Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/FeHIeQLI5X7FXfBCINUyS0oPGv8.roa
File:                     FeHIeQLI5X7FXfBCINUyS0oPGv8.roa (raw, json)
Hash identifier:          kzAJvb8YNgT96ZNc6iYRS33ByMzUwodH7d8o9R6afyA=
Subject key identifier:   15:E1:C8:79:02:C8:E5:7E:C5:5D:F0:42:20:D5:32:4B:4A:0F:1A:FF
Certificate issuer:       /CN=d8fc6e45181d839fd10e4a902762f26c9a646796
Certificate serial:       018CCA2A6B87C45E5EB9E54C35F02682171F
Authority key identifier: D8:FC:6E:45:18:1D:83:9F:D1:0E:4A:90:27:62:F2:6C:9A:64:67:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/FeHIeQLI5X7FXfBCINUyS0oPGv8.roa
Signing time:             Tue 02 Jan 2024 12:33:46 +0000
ROA not before:           Tue 02 Jan 2024 12:33:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201135
IP address blocks:        185.84.188.0/23 maxlen: 23
                          185.84.190.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:6b:87:c4:5e:5e:b9:e5:4c:35:f0:26:82:17:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8fc6e45181d839fd10e4a902762f26c9a646796
        Validity
            Not Before: Jan  2 12:33:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=15e1c87902c8e57ec55df04220d5324b4a0f1aff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d1:3d:a0:ab:36:76:b2:de:59:9b:3a:53:2d:
                    29:8c:8a:24:ff:b6:ec:91:d0:fc:00:ea:0a:92:e4:
                    21:18:fc:70:17:17:69:7b:d2:ca:90:27:b8:c7:9a:
                    24:c9:9b:0e:da:46:05:47:97:fa:d5:a4:02:97:cc:
                    25:10:03:05:d1:2e:cb:ac:15:16:cf:fa:57:7d:7f:
                    07:86:4e:70:8f:44:e6:09:c7:89:38:80:e9:f9:ad:
                    d3:70:3d:ba:e8:e3:d6:36:22:b5:a0:5c:82:d0:54:
                    20:4f:c8:8e:52:2d:4c:f8:2a:c3:0e:ff:87:94:b7:
                    82:08:86:a2:94:6a:7a:16:01:ab:34:82:f7:21:1e:
                    6e:7a:48:ca:b0:64:b5:99:96:30:17:b4:f3:29:d3:
                    b1:aa:05:2d:88:14:bb:45:45:61:23:d8:30:7f:d1:
                    58:d2:21:d1:83:03:03:a6:2d:be:f7:b8:17:eb:bd:
                    6e:5d:1f:76:27:79:13:53:d3:ec:45:37:75:a3:7f:
                    5b:d3:fa:ab:4a:cd:df:19:bb:8d:b3:67:e6:d2:ee:
                    b3:38:80:56:71:66:81:71:12:79:bf:8c:a3:34:96:
                    90:4e:d2:7f:64:89:88:2d:9e:1f:70:19:99:93:47:
                    43:f2:9a:a9:67:bc:f6:22:ba:08:b7:26:34:9b:1d:
                    f7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:E1:C8:79:02:C8:E5:7E:C5:5D:F0:42:20:D5:32:4B:4A:0F:1A:FF
            X509v3 Authority Key Identifier:
                keyid:D8:FC:6E:45:18:1D:83:9F:D1:0E:4A:90:27:62:F2:6C:9A:64:67:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/FeHIeQLI5X7FXfBCINUyS0oPGv8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/62343c-edbe-4a8a-84f2-7eb2eb85b84a/1/2PxuRRgdg5_RDkqQJ2LybJpkZ5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:3a:0d:44:48:82:2b:f1:58:38:b4:40:ee:f3:76:45:30:d5:
