Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa
File:                     6cT90RRewO5Nsng-s3LHFBzuUj8.roa (raw, json)
Hash identifier:          N9yJ8gQrTySyM2P10mzP4tQRD69fevNZrfWIr5jedFk=
Subject key identifier:   E9:C4:FD:D1:14:5E:C0:EE:4D:B2:78:3E:B3:72:C7:14:1C:EE:52:3F
Certificate issuer:       /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial:       018CC8DEDAC9459740620625633E14BA3D6B
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa
Signing time:             Tue 02 Jan 2024 06:31:37 +0000
ROA not before:           Tue 02 Jan 2024 06:31:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39179
IP address blocks:        89.28.232.0/21 maxlen: 21
                          95.130.96.0/22 maxlen: 22
                          95.130.96.0/21 maxlen: 21
                          158.255.8.0/21 maxlen: 21
                          95.130.102.0/24 maxlen: 24
                          95.130.100.0/23 maxlen: 23
                          193.27.212.0/23 maxlen: 23
                          77.93.128.0/19 maxlen: 19
                          185.101.44.0/22 maxlen: 22
                          79.99.144.0/22 maxlen: 22
                          2a00:1c40::/32 maxlen: 32
                          2a02:6f80::/29 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:da:c9:45:97:40:62:06:25:63:3e:14:ba:3d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
        Validity
            Not Before: Jan  2 06:31:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e9c4fdd1145ec0ee4db2783eb372c7141cee523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:8a:9c:44:7a:1f:05:8d:85:7d:10:ec:f2:2e:
                    0f:36:dd:c5:f0:e8:01:47:12:8a:dd:b0:0d:42:0e:
                    76:7b:b7:71:55:ef:61:a8:25:bb:67:3f:92:38:e7:
                    06:87:ce:60:5c:8f:04:42:de:ed:25:9d:e6:3f:85:
                    31:e0:59:ce:86:d4:32:5d:bf:2f:1d:e4:9d:38:d8:
                    a3:32:b4:22:d1:ca:74:b4:25:af:ad:3c:96:5d:aa:
                    82:a9:5d:71:2d:c8:f1:8b:ab:55:a3:61:3c:b4:35:
                    0a:6a:f4:c9:9c:9a:b5:29:c1:80:4f:01:af:ca:4f:
                    14:c3:72:bd:a9:12:8f:aa:ce:b1:3c:18:c8:58:66:
                    e0:fb:0d:ef:d2:53:5a:5b:2e:e8:cb:8c:ee:84:20:
                    e9:97:9a:62:65:d4:99:b6:43:4e:8c:40:ea:fe:07:
                    30:e6:f9:37:e3:d2:44:23:16:9a:3a:44:b9:5f:a0:
                    4b:f9:42:9e:20:30:e3:13:7c:5c:75:3d:64:3d:f6:
                    6a:ff:30:e8:ad:8a:fa:b2:65:50:32:00:58:6a:7f:
                    7d:60:c9:cc:27:b9:b7:ae:e2:e2:53:5b:88:2a:9c:
                    df:8b:02:25:6d:f8:32:17:23:80:d9:48:fa:a4:ad:
                    88:2a:6e:d0:2f:77:68:9a:81:a0:5d:46:83:7d:80:
                    44:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C4:FD:D1:14:5E:C0:EE:4D:B2:78:3E:B3:72:C7:14:1C:EE:52:3F
