Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/vUsBVRfb7Ljv2xrLmo6PgdsXFUE.roa
File:                     vUsBVRfb7Ljv2xrLmo6PgdsXFUE.roa (raw, json)
Hash identifier:          R/KMJvhd8p3Ty9efW/9oja27ceXbvc1bM1NX3Mprt6g=
Subject key identifier:   BD:4B:01:55:17:DB:EC:B8:EF:DB:1A:CB:9A:8E:8F:81:DB:17:15:41
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       018D02B964E8C363CDB20B4FCD452B4C0DF6
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/vUsBVRfb7Ljv2xrLmo6PgdsXFUE.roa
Signing time:             Sat 13 Jan 2024 12:08:40 +0000
ROA not before:           Sat 13 Jan 2024 12:08:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43754
IP address blocks:        194.36.174.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:02:b9:64:e8:c3:63:cd:b2:0b:4f:cd:45:2b:4c:0d:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Jan 13 12:08:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bd4b015517dbecb8efdb1acb9a8e8f81db171541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:03:0f:3a:03:e9:c7:3e:a4:36:83:a0:db:f0:
                    a3:19:71:21:72:cb:31:32:b0:0e:ee:18:de:18:49:
                    bd:ca:a4:e0:e9:99:ea:48:65:81:25:b3:1f:0d:3b:
                    21:fe:ce:71:66:b1:cd:b7:18:be:b7:e8:51:7d:c3:
                    99:a3:fa:13:6d:a3:4c:bf:3a:39:ba:ab:3f:73:78:
                    d7:fa:d3:d3:b8:70:65:b1:9d:d0:a1:9b:f9:79:7d:
                    97:ee:eb:14:1d:e4:0f:f3:18:cf:1b:69:82:5c:99:
                    fe:bc:66:fa:c9:e4:ad:9b:2e:5b:40:d8:c2:47:aa:
                    f5:b4:be:52:29:d7:00:4d:47:9d:a4:5f:e5:fe:90:
                    f5:22:a9:78:a2:29:52:25:14:af:5f:d6:eb:72:33:
                    0c:be:14:6f:7d:c2:22:b3:bd:43:6c:dd:8e:b0:24:
                    f7:c0:55:06:cc:00:9c:15:25:2d:ff:05:b6:b1:2c:
                    b2:7a:18:9b:f6:f2:76:a8:12:60:3e:46:03:05:0f:
                    00:31:de:df:02:79:c6:93:02:cd:43:8b:7c:b6:4f:
                    0f:9d:bc:ba:54:7e:e5:61:fd:ea:45:8f:02:82:f5:
                    16:b2:09:29:c2:2e:b4:d6:a6:88:64:1b:d7:8a:46:
                    5c:a9:a1:78:40:2d:a9:89:d2:79:56:ab:d8:fb:a9:
                    0f:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:4B:01:55:17:DB:EC:B8:EF:DB:1A:CB:9A:8E:8F:81:DB:17:15:41
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/vUsBVRfb7Ljv2xrLmo6PgdsXFUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.36.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:b0:d7:68:7f:c8:2f:4d:c4:16:89:2b:81:62:bc:00:74:2f:
         01:37:c5:3b:a9:ca:37:a4:33:c8:76:ed:a7:31:4f:37:33:40:
         d1:5b:3e:e5:ff:67:c3:aa:f4:10:53:b2:64:e2:93:d8:9f:90:
         70:b4:bf:9c:a3:87:38:e1:4c:32:da:c9:e5:08:0f:6c:55:3d:
         24:a4:6d:e6:00:a7:4e:02:2c:1f:1d:87:ae:89:ef:76:32:5d:
         8f:39:e0:92:c9:06:cb:7e:f9:48:09:5c:82:58:0c:62:40:1a:
         27:f4:71:23:b4:33:00:8c:26:52:36:42:d6:a8:e1:4a:51:09:
         18:a5:9d:a0:cd:45:a0:9e:d9:7b:2e:48:46:81:84:1b:df:02:
         1d:dd:8e:cb:75:40:90:2e:5b:ce:f7:c1:ca:d2:7a:e6:72:04:
         5a:6b:b4:84:b9:24:76:56:a7:5b:70:d2:ad:7d:79:eb:a2:f6:
         fb:c3:cc:00:c5:35:c4:54:ac:bb:bf:a2:65:9f:bd:46:07:55:
         16:f7:10:6b:23:d2:ea:14:d4:0e:83:09:b0:f8:55:e0:19:59:
         48:31:af:f5:f2:08:e8:2f:00:ae:5e:eb:d9:8a:30:af:84:09:
         8f:90:10:db:14:a4:f5:6e:c5:ae:52:f0:b3:d0:0e:28:da:51:
         e5:00:c8:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0CuWTow2PNsgtPzUUrTA32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMTEzMTIwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDRiMDE1NTE3ZGJlY2I4ZWZkYjFhY2I5YThlOGY4MWRiMTcxNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgMPOgPpxz6kNoOg2/CjGXEhcssx
MrAO7hjeGEm9yqTg6ZnqSGWBJbMfDTsh/s5xZrHNtxi+t+hRfcOZo/oTbaNMvzo5
uqs/c3jX+tPTuHBlsZ3QoZv5eX2X7usUHeQP8xjPG2mCXJn+vGb6yeStmy5bQNjC
R6r1tL5SKdcATUedpF/l/pD1Iql4oilSJRSvX9brcjMMvhRvfcIis71DbN2OsCT3
wFUGzACcFSUt/wW2sSyyehib9vJ2qBJgPkYDBQ8AMd7fAnnGkwLNQ4t8tk8Pnby6
VH7lYf3qRY8CgvUWsgkpwi601qaIZBvXikZcqaF4QC2pidJ5VqvY+6kPNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1LAVUX2+y479say5qOj4HbFxVBMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvdlVzQlZSZmI3TGp2MnhyTG1vNlBnZHNYRlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiSuMA0G
CSqGSIb3DQEBCwUAA4IBAQBFsNdof8gvTcQWiSuBYrwAdC8BN8U7qco3pDPIdu2n
MU83M0DRWz7l/2fDqvQQU7Jk4pPYn5BwtL+co4c44Uwy2snlCA9sVT0kpG3mAKdO
AiwfHYeuie92Ml2POeCSyQbLfvlICVyCWAxiQBon9HEjtDMAjCZSNkLWqOFKUQkY
pZ2gzUWgntl7LkhGgYQb3wId3Y7LdUCQLlvO98HK0nrmcgRaa7SEuSR2VqdbcNKt
fXnrovb7w8wAxTXEVKy7v6Jln71GB1UW9xBrI9LqFNQOgwmw+FXgGVlIMa/18gjo
LwCuXuvZijCvhAmPkBDbFKT1bsWuUvCz0A4o2lHlAMgj
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:17:11 2024 by rpki-client on console-ams.rpki-client.org