Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/7hTrY8jKOPUBvSLyeZexZsueC6Y.roa
File:                     7hTrY8jKOPUBvSLyeZexZsueC6Y.roa (raw, json)
Hash identifier:          B1k41N3DhpkZILMztEhL+/zC67TYZB7cCZSCiscBiWo=
Subject key identifier:   EE:14:EB:63:C8:CA:38:F5:01:BD:22:F2:79:97:B1:66:CB:9E:0B:A6
Certificate issuer:       /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial:       018CCA994D8D77AE29A54CD95063B4FE0AF8
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/7hTrY8jKOPUBvSLyeZexZsueC6Y.roa
Signing time:             Tue 02 Jan 2024 14:34:53 +0000
ROA not before:           Tue 02 Jan 2024 14:34:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137502
IP address blocks:        213.248.219.0/24 maxlen: 24
                          213.248.218.0/24 maxlen: 24
                          213.248.217.0/24 maxlen: 24
                          213.248.216.0/24 maxlen: 24
                          213.248.223.0/24 maxlen: 24
                          213.248.222.0/24 maxlen: 24
                          213.248.221.0/24 maxlen: 24
                          213.248.220.0/24 maxlen: 24
                          213.248.254.0/24 maxlen: 24
                          213.248.255.0/24 maxlen: 24
                          2a01:618:405::/48 maxlen: 48
                          2a01:618:400::/48 maxlen: 48
                          2a01:618:403::/48 maxlen: 48
                          2a01:618:404::/48 maxlen: 48
                          2a01:618:407::/48 maxlen: 48
                          2a01:618:402::/48 maxlen: 48
                          2a01:618:406::/48 maxlen: 48
                          2a01:618:401::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:4d:8d:77:ae:29:a5:4c:d9:50:63:b4:fe:0a:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
        Validity
            Not Before: Jan  2 14:34:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ee14eb63c8ca38f501bd22f27997b166cb9e0ba6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:02:86:5d:c5:fe:9c:30:a7:dd:97:52:7c:14:
                    51:3b:3d:12:3f:8a:6f:1e:c2:41:77:ad:30:a1:dc:
                    61:f8:f7:b0:ff:f1:5e:48:14:5f:c6:c3:65:95:18:
                    97:cf:aa:14:d7:9a:3a:e7:8d:8c:df:aa:c4:cf:64:
                    13:2d:6d:12:ac:cd:a4:07:ec:28:b3:b4:2e:74:c1:
                    6e:68:29:40:31:de:b9:04:88:b4:30:db:cc:49:4b:
                    b0:52:18:5f:c4:f1:03:78:cb:f7:a7:92:15:db:45:
                    c1:fd:2a:f5:d6:57:a9:40:77:69:f7:e4:b6:3d:be:
                    6f:92:3d:45:9c:a1:74:a8:30:3d:db:8e:53:54:59:
                    96:6b:af:f1:31:d5:05:89:85:78:cc:04:0a:a1:3e:
                    14:e3:7a:1f:6d:d2:76:1d:40:3e:a2:4c:23:91:89:
                    ac:0c:a1:8b:60:c4:f0:5a:34:27:4f:e6:54:28:7f:
                    d2:4a:95:c9:c2:4d:6c:0d:b9:d7:76:79:c8:ad:7f:
                    91:9c:49:80:72:50:cc:82:67:ae:b2:fa:ea:14:b5:
                    4b:b3:56:2c:6d:42:d7:2a:81:53:05:51:bc:5a:9f:
