Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa
File:                     wFvcpTjpVQDcxfIDDv3nYpss1HI.roa (raw, json)
Hash identifier:          gmm37nRtuMOYdCuw5NXxbwCK0vV/0eJv88ei0ZQ3REA=
Subject key identifier:   C0:5B:DC:A5:38:E9:55:00:DC:C5:F2:03:0E:FD:E7:62:9B:2C:D4:72
Certificate issuer:       /CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Certificate serial:       018CC348FE0FF9ADA6DB3F447F250FEB950B
Authority key identifier: 47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa
Signing time:             Mon 01 Jan 2024 04:29:49 +0000
ROA not before:           Mon 01 Jan 2024 04:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8796
IP address blocks:        5.183.80.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 20:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:fe:0f:f9:ad:a6:db:3f:44:7f:25:0f:eb:95:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
        Validity
            Not Before: Jan  1 04:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c05bdca538e95500dcc5f2030efde7629b2cd472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:42:29:0b:12:ea:87:ea:0e:16:1f:11:9b:b6:
                    24:b0:0d:78:84:74:7e:f3:51:1f:0f:c3:5b:52:0a:
                    97:a7:02:b4:6d:f2:e7:d1:17:4f:bc:57:38:92:4a:
                    89:48:55:3b:1d:d5:72:11:f5:29:97:35:b8:bb:a0:
                    97:2a:28:fc:82:20:cf:1b:5d:ec:57:89:bb:ce:5d:
                    4b:5d:6e:4d:f8:fd:a0:7b:57:72:43:96:fd:c3:5d:
                    b5:6a:c0:86:7a:13:ff:7d:f1:c7:53:19:e6:4d:e4:
                    b5:ed:b5:f5:4f:e2:ed:61:77:f1:25:cd:7c:63:85:
                    da:fc:9d:d9:ce:33:7e:79:d7:ff:7a:5b:18:37:ac:
                    dc:02:90:5d:98:ee:fc:e4:6f:22:7e:9b:a9:eb:8c:
                    ed:49:df:2e:e9:51:25:4c:06:cb:85:3b:9a:fc:0d:
                    24:dd:0d:b7:b1:f4:cc:a3:ac:4b:13:c5:40:29:ff:
                    e1:bb:23:a9:43:9a:a0:aa:e1:3c:69:a4:47:9d:c3:
                    95:9e:b1:9b:c0:c9:3e:7c:0b:2f:07:a9:17:d6:46:
                    09:0c:38:14:37:fd:70:ee:74:07:b6:de:8d:e1:da:
                    b3:16:da:7e:9b:f0:74:78:1f:c1:52:d0:c8:f8:12:
                    68:e5:eb:b5:84:2c:51:90:bd:59:7b:1a:aa:86:07:
                    08:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:5B:DC:A5:38:E9:55:00:DC:C5:F2:03:0E:FD:E7:62:9B:2C:D4:72
            X509v3 Authority Key Identifier:
                keyid:47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:01:3e:98:86:df:05:dd:9a:1b:34:cd:01:33:7a:8b:e7:51:
         de:35:45:d0:b5:1e:15:f9:6e:2b:87:fe:e8:37:6d:05:cb:15:
         d9:fc:2b:6f:23:37:e6:c1:3c:87:cc:0e:0b:ad:ec:fc:ba:17:
         97:9b:88:1c:87:f8:f6:5b:02:7e:40:62:34:fe:1b:7d:67:08:
         93:25:46:a5:ac:f5:6f:26:48:64:70:25:f0:f8:16:c5:32:bc:
         b3:6a:4a:f2:47:1e:76:be:d8:3e:5e:ef:e1:e0:8d:88:81:c1:
         c2:ad:5e:d1:94:78:8a:7d:87:7d:12:5f:dd:d4:8f:9a:2d:63:
         af:a1:9e:57:3c:03:8a:60:94:c5:87:f2:78:06:79:f1:f0:e9:
         72:f9:53:cd:10:ec:dc:13:28:5e:4d:be:17:f6:12:ec:99:4e:
         58:75:9a:e1:80:91:fc:d6:d9:10:f9:30:36:0a:dd:bb:c8:25:
         cf:5c:17:50:8d:33:2b:b4:8a:fd:98:f1:8b:a1:d7:65:c1:05:
         f4:32:68:7e:e9:7b:82:e0:35:0b:8c:76:55:0b:d5:4e:f4:ce:
         45:fa:6b:4d:4b:7c:79:ec:26:32:d7:b8:fc:0d:f8:a1:fe:fa:
         be:38:b6:e4:61:ef:61:6e:6c:f6:5a:bc:0e:2b:9c:0d:e5:d6:
         a9:c1:d4:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSP4P+a2m2z9EfyUP65ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MDVkM2M2YTViMDUxMjY4MmNkZmRmMzYzYjE5YTljNTY3
ZjFmNmMwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDViZGNhNTM4ZTk1NTAwZGNjNWYyMDMwZWZkZTc2MjliMmNkNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUIpCxLqh+oOFh8Rm7YksA14hHR+
81EfD8NbUgqXpwK0bfLn0RdPvFc4kkqJSFU7HdVyEfUplzW4u6CXKij8giDPG13s
V4m7zl1LXW5N+P2ge1dyQ5b9w121asCGehP/ffHHUxnmTeS17bX1T+LtYXfxJc18
Y4Xa/J3ZzjN+edf/elsYN6zcApBdmO785G8ifpup64ztSd8u6VElTAbLhTua/A0k
3Q23sfTMo6xLE8VAKf/huyOpQ5qgquE8aaRHncOVnrGbwMk+fAsvB6kX1kYJDDgU
N/1w7nQHtt6N4dqzFtp+m/B0eB/BUtDI+BJo5eu1hCxRkL1ZexqqhgcIcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBb3KU46VUA3MXyAw7952KbLNRyMB8GA1UdIwQY
MBaAFEcF08alsFEmgs3982OxmpxWfx9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAt
MGRmYTZiMjJlZmYyLzEvd0Z2Y3BUanBWUURjeGZJRER2M25ZcHNzMUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAtMGRmYTZiMjJlZmYy
LzEvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbdQMA0G
CSqGSIb3DQEBCwUAA4IBAQA8AT6Yht8F3ZobNM0BM3qL51HeNUXQtR4V+W4rh/7o
N20FyxXZ/CtvIzfmwTyHzA4Lrez8uheXm4gch/j2WwJ+QGI0/ht9ZwiTJUalrPVv
JkhkcCXw+BbFMryzakryRx52vtg+Xu/h4I2IgcHCrV7RlHiKfYd9El/d1I+aLWOv
oZ5XPAOKYJTFh/J4Bnnx8Oly+VPNEOzcEyheTb4X9hLsmU5YdZrhgJH81tkQ+TA2
Ct27yCXPXBdQjTMrtIr9mPGLoddlwQX0Mmh+6XuC4DULjHZVC9VO9M5F+mtNS3x5
7CYy17j8Dfih/vq+OLbkYe9hbmz2WrwOK5wN5dapwdSj
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:08:45 2024 by rpki-client on console-ams.rpki-client.org