Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qf5UCJd2AyhCaz5G90eLY6bsFWk.roa
File:                     qf5UCJd2AyhCaz5G90eLY6bsFWk.roa (raw, json)
Hash identifier:          mEyKazeLI6n96vtLvlXMRFISDEMKEZkz1Ilpl8mtRlg=
Subject key identifier:   A9:FE:54:08:97:76:03:28:42:6B:3E:46:F7:47:8B:63:A6:EC:15:69
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64ADAAEDFE43CA1C3DA9B0BBC8CB807
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qf5UCJd2AyhCaz5G90eLY6bsFWk.roa
Signing time:             Mon 01 Jan 2024 18:30:43 +0000
ROA not before:           Mon 01 Jan 2024 18:30:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9199
IP address blocks:        81.180.64.0/22 maxlen: 24
                          81.180.70.0/23 maxlen: 24
                          81.180.68.0/23 maxlen: 24
                          81.180.76.0/22 maxlen: 24
                          81.180.84.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:da:ae:df:e4:3c:a1:c3:da:9b:0b:bc:8c:b8:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a9fe540897760328426b3e46f7478b63a6ec1569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:69:91:46:93:0a:ea:a2:b9:ba:61:68:19:ca:
                    d1:91:0d:96:04:42:24:fe:e9:27:88:ed:b6:e4:c3:
                    da:7c:c9:8a:d4:d5:10:0e:46:27:a8:9d:5b:45:74:
                    e5:71:95:6d:d8:3c:6a:1f:83:76:c8:41:01:0b:01:
                    2e:89:e8:75:18:b5:98:14:9c:3c:b8:55:6d:4c:99:
                    2b:42:24:d4:29:2a:b5:11:34:52:c2:b8:a7:79:22:
                    66:64:18:98:a1:e8:1f:98:b2:60:26:71:c8:eb:f0:
                    8e:24:90:3f:21:c2:23:11:a6:b9:a8:9c:92:8e:89:
                    38:e6:81:26:ff:8b:4e:7b:10:e5:5c:36:03:f9:5f:
                    58:88:2e:62:14:e0:88:ee:7c:d9:d9:a5:15:61:12:
                    a3:8f:b6:59:83:d9:77:ec:7e:e0:3b:ef:c3:a7:78:
                    cc:ac:e2:03:25:83:e0:60:fc:b9:47:03:45:ee:7c:
                    89:d6:2b:99:f7:e0:d4:4f:4f:25:3b:28:ac:b2:80:
                    06:28:58:2a:81:7a:49:c2:e4:26:f3:98:31:5a:67:
                    17:53:37:a1:d2:af:8e:d7:eb:fe:b2:8d:2d:a6:e8:
                    f7:cd:b7:f7:f2:1d:6f:eb:5e:5e:cd:2d:30:7e:4f:
                    33:96:a9:56:94:be:df:db:d1:bb:96:34:53:78:91:
                    fe:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:FE:54:08:97:76:03:28:42:6B:3E:46:F7:47:8B:63:A6:EC:15:69
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/qf5UCJd2AyhCaz5G90eLY6bsFWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.180.64.0/21
                  81.180.76.0/22
                  81.180.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a4:fe:a1:97:61:74:41:58:60:bd:c5:d0:40:c8:81:8d:56:5c:
         dd:1e:e4:02:0e:1e:0b:de:5d:c5:52:c9:aa:66:70:17:2e:e7:
         74:1a:9a:61:ab:f4:9c:80:28:5f:ea:3a:0a:41:64:6d:22:8c:
         06:a5:7d:74:1b:ac:e0:b6:6e:76:7f:b1:38:de:a1:d4:44:20:
         52:84:57:55:85:14:1b:ee:d7:9c:00:00:31:5b:0b:01:df:55:
         9c:b1:7f:50:5d:ae:01:8f:09:20:e9:16:b4:5c:54:48:4b:da:
         e8:ec:68:8c:08:c7:45:a9:b6:20:8b:4a:e5:c7:93:a1:bd:16:
         4a:3f:e2:22:6d:45:45:b8:47:b1:70:56:e4:2e:e9:a4:2c:9b:
         b5:1b:40:f8:6e:dd:92:09:8c:97:fe:dc:10:27:e2:8e:f8:6c:
         8d:02:ff:be:50:24:82:48:80:86:f2:18:f0:bb:74:d4:62:ba:
         3c:8e:76:9d:b2:53:cf:f8:c3:96:6c:9f:8d:1a:36:c5:cf:18:
         67:69:c3:26:23:bf:40:ad:02:9b:23:f5:3b:0a:8b:77:9b:94:
         3e:ae:c5:10:c3:7b:eb:24:7c:16:33:e2:c3:4c:ec:c6:6a:6d:
         15:4e:18:98:c3:a5:31:f8:4d:55:ec:51:7e:37:f8:7c:fc:83:
         f3:80:6d:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGStqu3+Q8ocPamwu8jLgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZlNTQwODk3NzYwMzI4NDI2YjNlNDZmNzQ3OGI2M2E2ZWMxNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2mRRpMK6qK5umFoGcrRkQ2WBEIk
/ukniO225MPafMmK1NUQDkYnqJ1bRXTlcZVt2DxqH4N2yEEBCwEuieh1GLWYFJw8
uFVtTJkrQiTUKSq1ETRSwrineSJmZBiYoegfmLJgJnHI6/COJJA/IcIjEaa5qJyS
jok45oEm/4tOexDlXDYD+V9YiC5iFOCI7nzZ2aUVYRKjj7ZZg9l37H7gO+/Dp3jM
rOIDJYPgYPy5RwNF7nyJ1iuZ9+DUT08lOyissoAGKFgqgXpJwuQm85gxWmcXUzeh
0q+O1+v+so0tpuj3zbf38h1v615ezS0wfk8zlqlWlL7f29G7ljRTeJH+QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKn+VAiXdgMoQms+RvdHi2Om7BVpMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvcWY1VUNKZDJBeWhDYXo1RzkwZUxZNmJzRldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUbRAAwQC
UbRMAwQBUbRUMA0GCSqGSIb3DQEBCwUAA4IBAQCk/qGXYXRBWGC9xdBAyIGNVlzd
HuQCDh4L3l3FUsmqZnAXLud0Gpphq/ScgChf6joKQWRtIowGpX10G6zgtm52f7E4
3qHURCBShFdVhRQb7tecAAAxWwsB31WcsX9QXa4Bjwkg6Ra0XFRIS9ro7GiMCMdF
qbYgi0rlx5OhvRZKP+IibUVFuEexcFbkLumkLJu1G0D4bt2SCYyX/twQJ+KO+GyN
Av++UCSCSICG8hjwu3TUYro8jnadslPP+MOWbJ+NGjbFzxhnacMmI79ArQKbI/U7
Cot3m5Q+rsUQw3vrJHwWM+LDTOzGam0VThiYw6Ux+E1V7FF+N/h8/IPzgG3z
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:35 2024 by rpki-client on console-ams.rpki-client.org