    c8:1b:7d:fa:cc:56:1d:37:38:c3:33:70:10:1c:e9:
                    6e:22:6f:be:5b:b1:ae:3b:4a:88:6c:c3:66:a9:30:
                    f5:5e:ba:ab:8b:84:2b:27:a0:6f:78:e1:54:a1:ab:
                    03:6c:72:0a:5c:a3:4c:da:90:62:f7:12:9b:ab:aa:
                    6c:93:f0:a0:2c:e4:17:66:b7:c0:04:8c:45:22:2f:
                    0d:e8:70:bf:c4:57:26:ae:63:1b:30:90:d6:06:ea:
                    59:f7:1b:8c:fc:4e:94:93:dd:e2:90:44:b2:40:13:
                    e2:bc:20:6c:3e:63:31:c3:f1:39:87:b6:b5:57:64:
                    e1:78:02:7e:45:e2:c8:2c:00:ff:c5:e8:34:0f:fd:
                    de:34:2f:a1:b6:ae:cc:8f:a7:fd:fb:65:0b:85:c7:
                    0e:8a:bf:23:90:a7:97:da:5d:be:6f:10:e8:dc:bf:
                    00:b1:6a:15:eb:e9:f3:4c:38:ea:d6:cb:d6:42:d6:
                    08:e1:b8:0a:c0:5f:08:e6:b4:54:f2:de:55:86:54:
                    4b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:E9:C6:E6:9A:66:D4:C9:FF:8F:52:F7:A7:89:DB:74:6E:E5:6A:81
            X509v3 Authority Key Identifier:
                keyid:F8:D3:E9:DA:ED:B6:BA:42:6B:68:16:D1:C9:0F:37:92:23:BE:75:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-NPp2u22ukJraBbRyQ83kiO-dXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/wOnG5ppm1Mn_j1L3p4nbdG7laoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/228f34-3563-44d4-8ffb-6b3273f344f3/1/1-NPp2u22ukJraBbRyQ83kiO-dXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:f6:57:31:53:c8:0d:0a:b2:37:02:85:29:32:71:35:32:89:
         2e:a7:2c:2d:b3:be:8e:a7:f3:cd:ca:2e:d6:39:a7:84:a4:d0:
         90:72:b5:39:33:74:f2:06:48:4d:97:76:cd:a5:9d:8e:3e:b0:
         b2:c4:44:08:f1:31:c4:06:ce:c5:91:3a:40:6c:6c:9b:e1:d9:
         f0:59:11:7a:7b:a1:70:90:0d:e3:16:fc:56:26:eb:79:cc:78:
         4a:1a:9e:bb:0c:b9:53:94:47:09:51:4e:36:47:f9:b2:91:52:
         b4:f4:94:96:4d:3b:eb:82:29:88:d3:9e:21:53:15:a0:e4:2e:
         3e:d2:16:d5:75:00:31:78:f8:73:ff:c7:00:3f:ad:f3:d1:84:
         e1:e9:53:c2:49:eb:92:ad:b5:6e:4d:84:ce:34:ce:38:9d:c4:
         20:24:44:e1:76:b1:8e:ed:23:56:17:3c:57:b6:45:53:c7:dd:
         51:90:f8:32:4b:df:78:8c:84:0c:ec:9f:d9:4d:ab:d0:85:08:
         6e:f2:fc:74:4c:34:16:ee:44:78:da:2a:34:56:f3:96:f3:60:
         0a:f6:ac:a1:33:db:cd:9b:9e:86:45:cc:bd:c4:11:f4:c9:a6:
         ac:de:df:84:ab:9e:33:5e:ef:15:d8:0c:52:1f:12:a9:8b:92:
         d7:c9:df:38
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzKK8gJz2aYzzsycjspiWmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDNlOWRhZWRiNmJhNDI2YjY4MTZkMWM5MGYzNzkyMjNi
ZTc1NzYwHhcNMjQwMTAyMTIzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGU5YzZlNjlhNjZkNGM5ZmY4ZjUyZjdhNzg5ZGI3NDZlZTU2YTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9i9VzIj7kvteTJICp6VZxpFTvg1
NfvOM/9O5fSvMGxc+TbQo667Zm5/JKHsLSl8umRYi6BIG/kd+zrIG336zFYdNzjD
M3AQHOluIm++W7GuO0qIbMNmqTD1Xrqri4QrJ6BveOFUoasDbHIKXKNM2pBi9xKb
q6psk/CgLOQXZrfABIxFIi8N6HC/xFcmrmMbMJDWBupZ9xuM/E6Uk93ikESyQBPi
vCBsPmMxw/E5h7a1V2TheAJ+ReLILAD/xeg0D/3eNC+htq7Mj6f9+2ULhccOir8j
kKeX2l2+bxDo3L8AsWoV6+nzTDjq1svWQtYI4bgKwF8I5rRU8t5VhlRLvQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMDpxuaaZtTJ/49S96eJ23Ru5WqBMB8GA1UdIwQY
MBaAFPjT6drttrpCa2gW0ckPN5IjvnV2MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OUHAydTIydWtKcmFCYlJ5UTgza2lPLWRYWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvMjI4ZjM0LTM1NjMtNDRkNC04ZmZi
LTZiMzI3M2YzNDRmMy8xL3dPbkc1cHBtMU1uX2oxTDNwNG5iZEc3bGFvRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvMjI4ZjM0LTM1NjMtNDRkNC04ZmZiLTZiMzI3M2YzNDRm
My8xLzEtTlBwMnUyMnVrSnJhQmJSeVE4M2tpTy1kWFkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABcd9gw
DQYJKoZIhvcNAQELBQADggEBAH/2VzFTyA0KsjcChSkycTUyiS6nLC2zvo6n883K
LtY5p4Sk0JBytTkzdPIGSE2Xds2lnY4+sLLERAjxMcQGzsWROkBsbJvh2fBZEXp7
oXCQDeMW/FYm63nMeEoanrsMuVOURwlRTjZH+bKRUrT0lJZNO+uCKYjTniFTFaDk
Lj7SFtV1ADF4+HP/xwA/rfPRhOHpU8JJ65KttW5NhM40zjidxCAkROF2sY7tI1YX
PFe2RVPH3VGQ+DJL33iMhAzsn9lNq9CFCG7y/HRMNBbuRHjaKjRW85bzYAr2rKEz
282bnoZFzL3EEfTJpqze34SrnjNe7xXYDFIfEqmLktfJ3zg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:33 2024 by rpki-client on console-fra.rpki-client.org