Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/UXFGWgWQmvf1lObzRIsx2RBr4Rk.roa
File:                     UXFGWgWQmvf1lObzRIsx2RBr4Rk.roa (raw, json)
Hash identifier:          DFwaMwTy4Fvx1WbpuJIdyId3oPwmNk7U2M7XoBczY10=
Subject key identifier:   51:71:46:5A:05:90:9A:F7:F5:94:E6:F3:44:8B:31:D9:10:6B:E1:19
Certificate issuer:       /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial:       018CC3B72D94B37DE3CF16C2D8606701275A
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/UXFGWgWQmvf1lObzRIsx2RBr4Rk.roa
Signing time:             Mon 01 Jan 2024 06:30:11 +0000
ROA not before:           Mon 01 Jan 2024 06:30:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209854
IP address blocks:        185.195.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:2d:94:b3:7d:e3:cf:16:c2:d8:60:67:01:27:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
        Validity
            Not Before: Jan  1 06:30:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5171465a05909af7f594e6f3448b31d9106be119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:75:1e:4f:89:0e:e9:f9:de:81:3c:4a:15:63:
                    ec:ea:e7:8f:2f:de:a1:46:c2:8e:2a:17:32:b3:b5:
                    7d:76:0e:cf:b4:6d:be:b8:43:d3:17:96:8b:90:3f:
                    b9:2e:d0:09:69:30:c4:eb:6d:f9:bc:2f:f2:3f:7c:
                    f8:3e:d9:b4:ba:a5:d7:c4:d0:f3:b6:29:dc:68:d6:
                    f5:97:10:ef:d9:c5:18:a9:26:4f:34:0f:b4:b7:84:
                    d0:dc:21:29:48:08:7c:63:60:ba:02:c8:da:94:46:
                    d6:69:38:1b:5a:bf:e3:b5:74:b5:a8:b5:0b:2f:6c:
                    65:fa:45:bf:5f:96:4c:c9:0c:d9:da:0c:6a:a4:e8:
                    63:aa:6e:2e:76:1d:70:25:53:1d:91:5e:32:31:32:
                    dc:07:6c:aa:8c:9f:c4:3a:36:c1:c0:60:fb:f8:81:
                    bc:eb:43:80:a7:44:50:24:7c:a4:16:93:5d:9e:46:
                    55:7a:9c:56:1b:47:0b:b2:54:09:a6:14:18:ae:ee:
                    23:8d:b0:ed:82:1b:07:ad:2a:2c:50:41:e8:c5:b4:
                    86:86:d2:6d:12:2c:95:f4:e7:d2:13:f1:ec:cb:e0:
                    e3:40:e3:cb:41:0c:f5:b4:9e:44:98:10:d2:e0:7f:
                    a4:32:3e:13:ba:a3:fc:af:75:9b:28:99:e8:a2:66:
                    8e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:71:46:5A:05:90:9A:F7:F5:94:E6:F3:44:8B:31:D9:10:6B:E1:19
            X509v3 Authority Key Identifier:
                keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/UXFGWgWQmvf1lObzRIsx2RBr4Rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:6f:86:17:64:c2:f8:35:2d:e0:4b:b3:03:45:56:f8:a1:10:
         b9:58:25:6b:22:0b:bb:ee:42:6a:ee:31:ad:9a:cb:e4:3c:72:
         32:e7:21:e0:69:89:41:3d:63:3e:d4:3d:06:76:c5:94:64:78:
         d9:d5:b9:a2:5d:80:67:7c:4d:b9:92:d3:b7:5f:65:6f:ab:47:
         c3:08:a8:20:eb:f2:b5:ae:c3:88:23:a7:8c:c8:c7:88:0b:e6:
         22:88:10:00:33:9a:0c:3f:4e:82:bd:a3:45:28:d6:bf:78:cf:
         b4:30:9d:d2:cc:26:b1:b2:8a:86:25:d3:0c:9a:fb:79:c7:3e:
         d8:6c:de:ba:7d:50:ae:e7:58:6c:7c:32:3b:54:2a:e3:2b:85:
         2f:90:f7:59:73:ac:b7:ae:be:f4:21:00:3b:30:10:67:25:03:
         ab:6b:de:86:73:6b:5d:32:e7:47:b4:09:a5:f0:64:07:c5:62:
         81:88:12:5b:a4:02:08:c2:5d:94:9e:d5:c8:5d:21:2f:a5:6a:
         a8:21:2d:52:6e:9a:5b:e9:24:6c:1d:94:8f:70:9f:63:f2:f8:
         70:98:cb:53:02:86:62:57:e0:b1:01:0d:0b:8b:c3:94:62:fd:
         bb:6c:e8:d8:b8:24:76:ef:b6:ea:20:d4:5e:69:41:3b:a3:30:
         93:99:39:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDty2Us33jzxbC2GBnASdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzQ4ODkyNTFlN2NiMTMzZTkwNmM3MDg5MWJhMWEwNDk1
ZWQ4NjAwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTcxNDY1YTA1OTA5YWY3ZjU5NGU2ZjM0NDhiMzFkOTEwNmJlMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3UeT4kO6fnegTxKFWPs6uePL96h
RsKOKhcys7V9dg7PtG2+uEPTF5aLkD+5LtAJaTDE6235vC/yP3z4Ptm0uqXXxNDz
tincaNb1lxDv2cUYqSZPNA+0t4TQ3CEpSAh8Y2C6AsjalEbWaTgbWr/jtXS1qLUL
L2xl+kW/X5ZMyQzZ2gxqpOhjqm4udh1wJVMdkV4yMTLcB2yqjJ/EOjbBwGD7+IG8
60OAp0RQJHykFpNdnkZVepxWG0cLslQJphQYru4jjbDtghsHrSosUEHoxbSGhtJt
EiyV9OfSE/Hsy+DjQOPLQQz1tJ5EmBDS4H+kMj4TuqP8r3WbKJnoomaOFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFxRloFkJr39ZTm80SLMdkQa+EZMB8GA1UdIwQY
MBaAFDo0iJJR58sTPpBscIkboaBJXthgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMt
ODRmOWVkODdhYzMxLzEvVVhGR1dnV1FtdmYxbE9ielJJc3gyUkJyNFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMtODRmOWVkODdhYzMx
LzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAfb4YXZML4NS3gS7MDRVb4oRC5WCVrIgu77kJq7jGt
msvkPHIy5yHgaYlBPWM+1D0GdsWUZHjZ1bmiXYBnfE25ktO3X2Vvq0fDCKgg6/K1
rsOII6eMyMeIC+YiiBAAM5oMP06CvaNFKNa/eM+0MJ3SzCaxsoqGJdMMmvt5xz7Y
bN66fVCu51hsfDI7VCrjK4UvkPdZc6y3rr70IQA7MBBnJQOra96Gc2tdMudHtAml
8GQHxWKBiBJbpAIIwl2UntXIXSEvpWqoIS1Sbppb6SRsHZSPcJ9j8vhwmMtTAoZi
V+CxAQ0Li8OUYv27bOjYuCR277bqINReaUE7ozCTmTmo
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:29 2024 by rpki-client on console-ams.rpki-client.org