         e9:61:cd:d5:c4:35:10:50:2e:92:09:bb:a5:13:67:f4:58:68:
         e1:76:fc:1c:bb:09:c7:e3:99:05:37:bb:bd:fd:4f:83:fd:39:
         4c:69:bf:a4:16:72:66:0e:4a:4c:85:3f:e9:6a:5e:a4:60:5a:
         6c:48:ed:62:75:7e:63:a0:61:a8:50:5b:aa:9a:9e:a1:de:8f:
         59:f5:00:33:0b:de:6d:ee:47:b7:e9:70:86:12:1b:63:91:ec:
         6f:7a:dd:3a:97:2b:b6:c5:de:bd:88:af:bf:b8:0a:45:0e:ba:
         75:d2:7d:0c:c8:b4:60:85:74:84:fc:8b:b6:cc:2c:a2:5f:01:
         3b:0e:42:5b:b5:ca:0e:7a:26:a0:c5:b1:97:1a:03:4e:2e:bf:
         2e:01:21:67:4f:3c:79:4f:22:ef:e9:3e:45:77:d6:02:95:15:
         22:72:9b:86:8d:80:13:17:42:72:0b:42:89:f3:df:5d:79:e4:
         97:81:42:18:ac:1e:31:ad:29:fb:65:39:60:17:43:93:c7:c9:
         fe:e5:23:91:7a:b4:62:91:be:10:0b:b7:a9:cc:25:c4:2d:c8:
         8b:93:4c:fa:99:2d:d5:aa:30:e5:7b:ba:b1:ff:c2:f5:f7:30:
         6e:df:79:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKmuHxF5eueVMNfAmghcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmM2ZTQ1MTgxZDgzOWZkMTBlNGE5MDI3NjJmMjZjOWE2
NDY3OTYwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWUxYzg3OTAyYzhlNTdlYzU1ZGYwNDIyMGQ1MzI0YjRhMGYxYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9E9oKs2drLeWZs6Uy0pjIok/7bs
kdD8AOoKkuQhGPxwFxdpe9LKkCe4x5okyZsO2kYFR5f61aQCl8wlEAMF0S7LrBUW
z/pXfX8Hhk5wj0TmCceJOIDp+a3TcD266OPWNiK1oFyC0FQgT8iOUi1M+CrDDv+H
lLeCCIailGp6FgGrNIL3IR5uekjKsGS1mZYwF7TzKdOxqgUtiBS7RUVhI9gwf9FY
0iHRgwMDpi2+97gX671uXR92J3kTU9PsRTd1o39b0/qrSs3fGbuNs2fm0u6zOIBW
cWaBcRJ5v4yjNJaQTtJ/ZImILZ4fcBmZk0dD8pqpZ7z2IroItyY0mx33FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXhyHkCyOV+xV3wQiDVMktKDxr/MB8GA1UdIwQY
MBaAFNj8bkUYHYOf0Q5KkCdi8myaZGeWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlB4dVJSZ2RnNV9SRGtxUUoyTHliSnBrWjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MjM0M2MtZWRiZS00YThhLTg0ZjIt
N2ViMmViODViODRhLzEvRmVISWVRTEk1WDdGWGZCQ0lOVXlTMG9QR3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MjM0M2MtZWRiZS00YThhLTg0ZjItN2ViMmViODViODRh
LzEvMlB4dVJSZ2RnNV9SRGtxUUoyTHliSnBrWjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVS8MA0G
CSqGSIb3DQEBCwUAA4IBAQAOOg1ESIIr8Vg4tEDu83ZFMNXpYc3VxDUQUC6SCbul
E2f0WGjhdvwcuwnH45kFN7u9/U+D/TlMab+kFnJmDkpMhT/pal6kYFpsSO1idX5j
oGGoUFuqmp6h3o9Z9QAzC95t7ke36XCGEhtjkexvet06lyu2xd69iK+/uApFDrp1
0n0MyLRghXSE/Iu2zCyiXwE7DkJbtcoOeiagxbGXGgNOLr8uASFnTzx5TyLv6T5F
d9YClRUicpuGjYATF0JyC0KJ899deeSXgUIYrB4xrSn7ZTlgF0OTx8n+5SORerRi
kb4QC7epzCXELciLk0z6mS3VqjDle7qx/8L19zBu33nQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:22 2024 by rpki-client on console-ams.rpki-client.org