Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/64-pPPPaCJ3ERtV477ASgjKCG8o.roa
File:                     64-pPPPaCJ3ERtV477ASgjKCG8o.roa (raw, json)
Hash identifier:          AuPYQ7Fw9nby1Ut5PgpWoeF4TPSPjjw6U+cFh8yrIt8=
Subject key identifier:   EB:8F:A9:3C:F3:DA:08:9D:C4:46:D5:78:EF:B0:12:82:32:82:1B:CA
Certificate issuer:       /CN=8b73f83735c8ab10a0a8d44e170128f023846e79
Certificate serial:       018F1A78AC5FBAC20C411C818B9D19EA6FCB
Authority key identifier: 8B:73:F8:37:35:C8:AB:10:A0:A8:D4:4E:17:01:28:F0:23:84:6E:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i3P4NzXIqxCgqNROFwEo8COEbnk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/64-pPPPaCJ3ERtV477ASgjKCG8o.roa
Signing time:             Fri 26 Apr 2024 12:54:26 +0000
ROA not before:           Fri 26 Apr 2024 12:54:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202100
IP address blocks:        185.46.244.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/i3P4NzXIqxCgqNROFwEo8COEbnk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/i3P4NzXIqxCgqNROFwEo8COEbnk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i3P4NzXIqxCgqNROFwEo8COEbnk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1a:78:ac:5f:ba:c2:0c:41:1c:81:8b:9d:19:ea:6f:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b73f83735c8ab10a0a8d44e170128f023846e79
        Validity
            Not Before: Apr 26 12:54:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb8fa93cf3da089dc446d578efb0128232821bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:68:d1:77:e0:43:66:5a:39:b5:7b:62:c7:29:
                    84:2d:54:52:e4:d9:9f:a5:1c:8f:03:b4:33:37:e8:
                    15:c7:a8:24:76:7c:b2:0a:f3:86:45:90:6a:17:11:
                    f9:14:45:a8:aa:92:dd:32:4f:36:98:9e:e4:ed:3c:
                    a4:be:38:04:f6:c2:f7:10:13:06:58:ed:16:44:70:
                    de:0a:6a:d0:b4:fa:74:69:66:37:c7:79:a4:fc:97:
                    b6:ec:57:7d:ec:b0:ae:ca:9c:a0:ce:c9:e0:92:31:
                    dd:bd:de:21:82:61:d0:0d:ba:51:0d:01:19:15:6a:
                    a2:3d:63:f2:10:59:56:fd:21:77:65:9c:89:a4:07:
                    53:09:18:bb:71:bd:9d:9d:a7:94:68:8c:32:58:8b:
                    49:d1:6a:d9:fb:5d:f5:ef:8e:bf:d2:98:9e:74:c0:
                    d1:ba:40:c5:95:c8:94:1e:d1:40:fa:19:58:f4:83:
                    d7:bc:98:7f:13:81:6c:1c:5d:63:72:13:00:77:1d:
                    59:b3:eb:8a:7f:c8:24:ef:e4:69:8b:ef:db:26:de:
                    a8:48:6c:9d:44:23:d0:99:da:0d:56:1e:63:60:60:
                    c5:2f:da:cc:ec:89:f7:7e:42:64:32:0a:c0:7e:d1:
                    7c:88:f7:26:cc:7e:a6:ba:49:0d:00:2c:a2:fc:8a:
                    e8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:8F:A9:3C:F3:DA:08:9D:C4:46:D5:78:EF:B0:12:82:32:82:1B:CA
            X509v3 Authority Key Identifier:
