Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/eEGiilme32_zPUqz2SukQPTV1Ao.roa
File:                     eEGiilme32_zPUqz2SukQPTV1Ao.roa (raw, json)
Hash identifier:          9Cu3Q9dV/oeSy41a8YkYsq1B+cPfuLjb39h9GKhPtGw=
Subject key identifier:   78:41:A2:8A:59:9E:DF:6F:F3:3D:4A:B3:D9:2B:A4:40:F4:D5:D4:0A
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018D0C966B633C4AAC4C37FE2BB220DD7A79
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/eEGiilme32_zPUqz2SukQPTV1Ao.roa
Signing time:             Mon 15 Jan 2024 10:06:40 +0000
ROA not before:           Mon 15 Jan 2024 10:06:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215738
IP address blocks:        45.137.68.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 09 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0c:96:6b:63:3c:4a:ac:4c:37:fe:2b:b2:20:dd:7a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan 15 10:06:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7841a28a599edf6ff33d4ab3d92ba440f4d5d40a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:56:75:23:ae:ed:b0:af:80:a6:66:17:aa:c6:
                    b2:4b:90:b9:ff:95:b3:fa:86:06:0f:b6:a8:0b:7c:
                    6f:ae:db:9e:c1:82:4d:b0:ef:7a:cb:4d:5a:cf:b9:
                    bf:0b:46:31:4f:77:64:9d:17:2a:d4:0e:53:77:e7:
                    60:5a:57:ff:6b:bd:15:d1:cd:74:60:21:7f:96:81:
                    94:33:87:59:39:2c:c7:98:1e:cc:7b:20:7f:7a:db:
                    6b:19:05:02:76:41:62:65:20:b0:55:85:a2:75:cc:
                    94:aa:14:71:0e:b4:da:c8:11:11:a9:d1:02:43:10:
                    60:51:39:ff:d2:6a:33:7c:1c:c6:54:ed:a2:42:f5:
                    7a:7f:49:4f:f4:8e:dc:23:94:51:20:10:2f:09:74:
                    c6:86:8d:30:0a:90:ad:73:0f:f0:e2:15:1d:b2:ed:
                    7b:b4:a7:aa:ea:0f:6a:ff:de:f0:6d:62:69:69:5d:
                    70:4a:cf:87:5d:12:4b:86:ce:c7:5e:1f:53:f4:ec:
                    31:bd:86:a2:db:2b:e8:da:47:01:cb:8f:90:d2:1b:
                    82:30:14:2d:bc:ba:02:ae:82:3e:73:95:14:9c:52:
                    39:47:51:33:9c:d2:23:a4:aa:e8:47:83:34:26:ff:
                    04:70:78:f5:1c:79:60:c4:b6:f2:c9:21:77:94:32:
                    a3:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:41:A2:8A:59:9E:DF:6F:F3:3D:4A:B3:D9:2B:A4:40:F4:D5:D4:0A
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/eEGiilme32_zPUqz2SukQPTV1Ao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:75:10:a3:84:23:b4:ba:d2:ed:3f:00:9d:55:32:40:75:28:
         93:8c:b2:df:24:4e:b7:e4:a0:75:34:70:84:14:40:41:e8:2e:
         fe:9b:7f:32:6d:85:46:9d:93:ed:20:bb:88:e5:49:bb:92:90:
         b8:f3:51:b4:e4:2a:1e:63:fb:ec:5e:32:3a:e1:af:81:4f:4c:
         0f:d4:ee:e0:c3:9b:01:0a:a8:e5:c4:af:d6:91:23:4c:d1:97:
         54:eb:94:53:0c:44:e9:92:5a:f3:b0:4e:4b:4d:68:fe:10:8f:
         38:85:75:87:27:e1:e0:c3:8a:4c:06:69:f3:23:27:a6:57:00:
         bb:d5:89:4d:6a:23:c3:e4:0a:05:f2:33:24:95:ce:74:d0:f4:
         85:4b:da:42:cb:b4:5f:c9:fd:36:40:15:8b:c3:c0:9f:7d:54:
         04:17:f8:fb:c0:cd:c1:66:89:82:ab:41:7c:4a:69:ad:f3:8a:
         66:ac:15:c4:d9:52:94:f4:80:9d:48:9b:f9:70:fb:94:8f:6d:
         4e:36:32:9a:ba:14:f8:ea:87:9a:00:90:b7:1f:92:e4:65:a7:
         6f:53:f7:3f:71:28:19:97:aa:da:24:80:fc:57:18:d4:22:fe:
         73:d5:ce:8c:75:3b:69:ff:7a:bb:48:7b:c0:ed:f3:9c:96:fc:
         4a:3c:b8:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0MlmtjPEqsTDf+K7Ig3Xp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTE1MTAwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQxYTI4YTU5OWVkZjZmZjMzZDRhYjNkOTJiYTQ0MGY0ZDVkNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1Z1I67tsK+ApmYXqsayS5C5/5Wz
+oYGD7aoC3xvrtuewYJNsO96y01az7m/C0YxT3dknRcq1A5Td+dgWlf/a70V0c10
YCF/loGUM4dZOSzHmB7MeyB/ettrGQUCdkFiZSCwVYWidcyUqhRxDrTayBERqdEC
QxBgUTn/0mozfBzGVO2iQvV6f0lP9I7cI5RRIBAvCXTGho0wCpCtcw/w4hUdsu17
tKeq6g9q/97wbWJpaV1wSs+HXRJLhs7HXh9T9OwxvYai2yvo2kcBy4+Q0huCMBQt
vLoCroI+c5UUnFI5R1EznNIjpKroR4M0Jv8EcHj1HHlgxLbyySF3lDKj4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHhBoopZnt9v8z1Ks9krpED01dQKMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZUVHaWlsbWUzMl96UFVxejJTdWtRUFRWMUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlEMA0G
CSqGSIb3DQEBCwUAA4IBAQCjdRCjhCO0utLtPwCdVTJAdSiTjLLfJE635KB1NHCE
FEBB6C7+m38ybYVGnZPtILuI5Um7kpC481G05CoeY/vsXjI64a+BT0wP1O7gw5sB
CqjlxK/WkSNM0ZdU65RTDETpklrzsE5LTWj+EI84hXWHJ+Hgw4pMBmnzIyemVwC7
1YlNaiPD5AoF8jMklc500PSFS9pCy7Rfyf02QBWLw8CffVQEF/j7wM3BZomCq0F8
Smmt84pmrBXE2VKU9ICdSJv5cPuUj21ONjKauhT46oeaAJC3H5LkZadvU/c/cSgZ
l6raJID8VxjUIv5z1c6MdTtp/3q7SHvA7fOclvxKPLjy
-----END CERTIFICATE-----