Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/W8xtC8Zi7uWOjbUA7seBvN4EGoE.roa
File:                     W8xtC8Zi7uWOjbUA7seBvN4EGoE.roa (raw, json)
Hash identifier:          3+4ROcDbUHhGpqwikFDfJCQFc5oH0cExxE3gqtwTmcs=
Subject key identifier:   5B:CC:6D:0B:C6:62:EE:E5:8E:8D:B5:00:EE:C7:81:BC:DE:04:1A:81
Certificate issuer:       /CN=281d4f463713ab9a927b7ee3a101052b14bacc31
Certificate serial:       018CCFA9C9F5EE6E814568ED618E7149D5D1
Authority key identifier: 28:1D:4F:46:37:13:AB:9A:92:7B:7E:E3:A1:01:05:2B:14:BA:CC:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KB1PRjcTq5qSe37joQEFKxS6zDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/W8xtC8Zi7uWOjbUA7seBvN4EGoE.roa
Signing time:             Wed 03 Jan 2024 14:11:00 +0000
ROA not before:           Wed 03 Jan 2024 14:11:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56485
IP address blocks:        185.179.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/KB1PRjcTq5qSe37joQEFKxS6zDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/KB1PRjcTq5qSe37joQEFKxS6zDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KB1PRjcTq5qSe37joQEFKxS6zDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 07:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:cf:a9:c9:f5:ee:6e:81:45:68:ed:61:8e:71:49:d5:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281d4f463713ab9a927b7ee3a101052b14bacc31
        Validity
            Not Before: Jan  3 14:11:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5bcc6d0bc662eee58e8db500eec781bcde041a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:92:e3:bb:52:72:53:86:dc:eb:cb:15:ae:2e:
                    90:bc:33:49:e0:3a:96:75:73:5e:e4:59:97:4a:4a:
                    81:4e:7c:12:95:da:c6:6a:6b:8f:4c:ea:e3:3c:b2:
                    40:6f:f8:66:66:a8:59:39:7f:71:25:ce:f0:08:ae:
                    5f:49:1e:e5:5e:f3:67:e5:9b:ef:54:42:ac:81:7e:
                    f6:ff:4d:25:1e:58:9f:90:dd:b5:92:ed:83:22:95:
                    c4:ea:58:6e:b7:ab:f8:e8:84:26:f1:26:ee:b0:1f:
                    f1:4b:5b:3f:0b:1f:8c:cb:f9:92:c7:15:5b:d8:8a:
                    b4:8a:10:0f:7a:be:fe:8b:3a:24:cd:a8:93:e4:3c:
                    ec:39:33:9e:99:0f:a4:96:bd:ee:1b:6f:7c:73:3a:
                    8c:89:12:8b:68:c9:8d:2e:df:52:f1:a6:b5:c9:75:
                    35:62:e1:db:01:3a:e3:b6:93:70:5e:0f:d5:7e:f7:
                    2a:58:44:d7:07:7d:84:33:76:05:b5:b5:ba:2e:4f:
                    6f:dc:ae:7c:74:54:78:d9:91:c0:20:cc:94:58:05:
                    07:9f:99:fc:b7:0e:89:6a:d3:e2:17:a3:b3:e8:c7:
                    cf:b3:46:03:26:5a:f7:b5:05:dd:f2:09:f6:ee:24:
                    87:bd:d9:8b:46:7e:61:c3:68:8e:b0:48:24:ef:ac:
                    a6:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CC:6D:0B:C6:62:EE:E5:8E:8D:B5:00:EE:C7:81:BC:DE:04:1A:81
            X509v3 Authority Key Identifier:
