Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/KusEWy7hYP1ojsLIaylgk3S7MwI.roa
File:                     KusEWy7hYP1ojsLIaylgk3S7MwI.roa (raw, json)
Hash identifier:          jHQVtg/Wham/fQiepOX2G9tSXEu87Ui+M5ik4HYTkZg=
Subject key identifier:   2A:EB:04:5B:2E:E1:60:FD:68:8E:C2:C8:6B:29:60:93:74:BB:33:02
Certificate issuer:       /CN=15bd7f78b7a044ae134c88b624e831a761143b79
Certificate serial:       018CC94BEDCF5C97974DD37DEFC15D77A687
Authority key identifier: 15:BD:7F:78:B7:A0:44:AE:13:4C:88:B6:24:E8:31:A7:61:14:3B:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/KusEWy7hYP1ojsLIaylgk3S7MwI.roa
Signing time:             Tue 02 Jan 2024 08:30:45 +0000
ROA not before:           Tue 02 Jan 2024 08:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203618
IP address blocks:        185.92.231.0/24 maxlen: 24
                          185.92.230.0/24 maxlen: 24
                          185.92.230.0/23 maxlen: 23
                          2a03:8d60::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 06:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4b:ed:cf:5c:97:97:4d:d3:7d:ef:c1:5d:77:a6:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15bd7f78b7a044ae134c88b624e831a761143b79
        Validity
            Not Before: Jan  2 08:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2aeb045b2ee160fd688ec2c86b29609374bb3302
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:06:7e:64:d9:f0:44:75:30:39:c0:44:2e:f8:
                    13:23:bb:26:ec:b8:ed:ed:d4:e9:52:04:77:5f:cc:
                    a6:6d:a1:56:84:89:45:55:28:2a:71:ea:df:35:bc:
                    a7:a5:92:23:b2:0b:e6:cf:d8:ff:47:fc:5b:00:44:
                    8e:e8:e9:f3:bf:9d:d4:a1:29:22:66:1b:18:cf:74:
                    30:e5:b6:d1:ba:5d:0f:f3:c9:d3:24:5a:b0:6d:7b:
                    0a:97:03:2a:74:28:25:ed:03:79:46:bd:3b:b0:4b:
                    88:62:0c:24:e0:80:f6:c9:af:aa:8b:f7:18:e8:f8:
                    35:73:d8:80:cc:3c:ed:a2:9a:f0:68:4f:a4:68:ba:
                    cc:b9:55:f1:98:6e:89:44:3a:10:bb:56:f6:31:14:
                    87:a9:71:17:dc:5f:82:ef:44:79:e1:10:34:1d:d7:
                    36:b5:a9:90:f5:91:58:56:de:d8:ab:88:99:d1:fe:
                    ec:2d:b0:be:cb:22:d0:c2:ea:20:05:3f:41:79:3e:
                    41:5c:e9:a4:8f:8b:0e:8f:aa:bf:20:b7:56:23:04:
                    9d:6a:6d:0e:48:2b:24:87:de:52:76:69:19:66:36:
                    85:85:b3:5c:6e:8b:54:9e:ea:47:47:b3:db:38:44:
                    53:18:23:56:7b:80:12:f0:98:4c:f2:4c:21:d0:9e:
                    a3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EB:04:5B:2E:E1:60:FD:68:8E:C2:C8:6B:29:60:93:74:BB:33:02
            X509v3 Authority Key Identifier:
                keyid:15:BD:7F:78:B7:A0:44:AE:13:4C:88:B6:24:E8:31:A7:61:14:3B:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/KusEWy7hYP1ojsLIaylgk3S7MwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.230.0/23
