Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/ew2FsbgUDrtUVXs-lCjfdjfia4Y.roa
File:                     ew2FsbgUDrtUVXs-lCjfdjfia4Y.roa (raw, json)
Hash identifier:          PT2yKOrTRkkPvl1aiW9lL4nFaIanScC6ie/VaT3kGno=
Subject key identifier:   7B:0D:85:B1:B8:14:0E:BB:54:55:7B:3E:94:28:DF:76:37:E2:6B:86
Certificate issuer:       /CN=36900183cf08a6e5bc807846294a46062e190e3b
Certificate serial:       01856FF95D7ED9F9634729F76380B4B29B27
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/ew2FsbgUDrtUVXs-lCjfdjfia4Y.roa
Signing time:             Mon 02 Jan 2023 00:54:51 +0000
ROA not before:           Mon 02 Jan 2023 00:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        45.11.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Mar 2023 03:28:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:5d:7e:d9:f9:63:47:29:f7:63:80:b4:b2:9b:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
        Validity
            Not Before: Jan  2 00:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b0d85b1b8140ebb54557b3e9428df7637e26b86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:20:7b:04:1f:8e:8c:5b:82:66:f9:bd:d1:9f:
                    5a:d0:70:be:93:74:25:d1:94:e0:38:13:85:06:23:
                    b0:f5:fa:39:d6:f6:6a:60:b0:fc:7a:56:45:dd:2e:
                    4b:08:a4:83:51:18:84:d1:14:32:ac:39:35:9d:9e:
                    fb:8b:a6:a9:d0:1d:1d:ff:bb:50:16:65:a8:57:77:
                    45:44:a8:9e:df:be:e9:0e:c0:6c:8c:15:6e:28:ad:
                    5a:81:92:8d:89:2f:aa:6d:d2:1c:fd:a3:74:c9:33:
                    c8:a6:d1:a3:31:c2:6e:ae:6f:fd:6b:07:e2:02:74:
                    d8:c5:58:d6:da:ab:70:32:5f:d9:fd:2a:24:d2:bf:
                    fc:95:d8:cf:b6:22:91:7c:0a:cb:33:15:15:9b:95:
                    93:52:f7:a5:4f:8b:58:a1:81:d9:e0:8f:de:24:36:
                    fa:41:44:d1:64:bf:dd:1c:d7:78:48:9c:6a:1a:e4:
                    b9:45:81:ac:46:59:a2:a7:45:ed:9c:f6:6c:6a:3e:
                    77:6e:04:24:6f:8e:13:39:a6:34:61:c6:86:7f:1c:
                    30:cc:a9:a6:15:60:0a:1b:22:db:74:b9:a2:b4:13:
                    cd:8e:11:cf:e6:a0:8b:7f:1c:e7:dc:90:89:eb:8d:
                    b2:e1:07:c5:eb:67:df:f6:53:1f:13:6f:fc:36:e6:
                    7c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7B:0D:85:B1:B8:14:0E:BB:54:55:7B:3E:94:28:DF:76:37:E2:6B:86
            X509v3 Authority Key Identifier: 
                keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/ew2FsbgUDrtUVXs-lCjfdjfia4Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:c7:46:c6:c0:e3:29:ba:3b:0b:72:b3:f4:86:3c:6f:7a:b2:
         51:59:7f:0a:ae:c4:c3:e9:ac:05:43:bb:73:0e:54:5d:ae:80:
         dd:b3:1c:92:e6:5c:ed:b2:5e:4a:b1:22:f1:35:b0:64:c2:86:
         f6:8e:72:f2:15:5c:15:f6:ee:b7:33:b1:7a:99:e3:82:e6:54:
         8f:26:f7:6c:8a:a7:93:91:92:c5:bf:ae:6f:9e:1e:39:55:fb:
         07:2f:96:a4:98:e8:76:46:63:39:1b:33:93:25:5b:41:30:43:
         8d:6d:74:9c:b3:44:8e:1c:10:36:5f:05:cc:26:41:2d:56:63:
         b6:ef:59:58:36:e8:06:a0:16:97:01:dd:00:45:0c:0c:d7:be:
         79:d8:e3:21:2d:ae:e0:cd:a5:78:4b:32:73:65:af:ab:fb:11:
         fc:a9:77:ce:ec:e0:09:9b:2a:15:69:c3:06:fa:6e:69:90:ba:
         38:07:67:62:88:cf:0f:2c:3b:de:d5:63:62:08:d0:11:57:2c:
         56:5e:46:df:90:85:35:7f:19:4b:ba:f3:94:c9:db:d7:25:01:
         ba:a3:c6:b2:bf:52:c3:f2:ab:dc:0d:02:81:78:b8:b1:c2:5a:
         a6:71:7d:d5:08:ad:d8:50:a3:0d:83:da:c3:f0:eb:ae:5a:d3:
         cd:01:17:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+V1+2fljRyn3Y4C0spsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTAwMTgzY2YwOGE2ZTViYzgwNzg0NjI5NGE0NjA2MmUx
OTBlM2IwHhcNMjMwMTAyMDA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkODViMWI4MTQwZWJiNTQ1NTdiM2U5NDI4ZGY3NjM3ZTI2Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCB7BB+OjFuCZvm90Z9a0HC+k3Ql
0ZTgOBOFBiOw9fo51vZqYLD8elZF3S5LCKSDURiE0RQyrDk1nZ77i6ap0B0d/7tQ
FmWoV3dFRKie377pDsBsjBVuKK1agZKNiS+qbdIc/aN0yTPIptGjMcJurm/9awfi
AnTYxVjW2qtwMl/Z/Sok0r/8ldjPtiKRfArLMxUVm5WTUvelT4tYoYHZ4I/eJDb6
QUTRZL/dHNd4SJxqGuS5RYGsRlmip0XtnPZsaj53bgQkb44TOaY0YcaGfxwwzKmm
FWAKGyLbdLmitBPNjhHP5qCLfxzn3JCJ642y4QfF62ff9lMfE2/8NuZ8pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsNhbG4FA67VFV7PpQo33Y34muGMB8GA1UdIwQY
MBaAFDaQAYPPCKblvIB4RilKRgYuGQ47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMt
MmY1YjZhODNmYWYzLzEvZXcyRnNiZ1VEcnRVVlhzLWxDamZkamZpYTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYz
LzEvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu7MA0G
CSqGSIb3DQEBCwUAA4IBAQBmx0bGwOMpujsLcrP0hjxverJRWX8KrsTD6awFQ7tz
DlRdroDdsxyS5lztsl5KsSLxNbBkwob2jnLyFVwV9u63M7F6meOC5lSPJvdsiqeT
kZLFv65vnh45VfsHL5akmOh2RmM5GzOTJVtBMEONbXScs0SOHBA2XwXMJkEtVmO2
71lYNugGoBaXAd0ARQwM17552OMhLa7gzaV4SzJzZa+r+xH8qXfO7OAJmyoVacMG
+m5pkLo4B2diiM8PLDve1WNiCNARVyxWXkbfkIU1fxlLuvOUydvXJQG6o8ayv1LD
8qvcDQKBeLixwlqmcX3VCK3YUKMNg9rD8OuuWtPNARdX
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:57:31 2023 by rpki-client on console-ams.rpki-client.org