Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/9ugJcOJ7bqnlz7kInhx58l3_5XM.roa
File:                     9ugJcOJ7bqnlz7kInhx58l3_5XM.roa (raw, json)
Hash identifier:          eWiz3+OxZ0SV+myimSW48jnpzjk29fdDZ4Pf8zsS1WM=
Subject key identifier:   F6:E8:09:70:E2:7B:6E:A9:E5:CF:B9:08:9E:1C:79:F2:5D:FF:E5:73
Certificate issuer:       /CN=c0b8bb485eba392b80c3166929b7fcb958f449bc
Certificate serial:       018D8EB927D8A3E41DB970979CB6B98E511C
Authority key identifier: C0:B8:BB:48:5E:BA:39:2B:80:C3:16:69:29:B7:FC:B9:58:F4:49:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wLi7SF66OSuAwxZpKbf8uVj0Sbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/9ugJcOJ7bqnlz7kInhx58l3_5XM.roa
Signing time:             Fri 09 Feb 2024 16:35:15 +0000
ROA not before:           Fri 09 Feb 2024 16:35:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208175
IP address blocks:        185.245.28.0/24 maxlen: 24
                          185.245.29.0/24 maxlen: 24
                          185.245.29.48/28 maxlen: 28
                          185.245.30.0/24 maxlen: 24
                          185.245.31.0/24 maxlen: 24
                          2a09:1500::/48 maxlen: 48
                          2a09:1500:8::/48 maxlen: 48
                          2a09:1500:13::/48 maxlen: 48
                          2a09:1500:20::/48 maxlen: 48
                          2a09:1500:1000::/40 maxlen: 40
                          2a09:1500:2000::/40 maxlen: 40
                          2a09:1500:2400::/40 maxlen: 40
                          2a09:1500:3400::/40 maxlen: 40
                          2a09:1500:4600::/40 maxlen: 40
                          2a09:1500:5400::/40 maxlen: 40
                          2a09:1500:5600::/40 maxlen: 40
                          2a09:1500:5800::/40 maxlen: 40
                          2a09:1500:6600::/40 maxlen: 40
                          2a09:1500:7000::/40 maxlen: 40
                          2a09:1501::/48 maxlen: 48
                          2a09:1501:3000::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/wLi7SF66OSuAwxZpKbf8uVj0Sbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/wLi7SF66OSuAwxZpKbf8uVj0Sbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wLi7SF66OSuAwxZpKbf8uVj0Sbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8e:b9:27:d8:a3:e4:1d:b9:70:97:9c:b6:b9:8e:51:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0b8bb485eba392b80c3166929b7fcb958f449bc
        Validity
            Not Before: Feb  9 16:35:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f6e80970e27b6ea9e5cfb9089e1c79f25dffe573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a3:fe:51:23:7f:6f:5a:2c:75:89:6c:5f:9e:
                    a5:1c:d5:41:a7:62:fc:fd:cf:1f:51:62:cc:3c:e1:
                    a1:9c:ef:f1:1a:80:1d:eb:07:02:25:43:12:59:2a:
                    a6:25:d2:21:6b:74:5c:65:9a:0c:1d:ed:38:b1:64:
                    48:ae:1d:64:5a:b0:1d:a1:9a:c6:05:7e:5b:cd:ae:
                    a2:7b:20:dc:aa:d3:39:ed:b4:ee:49:1a:d5:71:68:
                    3d:fe:ce:99:55:fb:bb:d1:8f:88:3c:fe:2e:9e:ab:
                    b4:88:f5:d7:89:37:ad:37:96:da:72:27:da:42:82:
                    c5:7c:02:fb:ba:45:eb:96:4b:3b:2a:d7:dd:77:26:
                    db:d1:05:c3:07:1f:38:b5:99:af:d4:97:fc:9b:28:
                    57:0c:0c:0a:d4:9d:64:3e:f2:d2:d0:4c:20:2f:9a:
                    8b:6d:b3:00:89:19:62:5c:07:d8:74:16:89:3e:5d:
                    b2:7d:13:b9:13:7f:22:3a:70:9f:ac:23:8b:eb:76:
                    0c:7a:0a:44:32:1f:c4:59:e6:ca:d5:c1:ce:be:e7:
                    43:74:56:55:e5:cb:00:c8:06:3c:fe:52:0e:8b:c4:
                    c6:ef:bb:41:a3:00:b9:00:14:7f:40:99:dd:8f:2d:
                    49:53:2d:92:52:8e:b0:62:f0:3c:94:e2:ff:59:7f:
                    10:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:E8:09:70:E2:7B:6E:A9:E5:CF:B9:08:9E:1C:79:F2:5D:FF:E5:73
            X509v3 Authority Key Identifier:
