Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/SfV0wWgUfPeZlr98-cniE8Y2t0o.roa
File:                     SfV0wWgUfPeZlr98-cniE8Y2t0o.roa (raw, json)
Hash identifier:          d5BLl2mdp2dLjuN3Dqs/i4zHWnQ82ykbPu89lwkJuiA=
Subject key identifier:   49:F5:74:C1:68:14:7C:F7:99:96:BF:7C:F9:C9:E2:13:C6:36:B7:4A
Certificate issuer:       /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial:       018CC8015D4C9F836072F26BFAEE7B547349
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/SfV0wWgUfPeZlr98-cniE8Y2t0o.roa
Signing time:             Tue 02 Jan 2024 02:29:41 +0000
ROA not before:           Tue 02 Jan 2024 02:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6461
IP address blocks:        185.83.150.0/23 maxlen: 24
                          185.83.148.0/23 maxlen: 24
                          94.26.93.0/24 maxlen: 24
                          94.26.97.0/24 maxlen: 24
                          94.26.95.0/24 maxlen: 24
                          94.26.98.0/23 maxlen: 24
                          94.26.101.0/24 maxlen: 24
                          94.26.103.0/24 maxlen: 24
                          94.26.109.0/24 maxlen: 24
                          104.255.128.0/21 maxlen: 24
                          185.75.80.0/22 maxlen: 24
                          185.49.216.0/22 maxlen: 24
                          153.94.56.0/21 maxlen: 24
                          185.94.78.0/23 maxlen: 24
                          185.94.76.0/23 maxlen: 24
                          45.94.8.0/22 maxlen: 24
                          45.94.10.0/24 maxlen: 24
                          185.9.212.0/22 maxlen: 24
                          192.190.168.0/22 maxlen: 24
                          94.190.196.0/22 maxlen: 24
                          94.190.196.0/24 maxlen: 24
                          94.190.199.0/24 maxlen: 24
                          94.190.198.0/24 maxlen: 24
                          94.190.197.0/24 maxlen: 24
                          45.89.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 14:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:5d:4c:9f:83:60:72:f2:6b:fa:ee:7b:54:73:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
        Validity
            Not Before: Jan  2 02:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=49f574c168147cf79996bf7cf9c9e213c636b74a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4d:15:d5:1a:99:92:bc:b2:ed:fe:cf:12:2d:
                    e5:68:df:0c:41:25:c7:a2:7e:3b:09:f7:62:81:99:
                    63:a9:89:35:81:3f:35:3d:28:bd:62:74:9f:82:b9:
                    ba:7f:ca:7f:0e:74:e8:dd:92:0d:8a:4c:d4:61:e1:
                    b0:ba:53:c6:d9:47:2d:18:0f:fd:f9:23:00:12:41:
                    ef:76:cd:ec:4e:5a:a7:83:b4:f0:c4:ac:f9:04:40:
                    0a:09:86:79:44:f6:16:39:51:07:6f:e4:d7:a0:68:
                    f3:9a:ef:2f:c5:b0:b8:fa:d8:5a:eb:27:a1:96:43:
                    da:44:77:e9:fc:e1:4f:7a:2c:be:ca:0b:f6:cd:60:
                    18:6e:b8:03:c6:b1:c2:65:7c:c9:d4:2e:6b:4b:c1:
                    1e:cf:d5:ea:f0:42:c5:f3:22:75:55:b1:f1:c8:4a:
                    89:b4:e4:e0:39:9b:86:98:4a:36:0f:d9:94:64:27:
                    cc:8f:95:c9:54:8d:0e:f7:09:97:65:60:39:82:43:
                    b4:da:a8:d4:c4:0f:60:d0:bf:31:37:de:47:90:fc:
                    6a:30:48:92:d9:5d:20:8b:2e:a5:3a:83:95:ac:c1:
                    48:74:4f:e3:44:87:e6:08:f6:f5:54:97:57:98:4b:
                    fb:7a:13:47:df:a4:40:90:95:7a:14:1a:47:47:61:
                    d4:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:F5:74:C1:68:14:7C:F7:99:96:BF:7C:F9:C9:E2:13:C6:36:B7:4A
            X509v3 Authority Key Identifier:
                keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/SfV0wWgUfPeZlr98-cniE8Y2t0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.212.0/22
                  45.94.8.0/22
                  94.26.93.0/24
                  94.26.95.0/24
                  94.26.97.0-94.26.99.255
                  94.26.101.0/24
                  94.26.103.0/24
                  94.26.109.0/24
                  94.190.196.0/22
                  104.255.128.0/21
                  153.94.56.0/21
                  185.9.212.0/22
                  185.49.216.0/22
                  185.75.80.0/22
                  185.83.148.0/22
                  185.94.76.0/22
                  192.190.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:d1:ca:78:bf:c3:9a:60:1a:f0:fa:e2:3c:b0:82:b5:33:2d:
         41:9b:6d:d0:85:fb:01:02:96:a8:ed:7e:47:3b:33:91:59:6f:
         8e:aa:64:bf:d3:ad:ae:a7:ce:7b:fc:16:a0:cd:cf:d7:84:f9:
         e8:27:7c:70:61:e1:ab:2e:dc:9d:0d:7d:0e:71:7d:24:b1:3a:
         7f:f7:57:eb:69:f2:0b:e1:bd:7b:45:7b:82:76:2d:b8:ab:a0:
         32:31:f0:d5:a5:d4:a9:f8:23:76:b2:cb:cc:97:de:05:57:40:
         f9:1b:e7:80:48:a6:4e:91:87:2e:b2:0b:e5:74:8f:ca:00:61:
         c3:ca:4e:5b:26:3a:28:86:04:28:f1:53:65:6b:61:87:8e:f4:
         46:b0:19:2d:1f:a9:a0:8d:af:2d:10:ac:93:d2:c7:51:c9:1b:
         97:00:71:1a:e0:66:b8:a7:b5:21:37:3f:1f:19:24:d7:34:e6:
         76:2e:64:12:6c:ae:b4:30:63:e9:61:83:4e:bb:53:b2:42:c6:
         c0:61:06:6b:7e:83:2a:44:34:f6:12:e4:9e:5f:bf:07:4d:73:
         3a:27:65:78:1e:14:c7:eb:b4:7d:34:0e:a8:49:83:45:8f:4d:
         34:28:01:69:fd:d4:c2:a8:4d:ba:2a:02:ee:7d:e6:39:2e:42:
         5b:96:dc:fe
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYzIAV1Mn4NgcvJr+u57VHNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY1NzRjMTY4MTQ3Y2Y3OTk5NmJmN2NmOWM5ZTIxM2M2MzZiNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE0V1RqZkryy7f7PEi3laN8MQSXH
on47CfdigZljqYk1gT81PSi9YnSfgrm6f8p/DnTo3ZINikzUYeGwulPG2UctGA/9
+SMAEkHvds3sTlqng7TwxKz5BEAKCYZ5RPYWOVEHb+TXoGjzmu8vxbC4+tha6yeh
lkPaRHfp/OFPeiy+ygv2zWAYbrgDxrHCZXzJ1C5rS8Eez9Xq8ELF8yJ1VbHxyEqJ
tOTgOZuGmEo2D9mUZCfMj5XJVI0O9wmXZWA5gkO02qjUxA9g0L8xN95HkPxqMEiS
2V0giy6lOoOVrMFIdE/jRIfmCPb1VJdXmEv7ehNH36RAkJV6FBpHR2HUMQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFEn1dMFoFHz3mZa/fPnJ4hPGNrdKMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvU2ZWMHdXZ1VmUGVabHI5OC1jbmlFOFkydDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAi1Z1AME
Ai1eCAMEAF4aXQMEAF4aXzAMAwQAXhphAwQCXhpgAwQAXhplAwQAXhpnAwQAXhpt
AwQCXr7EAwQDaP+AAwQDmV44AwQCuQnUAwQCuTHYAwQCuUtQAwQCuVOUAwQCuV5M
AwQCwL6oMA0GCSqGSIb3DQEBCwUAA4IBAQAb0cp4v8OaYBrw+uI8sIK1My1Bm23Q
hfsBApao7X5HOzORWW+OqmS/062up857/Bagzc/XhPnoJ3xwYeGrLtydDX0OcX0k
sTp/91frafIL4b17RXuCdi24q6AyMfDVpdSp+CN2ssvMl94FV0D5G+eASKZOkYcu
sgvldI/KAGHDyk5bJjoohgQo8VNla2GHjvRGsBktH6mgja8tEKyT0sdRyRuXAHEa
4Ga4p7UhNz8fGSTXNOZ2LmQSbK60MGPpYYNOu1OyQsbAYQZrfoMqRDT2EuSeX78H
TXM6J2V4HhTH67R9NA6oSYNFj000KAFp/dTCqE26KgLufeY5LkJbltz+
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:47:52 2024 by rpki-client on console-ams.rpki-client.org