                keyid:8B:73:F8:37:35:C8:AB:10:A0:A8:D4:4E:17:01:28:F0:23:84:6E:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3P4NzXIqxCgqNROFwEo8COEbnk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/64-pPPPaCJ3ERtV477ASgjKCG8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e76a95-f7ae-44b9-9d8d-65dd7f52e46c/1/i3P4NzXIqxCgqNROFwEo8COEbnk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:96:36:51:02:0e:20:55:f7:2b:b2:b2:7c:ce:a4:7d:73:e7:
         79:83:81:4f:ce:d9:51:4f:da:63:67:69:80:a5:58:5f:fb:28:
         05:2b:38:a9:78:0f:7a:17:f0:b5:95:4d:36:52:1f:5f:7c:ba:
         45:1e:1f:37:cb:65:0f:0d:ed:79:c3:0b:d9:fc:77:70:31:8b:
         b8:4b:6d:2c:fc:cb:c5:20:01:97:b7:2b:fe:2c:ee:6d:2d:53:
         65:7e:03:a1:6f:e4:72:98:0d:e9:eb:a8:5a:aa:01:61:a4:00:
         5d:97:a3:41:d6:f5:53:99:ad:3b:09:c0:7b:fd:44:e7:e4:81:
         38:7a:67:ec:dd:1f:fd:49:9f:63:cd:cf:64:92:4b:32:e9:2b:
         97:8c:ae:66:2a:dd:2a:42:78:3c:1d:1b:0d:4f:94:ed:d9:43:
         e2:59:82:a5:95:d7:bf:ff:6f:e8:51:eb:25:07:76:e1:e7:2d:
         31:c9:ad:61:1e:71:aa:29:e0:83:9b:c5:85:25:85:5b:a2:30:
         95:88:f5:53:27:e2:e4:5d:9b:78:64:59:2f:c1:11:95:51:e7:
         ad:08:a9:5a:2d:44:de:02:d5:80:e7:19:30:1b:51:e8:5e:46:
         11:ac:cf:c6:83:6b:1c:c3:ce:97:af:fe:d9:b6:a8:83:97:23:
         aa:78:e7:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8aeKxfusIMQRyBi50Z6m/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNzNmODM3MzVjOGFiMTBhMGE4ZDQ0ZTE3MDEyOGYwMjM4
NDZlNzkwHhcNMjQwNDI2MTI1NDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhmYTkzY2YzZGEwODlkYzQ0NmQ1NzhlZmIwMTI4MjMyODIxYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2jRd+BDZlo5tXtixymELVRS5Nmf
pRyPA7QzN+gVx6gkdnyyCvOGRZBqFxH5FEWoqpLdMk82mJ7k7TykvjgE9sL3EBMG
WO0WRHDeCmrQtPp0aWY3x3mk/Je27Fd97LCuypygzsngkjHdvd4hgmHQDbpRDQEZ
FWqiPWPyEFlW/SF3ZZyJpAdTCRi7cb2dnaeUaIwyWItJ0WrZ+131746/0piedMDR
ukDFlciUHtFA+hlY9IPXvJh/E4FsHF1jchMAdx1Zs+uKf8gk7+Rpi+/bJt6oSGyd
RCPQmdoNVh5jYGDFL9rM7In3fkJkMgrAftF8iPcmzH6mukkNACyi/IrotQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuPqTzz2gidxEbVeO+wEoIyghvKMB8GA1UdIwQY
MBaAFItz+Dc1yKsQoKjUThcBKPAjhG55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTNQNE56WElxeENncU5ST0Z3RW84Q09FYm5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNzZhOTUtZjdhZS00NGI5LTlkOGQt
NjVkZDdmNTJlNDZjLzEvNjQtcFBQUGFDSjNFUnRWNDc3QVNnaktDRzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNzZhOTUtZjdhZS00NGI5LTlkOGQtNjVkZDdmNTJlNDZj
LzEvaTNQNE56WElxeENncU5ST0Z3RW84Q09FYm5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS70MA0G
CSqGSIb3DQEBCwUAA4IBAQCCljZRAg4gVfcrsrJ8zqR9c+d5g4FPztlRT9pjZ2mA
pVhf+ygFKzipeA96F/C1lU02Uh9ffLpFHh83y2UPDe15wwvZ/HdwMYu4S20s/MvF
IAGXtyv+LO5tLVNlfgOhb+RymA3p66haqgFhpABdl6NB1vVTma07CcB7/UTn5IE4
emfs3R/9SZ9jzc9kkksy6SuXjK5mKt0qQng8HRsNT5Tt2UPiWYKllde//2/oUesl
B3bh5y0xya1hHnGqKeCDm8WFJYVbojCViPVTJ+LkXZt4ZFkvwRGVUeetCKlaLUTe
AtWA5xkwG1HoXkYRrM/Gg2scw86Xr/7ZtqiDlyOqeOco
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:21 2024 by rpki-client on console-fra.rpki-client.org