                IPv6:
                  2a03:8d60::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:79:a4:c2:34:f6:89:80:cc:a7:b2:33:9a:4e:ae:ea:ad:a2:
         e2:ce:2c:b2:46:90:71:88:e1:52:57:a2:fa:d7:21:26:42:24:
         81:f3:dc:71:3e:83:cc:dc:22:cd:6d:2a:3f:07:a6:8a:1b:3a:
         bc:03:bd:4d:44:e3:c4:76:13:a0:1f:92:d3:27:cd:1d:24:28:
         66:26:bd:ec:bb:3c:41:5f:c4:f5:4f:e5:34:89:b0:77:00:f6:
         37:67:f1:26:b1:ee:40:d1:64:a4:0c:2d:ba:68:51:e9:84:ef:
         f5:ff:75:ed:46:e1:bf:d3:36:c2:49:86:f1:a1:30:de:ae:1c:
         ad:b3:91:77:13:31:ac:b2:38:ee:5c:34:13:8b:84:21:6c:b2:
         d3:e7:43:46:2b:f4:de:10:70:eb:bd:d9:3e:7c:e1:21:ec:05:
         b1:b9:31:bc:ef:bb:62:11:61:1e:37:37:98:eb:24:85:05:f9:
         50:bd:3c:d7:b4:f5:20:d7:02:2e:22:97:c3:21:8a:b5:f8:1c:
         f3:e3:49:60:0b:2b:8a:6a:86:40:41:f3:1f:88:f9:cd:35:50:
         fd:42:36:0e:a4:86:d3:9b:cb:7c:8d:b0:5b:1c:f5:76:9b:34:
         82:ac:ca:5e:ad:12:c9:b9:a0:55:2d:ef:2c:ca:14:e4:06:a6:
         25:e4:3f:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJS+3PXJeXTdN978Fdd6aHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YmQ3Zjc4YjdhMDQ0YWUxMzRjODhiNjI0ZTgzMWE3NjEx
NDNiNzkwHhcNMjQwMTAyMDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWViMDQ1YjJlZTE2MGZkNjg4ZWMyYzg2YjI5NjA5Mzc0YmIzMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgZ+ZNnwRHUwOcBELvgTI7sm7Ljt
7dTpUgR3X8ymbaFWhIlFVSgqcerfNbynpZIjsgvmz9j/R/xbAESO6Onzv53UoSki
ZhsYz3Qw5bbRul0P88nTJFqwbXsKlwMqdCgl7QN5Rr07sEuIYgwk4ID2ya+qi/cY
6Pg1c9iAzDztoprwaE+kaLrMuVXxmG6JRDoQu1b2MRSHqXEX3F+C70R54RA0Hdc2
tamQ9ZFYVt7Yq4iZ0f7sLbC+yyLQwuogBT9BeT5BXOmkj4sOj6q/ILdWIwSdam0O
SCskh95SdmkZZjaFhbNcbotUnupHR7PbOERTGCNWe4AS8JhM8kwh0J6jJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrrBFsu4WD9aI7CyGspYJN0uzMCMB8GA1UdIwQY
MBaAFBW9f3i3oESuE0yItiToMadhFDt5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmIxX2VMZWdSSzRUVElpMkpPZ3hwMkVVTzNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNmViOTctNDhlOC00ZTViLTk3Y2Qt
ZDVkOGUwNGU1OTc1LzEvS3VzRVd5N2hZUDFvanNMSWF5bGdrM1M3TXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNmViOTctNDhlOC00ZTViLTk3Y2QtZDVkOGUwNGU1OTc1
LzEvRmIxX2VMZWdSSzRUVElpMkpPZ3hwMkVVTzNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuVzmMA8E
AgACMAkDBwAqA41gAAAwDQYJKoZIhvcNAQELBQADggEBAFJ5pMI09omAzKeyM5pO
ruqtouLOLLJGkHGI4VJXovrXISZCJIHz3HE+g8zcIs1tKj8HpoobOrwDvU1E48R2
E6AfktMnzR0kKGYmvey7PEFfxPVP5TSJsHcA9jdn8Sax7kDRZKQMLbpoUemE7/X/
de1G4b/TNsJJhvGhMN6uHK2zkXcTMayyOO5cNBOLhCFsstPnQ0Yr9N4QcOu92T58
4SHsBbG5Mbzvu2IRYR43N5jrJIUF+VC9PNe09SDXAi4il8MhirX4HPPjSWALK4pq
hkBB8x+I+c01UP1CNg6khtOby3yNsFsc9XabNIKsyl6tEsm5oFUt7yzKFOQGpiXk
P+s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:33:11 2024 by rpki-client on console-ams.rpki-client.org