Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/bjVVxOfPu4iqFSQ-BYDk-_JwwvA.roa
File:                     bjVVxOfPu4iqFSQ-BYDk-_JwwvA.roa (raw, json)
Hash identifier:          e7vI8pm9nse9he1enJrWSoe9gs8uXlbPAcTUa/EkHGA=
Subject key identifier:   6E:35:55:C4:E7:CF:BB:88:AA:15:24:3E:05:80:E4:FB:F2:70:C2:F0
Certificate issuer:       /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial:       018CC64B5436E174875B038679F6C7090746
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/bjVVxOfPu4iqFSQ-BYDk-_JwwvA.roa
Signing time:             Mon 01 Jan 2024 18:31:14 +0000
ROA not before:           Mon 01 Jan 2024 18:31:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34173
IP address blocks:        85.31.215.0/24 maxlen: 24
                          78.153.245.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 20:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:54:36:e1:74:87:5b:03:86:79:f6:c7:09:07:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
        Validity
            Not Before: Jan  1 18:31:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6e3555c4e7cfbb88aa15243e0580e4fbf270c2f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:11:f8:36:9d:88:ef:c6:17:fb:dc:d2:5e:08:
                    77:a5:e1:74:f6:2e:27:96:97:b5:ad:73:cd:6b:42:
                    c9:f3:42:ff:22:a6:a6:8d:e8:48:fe:ff:d1:63:3f:
                    11:93:89:7a:28:71:a6:a4:0a:07:7f:d8:4a:c0:8d:
                    1f:8f:f8:eb:1d:6e:3e:4a:a3:89:54:82:c5:ac:47:
                    f1:a7:33:42:c3:ea:0f:54:ae:ae:c8:e9:72:d7:80:
                    e3:44:ca:96:9a:c4:37:15:12:f1:57:28:a4:0e:9a:
                    5f:a3:d6:bd:76:16:14:66:02:54:9e:88:45:b7:40:
                    45:42:7f:8b:6a:0c:1a:3a:f9:57:6b:eb:3c:25:82:
                    5e:12:48:e7:f0:06:c2:19:69:ff:04:7d:f5:ed:48:
                    2c:df:ce:e9:b9:f1:37:60:f5:ee:37:b1:b8:66:5a:
                    e9:84:d7:1f:ff:47:6b:e4:aa:89:e3:6a:f8:73:d0:
                    56:92:9c:b9:ee:fe:84:87:8d:22:86:3a:43:07:47:
                    b8:32:5a:a2:41:f4:84:5c:7e:bc:bd:a9:10:1d:97:
                    da:e2:da:7e:03:f8:5a:31:ab:76:91:9a:7f:bc:1d:
                    2e:34:3a:77:a8:70:f0:54:bd:e6:42:9a:e3:d6:fe:
                    74:5a:a0:28:cb:4b:2c:12:02:5c:f0:85:e5:18:69:
                    d6:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:35:55:C4:E7:CF:BB:88:AA:15:24:3E:05:80:E4:FB:F2:70:C2:F0
            X509v3 Authority Key Identifier:
                keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/bjVVxOfPu4iqFSQ-BYDk-_JwwvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.153.245.0/24
                  85.31.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:99:52:47:f4:a3:18:ad:d8:11:1b:79:91:86:e1:46:5c:3e:
         95:79:12:47:28:ae:4b:cc:75:f8:b0:66:3e:28:a2:b5:81:43:
         45:ac:da:2b:90:42:b6:7a:4c:4f:12:fd:e4:3c:64:0a:34:f2:
         2c:9f:e6:4f:54:4f:68:a2:6c:54:bc:98:b1:07:73:77:ac:fe:
         79:d2:6c:f6:f9:63:c1:3f:68:13:29:44:72:b9:6c:2b:7d:de:
         1a:d1:ce:ae:3b:fb:cf:64:c6:ff:49:53:93:d0:ce:f0:e9:02:
         2d:ae:3c:69:ff:05:5a:5a:19:0a:5f:c0:31:99:4f:9e:ad:75:
         87:52:32:41:a3:77:20:c3:5b:c4:2e:f4:e7:20:2d:6d:e3:69:
         96:3f:98:24:e0:fc:d4:01:fa:6c:a1:47:8e:1a:98:b5:ee:db:
         0e:28:c2:af:25:ef:41:21:27:d7:fd:9c:c5:ab:47:f9:ac:9c:
         92:e1:3b:f9:8d:f6:9d:33:48:f3:5d:08:46:a9:4c:b9:f3:93:
         87:6f:ab:a3:1d:4f:61:2a:6e:3c:c0:c7:3d:83:fc:eb:75:39:
         4f:ed:a0:35:a4:fc:7e:1d:f0:98:ec:b4:fe:fa:b7:83:f1:bf:
         84:27:e3:0b:5a:b4:e3:3a:65:24:ce:51:07:34:34:33:d3:5c:
         18:94:56:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS1Q24XSHWwOGefbHCQdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM1NTVjNGU3Y2ZiYjg4YWExNTI0M2UwNTgwZTRmYmYyNzBjMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBH4Np2I78YX+9zSXgh3peF09i4n
lpe1rXPNa0LJ80L/IqamjehI/v/RYz8Rk4l6KHGmpAoHf9hKwI0fj/jrHW4+SqOJ
VILFrEfxpzNCw+oPVK6uyOly14DjRMqWmsQ3FRLxVyikDppfo9a9dhYUZgJUnohF
t0BFQn+LagwaOvlXa+s8JYJeEkjn8AbCGWn/BH317Ugs387pufE3YPXuN7G4Zlrp
hNcf/0dr5KqJ42r4c9BWkpy57v6Eh40ihjpDB0e4MlqiQfSEXH68vakQHZfa4tp+
A/haMat2kZp/vB0uNDp3qHDwVL3mQprj1v50WqAoy0ssEgJc8IXlGGnW6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG41VcTnz7uIqhUkPgWA5PvycMLwMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvYmpWVnhPZlB1NGlxRlNRLUJZRGstX0p3d3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATpn1AwQA
VR/XMA0GCSqGSIb3DQEBCwUAA4IBAQAxmVJH9KMYrdgRG3mRhuFGXD6VeRJHKK5L
zHX4sGY+KKK1gUNFrNorkEK2ekxPEv3kPGQKNPIsn+ZPVE9oomxUvJixB3N3rP55
0mz2+WPBP2gTKURyuWwrfd4a0c6uO/vPZMb/SVOT0M7w6QItrjxp/wVaWhkKX8Ax
mU+erXWHUjJBo3cgw1vELvTnIC1t42mWP5gk4PzUAfpsoUeOGpi17tsOKMKvJe9B
ISfX/ZzFq0f5rJyS4Tv5jfadM0jzXQhGqUy585OHb6ujHU9hKm48wMc9g/zrdTlP
7aA1pPx+HfCY7LT++reD8b+EJ+MLWrTjOmUkzlEHNDQz01wYlFbU
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:06:12 2024 by rpki-client on console-fra.rpki-client.org