Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/sJJV0S0xUCDSpZjUD1OwpG9lfSY.roa
File:                     sJJV0S0xUCDSpZjUD1OwpG9lfSY.roa (raw, json)
Hash identifier:          zBfqduQQBK5KclxxwSFaQDnJ9K4S3O2PZPoPr7OCtbc=
Subject key identifier:   B0:92:55:D1:2D:31:50:20:D2:A5:98:D4:0F:53:B0:A4:6F:65:7D:26
Certificate issuer:       /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial:       018CC6B786551DEA715CC560B0288B969867
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/sJJV0S0xUCDSpZjUD1OwpG9lfSY.roa
Signing time:             Mon 01 Jan 2024 20:29:25 +0000
ROA not before:           Mon 01 Jan 2024 20:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     63023
IP address blocks:        185.177.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Dec 2024 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:86:55:1d:ea:71:5c:c5:60:b0:28:8b:96:98:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
        Validity
            Not Before: Jan  1 20:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b09255d12d315020d2a598d40f53b0a46f657d26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4d:81:49:8b:79:3a:8e:5a:06:ff:8c:47:82:
                    22:57:70:97:96:b5:c7:30:2c:4c:e2:33:b2:c2:09:
                    67:83:c8:e2:10:fa:5d:5b:c1:b3:a8:f8:27:2d:6c:
                    95:2c:08:ae:6e:94:55:06:b9:9f:9f:b6:c3:0b:67:
                    cf:28:ce:7b:d6:a4:e3:5d:b4:e7:55:08:15:be:53:
                    6a:45:84:65:c4:58:a6:f9:42:ef:9f:3c:b7:0a:21:
                    02:1b:2f:c7:38:e4:ef:1d:c0:6a:ef:f9:e6:fa:f4:
                    10:9f:9b:30:0d:39:14:05:24:71:ff:05:73:a4:e5:
                    b6:da:d4:d8:5e:c6:7d:fd:93:d2:ac:6e:d9:26:d5:
                    cc:c4:7e:d2:65:51:df:d7:23:5e:20:c1:78:b3:64:
                    c8:52:fe:08:a5:01:c0:71:72:11:30:83:c7:31:59:
                    cb:93:bd:99:ef:75:2c:64:ca:c0:a6:a7:3c:0e:23:
                    f6:74:8c:0c:c6:73:df:95:40:73:f3:bd:e0:76:ec:
                    99:44:18:38:97:78:01:dd:ee:ae:18:dc:9b:75:57:
                    83:9a:12:1b:37:e7:56:b6:91:6e:7a:df:cc:9a:7b:
                    5c:4c:93:4b:15:b6:ed:5e:6b:fd:30:0c:55:1f:82:
                    62:c1:8e:1e:3f:96:b6:01:5d:e0:a5:69:4c:4e:24:
                    c9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:92:55:D1:2D:31:50:20:D2:A5:98:D4:0F:53:B0:A4:6F:65:7D:26
            X509v3 Authority Key Identifier:
                keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/sJJV0S0xUCDSpZjUD1OwpG9lfSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:80:e7:fe:0e:a6:14:29:e0:7b:eb:4c:ba:06:d8:19:fa:2f:
         07:e3:43:a6:63:b0:ca:63:41:8a:ef:81:ae:d7:17:a4:ac:8e:
         fb:a9:55:a5:33:f7:50:cf:5a:14:0d:53:f5:64:c7:9b:cf:2c:
         75:d1:d8:0b:b4:4c:37:d6:03:3e:10:80:70:d1:f4:e6:54:92:
         a7:b9:1d:ca:eb:94:19:d8:52:96:bf:ef:f7:b0:42:21:a2:b4:
         83:d8:ae:03:a1:74:65:f4:00:76:b7:a2:08:09:b7:c1:cc:56:
         6e:3e:a2:74:e5:66:c1:e8:04:11:96:80:e2:4c:46:fe:34:13:
         51:3a:11:cf:80:be:10:cf:3c:12:c3:7b:21:68:7b:b8:04:e7:
         88:2f:b0:b9:c9:60:3b:32:25:a3:58:6e:d5:43:9e:7b:a3:f5:
         11:b1:1b:7f:9c:2b:51:fd:8b:62:9a:a4:73:7b:df:d4:04:b3:
         3a:6f:2b:f6:3d:b5:e0:be:ae:0f:9b:22:fb:6e:37:24:e4:c4:
         7e:ff:ab:f6:9f:5a:70:5f:34:b8:fd:70:7e:39:3d:39:05:58:
         96:1a:5c:a4:cd:13:3a:99:8c:ee:d3:ca:0b:ec:80:93:5d:d3:
         cf:c9:d3:e1:2e:0e:ae:8a:8f:8f:f1:10:e3:29:00:b0:78:e2:
         0b:b6:b7:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4ZVHepxXMVgsCiLlphnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTRhYzRjN2Y0NTFjNWJiOTM4MmZiY2Q0NmQ3MGM0YzBm
OWRlNTYwHhcNMjQwMTAxMjAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkyNTVkMTJkMzE1MDIwZDJhNTk4ZDQwZjUzYjBhNDZmNjU3ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02BSYt5Oo5aBv+MR4IiV3CXlrXH
MCxM4jOywglng8jiEPpdW8GzqPgnLWyVLAiubpRVBrmfn7bDC2fPKM571qTjXbTn
VQgVvlNqRYRlxFim+ULvnzy3CiECGy/HOOTvHcBq7/nm+vQQn5swDTkUBSRx/wVz
pOW22tTYXsZ9/ZPSrG7ZJtXMxH7SZVHf1yNeIMF4s2TIUv4IpQHAcXIRMIPHMVnL
k72Z73UsZMrApqc8DiP2dIwMxnPflUBz873gduyZRBg4l3gB3e6uGNybdVeDmhIb
N+dWtpFuet/MmntcTJNLFbbtXmv9MAxVH4JiwY4eP5a2AV3gpWlMTiTJ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCSVdEtMVAg0qWY1A9TsKRvZX0mMB8GA1UdIwQY
MBaAFHVUrEx/RRxbuTgvvNRtcMTA+d5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4Mjgt
ZDkzMzdkYjM5ZDFmLzEvc0pKVjBTMHhVQ0RTcFpqVUQxT3dwRzlsZlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4MjgtZDkzMzdkYjM5ZDFm
LzEvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubHlMA0G
CSqGSIb3DQEBCwUAA4IBAQCKgOf+DqYUKeB760y6BtgZ+i8H40OmY7DKY0GK74Gu
1xekrI77qVWlM/dQz1oUDVP1ZMebzyx10dgLtEw31gM+EIBw0fTmVJKnuR3K65QZ
2FKWv+/3sEIhorSD2K4DoXRl9AB2t6IICbfBzFZuPqJ05WbB6AQRloDiTEb+NBNR
OhHPgL4QzzwSw3shaHu4BOeIL7C5yWA7MiWjWG7VQ557o/URsRt/nCtR/YtimqRz
e9/UBLM6byv2PbXgvq4PmyL7bjck5MR+/6v2n1pwXzS4/XB+OT05BViWGlykzRM6
mYzu08oL7ICTXdPPydPhLg6uio+P8RDjKQCweOILtred
-----END CERTIFICATE-----
Generated at Tue Dec 10 05:06:57 2024 by rpki-client on console-fra.rpki-client.org