Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MUl2V15rosIY7c4ySrzO4eC71Xs.roa
File:                     MUl2V15rosIY7c4ySrzO4eC71Xs.roa (raw, json)
Hash identifier:          82pPaTZJW1kH3KKGElawmPCETYXUflKq5MiRWAHDsyU=
Subject key identifier:   31:49:76:57:5E:6B:A2:C2:18:ED:CE:32:4A:BC:CE:E1:E0:BB:D5:7B
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       019427489C5D82A10A874CADF4E175CC55AD
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MUl2V15rosIY7c4ySrzO4eC71Xs.roa
Signing time:             Thu 02 Jan 2025 13:50:57 +0000
ROA not before:           Thu 02 Jan 2025 13:50:57 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     208751
IP address blocks:        45.135.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Apr 2025 22:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:48:9c:5d:82:a1:0a:87:4c:ad:f4:e1:75:cc:55:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  2 13:50:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=314976575e6ba2c218edce324abccee1e0bbd57b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9d:86:5e:bd:9e:79:f8:1b:c9:34:7f:06:58:
                    6c:70:41:64:f7:d1:48:9f:7d:7b:16:19:fe:92:8d:
                    b1:65:31:3e:4f:80:53:33:2a:a2:e5:76:b8:dc:c2:
                    ea:9e:94:f5:f2:6d:e7:b1:21:e1:a6:9d:a9:92:9f:
                    5e:57:9e:b8:e1:65:6f:3c:2b:bc:2a:eb:cc:69:e0:
                    ac:07:78:b9:9c:7b:f9:58:e7:55:91:a6:83:7a:22:
                    ca:67:50:f4:06:06:c3:13:cd:35:55:5f:56:23:c1:
                    9c:36:e4:e7:41:bc:7b:4e:7d:32:69:66:c3:fc:da:
                    d2:0b:ad:ff:35:ee:2b:4f:2b:9c:d8:b2:ad:cc:5b:
                    87:e3:c9:28:30:3b:69:2f:60:4f:92:14:a7:5e:0c:
                    c8:94:d5:2c:d6:b7:67:15:25:11:61:52:d4:7e:5c:
                    93:06:d5:15:e7:30:43:34:c4:98:1d:9d:af:04:95:
                    d1:87:c0:4b:bb:39:a6:bd:77:87:fc:04:8f:60:2f:
                    cb:87:97:5a:7a:79:71:bd:82:6c:fc:7e:2e:fa:05:
                    d0:d0:a8:31:8a:c9:45:db:80:6e:5c:80:42:c9:c5:
                    88:60:e0:61:15:a2:c7:75:94:fe:ab:5a:86:ae:75:
                    86:7c:85:e3:4f:5f:b9:fb:e1:45:8d:4d:ec:d0:26:
                    1e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:49:76:57:5E:6B:A2:C2:18:ED:CE:32:4A:BC:CE:E1:E0:BB:D5:7B
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MUl2V15rosIY7c4ySrzO4eC71Xs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:7e:38:27:13:0f:eb:78:71:52:5a:d3:7e:28:be:92:dc:56:
         10:6d:82:1e:4b:70:62:4b:b6:42:b8:eb:f1:13:11:08:15:39:
         85:d8:75:c6:48:81:7c:c5:40:de:11:de:08:b5:60:4f:0f:69:
         10:27:73:7b:60:b2:02:a2:88:5f:9d:94:b2:d9:2e:30:d8:64:
         29:d0:78:1c:b5:6e:c7:5b:f5:8b:37:19:c7:2d:9d:47:b4:d5:
         e4:93:f2:67:5c:73:d6:96:b0:f9:d2:60:1e:f5:8f:57:b9:e5:
         73:44:53:27:e6:ef:54:23:d6:20:7e:ee:88:ef:89:55:27:0d:
         f6:f7:5d:78:f9:71:6a:52:f5:75:a4:73:ee:df:50:87:fc:8f:
         98:1a:6c:2d:84:ab:d1:f7:9e:f5:f2:0e:ad:3c:81:db:ce:f1:
         d3:b1:30:e4:ec:19:8c:66:eb:d0:ef:93:0d:2f:28:58:b8:94:
         b7:da:bb:f9:ab:7a:89:de:b3:44:c8:06:27:c9:cd:5c:e0:c8:
         e7:f2:ab:e4:48:92:f8:a8:e6:02:ed:99:d3:f4:f1:c4:92:35:
         a8:09:f8:12:02:2a:78:e2:0e:31:74:a9:ca:96:84:a7:0d:95:
         63:bf:43:a2:14:07:07:41:8a:de:2c:84:ab:1b:4a:e3:f2:87:
         ce:da:1c:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSJxdgqEKh0yt9OF1zFWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQ5NzY1NzVlNmJhMmMyMThlZGNlMzI0YWJjY2VlMWUwYmJkNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw52GXr2eefgbyTR/BlhscEFk99FI
n317Fhn+ko2xZTE+T4BTMyqi5Xa43MLqnpT18m3nsSHhpp2pkp9eV5644WVvPCu8
KuvMaeCsB3i5nHv5WOdVkaaDeiLKZ1D0BgbDE801VV9WI8GcNuTnQbx7Tn0yaWbD
/NrSC63/Ne4rTyuc2LKtzFuH48koMDtpL2BPkhSnXgzIlNUs1rdnFSURYVLUflyT
BtUV5zBDNMSYHZ2vBJXRh8BLuzmmvXeH/ASPYC/Lh5daenlxvYJs/H4u+gXQ0Kgx
islF24BuXIBCycWIYOBhFaLHdZT+q1qGrnWGfIXjT1+5++FFjU3s0CYe/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFJdldea6LCGO3OMkq8zuHgu9V7MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTVVsMlYxNXJvc0lZN2M0eVNyek80ZUM3MVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYeXMA0G
CSqGSIb3DQEBCwUAA4IBAQB0fjgnEw/reHFSWtN+KL6S3FYQbYIeS3BiS7ZCuOvx
ExEIFTmF2HXGSIF8xUDeEd4ItWBPD2kQJ3N7YLICoohfnZSy2S4w2GQp0HgctW7H
W/WLNxnHLZ1HtNXkk/JnXHPWlrD50mAe9Y9XueVzRFMn5u9UI9Ygfu6I74lVJw32
9114+XFqUvV1pHPu31CH/I+YGmwthKvR95718g6tPIHbzvHTsTDk7BmMZuvQ75MN
LyhYuJS32rv5q3qJ3rNEyAYnyc1c4Mjn8qvkSJL4qOYC7ZnT9PHEkjWoCfgSAip4
4g4xdKnKloSnDZVjv0OiFAcHQYreLISrG0rj8ofO2hya
-----END CERTIFICATE-----