Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/e5loy2yCl__Aq1bDuZdvmGzNyz8.roa
File:                     e5loy2yCl__Aq1bDuZdvmGzNyz8.roa (raw, json)
Hash identifier:          Dh+Wp+TeDgmejxCUqTfNbdjfRvPKjruOVVz9qm0iSD8=
Subject key identifier:   7B:99:68:CB:6C:82:97:FF:C0:AB:56:C3:B9:97:6F:98:6C:CD:CB:3F
Certificate issuer:       /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial:       018CC86EFCA7DB2D488D108C77AD88325122
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/e5loy2yCl__Aq1bDuZdvmGzNyz8.roa
Signing time:             Tue 02 Jan 2024 04:29:25 +0000
ROA not before:           Tue 02 Jan 2024 04:29:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204700
IP address blocks:        185.241.105.0/24 maxlen: 24
                          185.241.104.0/24 maxlen: 24
                          185.241.104.0/22 maxlen: 22
                          185.241.107.0/24 maxlen: 24
                          185.241.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6e:fc:a7:db:2d:48:8d:10:8c:77:ad:88:32:51:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
        Validity
            Not Before: Jan  2 04:29:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b9968cb6c8297ffc0ab56c3b9976f986ccdcb3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d6:83:db:d1:4a:ee:9b:07:11:8e:5f:76:68:
                    8e:1f:db:91:16:4c:eb:20:f0:67:aa:47:fa:71:b5:
                    8c:d5:21:74:19:96:1d:0c:4f:7c:c3:b6:6a:5a:74:
                    a4:6c:c1:7f:2b:72:32:c3:46:ac:84:c4:81:5b:87:
                    7e:f1:58:f1:02:b2:e5:a5:5d:02:62:83:09:21:94:
                    d7:41:f2:e0:68:63:8a:ad:b0:55:4d:19:a5:b7:4c:
                    22:aa:08:d4:c8:60:24:ee:3c:1a:a4:9f:6f:50:b0:
                    e1:e8:f4:11:18:f4:35:a6:19:8a:4e:fd:6e:7a:be:
                    6c:db:e7:e2:f3:f7:62:ef:43:be:59:c5:d4:c9:5d:
                    fd:9f:c9:66:a8:e3:79:4d:d3:41:cd:3c:6a:e3:76:
                    d8:66:2e:80:9d:65:78:9b:47:90:4b:31:6a:34:18:
                    0e:ed:40:fe:10:0c:40:fc:ea:cf:95:8b:0f:5e:cb:
                    9b:18:ba:8e:1f:84:f4:72:6c:14:ba:80:13:40:d1:
                    2a:0b:43:f8:80:04:93:58:32:cd:6a:90:32:54:e5:
                    bf:80:47:62:38:0e:f6:4e:a0:e5:30:0c:db:33:20:
                    3a:d6:f3:ff:62:c1:6b:12:c1:1e:b4:96:df:50:39:
                    fe:99:42:44:a3:75:35:f4:97:51:61:0e:20:d6:82:
                    72:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:99:68:CB:6C:82:97:FF:C0:AB:56:C3:B9:97:6F:98:6C:CD:CB:3F
            X509v3 Authority Key Identifier:
                keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/e5loy2yCl__Aq1bDuZdvmGzNyz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:1d:24:c3:b1:34:d2:90:ad:6e:09:af:74:0e:3f:92:ef:9c:
         c4:79:9f:75:69:a5:7c:e0:f0:81:08:68:14:b2:c2:78:96:47:
         28:1d:8e:3f:bd:09:2d:40:62:a2:7a:4a:45:dd:62:2a:42:d1:
         7f:81:d8:74:71:f7:8a:30:11:63:fc:f8:0f:5b:90:b7:36:bc:
         87:9e:14:3e:f5:8b:0f:be:a6:7c:92:6b:16:44:be:fd:c6:5b:
         f1:e4:f4:14:a1:fd:0f:a7:81:76:2c:6e:46:5a:55:90:79:a6:
         67:ac:48:89:66:01:2f:38:e4:ac:a2:37:ae:4b:74:13:76:89:
         39:e0:ac:a1:13:64:57:95:94:5a:eb:cc:30:e4:47:4d:e4:8e:
         01:52:5b:98:cc:60:3e:13:13:9a:d0:27:27:c0:fe:0d:d9:3e:
         4b:9a:7b:fd:21:71:dc:a0:bc:1e:2b:86:62:2b:c8:4c:ad:28:
         b7:67:da:07:f5:d2:b4:89:40:93:32:13:49:99:ad:2e:d1:d9:
         12:7a:ad:f4:72:8b:5e:12:70:85:20:1f:e1:f3:9a:e2:2a:bf:
         2b:f3:62:b3:f0:2b:75:79:95:78:d2:f9:6a:8f:1d:27:c2:96:
         9d:da:e7:c2:8d:9c:e0:89:4f:b2:8c:9a:36:f8:f8:bd:2e:35:
         1a:3d:52:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbvyn2y1IjRCMd62IMlEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjk5NjhjYjZjODI5N2ZmYzBhYjU2YzNiOTk3NmY5ODZjY2RjYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNaD29FK7psHEY5fdmiOH9uRFkzr
IPBnqkf6cbWM1SF0GZYdDE98w7ZqWnSkbMF/K3Iyw0ashMSBW4d+8VjxArLlpV0C
YoMJIZTXQfLgaGOKrbBVTRmlt0wiqgjUyGAk7jwapJ9vULDh6PQRGPQ1phmKTv1u
er5s2+fi8/di70O+WcXUyV39n8lmqON5TdNBzTxq43bYZi6AnWV4m0eQSzFqNBgO
7UD+EAxA/OrPlYsPXsubGLqOH4T0cmwUuoATQNEqC0P4gASTWDLNapAyVOW/gEdi
OA72TqDlMAzbMyA61vP/YsFrEsEetJbfUDn+mUJEo3U19JdRYQ4g1oJy0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHuZaMtsgpf/wKtWw7mXb5hszcs/MB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvZTVsb3kyeUNsX19BcTFiRHVaZHZtR3pOeXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufFoMA0G
CSqGSIb3DQEBCwUAA4IBAQBMHSTDsTTSkK1uCa90Dj+S75zEeZ91aaV84PCBCGgU
ssJ4lkcoHY4/vQktQGKiekpF3WIqQtF/gdh0cfeKMBFj/PgPW5C3NryHnhQ+9YsP
vqZ8kmsWRL79xlvx5PQUof0Pp4F2LG5GWlWQeaZnrEiJZgEvOOSsojeuS3QTdok5
4KyhE2RXlZRa68ww5EdN5I4BUluYzGA+ExOa0CcnwP4N2T5Lmnv9IXHcoLweK4Zi
K8hMrSi3Z9oH9dK0iUCTMhNJma0u0dkSeq30coteEnCFIB/h85riKr8r82Kz8Ct1
eZV40vlqjx0nwpad2ufCjZzgiU+yjJo2+Pi9LjUaPVLn
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:27 2024 by rpki-client on console-fra.rpki-client.org