                    f5:1c:e8:3c:9b:97:94:b5:39:c4:c1:8e:b5:7e:ee:
                    38:75:29:d1:7b:9f:3a:87:c4:8e:14:23:d7:ab:f6:
                    a0:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:14:EB:63:C8:CA:38:F5:01:BD:22:F2:79:97:B1:66:CB:9E:0B:A6
            X509v3 Authority Key Identifier:
                keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/7hTrY8jKOPUBvSLyeZexZsueC6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.248.216.0/21
                  213.248.254.0/23
                IPv6:
                  2a01:618:400::/45

    Signature Algorithm: sha256WithRSAEncryption
         a3:c6:11:08:7b:3d:d4:8b:66:72:9e:f4:59:82:0d:0e:ba:f9:
         01:1b:c8:e5:36:58:40:13:e7:93:0a:a5:90:e5:cc:2f:02:a8:
         96:b3:30:d8:99:b3:fb:a8:06:4c:4c:b1:4b:37:1e:10:aa:ec:
         8c:01:0f:36:5a:33:2e:c1:c8:45:8d:f2:73:b6:f2:32:0e:99:
         1b:3b:d0:dc:07:9b:c5:8f:d1:18:0f:42:10:48:ea:ef:8b:72:
         ea:43:ea:1a:62:85:b7:2f:c0:b6:fb:f3:a6:5e:26:00:d8:12:
         b2:a2:bf:ee:df:03:c8:ee:22:72:1a:19:78:b8:0a:b8:90:c6:
         a9:1e:11:56:e4:9a:3a:11:b8:e7:b2:df:f3:fa:a8:9d:34:45:
         d4:55:5b:43:fc:f4:39:e8:30:3a:dd:a5:06:17:27:ab:24:b7:
         b9:dc:c0:c2:cf:95:50:71:3a:99:cd:a7:65:df:b0:f9:b1:54:
         df:99:17:d7:5d:9e:9b:86:cd:49:73:0c:59:76:79:8b:e0:2e:
         5a:2f:47:b0:3a:c2:be:49:2e:22:ac:85:ec:50:0d:1f:1a:a8:
         67:41:c6:c9:c6:62:5f:62:18:9d:13:1c:10:1b:79:81:15:4a:
         18:ad:ea:58:98:0d:00:79:93:c3:9f:67:1e:7b:f4:d3:40:bf:
         33:9d:67:a1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKmU2Nd64ppUzZUGO0/gr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjQwMTAyMTQzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE0ZWI2M2M4Y2EzOGY1MDFiZDIyZjI3OTk3YjE2NmNiOWUwYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgKGXcX+nDCn3ZdSfBRROz0SP4pv
HsJBd60wodxh+Pew//FeSBRfxsNllRiXz6oU15o6542M36rEz2QTLW0SrM2kB+wo
s7QudMFuaClAMd65BIi0MNvMSUuwUhhfxPEDeMv3p5IV20XB/Sr11lepQHdp9+S2
Pb5vkj1FnKF0qDA9245TVFmWa6/xMdUFiYV4zAQKoT4U43ofbdJ2HUA+okwjkYms
DKGLYMTwWjQnT+ZUKH/SSpXJwk1sDbnXdnnIrX+RnEmAclDMgmeusvrqFLVLs1Ys
bULXKoFTBVG8Wp/1HOg8m5eUtTnEwY61fu44dSnRe586h8SOFCPXq/ag7wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO4U62PIyjj1Ab0i8nmXsWbLngumMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvN2hUclk4aktPUFVCdlNMeWVaZXhac3VlQzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQD1fjYAwQB
1fj+MA8EAgACMAkDBwMqAQYYBAAwDQYJKoZIhvcNAQELBQADggEBAKPGEQh7PdSL
ZnKe9FmCDQ66+QEbyOU2WEAT55MKpZDlzC8CqJazMNiZs/uoBkxMsUs3HhCq7IwB
DzZaMy7ByEWN8nO28jIOmRs70NwHm8WP0RgPQhBI6u+LcupD6hpihbcvwLb786Ze
JgDYErKiv+7fA8juInIaGXi4CriQxqkeEVbkmjoRuOey3/P6qJ00RdRVW0P89Dno
MDrdpQYXJ6skt7ncwMLPlVBxOpnNp2XfsPmxVN+ZF9ddnpuGzUlzDFl2eYvgLlov
R7A6wr5JLiKshexQDR8aqGdBxsnGYl9iGJ0THBAbeYEVShit6liYDQB5k8OfZx57
9NNAvzOdZ6E=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:04 2024 by rpki-client on console-ams.rpki-client.org