Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa
File:                     GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa (raw, json)
Hash identifier:          2S+q0rQnlxtIQiTxAkqCC0m/TSr2hljNi04OICoGOmc=
Subject key identifier:   19:CA:50:9A:E8:61:A3:DB:2A:B0:FC:E9:D1:66:7D:2B:35:4F:68:85
Certificate issuer:       /CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
Certificate serial:       018CC493124ED3112406AB3CB52E9233A2D7
Authority key identifier: FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa
Signing time:             Mon 01 Jan 2024 10:30:21 +0000
ROA not before:           Mon 01 Jan 2024 10:30:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39256
IP address blocks:        46.254.80.0/21 maxlen: 21
                          188.93.24.0/21 maxlen: 21
                          92.43.0.0/21 maxlen: 21
                          185.17.88.0/22 maxlen: 22
                          2a03:7dc0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:12:4e:d3:11:24:06:ab:3c:b5:2e:92:33:a2:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=faa4eea86f9f3e6e7881b4b8da19a1d2725e8710
        Validity
            Not Before: Jan  1 10:30:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19ca509ae861a3db2ab0fce9d1667d2b354f6885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8b:fd:cf:c7:f1:09:16:6e:e7:00:17:53:c0:
                    65:ee:c2:4e:0b:9e:db:ef:b6:be:cb:79:60:81:5d:
                    b7:85:21:11:b0:1c:a1:6b:41:d4:3b:00:fa:dc:2a:
                    ca:49:63:0b:b8:88:40:cc:d6:5b:01:15:9d:ce:59:
                    11:6e:9d:d2:e4:4d:6d:6b:7d:a8:4d:a4:69:e0:54:
                    81:19:16:b3:75:62:5e:9e:a3:fa:13:7c:a5:98:73:
                    6f:e4:00:51:92:f3:b2:f9:16:87:83:07:ce:83:3a:
                    c3:84:d0:d4:c7:0e:b9:2b:0e:74:7a:bd:0f:d5:90:
                    00:3b:d7:3e:6c:67:a3:5f:a0:18:83:6a:82:7c:48:
                    70:3f:7b:1b:07:fe:39:98:57:1f:ca:69:73:dc:23:
                    6a:80:07:44:ba:47:75:10:a9:e7:01:61:0c:68:ca:
                    93:18:15:e2:96:52:7d:4c:17:c1:f0:7f:be:7c:52:
                    ab:46:01:38:e9:44:d9:60:da:40:18:67:f4:63:36:
                    18:ed:d3:63:26:62:d6:ce:53:53:38:ba:71:82:8c:
                    09:cc:99:7f:d9:9e:d4:92:34:b3:e9:bb:3d:d8:d2:
                    b8:6d:41:44:b1:a2:1c:c7:84:fd:50:3a:b9:99:9b:
                    31:80:3b:08:ad:de:e8:a6:cb:8d:14:4b:86:2c:e1:
                    0d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:CA:50:9A:E8:61:A3:DB:2A:B0:FC:E9:D1:66:7D:2B:35:4F:68:85
            X509v3 Authority Key Identifier:
                keyid:FA:A4:EE:A8:6F:9F:3E:6E:78:81:B4:B8:DA:19:A1:D2:72:5E:87:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qTuqG-fPm54gbS42hmh0nJehxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/GcpQmuhho9sqsPzp0WZ9KzVPaIU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c2c288-6f56-4c4d-9db5-96e99f794278/1/1-qTuqG-fPm54gbS42hmh0nJehxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.254.80.0/21
