Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa
File:                     1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa (raw, json)
Hash identifier:          2Yr8K8MtdTZJhGu7SbPhGdZqZrPwsFWuQSmXbpxue3Q=
Subject key identifier:   FB:87:F4:01:38:FE:92:E1:65:4C:9B:89:91:2A:20:45:41:05:44:A1
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018D8DE1184E8BF1B02B09094EF3A78D7AE1
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa
Signing time:             Fri 09 Feb 2024 12:39:15 +0000
ROA not before:           Fri 09 Feb 2024 12:39:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24964
IP address blocks:        82.103.126.0/24 maxlen: 24
                          82.103.127.0/24 maxlen: 24
                          89.253.163.0/24 maxlen: 24
                          195.34.123.0/24 maxlen: 24
                          212.91.184.0/24 maxlen: 24
                          212.91.185.0/24 maxlen: 24
                          212.91.186.0/24 maxlen: 24
                          212.91.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8d:e1:18:4e:8b:f1:b0:2b:09:09:4e:f3:a7:8d:7a:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Feb  9 12:39:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fb87f40138fe92e1654c9b89912a2045410544a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0f:87:81:80:e5:49:cd:71:c0:b3:3d:d9:d9:
                    b8:f7:bc:6d:f4:36:b3:07:d9:d1:df:81:d3:db:88:
                    69:5a:82:d7:e9:3a:50:ba:d9:23:2e:fe:1f:8b:3d:
                    9b:c0:02:7c:ea:b4:83:b1:84:1f:4a:f0:87:60:a3:
                    ee:29:a7:20:1b:5b:d7:b1:21:77:43:73:16:1c:7e:
                    70:bc:4f:8c:74:1e:a8:fa:a1:ee:85:f8:79:3e:32:
                    c9:6c:c8:34:30:43:9f:8d:db:55:11:f8:ce:51:e1:
                    43:cc:9b:92:14:0d:ed:f2:25:ac:33:98:1b:6d:13:
                    23:f1:a8:2a:52:08:a2:d0:a5:8a:b1:6c:85:f8:56:
                    2d:09:4f:a6:98:4e:b2:ff:2a:52:7c:49:f2:af:24:
                    62:80:9b:c7:27:d2:de:34:6c:a5:fc:ff:87:3e:0c:
                    13:d8:78:02:15:7d:23:03:71:d5:b3:10:38:25:5f:
                    9e:c4:0c:66:96:ea:53:31:91:24:ba:51:1e:80:1f:
                    45:00:c2:e5:70:16:33:30:9d:58:02:62:f3:0f:23:
                    83:e0:ff:89:fa:1d:8e:56:cb:e0:dd:b5:70:f1:36:
                    03:c7:e5:c4:2c:c4:c7:22:84:66:34:97:50:c6:bb:
                    87:06:77:58:6e:df:c4:cf:85:b4:f2:5c:3e:c2:0f:
                    e8:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:87:F4:01:38:FE:92:E1:65:4C:9B:89:91:2A:20:45:41:05:44:A1
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-4f0ATj-kuFlTJuJkSogRUEFRKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.103.126.0/23
                  89.253.163.0/24
                  195.34.123.0/24
                  212.91.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:38:73:38:b1:35:f1:7f:e2:35:34:27:d4:2a:18:f1:89:52:
         f4:f1:b5:ea:41:b1:5b:68:6e:86:5d:0e:84:16:06:bd:56:2b:
         70:fb:ca:75:a0:39:0e:cf:b3:05:23:d2:14:e2:2e:a7:eb:c9:
         02:1d:54:c2:14:9c:01:ca:16:5e:14:b4:32:ca:0d:58:f7:75:
         c0:f5:3c:30:b9:84:48:3e:6f:3d:76:1f:7e:55:bd:cf:24:dd:
         8f:50:19:2c:9f:ce:54:66:45:00:72:08:11:f3:92:ff:1f:19:
         ef:fb:6d:85:28:7c:da:37:5b:c1:56:e5:bd:39:54:c6:4f:68:
         c3:64:58:37:79:75:68:e9:3c:ba:1a:f0:92:82:98:51:11:8a:
         eb:69:26:af:9c:cf:89:1a:c1:8b:61:68:69:4f:78:cf:9a:bd:
         8f:1d:93:b1:b3:84:cc:31:08:b5:3b:f4:25:40:a2:2d:9b:fa:
         2a:c4:55:51:0d:4e:0a:97:64:9c:bc:6c:ba:27:e5:9a:87:f2:
         e1:24:bb:09:d8:f7:ee:fe:2d:60:4b:f4:5f:42:9b:5a:37:49:
         c5:4a:e7:f3:cf:32:c5:77:4e:07:dd:26:ac:0a:93:12:cf:b5:
         eb:18:b0:d7:3b:9b:4c:70:c1:29:b1:b7:30:26:e6:4c:e4:8c:
         d5:67:5f:75
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY2N4RhOi/GwKwkJTvOnjXrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMjA5MTIzOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjg3ZjQwMTM4ZmU5MmUxNjU0YzliODk5MTJhMjA0NTQxMDU0NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw+HgYDlSc1xwLM92dm497xt9Daz
B9nR34HT24hpWoLX6TpQutkjLv4fiz2bwAJ86rSDsYQfSvCHYKPuKacgG1vXsSF3
Q3MWHH5wvE+MdB6o+qHuhfh5PjLJbMg0MEOfjdtVEfjOUeFDzJuSFA3t8iWsM5gb
bRMj8agqUgii0KWKsWyF+FYtCU+mmE6y/ypSfEnyryRigJvHJ9LeNGyl/P+HPgwT
2HgCFX0jA3HVsxA4JV+exAxmlupTMZEkulEegB9FAMLlcBYzMJ1YAmLzDyOD4P+J
+h2OVsvg3bVw8TYDx+XELMTHIoRmNJdQxruHBndYbt/Ez4W08lw+wg/oPQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPuH9AE4/pLhZUybiZEqIEVBBUShMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvMS00ZjBBVGota3VGbFRKdUprU29nUlVFRlJLRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQz
Ny8xL0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVJnfgME
AFn9owMEAMMiewMEAtRbuDANBgkqhkiG9w0BAQsFAAOCAQEAmzhzOLE18X/iNTQn
1CoY8YlS9PG16kGxW2huhl0OhBYGvVYrcPvKdaA5Ds+zBSPSFOIup+vJAh1UwhSc
AcoWXhS0MsoNWPd1wPU8MLmESD5vPXYfflW9zyTdj1AZLJ/OVGZFAHIIEfOS/x8Z
7/tthSh82jdbwVblvTlUxk9ow2RYN3l1aOk8uhrwkoKYURGK62kmr5zPiRrBi2Fo
aU94z5q9jx2TsbOEzDEItTv0JUCiLZv6KsRVUQ1OCpdknLxsuiflmofy4SS7Cdj3
7v4tYEv0X0KbWjdJxUrn888yxXdOB90mrAqTEs+16xiw1zubTHDBKbG3MCbmTOSM
1WdfdQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:22:08 2024 by rpki-client on console-ams.rpki-client.org