                keyid:28:1D:4F:46:37:13:AB:9A:92:7B:7E:E3:A1:01:05:2B:14:BA:CC:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KB1PRjcTq5qSe37joQEFKxS6zDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/W8xtC8Zi7uWOjbUA7seBvN4EGoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ffff6c-c444-427e-8716-2ed2fea21e3e/1/KB1PRjcTq5qSe37joQEFKxS6zDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.179.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:68:76:7c:dc:2b:24:44:76:b2:f3:48:0b:c9:c8:3c:5b:6c:
         61:04:02:8c:09:b7:51:9d:6f:54:2b:49:80:f3:76:53:71:e8:
         d7:90:6c:70:7f:e0:fc:d6:87:3c:94:f8:81:31:47:5b:33:d6:
         ad:4d:3e:b8:a6:93:f2:9b:d6:93:d2:2d:01:a8:83:88:f3:e3:
         e0:7b:a7:44:4c:59:80:28:2a:e8:2b:65:ba:32:cd:56:ec:49:
         8e:6b:be:1d:20:34:ed:fc:99:47:a8:6d:8f:ce:55:eb:7f:6b:
         e4:a3:fe:fa:fc:62:2b:94:63:a1:70:a9:52:2e:00:2e:e9:e1:
         ec:6b:be:fe:18:42:aa:79:2e:6e:4f:7a:8e:a0:b4:e9:ff:1c:
         1c:7a:0b:52:0e:4a:2d:eb:5a:0e:e1:f7:97:8a:88:40:77:20:
         30:60:e9:21:a4:85:47:2c:58:1f:08:e9:1a:70:47:66:d3:d5:
         9d:22:17:37:e6:c3:b9:44:99:08:40:05:19:cf:f7:36:5f:a9:
         90:f9:89:66:4b:00:db:6b:47:ed:46:ae:c4:1b:09:55:0e:11:
         8e:e7:24:f8:48:aa:bb:6d:10:e8:0a:76:e4:e1:ac:4c:f8:80:
         e3:b4:bc:d9:03:2e:61:2d:4a:a4:6f:c9:b6:7b:de:09:c7:a9:
         c3:22:a5:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzPqcn17m6BRWjtYY5xSdXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWQ0ZjQ2MzcxM2FiOWE5MjdiN2VlM2ExMDEwNTJiMTRi
YWNjMzEwHhcNMjQwMTAzMTQxMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNjNmQwYmM2NjJlZWU1OGU4ZGI1MDBlZWM3ODFiY2RlMDQxYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpLju1JyU4bc68sVri6QvDNJ4DqW
dXNe5FmXSkqBTnwSldrGamuPTOrjPLJAb/hmZqhZOX9xJc7wCK5fSR7lXvNn5Zvv
VEKsgX72/00lHlifkN21ku2DIpXE6lhut6v46IQm8SbusB/xS1s/Cx+My/mSxxVb
2Iq0ihAPer7+izokzaiT5DzsOTOemQ+klr3uG298czqMiRKLaMmNLt9S8aa1yXU1
YuHbATrjtpNwXg/VfvcqWETXB32EM3YFtbW6Lk9v3K58dFR42ZHAIMyUWAUHn5n8
tw6JatPiF6Oz6MfPs0YDJlr3tQXd8gn27iSHvdmLRn5hw2iOsEgk76ymhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvMbQvGYu7ljo21AO7HgbzeBBqBMB8GA1UdIwQY
MBaAFCgdT0Y3E6uaknt+46EBBSsUuswxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0IxUFJqY1RxNXFTZTM3am9RRUZLeFM2ekRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mZmZmNmMtYzQ0NC00MjdlLTg3MTYt
MmVkMmZlYTIxZTNlLzEvVzh4dEM4Wmk3dVdPamJVQTdzZUJ2TjRFR29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mZmZmNmMtYzQ0NC00MjdlLTg3MTYtMmVkMmZlYTIxZTNl
LzEvS0IxUFJqY1RxNXFTZTM3am9RRUZLeFM2ekRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubOyMA0G
CSqGSIb3DQEBCwUAA4IBAQCNaHZ83CskRHay80gLycg8W2xhBAKMCbdRnW9UK0mA
83ZTcejXkGxwf+D81oc8lPiBMUdbM9atTT64ppPym9aT0i0BqIOI8+Pge6dETFmA
KCroK2W6Ms1W7EmOa74dIDTt/JlHqG2PzlXrf2vko/76/GIrlGOhcKlSLgAu6eHs
a77+GEKqeS5uT3qOoLTp/xwcegtSDkot61oO4feXiohAdyAwYOkhpIVHLFgfCOka
cEdm09WdIhc35sO5RJkIQAUZz/c2X6mQ+YlmSwDba0ftRq7EGwlVDhGO5yT4SKq7
bRDoCnbk4axM+IDjtLzZAy5hLUqkb8m2e94Jx6nDIqUw
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:38 2024 by rpki-client on console-fra.rpki-client.org