Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/UYSes_88qaOW7iNZBm2tf_LF9uo.roa
File:                     UYSes_88qaOW7iNZBm2tf_LF9uo.roa (raw, json)
Hash identifier:          yuZy4VMQ/x+cLAamp1I7NfLzDw4GLO0jZb+RgScKn8o=
Subject key identifier:   51:84:9E:B3:FF:3C:A9:A3:96:EE:23:59:06:6D:AD:7F:F2:C5:F6:EA
Certificate issuer:       /CN=88f6580a229ccfd5369e19e252adcb728cdacd39
Certificate serial:       01856D01C0489869CADF746AB3911A3E3414
Authority key identifier: 88:F6:58:0A:22:9C:CF:D5:36:9E:19:E2:52:AD:CB:72:8C:DA:CD:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPZYCiKcz9U2nhniUq3LcozazTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/UYSes_88qaOW7iNZBm2tf_LF9uo.roa
Signing time:             Sun 01 Jan 2023 11:05:09 +0000
ROA not before:           Sun 01 Jan 2023 11:05:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400061
IP address blocks:        2a10:e580:6969::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/iPZYCiKcz9U2nhniUq3LcozazTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/iPZYCiKcz9U2nhniUq3LcozazTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPZYCiKcz9U2nhniUq3LcozazTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Mar 2023 04:58:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:c0:48:98:69:ca:df:74:6a:b3:91:1a:3e:34:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f6580a229ccfd5369e19e252adcb728cdacd39
        Validity
            Not Before: Jan  1 11:05:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=51849eb3ff3ca9a396ee2359066dad7ff2c5f6ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:be:a9:82:c1:de:96:28:e7:36:df:f5:eb:c9:
                    6c:8c:3c:f5:82:1e:d0:ba:bf:cf:fd:b8:9d:62:e0:
                    e9:81:80:2c:70:20:9a:2a:e7:66:1d:b2:ae:bf:16:
                    c1:70:65:de:c5:51:c5:4a:52:c2:0a:0d:8f:18:e1:
                    ca:1f:aa:dc:da:29:29:97:c1:75:c1:f1:c7:ca:f4:
                    73:68:45:63:54:8f:f9:86:87:05:f2:81:05:88:25:
                    41:80:46:ae:d8:bd:d3:b8:1e:58:c0:29:61:e3:53:
                    67:7e:37:2a:97:ae:95:50:01:1d:bb:00:c5:71:7e:
                    32:b7:a3:6d:53:97:1e:9e:55:cc:65:f7:f9:b8:be:
                    be:1b:8b:d1:f1:c6:01:19:46:47:bb:61:86:52:de:
                    7d:dd:93:21:46:3b:8e:a7:b1:f3:9c:a2:a5:da:2d:
                    87:f5:8f:ce:f5:79:ec:7b:f7:3e:65:e6:f1:f0:eb:
                    43:4f:42:eb:91:c8:fe:38:cd:7f:5a:06:a9:f8:3c:
                    d2:34:f5:a7:27:cb:0a:73:e7:96:29:e2:67:26:7b:
                    af:c2:67:c7:3b:fb:3f:ad:bb:41:f7:1b:8c:40:69:
                    c6:79:4e:9e:3e:77:f4:1a:b6:53:ad:84:a1:34:26:
                    0c:74:22:22:d5:5b:5a:7c:88:fa:93:bf:2b:69:2c:
                    63:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                51:84:9E:B3:FF:3C:A9:A3:96:EE:23:59:06:6D:AD:7F:F2:C5:F6:EA
            X509v3 Authority Key Identifier: 
