Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa
File:                     D2vGzksMwrQHDMBjdx98D0jlQVw.roa (raw, json)
Hash identifier:          OCgNAqQRIuWHQm0qQLrPHYUEMhtIX3jWNRcABs+Ouxw=
Subject key identifier:   0F:6B:C6:CE:4B:0C:C2:B4:07:0C:C0:63:77:1F:7C:0F:48:E5:41:5C
Certificate issuer:       /CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Certificate serial:       018CC6B7B833D2C785CBA4BE2F53D83177F7
Authority key identifier: 7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa
Signing time:             Mon 01 Jan 2024 20:29:38 +0000
ROA not before:           Mon 01 Jan 2024 20:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203067
IP address blocks:        185.145.49.0/24 maxlen: 24
                          185.145.50.0/24 maxlen: 24
                          185.145.48.0/24 maxlen: 24
                          185.145.51.0/24 maxlen: 24
                          46.175.51.0/24 maxlen: 24
                          46.175.48.0/22 maxlen: 22
                          46.175.48.0/24 maxlen: 24
                          46.175.49.0/24 maxlen: 24
                          46.175.54.0/24 maxlen: 24
                          46.175.52.0/24 maxlen: 24
                          46.175.53.0/24 maxlen: 24
                          46.175.55.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 10:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b8:33:d2:c7:85:cb:a4:be:2f:53:d8:31:77:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
        Validity
            Not Before: Jan  1 20:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0f6bc6ce4b0cc2b4070cc063771f7c0f48e5415c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e2:dd:be:ce:fb:6e:91:8b:f2:1e:08:04:f7:
                    aa:be:af:26:78:1d:d6:7f:96:64:57:99:42:0e:d6:
                    0f:56:62:28:e7:84:eb:39:ff:1c:d8:63:36:2c:63:
                    fb:bd:69:bb:cd:69:24:17:f2:97:af:52:26:a3:52:
                    a6:37:86:b7:12:f1:6c:a7:d4:7a:1f:6c:a1:91:35:
                    e6:8c:b3:77:1d:7e:89:0b:fc:76:6f:30:98:58:29:
                    8b:96:85:3e:7c:5f:92:22:9d:6f:f9:7a:e1:94:84:
                    b2:4c:58:d0:c5:97:f1:d6:46:af:fa:aa:3d:5c:1d:
                    6f:ef:cb:41:26:46:7f:47:d8:72:92:47:0c:5c:68:
                    c6:67:a0:73:a5:90:6d:9d:71:23:d7:57:51:00:d5:
                    93:32:42:1c:15:a5:7c:26:54:1c:5b:32:51:9f:7c:
                    44:1b:ba:c5:07:0a:ca:48:27:4a:59:a6:4e:88:91:
                    66:88:80:3c:41:32:56:c4:26:9f:54:c8:2e:bc:aa:
                    7d:96:c0:1f:37:0e:62:38:b2:46:d3:ab:1d:15:fb:
                    7f:06:03:48:d6:15:8b:3c:8c:45:e1:d3:b8:1f:10:
                    b9:de:dd:a3:7d:2c:28:ac:1b:aa:bc:7f:8c:18:c3:
                    a5:70:8d:af:2f:ca:e2:b9:34:01:9f:96:53:16:ff:
                    9a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6B:C6:CE:4B:0C:C2:B4:07:0C:C0:63:77:1F:7C:0F:48:E5:41:5C
            X509v3 Authority Key Identifier:
                keyid:7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/D2vGzksMwrQHDMBjdx98D0jlQVw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.175.48.0/21
                  185.145.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:d8:69:04:6b:44:af:2c:15:c5:96:74:ab:6d:45:73:5c:77:
         8b:8d:b3:05:5c:50:f8:ac:83:7c:fd:36:54:3c:8b:61:a9:5b:
         4b:e7:f3:c8:81:e0:08:e9:a2:13:79:6b:53:8e:30:0c:65:51:
         e5:ca:9d:f9:1c:18:30:b3:60:7b:b5:7d:ad:cb:1d:34:61:0d:
         3c:fb:ff:2e:bb:ec:47:bc:33:88:2c:6a:e2:f9:77:ca:05:77:
         35:df:61:16:84:e1:bf:cf:a9:f5:bd:4f:7f:bb:ff:e0:29:c2:
         d6:75:58:9b:df:5b:59:b2:ae:c0:ab:08:01:7e:fe:fb:d8:93:
         bd:ce:4a:d7:f2:d8:07:eb:85:cc:cf:e0:36:70:5b:80:d4:e3:
         e3:cb:8c:a7:6a:83:fd:4a:5e:89:80:50:f0:1d:7b:30:3b:94:
         ba:33:33:ba:ec:cb:1a:b3:55:f1:13:ee:b7:9c:3b:4d:7f:8a:
         ac:d2:fb:78:ac:83:7c:b5:01:dd:81:53:f2:a4:b8:7f:40:b1:
         af:4a:0b:18:e6:32:1f:f5:36:85:f3:7b:74:c5:c5:3b:de:3c:
         bf:60:76:f0:23:16:d9:57:f9:27:b3:46:df:34:e4:52:be:a4:
         5e:16:bc:6d:b6:7f:c3:93:af:19:a8:22:e1:e2:c7:ff:49:a3:
         7f:6c:60:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt7gz0seFy6S+L1PYMXf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzYyZDc4MzI4NDY1OWRjMDRlZWRhZjhiOGE2ZmU2ZTkz
MGJkMjcwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZiYzZjZTRiMGNjMmI0MDcwY2MwNjM3NzFmN2MwZjQ4ZTU0MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Ldvs77bpGL8h4IBPeqvq8meB3W
f5ZkV5lCDtYPVmIo54TrOf8c2GM2LGP7vWm7zWkkF/KXr1Imo1KmN4a3EvFsp9R6
H2yhkTXmjLN3HX6JC/x2bzCYWCmLloU+fF+SIp1v+XrhlISyTFjQxZfx1kav+qo9
XB1v78tBJkZ/R9hykkcMXGjGZ6BzpZBtnXEj11dRANWTMkIcFaV8JlQcWzJRn3xE
G7rFBwrKSCdKWaZOiJFmiIA8QTJWxCafVMguvKp9lsAfNw5iOLJG06sdFft/BgNI
1hWLPIxF4dO4HxC53t2jfSworBuqvH+MGMOlcI2vL8riuTQBn5ZTFv+a1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA9rxs5LDMK0BwzAY3cffA9I5UFcMB8GA1UdIwQY
MBaAFHo2LXgyhGWdwE7tr4uKb+bpML0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQt
ODY1MDMxZmEwYmY3LzEvRDJ2R3prc013clFIRE1CamR4OThEMGpsUVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQtODY1MDMxZmEwYmY3
LzEvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq8wAwQC
uZEwMA0GCSqGSIb3DQEBCwUAA4IBAQCJ2GkEa0SvLBXFlnSrbUVzXHeLjbMFXFD4
rIN8/TZUPIthqVtL5/PIgeAI6aITeWtTjjAMZVHlyp35HBgws2B7tX2tyx00YQ08
+/8uu+xHvDOILGri+XfKBXc132EWhOG/z6n1vU9/u//gKcLWdVib31tZsq7AqwgB
fv772JO9zkrX8tgH64XMz+A2cFuA1OPjy4ynaoP9Sl6JgFDwHXswO5S6MzO67Msa
s1XxE+63nDtNf4qs0vt4rIN8tQHdgVPypLh/QLGvSgsY5jIf9TaF83t0xcU73jy/
YHbwIxbZV/kns0bfNORSvqReFrxttn/Dk68ZqCLh4sf/SaN/bGBN
-----END CERTIFICATE-----
Generated at Mon Jun 17 12:05:31 2024 by rpki-client on console-ams.rpki-client.org