Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qHYwH8erJlVZAdQw9iIP72m92bI.roa
File:                     qHYwH8erJlVZAdQw9iIP72m92bI.roa (raw, json)
Hash identifier:          AkyTyMq5oxE0HCGVPhYlMBtpaVZbi9DfwmysRmn4p9A=
Subject key identifier:   A8:76:30:1F:C7:AB:26:55:59:01:D4:30:F6:22:0F:EF:69:BD:D9:B2
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64AE3BA8B72722965FE11B9D382CB5D
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qHYwH8erJlVZAdQw9iIP72m92bI.roa
Signing time:             Mon 01 Jan 2024 18:30:45 +0000
ROA not before:           Mon 01 Jan 2024 18:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39383
IP address blocks:        81.181.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:e3:ba:8b:72:72:29:65:fe:11:b9:d3:82:cb:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a876301fc7ab26555901d430f6220fef69bdd9b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:88:5c:0c:3e:c3:e9:ed:23:94:34:9e:ed:79:
                    c5:49:83:b3:fd:35:8b:3b:1a:e6:a4:64:71:e7:00:
                    0e:e9:5e:62:64:45:f7:09:08:a2:7d:a2:a4:71:de:
                    3e:30:2e:80:e1:e0:26:a4:4f:22:ec:5e:5e:a7:b1:
                    6d:e1:ba:51:8f:c5:f8:6a:07:0e:fc:8e:75:c0:28:
                    ab:5d:3a:47:a8:87:bc:3a:fa:d9:03:9e:82:a6:e5:
                    6f:a5:0a:43:2b:ff:98:26:c7:d9:d4:83:19:21:3d:
                    3f:d2:1b:fd:a4:de:bc:ed:d2:b0:4d:d2:ec:0e:c3:
                    29:d1:2a:42:95:c6:3e:88:0a:f0:e6:8c:9f:cf:9c:
                    1a:a7:0d:da:71:31:41:7b:35:b5:bd:3d:ee:aa:54:
                    58:91:ae:5a:e6:0c:77:89:97:34:bb:6d:79:78:9c:
                    94:a1:35:6d:5c:63:f3:66:a0:60:27:80:61:b2:1b:
                    bf:5f:ed:46:66:1d:19:92:84:4b:21:47:08:29:b0:
                    83:77:28:b5:fc:ae:f5:bd:8f:53:27:4a:5a:3d:1e:
                    63:ba:02:84:97:38:04:75:c2:94:0b:9e:5f:05:a9:
                    8a:cd:ab:b8:1f:53:8a:eb:98:5f:9e:3e:7d:7d:98:
                    f3:ac:46:04:78:8c:01:c4:9e:83:62:ce:f9:11:05:
                    77:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:76:30:1F:C7:AB:26:55:59:01:D4:30:F6:22:0F:EF:69:BD:D9:B2
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qHYwH8erJlVZAdQw9iIP72m92bI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.181.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:fd:41:10:b2:76:11:aa:b8:33:b7:98:84:dc:91:7a:af:15:
         31:3b:bc:0f:ed:50:5c:51:95:fb:20:5b:f7:92:8f:c1:20:04:
         b6:c3:64:6c:f7:5c:2f:57:80:f0:a3:44:eb:05:07:8a:95:57:
         f2:d6:70:5c:01:c0:93:2b:2e:f4:66:eb:73:4b:bc:c5:69:c8:
         08:98:cf:5f:61:e9:b0:ae:6f:95:c6:30:38:ea:78:ef:e3:ba:
         12:40:b8:f0:10:e0:92:37:ee:07:f8:cd:a8:04:8e:c2:8b:90:
         28:5c:dd:0d:95:7a:fb:3f:d1:f5:15:9e:77:c2:2f:2b:6f:d7:
         40:f9:46:ce:5b:4b:2b:d0:f9:cc:41:1e:f8:0b:4f:ef:a5:35:
         a5:ae:3d:8c:59:b6:80:d4:7e:c8:6b:ae:17:87:f3:b6:78:bf:
         bb:bc:81:31:b7:b4:0f:8d:02:c4:25:c7:b8:37:eb:08:35:b1:
         5a:8d:cd:40:94:3e:f8:db:bf:27:89:dc:63:d8:47:e8:da:b4:
         73:ab:ac:0b:f8:f2:18:86:1c:b6:a9:03:d1:6d:e2:6d:c5:70:
         c5:de:7e:f9:46:3f:99:61:9a:4b:40:0e:b0:6c:77:3f:4c:82:
         c4:78:d3:a9:7d:da:eb:fb:08:77:c4:58:9d:7a:4f:09:75:c6:
         33:83:82:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSuO6i3JyKWX+EbnTgstdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODc2MzAxZmM3YWIyNjU1NTkwMWQ0MzBmNjIyMGZlZjY5YmRkOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIhcDD7D6e0jlDSe7XnFSYOz/TWL
OxrmpGRx5wAO6V5iZEX3CQiifaKkcd4+MC6A4eAmpE8i7F5ep7Ft4bpRj8X4agcO
/I51wCirXTpHqIe8OvrZA56CpuVvpQpDK/+YJsfZ1IMZIT0/0hv9pN687dKwTdLs
DsMp0SpClcY+iArw5oyfz5wapw3acTFBezW1vT3uqlRYka5a5gx3iZc0u215eJyU
oTVtXGPzZqBgJ4Bhshu/X+1GZh0ZkoRLIUcIKbCDdyi1/K71vY9TJ0paPR5jugKE
lzgEdcKUC55fBamKzau4H1OK65hfnj59fZjzrEYEeIwBxJ6DYs75EQV3QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKh2MB/HqyZVWQHUMPYiD+9pvdmyMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvcUhZd0g4ZXJKbFZaQWRRdzlpSVA3Mm05MmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUbWBMA0G
CSqGSIb3DQEBCwUAA4IBAQCj/UEQsnYRqrgzt5iE3JF6rxUxO7wP7VBcUZX7IFv3
ko/BIAS2w2Rs91wvV4Dwo0TrBQeKlVfy1nBcAcCTKy70ZutzS7zFacgImM9fYemw
rm+VxjA46njv47oSQLjwEOCSN+4H+M2oBI7Ci5AoXN0NlXr7P9H1FZ53wi8rb9dA
+UbOW0sr0PnMQR74C0/vpTWlrj2MWbaA1H7Ia64Xh/O2eL+7vIExt7QPjQLEJce4
N+sINbFajc1AlD74278nidxj2Efo2rRzq6wL+PIYhhy2qQPRbeJtxXDF3n75Rj+Z
YZpLQA6wbHc/TILEeNOpfdrr+wh3xFidek8JdcYzg4LS
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:35 2024 by rpki-client on console-ams.rpki-client.org