Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7-i2-S5NxlyHu9eB0T_hyut5qb0.roa
File:                     7-i2-S5NxlyHu9eB0T_hyut5qb0.roa (raw, json)
Hash identifier:          jDm/OxClwcXRtGndwC3J+hRdK2En0jwDLYw9gBkZWsY=
Subject key identifier:   EF:E8:B6:F9:2E:4D:C6:5C:87:BB:D7:81:D1:3F:E1:CA:EB:79:A9:BD
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01927F96A64D0701922725CDED9F29D39129
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7-i2-S5NxlyHu9eB0T_hyut5qb0.roa
Signing time:             Sat 12 Oct 2024 07:17:12 +0000
ROA not before:           Sat 12 Oct 2024 07:17:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     40940
IP address blocks:        213.176.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:7f:96:a6:4d:07:01:92:27:25:cd:ed:9f:29:d3:91:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Oct 12 07:17:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=efe8b6f92e4dc65c87bbd781d13fe1caeb79a9bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:5b:8e:d4:1f:dd:24:bc:f6:a0:98:71:4a:45:
                    e6:29:e5:3c:94:9c:78:d0:ce:c2:4f:71:ba:ab:5c:
                    6c:ef:13:76:0c:e1:d1:8a:3d:73:8e:94:d6:a8:34:
                    1c:eb:23:2e:9c:57:3f:d6:a6:f0:e0:c1:3d:ed:39:
                    3d:43:ad:12:d3:7e:f3:17:16:f1:39:4b:79:3e:6d:
                    3e:ed:26:c4:75:01:14:1c:fd:f7:72:5a:9a:1b:f3:
                    05:fa:9b:fe:68:86:9d:60:14:4d:f8:14:f8:4e:43:
                    98:6b:cd:fc:c0:86:6b:3b:3e:3d:08:48:b1:1e:89:
                    5f:80:9d:58:9e:37:73:ad:47:68:3f:42:13:a2:1f:
                    9b:46:10:61:22:7c:ef:b4:98:2f:4d:24:56:00:c8:
                    bf:98:38:03:b4:b3:ad:1e:6d:af:fb:74:91:7c:0f:
                    48:95:d3:17:88:22:ee:05:0f:61:ab:f7:ba:9f:1b:
                    31:01:e9:80:7e:5f:61:ed:8c:0b:74:4b:c8:ee:37:
                    37:7d:65:00:98:ae:09:16:25:49:3d:b0:81:9a:65:
                    64:0e:9a:09:c3:c9:5b:27:1d:4b:a4:f5:a4:fb:47:
                    c6:85:3c:ea:3a:4d:d6:02:b0:93:9a:0b:18:e1:0c:
                    b1:ae:fd:71:d6:db:24:8c:4b:c7:3c:82:76:76:9f:
                    c4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:E8:B6:F9:2E:4D:C6:5C:87:BB:D7:81:D1:3F:E1:CA:EB:79:A9:BD
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7-i2-S5NxlyHu9eB0T_hyut5qb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:cc:20:ef:44:ad:35:47:38:01:2d:b8:f4:7e:ad:78:0e:ec:
         0a:cd:f2:9b:68:da:fb:1d:09:e4:a6:dc:88:1e:df:99:b2:04:
         ad:ab:fd:9d:f0:f0:43:3f:46:b3:9b:e9:8d:07:5e:88:9a:a3:
         5c:ee:b2:34:33:12:d8:cf:d2:16:4e:7c:ab:97:90:e9:c5:2d:
         68:1a:1e:86:03:a4:a2:c1:48:ab:3e:32:65:d3:5f:81:77:7b:
         5a:9d:61:fe:4c:4b:05:ec:89:a5:8b:08:bd:12:01:56:1c:e8:
         fb:da:5e:4e:59:58:ad:15:22:a6:1a:ba:f8:c7:09:57:af:3a:
         02:fa:7c:17:0c:3d:36:26:82:7b:34:a6:66:86:7a:f5:21:bd:
         ae:df:c5:f5:c7:15:e3:3e:96:df:07:82:8b:7d:bd:35:47:2b:
         97:ec:50:87:5e:e7:a8:e8:19:b0:6d:e1:39:3e:d2:88:e9:54:
         35:d1:76:ad:43:e2:1c:d8:95:43:6a:50:68:8c:09:97:77:f8:
         25:b9:84:1d:17:f1:74:e6:a0:e2:3d:0a:5c:a1:f4:37:81:d3:
         08:44:17:77:f1:c9:21:15:37:d4:0d:03:f2:da:a8:23:a6:63:
         56:f4:62:43:32:f8:da:2e:fb:02:3a:ae:91:28:5a:c6:6f:9d:
         b7:ba:0c:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ/lqZNBwGSJyXN7Z8p05EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQxMDEyMDcxNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU4YjZmOTJlNGRjNjVjODdiYmQ3ODFkMTNmZTFjYWViNzlhOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FuO1B/dJLz2oJhxSkXmKeU8lJx4
0M7CT3G6q1xs7xN2DOHRij1zjpTWqDQc6yMunFc/1qbw4ME97Tk9Q60S037zFxbx
OUt5Pm0+7SbEdQEUHP33clqaG/MF+pv+aIadYBRN+BT4TkOYa838wIZrOz49CEix
HolfgJ1YnjdzrUdoP0IToh+bRhBhInzvtJgvTSRWAMi/mDgDtLOtHm2v+3SRfA9I
ldMXiCLuBQ9hq/e6nxsxAemAfl9h7YwLdEvI7jc3fWUAmK4JFiVJPbCBmmVkDpoJ
w8lbJx1LpPWk+0fGhTzqOk3WArCTmgsY4Qyxrv1x1tskjEvHPIJ2dp/E4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/otvkuTcZch7vXgdE/4crream9MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvNy1pMi1TNU54bHlIdTllQjBUX2h5dXQ1cWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bBJMA0G
CSqGSIb3DQEBCwUAA4IBAQASzCDvRK01RzgBLbj0fq14DuwKzfKbaNr7HQnkptyI
Ht+ZsgStq/2d8PBDP0azm+mNB16ImqNc7rI0MxLYz9IWTnyrl5DpxS1oGh6GA6Si
wUirPjJl01+Bd3tanWH+TEsF7Imliwi9EgFWHOj72l5OWVitFSKmGrr4xwlXrzoC
+nwXDD02JoJ7NKZmhnr1Ib2u38X1xxXjPpbfB4KLfb01RyuX7FCHXueo6BmwbeE5
PtKI6VQ10XatQ+Ic2JVDalBojAmXd/gluYQdF/F05qDiPQpcofQ3gdMIRBd38ckh
FTfUDQPy2qgjpmNW9GJDMvjaLvsCOq6RKFrGb523ugzh
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:53:30 2024 by rpki-client on console-ams.rpki-client.org