Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/6piAzuAN2kuWt4UFrGQk358IebE.roa
File:                     6piAzuAN2kuWt4UFrGQk358IebE.roa (raw, json)
Hash identifier:          deMGTXOnEGhiCd0eNl399SjW6CrtBqIztbeyTbDdCSs=
Subject key identifier:   EA:98:80:CE:E0:0D:DA:4B:96:B7:85:05:AC:64:24:DF:9F:08:79:B1
Certificate issuer:       /CN=6566addf9ca0de49a6eef49858384f54f47a56f0
Certificate serial:       018CCA2ABD967910DB1F39C89621BD04E7B8
Authority key identifier: 65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/6piAzuAN2kuWt4UFrGQk358IebE.roa
Signing time:             Tue 02 Jan 2024 12:34:07 +0000
ROA not before:           Tue 02 Jan 2024 12:34:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43229
IP address blocks:        185.213.12.0/24 maxlen: 24
                          185.213.13.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:bd:96:79:10:db:1f:39:c8:96:21:bd:04:e7:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6566addf9ca0de49a6eef49858384f54f47a56f0
        Validity
            Not Before: Jan  2 12:34:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea9880cee00dda4b96b78505ac6424df9f0879b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5f:e7:4c:73:d4:c6:f8:10:d4:48:b9:d9:ef:
                    0e:97:54:f2:27:d4:3e:2f:0a:1c:80:08:8d:e6:a2:
                    0d:ff:53:83:41:00:f1:c9:4d:79:37:01:40:28:e7:
                    92:e4:14:24:97:6e:67:f5:ea:5a:ed:9b:92:8c:7e:
                    04:e6:45:45:a3:a7:2d:c2:33:66:3b:8b:53:d6:7f:
                    b7:f5:ae:08:61:14:8b:c4:a0:d3:1d:5a:4d:44:6f:
                    e1:3c:24:7d:7d:cf:0a:48:9f:32:a3:3e:91:2e:a1:
                    21:d6:ef:93:f8:4a:9d:30:08:be:79:27:59:e6:07:
                    8f:45:d1:db:13:71:d3:0d:d4:28:78:a3:a7:f6:61:
                    ce:c4:fd:d0:f2:7f:61:75:8b:c7:c1:b4:20:ce:ef:
                    12:b9:fe:c7:57:af:90:0f:90:da:81:01:7f:00:81:
                    39:07:6f:53:36:ec:48:d9:88:81:66:19:ee:1e:9b:
                    1c:51:19:18:2f:56:6d:19:03:c5:bc:11:93:d6:b9:
                    88:5d:a9:7b:08:20:05:ba:e5:b0:83:55:4f:7a:d3:
                    85:9d:0f:87:23:cc:67:e8:03:43:fb:80:a6:7b:fa:
                    07:a4:ff:16:43:1f:c0:8a:67:f8:61:6f:7c:52:aa:
                    a4:61:3a:a0:5e:60:c8:f2:3e:16:f2:62:ef:db:bf:
                    6c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:98:80:CE:E0:0D:DA:4B:96:B7:85:05:AC:64:24:DF:9F:08:79:B1
            X509v3 Authority Key Identifier:
                keyid:65:66:AD:DF:9C:A0:DE:49:A6:EE:F4:98:58:38:4F:54:F4:7A:56:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWat35yg3kmm7vSYWDhPVPR6VvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/6piAzuAN2kuWt4UFrGQk358IebE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bd56d7-3899-40e5-9612-3f28b6adbda9/1/ZWat35yg3kmm7vSYWDhPVPR6VvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.12.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:42:22:9b:b5:ac:93:9a:08:77:f0:6c:32:4c:09:d2:ef:33:
         95:5d:dc:f3:b3:b7:fb:56:ad:e8:66:f7:f9:10:9f:f1:42:dc:
         ae:be:f2:9a:a0:1b:cb:06:67:a9:f2:7b:08:d6:12:4b:fa:41:
         6f:8f:5d:8c:29:90:5b:70:89:94:fc:71:07:f8:f3:84:29:84:
         3e:ba:a7:a0:88:f2:4e:81:6d:71:22:b9:30:13:fe:8f:c6:ca:
         bc:cb:d3:69:17:3b:06:f0:55:ce:6c:67:54:05:c3:1f:e7:ca:
         85:61:55:f8:45:04:20:f1:f4:7b:e8:51:2e:68:2e:24:bd:ff:
         61:a0:a4:00:60:32:81:a3:e2:59:97:74:55:44:0c:79:31:e5:
         9e:34:ac:a3:33:ea:6c:b4:da:aa:28:c2:d0:ea:e8:2f:52:fa:
         ad:c7:df:1b:96:b6:0b:bd:7c:ba:92:46:9d:87:8e:2d:ca:c7:
         18:42:67:e8:83:3d:3f:4d:cf:7d:77:0a:76:01:b5:0f:85:f3:
         eb:08:94:1e:a1:57:e7:f6:a0:01:c4:db:a3:45:8f:4d:29:7e:
         61:b7:57:6e:61:08:66:b8:5c:05:68:4f:e1:69:4b:12:ba:14:
         7f:25:2e:1d:1a:6d:78:64:25:9d:df:81:e6:05:2d:23:b2:3e:
         bc:f1:0b:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKr2WeRDbHznIliG9BOe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NjZhZGRmOWNhMGRlNDlhNmVlZjQ5ODU4Mzg0ZjU0ZjQ3
YTU2ZjAwHhcNMjQwMTAyMTIzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTk4ODBjZWUwMGRkYTRiOTZiNzg1MDVhYzY0MjRkZjlmMDg3OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql/nTHPUxvgQ1Ei52e8Ol1TyJ9Q+
LwocgAiN5qIN/1ODQQDxyU15NwFAKOeS5BQkl25n9epa7ZuSjH4E5kVFo6ctwjNm
O4tT1n+39a4IYRSLxKDTHVpNRG/hPCR9fc8KSJ8yoz6RLqEh1u+T+EqdMAi+eSdZ
5gePRdHbE3HTDdQoeKOn9mHOxP3Q8n9hdYvHwbQgzu8Suf7HV6+QD5DagQF/AIE5
B29TNuxI2YiBZhnuHpscURkYL1ZtGQPFvBGT1rmIXal7CCAFuuWwg1VPetOFnQ+H
I8xn6AND+4Cme/oHpP8WQx/Aimf4YW98UqqkYTqgXmDI8j4W8mLv279saQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqYgM7gDdpLlreFBaxkJN+fCHmxMB8GA1UdIwQY
MBaAFGVmrd+coN5Jpu70mFg4T1T0elbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTIt
M2YyOGI2YWRiZGE5LzEvNnBpQXp1QU4ya3VXdDRVRnJHUWszNThJZWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZDU2ZDctMzg5OS00MGU1LTk2MTItM2YyOGI2YWRiZGE5
LzEvWldhdDM1eWcza21tN3ZTWVdEaFBWUFI2VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudUMMA0G
CSqGSIb3DQEBCwUAA4IBAQCJQiKbtayTmgh38GwyTAnS7zOVXdzzs7f7Vq3oZvf5
EJ/xQtyuvvKaoBvLBmep8nsI1hJL+kFvj12MKZBbcImU/HEH+POEKYQ+uqegiPJO
gW1xIrkwE/6Pxsq8y9NpFzsG8FXObGdUBcMf58qFYVX4RQQg8fR76FEuaC4kvf9h
oKQAYDKBo+JZl3RVRAx5MeWeNKyjM+pstNqqKMLQ6ugvUvqtx98blrYLvXy6kkad
h44tyscYQmfogz0/Tc99dwp2AbUPhfPrCJQeoVfn9qABxNujRY9NKX5ht1duYQhm
uFwFaE/haUsSuhR/JS4dGm14ZCWd34HmBS0jsj688Qtx
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:34 2024 by rpki-client on console-ams.rpki-client.org