Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa
File:                     EZbJFcTZGMVGi1M9HWY2hthFalc.roa (raw, json)
Hash identifier:          TdvFP9eqt4i4F10xone2gTTbevOwUBqduedABYIMtEA=
Subject key identifier:   11:96:C9:15:C4:D9:18:C5:46:8B:53:3D:1D:66:36:86:D8:45:6A:57
Certificate issuer:       /CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Certificate serial:       018ED35A540AE3E36A61643BA3570B580F6A
Authority key identifier: CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa
Signing time:             Fri 12 Apr 2024 17:28:15 +0000
ROA not before:           Fri 12 Apr 2024 17:28:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60595
IP address blocks:        185.15.52.0/22 maxlen: 22
                          185.15.52.0/24 maxlen: 24
                          185.15.53.0/24 maxlen: 24
                          185.15.54.0/24 maxlen: 24
                          185.15.55.0/24 maxlen: 24
                          194.2.77.0/24 maxlen: 24
                          194.26.133.0/24 maxlen: 24
                          2a03:a2c0::/29 maxlen: 48
                          2a03:a2c0::/32 maxlen: 32
                          2a03:a2c0::/48 maxlen: 48
                          2a03:a2c0:2::/48 maxlen: 48
                          2a03:a2c2::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d3:5a:54:0a:e3:e3:6a:61:64:3b:a3:57:0b:58:0f:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
        Validity
            Not Before: Apr 12 17:28:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1196c915c4d918c5468b533d1d663686d8456a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c7:84:98:49:d3:40:96:cb:f9:e4:78:eb:2b:
                    e7:de:c9:73:c0:5f:7f:6b:ca:f4:71:1c:d2:0d:5a:
                    d0:6c:c7:58:07:ea:d9:22:28:58:a8:e8:ee:27:25:
                    f0:40:24:49:c3:57:dc:ed:b1:95:b5:98:df:73:86:
                    da:2e:fd:2c:8e:24:08:6a:24:3a:8f:4a:be:14:d9:
                    e9:17:41:5a:be:36:34:37:2a:ba:81:68:e8:0e:cd:
                    63:ac:90:5d:43:4d:4e:76:05:f3:9c:62:31:db:ef:
                    46:73:19:fe:24:8b:dc:3b:9a:8c:23:91:7d:22:5a:
                    a2:32:94:96:63:72:e3:3c:2a:a0:e9:ea:7e:c9:c5:
                    0d:43:70:a8:da:3c:4f:d1:a0:4b:33:7f:ae:4c:d2:
                    8d:ef:cc:27:1a:83:2b:e2:29:06:da:16:fc:b7:bc:
                    92:ea:ba:71:24:4b:82:13:39:a2:70:72:25:55:92:
                    62:66:ab:be:07:83:24:4a:d9:09:bc:3a:6e:df:0e:
                    97:47:ce:9e:a9:65:7e:e7:ee:ae:d1:45:4c:c0:e7:
                    45:8e:c6:79:ef:89:ce:47:b5:17:4d:15:e9:65:a2:
                    46:8a:91:f8:fb:fe:32:fe:6a:df:a7:3c:37:c7:59:
                    45:de:d8:14:2b:46:e3:99:21:33:03:9a:93:aa:63:
                    22:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:96:C9:15:C4:D9:18:C5:46:8B:53:3D:1D:66:36:86:D8:45:6A:57
