Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa
File:                     a6X3JHuxHKIxTVhmsJPuUx-LI78.roa (raw, json)
Hash identifier:          9ilOKG2yKGg5tgA9SgjgZNEx/xrIrTffjNWPltxT9Ag=
Subject key identifier:   6B:A5:F7:24:7B:B1:1C:A2:31:4D:58:66:B0:93:EE:53:1F:8B:23:BF
Certificate issuer:       /CN=6cbbb81d823069dd824d8d8d82c8dbfb305db98f
Certificate serial:       018CC9BCE6334A349D401AA457D70BA71843
Authority key identifier: 6C:BB:B8:1D:82:30:69:DD:82:4D:8D:8D:82:C8:DB:FB:30:5D:B9:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa
Signing time:             Tue 02 Jan 2024 10:34:09 +0000
ROA not before:           Tue 02 Jan 2024 10:34:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39452
IP address blocks:        45.13.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:e6:33:4a:34:9d:40:1a:a4:57:d7:0b:a7:18:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cbbb81d823069dd824d8d8d82c8dbfb305db98f
        Validity
            Not Before: Jan  2 10:34:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ba5f7247bb11ca2314d5866b093ee531f8b23bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f8:9f:8a:4f:48:96:d3:87:b5:dc:16:aa:b7:
                    35:4f:7f:a3:90:ae:4b:d5:e2:2a:5d:55:e0:07:3c:
                    73:af:ff:f7:6b:0a:e3:4a:e5:44:c3:28:15:12:d4:
                    34:4d:0e:7e:d1:d3:6e:0e:8e:b8:bc:49:9c:cb:bd:
                    e8:b3:dc:ab:cc:fd:48:d7:bf:c9:14:d1:73:bd:4c:
                    ac:e9:34:e3:50:ac:52:a4:cb:e6:22:d2:ec:1f:f7:
                    1f:e2:58:a2:5d:35:08:47:f4:18:9e:e5:2e:25:46:
                    80:46:ca:4c:99:1c:a3:66:10:be:4f:65:60:5b:0f:
                    f8:7b:22:d6:a7:20:1d:0e:ea:a5:e4:93:f8:ed:a9:
                    cd:a2:56:77:bb:66:73:0d:e9:87:c1:46:e9:77:49:
                    de:6d:d1:f7:5d:56:ee:c5:bc:a3:75:b3:2c:4d:c7:
                    ef:a9:e4:40:72:57:55:74:11:89:ff:ba:fc:9a:83:
                    b0:3f:b7:64:a7:9e:8b:df:56:1d:8f:1d:52:a0:8a:
                    e0:e6:62:f4:dd:2c:0a:97:d5:8e:7c:04:18:34:e0:
                    8c:64:cf:30:d8:28:a2:a0:f0:00:ce:7a:f1:01:46:
                    80:e8:7c:0f:bd:d2:d0:75:fe:b1:94:b7:5a:af:2e:
                    90:30:4e:42:09:46:3c:6c:8c:cf:2a:6d:d9:3f:aa:
                    ce:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:A5:F7:24:7B:B1:1C:A2:31:4D:58:66:B0:93:EE:53:1F:8B:23:BF
            X509v3 Authority Key Identifier:
                keyid:6C:BB:B8:1D:82:30:69:DD:82:4D:8D:8D:82:C8:DB:FB:30:5D:B9:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:74:f7:ca:65:f0:f9:49:17:65:b3:4e:09:30:60:10:3b:b2:
