Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/w6NP0vFGOtJ-o6UQWWlI5pDLXWw.roa
File:                     w6NP0vFGOtJ-o6UQWWlI5pDLXWw.roa (raw, json)
Hash identifier:          LyjnCJ/PsOxb7URLLvIDsU26zWxVpFUn+wMOW1eoCaw=
Subject key identifier:   C3:A3:4F:D2:F1:46:3A:D2:7E:A3:A5:10:59:69:48:E6:90:CB:5D:6C
Certificate issuer:       /CN=34e40348463c60ce9fc694060a37f4683093f045
Certificate serial:       018CC794F3F7E06ADBE3FE64498BF9BAF909
Authority key identifier: 34:E4:03:48:46:3C:60:CE:9F:C6:94:06:0A:37:F4:68:30:93:F0:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NOQDSEY8YM6fxpQGCjf0aDCT8EU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/w6NP0vFGOtJ-o6UQWWlI5pDLXWw.roa
Signing time:             Tue 02 Jan 2024 00:31:16 +0000
ROA not before:           Tue 02 Jan 2024 00:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6730
IP address blocks:        193.104.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/NOQDSEY8YM6fxpQGCjf0aDCT8EU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/NOQDSEY8YM6fxpQGCjf0aDCT8EU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NOQDSEY8YM6fxpQGCjf0aDCT8EU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:f3:f7:e0:6a:db:e3:fe:64:49:8b:f9:ba:f9:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34e40348463c60ce9fc694060a37f4683093f045
        Validity
            Not Before: Jan  2 00:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c3a34fd2f1463ad27ea3a510596948e690cb5d6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:8a:42:16:da:b8:7d:bd:be:a0:9d:34:40:
                    e4:c6:7b:3a:db:6a:50:06:67:e8:c4:2c:3e:d4:ef:
                    db:23:0a:52:a6:57:f3:86:16:9e:5f:76:fa:6e:59:
                    d7:e8:7e:48:b8:d4:de:c4:4f:16:fb:2a:d5:eb:34:
                    de:af:20:ff:01:59:ee:e0:05:42:f7:5d:93:52:10:
                    a8:95:92:6c:0a:af:5a:4d:15:9b:af:fd:94:e5:55:
                    de:5f:82:7c:68:ec:85:06:5f:88:ad:ea:16:04:f5:
                    ba:5f:73:21:2e:75:3c:0c:ed:f8:2a:72:63:b3:94:
                    8c:7a:dd:60:a2:24:9a:58:0e:d4:a2:05:8b:af:a7:
                    57:f0:8e:39:8d:89:15:ab:5d:23:ae:5b:29:0f:2c:
                    82:31:ac:ac:31:4e:95:59:68:3e:c0:4a:b2:47:a6:
                    0d:19:05:a0:2c:cc:34:71:d5:0e:ac:9f:a1:b7:e5:
                    16:c6:d5:7a:57:c6:64:1c:03:15:2c:55:24:5a:69:
                    96:4d:c1:2f:fb:e1:cd:4b:ca:1c:20:8a:1f:14:ed:
                    80:bf:11:8a:78:2f:f2:fd:66:46:3d:04:54:25:a0:
                    2a:95:a3:9f:b8:11:bf:bf:b7:1d:3e:50:0b:63:fa:
                    b4:f7:05:52:fd:8e:35:cb:25:b5:a4:03:4b:13:d1:
                    78:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A3:4F:D2:F1:46:3A:D2:7E:A3:A5:10:59:69:48:E6:90:CB:5D:6C
            X509v3 Authority Key Identifier:
