Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/80Mzrtx0WCJ4jgfvb3OJAQDCUec.roa
File:                     80Mzrtx0WCJ4jgfvb3OJAQDCUec.roa (raw, json)
Hash identifier:          l+EzoIuCA8mfOt2i2aX4bh5vCJsM3BPcOloMNM6wvAo=
Subject key identifier:   F3:43:33:AE:DC:74:58:22:78:8E:07:EF:6F:73:89:01:00:C2:51:E7
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018CC649E64DBB8D872851C343A0DED745E0
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/80Mzrtx0WCJ4jgfvb3OJAQDCUec.roa
Signing time:             Mon 01 Jan 2024 18:29:41 +0000
ROA not before:           Mon 01 Jan 2024 18:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198280
IP address blocks:        78.83.209.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 05:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:e6:4d:bb:8d:87:28:51:c3:43:a0:de:d7:45:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  1 18:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f34333aedc745822788e07ef6f73890100c251e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e2:6a:c8:9c:80:ab:ea:6e:23:bb:3e:50:3f:
                    7f:bb:d0:44:e7:8f:c5:fc:81:fa:a0:f6:23:a6:e7:
                    79:45:14:b9:40:54:1c:01:f8:73:8a:51:0f:16:b6:
                    30:13:98:ca:3a:fa:30:11:c6:c4:80:d3:36:5c:85:
                    8a:89:2e:6f:a0:af:ea:a5:c1:10:df:76:88:c8:f8:
                    00:bd:b0:5c:b0:9a:21:f5:a0:08:e6:1d:91:86:05:
                    57:ce:cf:84:20:72:59:35:29:31:fa:c7:f8:c6:01:
                    77:61:50:6a:09:a6:c2:ba:4c:98:55:8a:9c:3c:b2:
                    33:66:09:09:98:c7:ea:ae:3a:19:33:74:77:3d:2c:
                    e5:c3:03:3c:ef:0b:4b:ba:b9:6e:51:53:9a:13:25:
                    d5:b9:b7:b3:0e:9a:0f:53:87:b8:0f:a0:ad:62:2d:
                    9e:07:54:5f:ef:2f:2e:2e:94:bb:af:20:85:53:d0:
                    71:41:0c:81:bb:5f:99:64:30:e6:89:8f:a3:83:b5:
                    82:9b:5e:70:8c:9f:18:ce:c4:98:04:ce:97:94:4e:
                    6f:a8:58:07:65:c9:89:48:dc:73:e8:ec:16:7d:11:
                    1d:84:dd:51:97:fc:90:33:44:11:9c:1b:a2:a1:c2:
                    4b:5b:9a:48:a0:7a:b7:ef:3c:6e:e1:73:b5:a9:9f:
                    e7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:43:33:AE:DC:74:58:22:78:8E:07:EF:6F:73:89:01:00:C2:51:E7
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/80Mzrtx0WCJ4jgfvb3OJAQDCUec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.83.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:6e:88:8a:21:89:3f:41:80:7c:85:3b:42:6f:36:9c:1b:46:
         e4:1e:16:b5:90:7c:1b:fd:6f:1a:04:63:bf:68:6e:74:59:b6:
         ee:14:f7:ff:92:f7:c3:ed:36:e1:f5:3c:10:c9:47:18:de:c8:
         b1:fb:ac:b4:3b:30:27:a7:f2:e3:bb:bc:28:7a:34:d5:af:6d:
         fb:76:14:58:b0:03:bb:68:e1:ea:40:3d:b6:76:3e:98:91:f6:
         19:18:ab:cc:dd:fd:ef:28:4c:eb:66:05:cb:51:09:c4:70:15:
         00:ed:3d:3d:ca:03:b7:30:5a:24:29:7c:ee:52:d9:7f:ca:91:
         ae:0c:52:cc:1b:05:b2:1b:a9:a6:a1:ac:19:5b:aa:cd:ac:81:
         71:da:9e:bb:05:07:81:7a:0b:eb:63:97:94:e3:b1:70:97:55:
         31:68:09:a9:f2:17:7f:8a:c7:ce:df:62:f6:21:e6:86:d8:11:
         97:4a:29:55:25:18:1e:ea:33:56:e2:ce:23:ab:c1:a8:52:d2:
         5a:95:bd:85:01:a1:79:35:ab:74:34:7a:0a:1d:f4:6b:5a:71:
         0c:d3:d2:64:df:83:d0:c6:df:f0:a1:a5:4f:0c:b3:16:2a:f3:
         90:2b:4e:10:b2:59:5a:40:be:31:b0:fa:29:75:3b:0f:0c:9d:
         04:54:d8:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSeZNu42HKFHDQ6De10XgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQzMzNhZWRjNzQ1ODIyNzg4ZTA3ZWY2ZjczODkwMTAwYzI1MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+JqyJyAq+puI7s+UD9/u9BE54/F
/IH6oPYjpud5RRS5QFQcAfhzilEPFrYwE5jKOvowEcbEgNM2XIWKiS5voK/qpcEQ
33aIyPgAvbBcsJoh9aAI5h2RhgVXzs+EIHJZNSkx+sf4xgF3YVBqCabCukyYVYqc
PLIzZgkJmMfqrjoZM3R3PSzlwwM87wtLurluUVOaEyXVubezDpoPU4e4D6CtYi2e
B1Rf7y8uLpS7ryCFU9BxQQyBu1+ZZDDmiY+jg7WCm15wjJ8YzsSYBM6XlE5vqFgH
ZcmJSNxz6OwWfREdhN1Rl/yQM0QRnBuiocJLW5pIoHq37zxu4XO1qZ/nCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNDM67cdFgieI4H729ziQEAwlHnMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvODBNenJ0eDBXQ0o0amdmdmIzT0pBUURDVWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATlPRMA0G
CSqGSIb3DQEBCwUAA4IBAQBIboiKIYk/QYB8hTtCbzacG0bkHha1kHwb/W8aBGO/
aG50WbbuFPf/kvfD7Tbh9TwQyUcY3six+6y0OzAnp/Lju7woejTVr237dhRYsAO7
aOHqQD22dj6YkfYZGKvM3f3vKEzrZgXLUQnEcBUA7T09ygO3MFokKXzuUtl/ypGu
DFLMGwWyG6mmoawZW6rNrIFx2p67BQeBegvrY5eU47Fwl1UxaAmp8hd/isfO32L2
IeaG2BGXSilVJRge6jNW4s4jq8GoUtJalb2FAaF5Nat0NHoKHfRrWnEM09Jk34PQ
xt/woaVPDLMWKvOQK04QsllaQL4xsPopdTsPDJ0EVNhR
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:49 2024 by rpki-client on console-ams.rpki-client.org