Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/_sz6NiYtXv8h7uPpzAqKUTfI8uE.roa
File:                     _sz6NiYtXv8h7uPpzAqKUTfI8uE.roa (raw, json)
Hash identifier:          Twwtdp5xQJ5tvOi3bvvi0pkQVZ+6/kB8+FzTZLznbok=
Subject key identifier:   FE:CC:FA:36:26:2D:5E:FF:21:EE:E3:E9:CC:0A:8A:51:37:C8:F2:E1
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018EF7836074B390AE07EADD979B262D7D68
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/_sz6NiYtXv8h7uPpzAqKUTfI8uE.roa
Signing time:             Fri 19 Apr 2024 17:59:26 +0000
ROA not before:           Fri 19 Apr 2024 17:59:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211138
IP address blocks:        2a05:4140:500::/40 maxlen: 48
                          2a11:e104::/32 maxlen: 48
                          2a11:e104:5::/48 maxlen: 48
                          2a11:e104:100::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 04:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f7:83:60:74:b3:90:ae:07:ea:dd:97:9b:26:2d:7d:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Apr 19 17:59:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=feccfa36262d5eff21eee3e9cc0a8a5137c8f2e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f5:18:0f:c5:fd:94:16:53:d3:e8:3a:56:4f:
                    3e:ff:8d:4a:2a:6e:73:31:cd:31:ad:f2:c0:02:45:
                    42:24:be:21:08:21:fa:71:9e:24:17:82:9f:19:26:
                    f0:25:79:07:eb:03:8b:39:c4:27:59:5d:36:10:e4:
                    b3:39:79:4c:a1:c7:52:e4:aa:fb:7a:54:65:9f:86:
                    ca:1e:72:7d:6f:14:1f:08:84:d6:03:fb:00:5f:13:
                    79:0f:ec:53:ae:77:de:c7:12:f9:03:49:44:c0:3a:
                    ec:98:09:b5:15:d5:52:cc:fc:c1:9f:d3:15:8f:14:
                    55:ad:e0:9e:6a:96:f4:48:c8:04:de:27:27:f2:94:
                    d2:73:ed:f8:a9:56:70:ac:d3:bd:dd:05:23:2f:fc:
                    c0:a9:e8:00:13:d7:43:eb:58:10:ac:7d:6b:e2:83:
                    f7:fb:24:be:b8:07:d4:e3:28:f5:9e:2d:95:b9:33:
                    ac:cc:0b:fa:94:42:b7:f8:73:18:9b:93:be:36:b4:
                    a5:49:67:65:72:6a:11:20:d6:70:21:89:05:4e:50:
                    3c:cd:e0:23:f6:65:fa:c0:e5:cd:34:df:cb:1c:b0:
                    c2:5c:31:ee:6b:b1:1e:d5:0c:22:65:15:92:d5:2e:
                    7e:e3:33:df:19:2a:55:37:31:09:a4:6e:06:ce:e8:
                    33:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:CC:FA:36:26:2D:5E:FF:21:EE:E3:E9:CC:0A:8A:51:37:C8:F2:E1
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/_sz6NiYtXv8h7uPpzAqKUTfI8uE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140:500::/40
                  2a11:e104::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:f0:a0:70:9e:76:f6:86:c0:10:23:3e:8d:b4:33:0d:67:5a:
         ba:e8:e3:3a:d4:9f:a5:15:90:7a:0f:95:a1:42:ea:86:81:b6:
         74:41:f6:5f:f1:04:63:8d:d2:d4:00:55:a4:3a:99:4e:98:15:
         bb:f3:3f:3c:11:41:a3:32:db:25:4c:39:06:1e:db:3e:34:02:
         95:2e:9e:7e:3a:4d:50:e7:c2:99:26:e2:0d:62:05:75:c2:66:
         b0:07:ce:33:ea:71:9d:48:76:c8:50:9f:f5:71:88:81:a3:31:
         2f:e7:6b:b1:75:68:8d:71:dd:06:ae:28:7a:89:d4:f9:9d:b7:
         25:9d:fa:ed:c4:5b:2c:42:58:f2:d5:73:3c:bd:2d:78:68:a4:
         90:ee:eb:74:87:c3:bb:58:72:14:fd:29:19:76:1f:72:a4:37:
         33:e7:e6:95:a4:98:96:2f:2c:6a:66:5c:c0:16:03:20:de:2a:
         dd:14:57:34:cf:b7:5e:36:5f:cc:26:4a:52:b9:95:3a:55:58:
         83:fd:ce:54:08:de:80:2c:94:5f:bf:c0:ad:e5:f3:ba:6a:af:
         e4:4d:a9:18:9d:4b:d3:f1:30:ee:19:50:8c:66:81:f4:84:05:
         a4:08:dd:a3:c1:40:54:3d:ab:56:f7:68:ab:1f:01:89:de:21:
         e7:1a:43:fe
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAY73g2B0s5CuB+rdl5smLX1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwNDE5MTc1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWNjZmEzNjI2MmQ1ZWZmMjFlZWUzZTljYzBhOGE1MTM3YzhmMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPUYD8X9lBZT0+g6Vk8+/41KKm5z
Mc0xrfLAAkVCJL4hCCH6cZ4kF4KfGSbwJXkH6wOLOcQnWV02EOSzOXlMocdS5Kr7
elRln4bKHnJ9bxQfCITWA/sAXxN5D+xTrnfexxL5A0lEwDrsmAm1FdVSzPzBn9MV
jxRVreCeapb0SMgE3icn8pTSc+34qVZwrNO93QUjL/zAqegAE9dD61gQrH1r4oP3
+yS+uAfU4yj1ni2VuTOszAv6lEK3+HMYm5O+NrSlSWdlcmoRINZwIYkFTlA8zeAj
9mX6wOXNNN/LHLDCXDHua7Ee1QwiZRWS1S5+4zPfGSpVNzEJpG4GzugzKQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFP7M+jYmLV7/Ie7j6cwKilE3yPLhMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvX3N6Nk5pWXRYdjhoN3VQcHpBcUtVVGZJOHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYAKgVBQAUD
BQAqEeEEMA0GCSqGSIb3DQEBCwUAA4IBAQBO8KBwnnb2hsAQIz6NtDMNZ1q66OM6
1J+lFZB6D5WhQuqGgbZ0QfZf8QRjjdLUAFWkOplOmBW78z88EUGjMtslTDkGHts+
NAKVLp5+Ok1Q58KZJuINYgV1wmawB84z6nGdSHbIUJ/1cYiBozEv52uxdWiNcd0G
rih6idT5nbclnfrtxFssQljy1XM8vS14aKSQ7ut0h8O7WHIU/SkZdh9ypDcz5+aV
pJiWLyxqZlzAFgMg3irdFFc0z7deNl/MJkpSuZU6VViD/c5UCN6ALJRfv8Ct5fO6
aq/kTakYnUvT8TDuGVCMZoH0hAWkCN2jwUBUPatW92irHwGJ3iHnGkP+
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:20 2024 by rpki-client on console-fra.rpki-client.org