                keyid:88:F6:58:0A:22:9C:CF:D5:36:9E:19:E2:52:AD:CB:72:8C:DA:CD:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPZYCiKcz9U2nhniUq3LcozazTk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/UYSes_88qaOW7iNZBm2tf_LF9uo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/iPZYCiKcz9U2nhniUq3LcozazTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:e580:6969::/48

    Signature Algorithm: sha256WithRSAEncryption
         bd:1a:fc:c4:78:6c:3e:6e:95:a3:6b:01:28:20:c5:bf:1d:21:
         96:b2:ae:f0:1d:03:dc:de:27:ec:a8:d6:f5:1e:b6:6a:4d:f4:
         3c:15:ec:0f:4c:09:f0:b3:03:d2:2a:d7:d8:b7:eb:2c:b1:bd:
         77:b9:b0:87:56:74:e2:4b:e1:24:9b:9f:48:5a:de:cf:99:11:
         fd:b5:87:c1:de:6d:71:8e:ab:d0:74:36:7b:37:74:a8:40:6b:
         59:b1:a3:f4:b8:8b:e3:f4:a0:cd:4e:38:46:77:a1:65:c3:8b:
         7d:ce:bf:62:5b:78:16:38:48:f1:21:0c:d1:21:33:50:e3:f2:
         b6:7a:86:cd:46:f6:9b:6a:33:de:4a:d5:0f:44:fa:7e:c0:3d:
         9b:4c:37:44:3d:5d:03:a4:aa:a4:4c:8c:4f:55:fa:96:22:5f:
         23:ea:50:40:2c:17:10:f8:25:2c:c7:6b:0b:f3:e2:fc:c6:10:
         74:68:f4:de:12:fa:02:e8:7d:70:7f:4b:41:79:f0:19:3f:ac:
         7d:98:27:77:3a:27:78:c6:bf:3c:c6:8c:19:d9:d3:73:2a:ff:
         93:98:3b:70:bf:49:d4:ea:80:24:29:ae:c1:ec:8d:30:9e:5f:
         e3:0b:da:ab:3a:0f:4b:33:7e:c2:b9:9a:32:93:ae:b5:67:80:
         9a:a1:f1:e1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAcBImGnK33Rqs5EaPjQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZjY1ODBhMjI5Y2NmZDUzNjllMTllMjUyYWRjYjcyOGNk
YWNkMzkwHhcNMjMwMTAxMTEwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg0OWViM2ZmM2NhOWEzOTZlZTIzNTkwNjZkYWQ3ZmYyYzVmNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgr6pgsHelijnNt/168lsjDz1gh7Q
ur/P/bidYuDpgYAscCCaKudmHbKuvxbBcGXexVHFSlLCCg2PGOHKH6rc2ikpl8F1
wfHHyvRzaEVjVI/5hocF8oEFiCVBgEau2L3TuB5YwClh41Nnfjcql66VUAEduwDF
cX4yt6NtU5cenlXMZff5uL6+G4vR8cYBGUZHu2GGUt593ZMhRjuOp7HznKKl2i2H
9Y/O9Xnse/c+Zebx8OtDT0Lrkcj+OM1/Wgap+DzSNPWnJ8sKc+eWKeJnJnuvwmfH
O/s/rbtB9xuMQGnGeU6ePnf0GrZTrYShNCYMdCIi1VtafIj6k78raSxjRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFGEnrP/PKmjlu4jWQZtrX/yxfbqMB8GA1UdIwQY
MBaAFIj2WAoinM/VNp4Z4lKty3KM2s05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBaWUNpS2N6OVUybmhuaVVxM0xjb3phelRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lNTJiMzAtY2Q0Ny00YzI3LWI2ZmMt
ZDA5N2NkMmM3ZDgyLzEvVVlTZXNfODhxYU9XN2lOWkJtMnRmX0xGOXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lNTJiMzAtY2Q0Ny00YzI3LWI2ZmMtZDA5N2NkMmM3ZDgy
LzEvaVBaWUNpS2N6OVUybmhuaVVxM0xjb3phelRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDlgGlp
MA0GCSqGSIb3DQEBCwUAA4IBAQC9GvzEeGw+bpWjawEoIMW/HSGWsq7wHQPc3ifs
qNb1HrZqTfQ8FewPTAnwswPSKtfYt+sssb13ubCHVnTiS+Ekm59IWt7PmRH9tYfB
3m1xjqvQdDZ7N3SoQGtZsaP0uIvj9KDNTjhGd6Flw4t9zr9iW3gWOEjxIQzRITNQ
4/K2eobNRvabajPeStUPRPp+wD2bTDdEPV0DpKqkTIxPVfqWIl8j6lBALBcQ+CUs
x2sL8+L8xhB0aPTeEvoC6H1wf0tBefAZP6x9mCd3Oid4xr88xowZ2dNzKv+TmDtw
v0nU6oAkKa7B7I0wnl/jC9qrOg9LM37CuZoyk661Z4CaofHh
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:55:44 2023 by rpki-client on console-ams.rpki-client.org