                  92.43.0.0/21
                  185.17.88.0/22
                  188.93.24.0/21
                IPv6:
                  2a03:7dc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:dd:63:cd:1f:2e:cc:85:88:59:1a:09:c5:1d:6d:44:63:91:
         43:08:57:a0:1f:b4:33:97:cb:28:5e:c7:83:2f:d4:66:07:93:
         4f:18:ba:8e:ac:d1:4c:85:7d:8a:67:5b:ea:0c:e9:9d:ad:65:
         91:5b:3f:5e:16:66:37:46:c4:a7:2c:da:4a:f1:57:8a:64:ed:
         6f:19:5a:40:63:9d:73:6a:6f:45:a9:9b:5d:26:71:e9:d3:2e:
         9e:4e:e1:9a:85:52:b3:ec:10:c8:84:ce:a7:d3:7f:03:a4:18:
         bb:c7:56:8f:3e:71:0a:a4:31:7e:7d:e8:31:ea:f0:de:16:2b:
         9c:65:75:6e:e3:60:d1:cf:b5:c0:23:b7:cc:53:ca:78:56:f1:
         d5:8d:42:91:fe:bd:d1:a3:98:44:2d:54:8b:25:79:56:11:d6:
         91:18:9c:5e:ec:f1:99:5a:3c:e7:66:cc:6c:d7:2a:60:a5:aa:
         b2:e9:60:da:63:59:da:63:40:d2:25:f0:ce:23:da:e9:03:8f:
         43:c9:95:32:e6:23:a7:d4:7c:15:d7:4f:47:09:a7:68:bb:5a:
         3a:42:10:bc:0d:e0:5b:15:9e:d6:77:fc:fc:5f:aa:23:97:b9:
         d8:ea:75:55:bf:0c:fc:c5:00:1c:f7:50:4d:5e:84:fc:70:32:
         ab:de:45:5b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzEkxJO0xEkBqs8tS6SM6LXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTRlZWE4NmY5ZjNlNmU3ODgxYjRiOGRhMTlhMWQyNzI1
ZTg3MTAwHhcNMjQwMTAxMTAzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNhNTA5YWU4NjFhM2RiMmFiMGZjZTlkMTY2N2QyYjM1NGY2ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4v9z8fxCRZu5wAXU8Bl7sJOC57b
77a+y3lggV23hSERsByha0HUOwD63CrKSWMLuIhAzNZbARWdzlkRbp3S5E1ta32o
TaRp4FSBGRazdWJenqP6E3ylmHNv5ABRkvOy+RaHgwfOgzrDhNDUxw65Kw50er0P
1ZAAO9c+bGejX6AYg2qCfEhwP3sbB/45mFcfymlz3CNqgAdEukd1EKnnAWEMaMqT
GBXillJ9TBfB8H++fFKrRgE46UTZYNpAGGf0YzYY7dNjJmLWzlNTOLpxgowJzJl/
2Z7UkjSz6bs92NK4bUFEsaIcx4T9UDq5mZsxgDsIrd7opsuNFEuGLOEN9QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBnKUJroYaPbKrD86dFmfSs1T2iFMB8GA1UdIwQY
MBaAFPqk7qhvnz5ueIG0uNoZodJyXocQMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xVHVxRy1mUG01NGdiUzQyaG1oMG5KZWh4QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvYzJjMjg4LTZmNTYtNGM0ZC05ZGI1
LTk2ZTk5Zjc5NDI3OC8xL0djcFFtdWhobzlzcXNQenAwV1o5S3pWUGFJVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGYvYzJjMjg4LTZmNTYtNGM0ZC05ZGI1LTk2ZTk5Zjc5NDI3
OC8xLzEtcVR1cUctZlBtNTRnYlM0MmhtaDBuSmVoeEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMu/lAD
BANcKwADBAK5EVgDBAO8XRgwDQQCAAIwBwMFACoDfcAwDQYJKoZIhvcNAQELBQAD
ggEBAIPdY80fLsyFiFkaCcUdbURjkUMIV6AftDOXyyhex4Mv1GYHk08Yuo6s0UyF
fYpnW+oM6Z2tZZFbP14WZjdGxKcs2krxV4pk7W8ZWkBjnXNqb0Wpm10mcenTLp5O
4ZqFUrPsEMiEzqfTfwOkGLvHVo8+cQqkMX596DHq8N4WK5xldW7jYNHPtcAjt8xT
ynhW8dWNQpH+vdGjmEQtVIsleVYR1pEYnF7s8ZlaPOdmzGzXKmClqrLpYNpjWdpj
QNIl8M4j2ukDj0PJlTLmI6fUfBXXT0cJp2i7WjpCELwN4FsVntZ3/PxfqiOXudjq
dVW/DPzFABz3UE1ehPxwMqveRVs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:34 2024 by rpki-client on console-ams.rpki-client.org