         c9:0d:d3:fc:74:9c:12:17:e7:99:ad:5d:d9:9f:b3:d4:ea:0e:
         ee:2a:86:91:68:9a:2c:0c:d5:45:48:3f:ef:e9:c3:54:43:34:
         c6:f9:24:82:56:3c:4e:7d:97:b5:7b:07:a6:3f:02:af:c5:0d:
         95:c0:a8:32:85:56:a5:dc:ab:58:ef:49:87:83:dc:ea:0b:07:
         9d:1c:a8:d6:2f:c9:ad:c1:b6:72:a3:79:dd:b8:06:e3:7f:36:
         c5:6b:76:80:d3:ce:67:d9:f0:fd:39:a3:3c:cf:37:fb:37:e0:
         53:7c:97:c8:06:fe:76:fb:44:e7:f0:fe:e8:db:b6:13:64:be:
         cd:97:b2:75:53:b1:19:e9:f0:01:a7:5c:8d:17:30:e0:77:c5:
         d7:62:34:ea:39:0d:72:93:dd:43:d3:54:dd:ef:17:c3:e5:2c:
         83:ea:92:fb:f5:ab:07:35:59:54:84:0d:42:64:74:5f:62:bd:
         09:52:fc:3c:f2:2f:18:6c:45:05:a5:4b:17:08:9e:db:f2:64:
         98:42:a2:07:71:b1:2a:dd:f5:c8:ed:bf:2b:56:d1:ea:8f:a9:
         26:3c:61:ba:a1:c2:9e:51:dc:b9:38:34:c6:ef:65:bc:ea:7b:
         0d:ba:0b:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOYzSjSdQBqkV9cLpxhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYmJiODFkODIzMDY5ZGQ4MjRkOGQ4ZDgyYzhkYmZiMzA1
ZGI5OGYwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE1ZjcyNDdiYjExY2EyMzE0ZDU4NjZiMDkzZWU1MzFmOGIyM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfifik9IltOHtdwWqrc1T3+jkK5L
1eIqXVXgBzxzr//3awrjSuVEwygVEtQ0TQ5+0dNuDo64vEmcy73os9yrzP1I17/J
FNFzvUys6TTjUKxSpMvmItLsH/cf4liiXTUIR/QYnuUuJUaARspMmRyjZhC+T2Vg
Ww/4eyLWpyAdDuql5JP47anNolZ3u2ZzDemHwUbpd0nebdH3XVbuxbyjdbMsTcfv
qeRAcldVdBGJ/7r8moOwP7dkp56L31Ydjx1SoIrg5mL03SwKl9WOfAQYNOCMZM8w
2CiioPAAznrxAUaA6HwPvdLQdf6xlLdary6QME5CCUY8bIzPKm3ZP6rOBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGul9yR7sRyiMU1YZrCT7lMfiyO/MB8GA1UdIwQY
MBaAFGy7uB2CMGndgk2NjYLI2/swXbmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkx1NEhZSXdhZDJDVFkyTmdzamItekJkdVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jMjVkYzItZjU0ZC00MTRkLTg3Njkt
OGQ2NWY0ZWU5MWRmLzEvYTZYM0pIdXhIS0l4VFZobXNKUHVVeC1MSTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jMjVkYzItZjU0ZC00MTRkLTg3NjktOGQ2NWY0ZWU5MWRm
LzEvYkx1NEhZSXdhZDJDVFkyTmdzamItekJkdVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ0oMA0G
CSqGSIb3DQEBCwUAA4IBAQCHdPfKZfD5SRdls04JMGAQO7LJDdP8dJwSF+eZrV3Z
n7PU6g7uKoaRaJosDNVFSD/v6cNUQzTG+SSCVjxOfZe1ewemPwKvxQ2VwKgyhVal
3KtY70mHg9zqCwedHKjWL8mtwbZyo3nduAbjfzbFa3aA085n2fD9OaM8zzf7N+BT
fJfIBv52+0Tn8P7o27YTZL7Nl7J1U7EZ6fABp1yNFzDgd8XXYjTqOQ1yk91D01Td
7xfD5SyD6pL79asHNVlUhA1CZHRfYr0JUvw88i8YbEUFpUsXCJ7b8mSYQqIHcbEq
3fXI7b8rVtHqj6kmPGG6ocKeUdy5ODTG72W86nsNugsY
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:26:37 2024 by rpki-client on console-fra.rpki-client.org