                keyid:C0:B8:BB:48:5E:BA:39:2B:80:C3:16:69:29:B7:FC:B9:58:F4:49:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLi7SF66OSuAwxZpKbf8uVj0Sbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/9ugJcOJ7bqnlz7kInhx58l3_5XM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/84942f-721f-4234-88c1-dbf3969ca75f/1/wLi7SF66OSuAwxZpKbf8uVj0Sbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.28.0/22
                IPv6:
                  2a09:1500::/48
                  2a09:1500:8::/48
                  2a09:1500:13::/48
                  2a09:1500:20::/48
                  2a09:1500:1000::/40
                  2a09:1500:2000::/40
                  2a09:1500:2400::/40
                  2a09:1500:3400::/40
                  2a09:1500:4600::/40
                  2a09:1500:5400::/40
                  2a09:1500:5600::/40
                  2a09:1500:5800::/40
                  2a09:1500:6600::/40
                  2a09:1500:7000::/40
                  2a09:1501::/48
                  2a09:1501:3000::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:71:25:81:db:03:ff:45:0a:03:64:b5:f8:a4:12:fb:0c:0a:
         db:13:e3:f5:4c:c9:fd:cb:d3:c5:38:f7:17:f1:9e:db:4e:b7:
         cc:05:fb:e2:7c:70:ec:ac:fe:ab:52:37:81:a0:88:42:77:42:
         be:fd:bc:4f:ee:e3:39:47:cb:ea:f4:91:23:8e:aa:7c:54:8f:
         ba:ca:e4:33:e6:fe:ee:52:be:ae:f7:1e:84:0b:4a:56:c7:32:
         fb:1f:2e:0b:21:cc:75:1b:e9:70:aa:9f:4d:c3:08:97:9f:84:
         bf:6b:56:fd:79:da:5c:d1:76:a1:ac:38:b5:58:df:4a:e5:f9:
         70:88:28:69:cd:98:97:ea:e3:bf:fb:62:50:7a:96:1e:79:36:
         78:5c:b5:6a:24:bb:ad:de:65:77:ed:be:89:f6:45:f0:74:ca:
         1c:fd:8a:1b:01:f5:fb:f9:2e:bb:48:0c:4d:81:9d:c1:4f:49:
         e8:e6:07:f3:95:00:e4:18:5f:c2:48:42:89:de:a8:a1:54:e0:
         ee:81:57:2d:a1:7c:2d:32:f9:b0:3c:bc:53:29:61:1c:d8:80:
         b5:6d:7a:35:6b:2e:8a:55:14:02:0f:ff:66:fc:31:63:2a:2d:
         f7:81:53:41:99:76:49:47:c7:0e:44:73:33:e9:0d:e3:33:88:
         04:70:6c:b5
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY2OuSfYo+QduXCXnLa5jlEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYjhiYjQ4NWViYTM5MmI4MGMzMTY2OTI5YjdmY2I5NThm
NDQ5YmMwHhcNMjQwMjA5MTYzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU4MDk3MGUyN2I2ZWE5ZTVjZmI5MDg5ZTFjNzlmMjVkZmZlNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6P+USN/b1osdYlsX56lHNVBp2L8
/c8fUWLMPOGhnO/xGoAd6wcCJUMSWSqmJdIha3RcZZoMHe04sWRIrh1kWrAdoZrG
BX5bza6ieyDcqtM57bTuSRrVcWg9/s6ZVfu70Y+IPP4unqu0iPXXiTetN5bacifa
QoLFfAL7ukXrlks7Ktfddybb0QXDBx84tZmv1Jf8myhXDAwK1J1kPvLS0EwgL5qL
bbMAiRliXAfYdBaJPl2yfRO5E38iOnCfrCOL63YMegpEMh/EWebK1cHOvudDdFZV
5csAyAY8/lIOi8TG77tBowC5ABR/QJndjy1JUy2SUo6wYvA8lOL/WX8Q8wIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFPboCXDie26p5c+5CJ4cefJd/+VzMB8GA1UdIwQY
MBaAFMC4u0heujkrgMMWaSm3/LlY9Em8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xpN1NGNjZPU3VBd3hacEtiZjh1VmowU2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDk0MmYtNzIxZi00MjM0LTg4YzEt
ZGJmMzk2OWNhNzVmLzEvOXVnSmNPSjdicW5sejdrSW5oeDU4bDNfNVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDk0MmYtNzIxZi00MjM0LTg4YzEtZGJmMzk2OWNhNzVm
LzEvd0xpN1NGNjZPU3VBd3hacEtiZjh1VmowU2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTAMBAIAATAGAwQCufUc
MIGMBAIAAjCBhQMHACoJFQAAAAMHACoJFQAACAMHACoJFQAAEwMHACoJFQAAIAMG
ACoJFQAQAwYAKgkVACADBgAqCRUAJAMGACoJFQA0AwYAKgkVAEYDBgAqCRUAVAMG
ACoJFQBWAwYAKgkVAFgDBgAqCRUAZgMGACoJFQBwAwcAKgkVAQAAAwYAKgkVATAw
DQYJKoZIhvcNAQELBQADggEBADFxJYHbA/9FCgNktfikEvsMCtsT4/VMyf3L08U4
9xfxnttOt8wF++J8cOys/qtSN4GgiEJ3Qr79vE/u4zlHy+r0kSOOqnxUj7rK5DPm
/u5Svq73HoQLSlbHMvsfLgshzHUb6XCqn03DCJefhL9rVv152lzRdqGsOLVY30rl
+XCIKGnNmJfq47/7YlB6lh55NnhctWoku63eZXftvon2RfB0yhz9ihsB9fv5LrtI
DE2BncFPSejmB/OVAOQYX8JIQoneqKFU4O6BVy2hfC0y+bA8vFMpYRzYgLVtejVr
LopVFAIP/2b8MWMqLfeBU0GZdklHxw5EczPpDeMziARwbLU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:56 2024 by rpki-client on console-fra.rpki-client.org