            X509v3 Authority Key Identifier:
                keyid:CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.15.52.0/22
                  194.2.77.0/24
                  194.26.133.0/24
                IPv6:
                  2a03:a2c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:6b:e6:5e:1f:2e:75:cb:71:4f:86:e3:a1:59:f5:31:b2:a6:
         4d:1d:9b:c7:fb:aa:bf:f5:c7:ba:26:08:7a:93:8a:a2:28:4f:
         d8:55:ee:69:07:46:6d:b1:22:51:c5:fc:a2:7f:51:e4:3d:de:
         8e:89:74:f6:d1:60:95:92:84:9a:ee:9b:d9:4a:ec:2d:90:68:
         51:d4:90:89:af:6d:d5:80:cb:01:af:e4:1d:80:31:ea:8f:51:
         42:fb:fe:5f:c5:86:ca:76:ac:65:0a:43:fe:96:e4:49:9c:ae:
         0c:6b:cb:4a:ae:b4:7d:14:cc:f2:de:d4:8a:00:b5:3a:b5:4f:
         08:ba:f1:dd:a4:89:61:b9:24:f8:43:a7:2b:12:91:4c:52:75:
         96:4e:21:da:4b:b3:50:e5:ae:d4:59:ed:36:39:98:16:24:59:
         52:e8:4c:05:b0:32:30:bf:33:c7:31:b3:be:8f:8c:81:03:cf:
         de:bb:bd:b6:bc:c5:94:e1:dc:0b:df:67:2a:72:af:2a:5b:59:
         4f:98:1a:78:1b:80:86:e9:8c:f5:31:29:8f:d2:51:ef:75:c4:
         7b:52:ba:48:8c:c2:69:5c:5c:cd:10:70:e5:cc:ca:b6:78:05:
         b4:0c:f7:64:1a:ed:26:58:7e:b4:5e:06:2d:67:8d:17:1a:c0:
         96:a4:85:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY7TWlQK4+NqYWQ7o1cLWA9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmY4ZDZkZWMzOTIwYmM3M2YwOTdmZGY1NmNhZjEwYjUy
ZGI0NTUwHhcNMjQwNDEyMTcyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk2YzkxNWM0ZDkxOGM1NDY4YjUzM2QxZDY2MzY4NmQ4NDU2YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoseEmEnTQJbL+eR46yvn3slzwF9/
a8r0cRzSDVrQbMdYB+rZIihYqOjuJyXwQCRJw1fc7bGVtZjfc4baLv0sjiQIaiQ6
j0q+FNnpF0FavjY0Nyq6gWjoDs1jrJBdQ01OdgXznGIx2+9Gcxn+JIvcO5qMI5F9
IlqiMpSWY3LjPCqg6ep+ycUNQ3Co2jxP0aBLM3+uTNKN78wnGoMr4ikG2hb8t7yS
6rpxJEuCEzmicHIlVZJiZqu+B4MkStkJvDpu3w6XR86eqWV+5+6u0UVMwOdFjsZ5
74nOR7UXTRXpZaJGipH4+/4y/mrfpzw3x1lF3tgUK0bjmSEzA5qTqmMiSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBGWyRXE2RjFRotTPR1mNobYRWpXMB8GA1UdIwQY
MBaAFM6/jW3sOSC8c/CX/fVsrxC1LbRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEt
YjVlNTcwMGZjNzc0LzEvRVpiSkZjVFpHTVZHaTFNOUhXWTJodGhGYWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEtYjVlNTcwMGZjNzc0
LzEvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ80AwQA
wgJNAwQAwhqFMA0EAgACMAcDBQMqA6LAMA0GCSqGSIb3DQEBCwUAA4IBAQB+a+Ze
Hy51y3FPhuOhWfUxsqZNHZvH+6q/9ce6Jgh6k4qiKE/YVe5pB0ZtsSJRxfyif1Hk
Pd6OiXT20WCVkoSa7pvZSuwtkGhR1JCJr23VgMsBr+QdgDHqj1FC+/5fxYbKdqxl
CkP+luRJnK4Ma8tKrrR9FMzy3tSKALU6tU8IuvHdpIlhuST4Q6crEpFMUnWWTiHa
S7NQ5a7UWe02OZgWJFlS6EwFsDIwvzPHMbO+j4yBA8/eu722vMWU4dwL32cqcq8q
W1lPmBp4G4CG6Yz1MSmP0lHvdcR7UrpIjMJpXFzNEHDlzMq2eAW0DPdkGu0mWH60
XgYtZ40XGsCWpIWp
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:04 2024 by rpki-client on console-ams.rpki-client.org