                keyid:34:E4:03:48:46:3C:60:CE:9F:C6:94:06:0A:37:F4:68:30:93:F0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOQDSEY8YM6fxpQGCjf0aDCT8EU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/w6NP0vFGOtJ-o6UQWWlI5pDLXWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2a3ccc-293c-41da-ad16-1b99fd09763e/1/NOQDSEY8YM6fxpQGCjf0aDCT8EU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.104.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:3c:84:11:59:3f:36:ff:00:55:78:ff:76:fc:f2:ed:9b:dd:
         7a:b6:3f:20:1e:a0:64:99:3e:de:ec:88:fc:45:1c:6f:cd:17:
         b9:7c:cd:05:d7:4e:0e:d4:ba:22:6a:60:fe:d4:62:5d:96:5a:
         63:e2:5d:5c:02:aa:fe:7b:ce:52:ff:59:df:c7:cf:94:7e:aa:
         66:40:8c:9d:50:f0:2d:d5:b0:87:46:7f:eb:d3:3a:51:bb:35:
         98:26:51:ad:4b:95:82:75:cc:a6:8a:d3:76:ce:78:af:f8:d1:
         6b:0a:f9:54:ab:bb:7c:b4:39:90:f9:2f:75:0a:e6:32:eb:f6:
         c9:e8:0a:fa:73:eb:89:1b:55:f8:76:ab:99:7c:14:c5:13:49:
         c0:d3:04:9e:4a:05:80:ad:75:4b:84:5a:18:e6:79:3f:e3:2c:
         3d:87:a8:08:f3:7b:32:7c:a3:49:71:42:68:94:3b:20:12:76:
         c2:47:60:58:59:e8:74:2b:61:7e:97:ea:31:fb:b7:a4:ad:1d:
         cf:29:32:af:48:cf:43:42:21:52:c8:03:95:34:57:ac:ba:7e:
         9e:3a:4b:4f:5f:9d:07:81:04:c4:52:30:ec:99:5b:0a:f3:bd:
         86:56:96:24:86:34:c1:8d:6e:ba:61:b9:fc:28:af:ac:19:76:
         d3:88:0f:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlPP34Grb4/5kSYv5uvkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTQwMzQ4NDYzYzYwY2U5ZmM2OTQwNjBhMzdmNDY4MzA5
M2YwNDUwHhcNMjQwMTAyMDAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2EzNGZkMmYxNDYzYWQyN2VhM2E1MTA1OTY5NDhlNjkwY2I1ZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJuKQhbauH29vqCdNEDkxns622pQ
BmfoxCw+1O/bIwpSplfzhhaeX3b6blnX6H5IuNTexE8W+yrV6zTeryD/AVnu4AVC
912TUhColZJsCq9aTRWbr/2U5VXeX4J8aOyFBl+IreoWBPW6X3MhLnU8DO34KnJj
s5SMet1goiSaWA7UogWLr6dX8I45jYkVq10jrlspDyyCMaysMU6VWWg+wEqyR6YN
GQWgLMw0cdUOrJ+ht+UWxtV6V8ZkHAMVLFUkWmmWTcEv++HNS8ocIIofFO2AvxGK
eC/y/WZGPQRUJaAqlaOfuBG/v7cdPlALY/q09wVS/Y41yyW1pANLE9F4mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOjT9LxRjrSfqOlEFlpSOaQy11sMB8GA1UdIwQY
MBaAFDTkA0hGPGDOn8aUBgo39Ggwk/BFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9RRFNFWThZTTZmeHBRR0NqZjBhRENUOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYTNjY2MtMjkzYy00MWRhLWFkMTYt
MWI5OWZkMDk3NjNlLzEvdzZOUDB2RkdPdEotbzZVUVdXbEk1cERMWFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYTNjY2MtMjkzYy00MWRhLWFkMTYtMWI5OWZkMDk3NjNl
LzEvTk9RRFNFWThZTTZmeHBRR0NqZjBhRENUOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWinMA0G
CSqGSIb3DQEBCwUAA4IBAQC2PIQRWT82/wBVeP92/PLtm916tj8gHqBkmT7e7Ij8
RRxvzRe5fM0F104O1LoiamD+1GJdllpj4l1cAqr+e85S/1nfx8+UfqpmQIydUPAt
1bCHRn/r0zpRuzWYJlGtS5WCdcymitN2zniv+NFrCvlUq7t8tDmQ+S91CuYy6/bJ
6Ar6c+uJG1X4dquZfBTFE0nA0wSeSgWArXVLhFoY5nk/4yw9h6gI83syfKNJcUJo
lDsgEnbCR2BYWeh0K2F+l+ox+7ekrR3PKTKvSM9DQiFSyAOVNFesun6eOktPX50H
gQTEUjDsmVsK872GVpYkhjTBjW66Ybn8KK+sGXbTiA8L
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:28:53 2024 by rpki-client on console-fra.rpki-client.org