Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/wAoxLtAy9ZtpBAu2nlnoCEcTsY0.roa
File:                     wAoxLtAy9ZtpBAu2nlnoCEcTsY0.roa (raw, json)
Hash identifier:          XxKBNnTYeYg4v+CKCiU3SqKHUPwRacRQPok5lAsUmo0=
Subject key identifier:   C0:0A:31:2E:D0:32:F5:9B:69:04:0B:B6:9E:59:E8:08:47:13:B1:8D
Certificate issuer:       /CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
Certificate serial:       019107FC5B5DFAF2E78101D254ADB844A743
Authority key identifier: 8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/wAoxLtAy9ZtpBAu2nlnoCEcTsY0.roa
Signing time:             Wed 31 Jul 2024 08:51:04 +0000
ROA not before:           Wed 31 Jul 2024 08:51:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197336
IP address blocks:        5.134.64.0/23 maxlen: 23
                          46.31.32.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:07:fc:5b:5d:fa:f2:e7:81:01:d2:54:ad:b8:44:a7:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
        Validity
            Not Before: Jul 31 08:51:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c00a312ed032f59b69040bb69e59e8084713b18d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:26:cc:6a:ef:63:66:08:71:4d:ff:a6:38:49:
                    ab:9e:27:3c:8d:a3:a1:e9:54:32:9c:56:90:65:45:
                    9a:ef:f0:17:41:2c:de:c1:16:0c:a0:09:2e:38:4e:
                    be:49:84:80:5d:24:ea:f7:34:a9:de:59:ce:f4:88:
                    a9:4e:ff:fd:af:72:77:21:47:75:d0:84:27:59:09:
                    b1:58:b0:7f:9c:02:b7:3f:35:dc:1f:22:4c:5f:7e:
                    50:e7:ec:e6:4f:87:4f:24:3f:28:d3:03:a8:4e:55:
                    b4:63:3d:5f:07:b9:ec:9d:46:2f:51:ad:0b:82:3b:
                    bc:83:63:20:bb:b4:ec:48:31:f5:c8:02:ca:b0:54:
                    aa:86:22:2a:cc:7e:1c:dc:00:0a:ea:45:3c:fd:e4:
                    72:a5:bb:b9:8e:b5:16:b6:50:f4:93:30:fc:34:19:
                    e9:07:99:1d:11:68:d0:db:77:1a:29:04:cc:3f:22:
                    0e:67:73:1d:6b:be:11:59:3f:e1:5c:3f:df:37:76:
                    71:3f:dc:0d:8e:bb:3a:e8:4a:9b:3f:b9:47:0d:6b:
                    08:a4:0a:ae:3f:a8:93:e1:6d:f7:a7:d8:6a:f7:7b:
                    f0:e5:ec:7a:f7:8f:c4:91:4e:c2:8e:c2:a8:81:3e:
                    a7:1d:78:37:31:3e:69:5c:e3:16:96:37:16:22:1e:
                    ea:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:0A:31:2E:D0:32:F5:9B:69:04:0B:B6:9E:59:E8:08:47:13:B1:8D
            X509v3 Authority Key Identifier:
                keyid:8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/wAoxLtAy9ZtpBAu2nlnoCEcTsY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.134.64.0/23
                  46.31.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:c7:62:6e:2a:87:ef:c5:69:0f:1b:f9:38:9e:35:e0:82:c6:
         40:d0:c9:b9:f5:2b:86:c1:37:e3:f1:af:4b:69:4b:11:d9:33:
         a5:e5:30:65:bf:01:b5:d2:d6:b0:82:ea:2e:43:c8:ef:4d:e9:
         f5:dd:98:25:f4:10:f6:26:5b:81:0d:2b:d0:f6:6b:f9:8c:13:
         24:b1:9e:50:c0:e7:89:2d:d9:d1:29:b8:69:d1:aa:f6:4a:2f:
         00:45:5a:f0:ea:d9:7b:29:38:62:04:71:50:d3:b3:a7:59:08:
         6c:d6:11:42:e1:30:88:fe:98:5a:48:2e:04:87:fd:55:da:ff:
         c5:34:40:2c:19:c2:0b:01:fd:df:d5:f8:e7:8c:3b:86:24:ef:
         80:ab:f3:87:d4:8d:d9:b4:71:58:78:b1:56:40:e0:c3:b3:14:
         54:70:e6:17:61:96:18:87:d6:7c:5f:2f:58:ce:f3:23:6d:16:
         43:ff:79:a7:14:12:2a:6c:c4:ff:81:40:13:6b:81:2a:c0:44:
         7c:00:38:21:0b:70:77:52:d1:67:31:b0:aa:05:13:82:6c:d3:
         81:7b:70:7d:ac:b8:46:d3:d9:14:fb:97:62:c7:c3:4c:90:ba:
         65:e4:31:d3:48:f8:f8:9b:03:4e:a1:e8:ef:cf:dc:9e:3a:de:
         0b:5c:a1:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEH/Ftd+vLngQHSVK24RKdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMGM3ZjJlYmFiN2M5NjExMWNhZTY4N2NlZGQxY2QyZTli
Y2Q1NmEwHhcNMjQwNzMxMDg1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBhMzEyZWQwMzJmNTliNjkwNDBiYjY5ZTU5ZTgwODQ3MTNiMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApybMau9jZghxTf+mOEmrnic8jaOh
6VQynFaQZUWa7/AXQSzewRYMoAkuOE6+SYSAXSTq9zSp3lnO9IipTv/9r3J3IUd1
0IQnWQmxWLB/nAK3PzXcHyJMX35Q5+zmT4dPJD8o0wOoTlW0Yz1fB7nsnUYvUa0L
gju8g2Mgu7TsSDH1yALKsFSqhiIqzH4c3AAK6kU8/eRypbu5jrUWtlD0kzD8NBnp
B5kdEWjQ23caKQTMPyIOZ3Mda74RWT/hXD/fN3ZxP9wNjrs66EqbP7lHDWsIpAqu
P6iT4W33p9hq93vw5ex694/EkU7CjsKogT6nHXg3MT5pXOMWljcWIh7qHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMAKMS7QMvWbaQQLtp5Z6AhHE7GNMB8GA1UdIwQY
MBaAFIwMfy66t8lhEcrmh87dHNLpvNVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2Yt
MjUxZDc0ZWQ3NzU0LzEvd0FveEx0QXk5WnRwQkF1Mm5sbm9DRWNUc1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2YtMjUxZDc0ZWQ3NzU0
LzEvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBYZAAwQC
Lh8gMA0GCSqGSIb3DQEBCwUAA4IBAQC1x2JuKofvxWkPG/k4njXggsZA0Mm59SuG
wTfj8a9LaUsR2TOl5TBlvwG10tawguouQ8jvTen13Zgl9BD2JluBDSvQ9mv5jBMk
sZ5QwOeJLdnRKbhp0ar2Si8ARVrw6tl7KThiBHFQ07OnWQhs1hFC4TCI/phaSC4E
h/1V2v/FNEAsGcILAf3f1fjnjDuGJO+Aq/OH1I3ZtHFYeLFWQODDsxRUcOYXYZYY
h9Z8Xy9YzvMjbRZD/3mnFBIqbMT/gUATa4EqwER8ADghC3B3UtFnMbCqBROCbNOB
e3B9rLhG09kU+5dix8NMkLpl5DHTSPj4mwNOoejvz9yeOt4LXKE3
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:19 2024 by rpki-client on console-fra.rpki-client.org