Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yn-AnrnriE-EGcFIlSP-ncxkQT4.roa
File:                     Yn-AnrnriE-EGcFIlSP-ncxkQT4.roa (raw, json)
Hash identifier:          zGF5ujMsOxiFnt9DJzogzMt0sOJY6//aJesH0t+kc2g=
Subject key identifier:   62:7F:80:9E:B9:EB:88:4F:84:19:C1:48:95:23:FE:9D:CC:64:41:3E
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       018CC492DC363DF9CCF4C69BD014D38C21BB
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yn-AnrnriE-EGcFIlSP-ncxkQT4.roa
Signing time:             Mon 01 Jan 2024 10:30:08 +0000
ROA not before:           Mon 01 Jan 2024 10:30:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58202
IP address blocks:        5.160.78.0/24 maxlen: 24
                          5.160.155.0/24 maxlen: 24
                          5.160.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:dc:36:3d:f9:cc:f4:c6:9b:d0:14:d3:8c:21:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 10:30:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=627f809eb9eb884f8419c1489523fe9dcc64413e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d7:84:5b:da:73:32:55:6b:68:45:5e:92:2a:
                    e0:be:49:8c:be:e8:4b:2e:63:c1:ce:41:1a:8d:21:
                    98:35:3d:55:7a:d4:7c:b0:b3:5c:dd:be:3e:d5:8c:
                    0b:a4:14:49:7c:b9:48:90:fb:16:a7:df:44:9f:16:
                    e8:3d:9e:41:78:2c:08:e9:41:52:4a:f7:05:e1:c4:
                    7f:13:3b:11:5a:2b:67:9d:d7:35:f5:82:89:8a:87:
                    cc:31:02:c9:b7:14:6f:6f:2e:cb:e1:13:3d:8e:38:
                    f1:37:b1:ae:a3:47:99:f7:cb:c7:f9:ee:f4:20:49:
                    68:0a:cd:70:d3:32:9a:f8:c6:5c:09:02:8d:36:86:
                    2a:c0:cc:a6:f5:56:58:7e:e0:42:da:8a:2e:5f:6f:
                    90:25:ff:be:b9:3f:85:7f:c7:1b:ef:fc:2e:8a:9e:
                    c9:40:0a:f4:bc:54:79:52:5d:95:ed:d2:68:ab:30:
                    73:28:3c:ec:2d:1d:df:d8:40:29:74:97:13:9a:6f:
                    43:68:21:a8:72:2a:61:7f:ed:97:14:f5:1e:76:e8:
                    0e:a1:5d:2a:85:a3:13:da:f0:48:9f:5a:31:d3:6c:
                    81:93:4c:22:a4:94:67:c0:c6:83:24:a7:9d:4c:08:
                    25:ad:b1:51:a6:f7:5e:8c:ff:4c:15:76:c9:c3:04:
                    c4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:7F:80:9E:B9:EB:88:4F:84:19:C1:48:95:23:FE:9D:CC:64:41:3E
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yn-AnrnriE-EGcFIlSP-ncxkQT4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.78.0/24
                  5.160.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:34:70:ce:ec:00:7c:09:44:9e:d3:5f:01:42:40:77:4f:62:
         ad:74:d0:76:e7:76:34:7a:35:66:1a:a5:c4:3a:0c:bd:61:6f:
         83:8c:80:a8:59:f5:dd:7a:7e:a1:50:c0:7f:d3:f3:cc:03:e7:
         4d:db:3e:96:61:c4:72:04:7b:f4:96:74:67:4b:a9:15:62:31:
         90:63:e5:fe:ce:c9:5a:e9:34:70:01:5e:c7:6e:b4:ed:cb:f6:
         6a:c6:82:c8:05:71:4a:83:1f:95:18:30:86:26:77:31:f5:2f:
         c9:e5:9a:03:e8:78:d6:01:39:34:1f:e3:f2:27:85:cc:02:55:
         6b:f6:9a:29:5f:5a:61:96:fa:84:c5:0d:11:95:99:fe:61:bf:
         43:6c:11:c5:af:cb:0e:e3:39:57:ed:8d:40:3c:ea:0d:10:f1:
         94:61:30:e1:e1:87:f5:8c:72:e0:f1:b4:44:19:f2:bb:60:f2:
         50:d0:33:c4:a1:b2:b4:4e:05:08:36:13:c4:21:80:8d:67:ad:
         5a:a8:e9:99:cf:56:43:d7:5c:47:63:a0:d8:e7:11:b7:c9:6f:
         80:83:93:8f:12:66:f8:43:2e:00:28:c5:8f:8d:83:c7:83:75:
         9e:b1:75:d4:41:63:93:b3:ff:63:80:80:b1:51:6a:3a:91:0c:
         16:bb:5f:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEktw2PfnM9Mab0BTTjCG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdmODA5ZWI5ZWI4ODRmODQxOWMxNDg5NTIzZmU5ZGNjNjQ0MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9eEW9pzMlVraEVekirgvkmMvuhL
LmPBzkEajSGYNT1VetR8sLNc3b4+1YwLpBRJfLlIkPsWp99EnxboPZ5BeCwI6UFS
SvcF4cR/EzsRWitnndc19YKJiofMMQLJtxRvby7L4RM9jjjxN7Guo0eZ98vH+e70
IEloCs1w0zKa+MZcCQKNNoYqwMym9VZYfuBC2oouX2+QJf++uT+Ff8cb7/wuip7J
QAr0vFR5Ul2V7dJoqzBzKDzsLR3f2EApdJcTmm9DaCGociphf+2XFPUedugOoV0q
haMT2vBIn1ox02yBk0wipJRnwMaDJKedTAglrbFRpvdejP9MFXbJwwTElwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGJ/gJ6564hPhBnBSJUj/p3MZEE+MB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWW4tQW5ybnJpRS1FR2NGSWxTUC1uY3hrUVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaBOAwQB
BaCaMA0GCSqGSIb3DQEBCwUAA4IBAQAbNHDO7AB8CUSe018BQkB3T2KtdNB253Y0
ejVmGqXEOgy9YW+DjICoWfXden6hUMB/0/PMA+dN2z6WYcRyBHv0lnRnS6kVYjGQ
Y+X+zsla6TRwAV7HbrTty/ZqxoLIBXFKgx+VGDCGJncx9S/J5ZoD6HjWATk0H+Py
J4XMAlVr9popX1phlvqExQ0RlZn+Yb9DbBHFr8sO4zlX7Y1APOoNEPGUYTDh4Yf1
jHLg8bREGfK7YPJQ0DPEobK0TgUINhPEIYCNZ61aqOmZz1ZD11xHY6DY5xG3yW+A
g5OPEmb4Qy4AKMWPjYPHg3WesXXUQWOTs/9jgICxUWo6kQwWu1+c
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:13 2024 by rpki-client on console-fra.rpki-client.org