            X509v3 Authority Key Identifier:
                keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.93.128.0/19
                  79.99.144.0/22
                  89.28.232.0/21
                  95.130.96.0/21
                  158.255.8.0/21
                  185.101.44.0/22
                  193.27.212.0/23
                IPv6:
                  2a00:1c40::/32
                  2a02:6f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         72:7f:f5:7d:17:27:24:0d:54:b2:64:42:c8:f2:e6:fe:bc:0f:
         d6:c6:47:e8:cd:b1:74:a8:51:19:1d:b0:bd:86:fd:b9:0a:03:
         a9:46:b8:f3:7e:84:1b:37:3c:19:f8:88:06:18:da:c1:df:86:
         cc:29:aa:23:a7:45:96:0e:de:f4:37:62:74:69:bd:4f:89:9a:
         61:8a:22:0f:16:45:39:a8:4a:3c:68:d0:29:d4:e6:84:d4:21:
         f0:1f:bb:1e:4a:15:c8:49:df:e7:16:ce:bd:65:47:a0:33:59:
         75:c9:8a:b0:6e:b2:51:27:41:36:6a:f9:a4:c2:21:42:18:02:
         47:ac:1e:de:ae:39:1b:64:5f:60:bb:ae:96:32:1c:91:c5:d1:
         37:d1:46:21:d8:9c:21:82:e6:17:d0:0e:65:28:48:07:1e:10:
         5b:61:05:0b:e2:4a:54:c6:1a:63:dc:62:d2:67:06:bd:d3:21:
         15:fe:1b:3d:97:16:b1:8b:3d:1b:6c:0f:b3:3b:b2:40:2c:b7:
         10:b9:e9:af:cd:9a:1a:9e:1e:1e:65:44:86:a8:d7:cf:05:b7:
         88:36:65:40:07:31:b6:60:b6:b5:c8:5a:da:4b:57:c2:1d:bf:
         06:73:f4:eb:69:90:43:ad:12:8c:27:92:78:ba:77:de:2a:88:
         36:38:03:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzI3trJRZdAYgYlYz4Uuj1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM0ZmRkMTE0NWVjMGVlNGRiMjc4M2ViMzcyYzcxNDFjZWU1MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIqcRHofBY2FfRDs8i4PNt3F8OgB
RxKK3bANQg52e7dxVe9hqCW7Zz+SOOcGh85gXI8EQt7tJZ3mP4Ux4FnOhtQyXb8v
HeSdONijMrQi0cp0tCWvrTyWXaqCqV1xLcjxi6tVo2E8tDUKavTJnJq1KcGATwGv
yk8Uw3K9qRKPqs6xPBjIWGbg+w3v0lNaWy7oy4zuhCDpl5piZdSZtkNOjEDq/gcw
5vk349JEIxaaOkS5X6BL+UKeIDDjE3xcdT1kPfZq/zDorYr6smVQMgBYan99YMnM
J7m3ruLiU1uIKpzfiwIlbfgyFyOA2Uj6pK2IKm7QL3domoGgXUaDfYBEwQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOnE/dEUXsDuTbJ4PrNyxxQc7lI/MB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvNmNUOTBSUmV3TzVOc25nLXMzTEhGQnp1VWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFTV2AAwQC
T2OQAwQDWRzoAwQDX4JgAwQDnv8IAwQCuWUsAwQBwRvUMBQEAgACMA4DBQAqABxA
AwUDKgJvgDANBgkqhkiG9w0BAQsFAAOCAQEAcn/1fRcnJA1UsmRCyPLm/rwP1sZH
6M2xdKhRGR2wvYb9uQoDqUa4836EGzc8GfiIBhjawd+GzCmqI6dFlg7e9DdidGm9
T4maYYoiDxZFOahKPGjQKdTmhNQh8B+7HkoVyEnf5xbOvWVHoDNZdcmKsG6yUSdB
Nmr5pMIhQhgCR6we3q45G2RfYLuuljIckcXRN9FGIdicIYLmF9AOZShIBx4QW2EF
C+JKVMYaY9xi0mcGvdMhFf4bPZcWsYs9G2wPszuyQCy3ELnpr82aGp4eHmVEhqjX
zwW3iDZlQAcxtmC2tcha2ktXwh2/BnP062mQQ60SjCeSeLp33iqINjgDfw==
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:04:43 2024 by rpki-client on console-ams.rpki-client.org