Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YenThppAHfoZ8A_WD8XpVZp2QFs.roa
File:                     YenThppAHfoZ8A_WD8XpVZp2QFs.roa (raw, json)
Hash identifier:          6EKMQBCgBkaM3H4EqOIWSFX6i8YXndk1Z1kNWip7zzU=
Subject key identifier:   61:E9:D3:86:9A:40:1D:FA:19:F0:0F:D6:0F:C5:E9:55:9A:76:40:5B
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018DD1E8C29249728217008E964194A6AEB5
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YenThppAHfoZ8A_WD8XpVZp2QFs.roa
Signing time:             Thu 22 Feb 2024 17:41:48 +0000
ROA not before:           Thu 22 Feb 2024 17:41:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35048
IP address blocks:        2.59.50.0/24 maxlen: 24
                          5.183.130.0/24 maxlen: 24
                          45.11.20.0/24 maxlen: 24
                          45.11.21.0/24 maxlen: 24
                          45.15.236.0/24 maxlen: 24
                          45.15.237.0/24 maxlen: 24
                          45.84.176.0/24 maxlen: 24
                          45.84.177.0/24 maxlen: 24
                          45.90.196.0/24 maxlen: 24
                          45.135.32.0/24 maxlen: 24
                          45.135.33.0/24 maxlen: 24
                          92.119.193.0/24 maxlen: 24
                          94.158.190.0/24 maxlen: 24
                          193.53.168.0/24 maxlen: 24
                          193.58.168.0/24 maxlen: 24
                          193.58.169.0/24 maxlen: 24
                          194.32.237.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 15:35:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d1:e8:c2:92:49:72:82:17:00:8e:96:41:94:a6:ae:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Feb 22 17:41:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61e9d3869a401dfa19f00fd60fc5e9559a76405b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6f:1a:2d:f4:05:f9:1c:01:ad:36:c0:6b:f1:
                    7c:cd:7f:78:e1:aa:57:f2:7c:8f:85:31:f5:e2:ef:
                    16:dd:9b:0e:0e:db:0e:79:4d:96:df:ee:f1:05:5d:
                    67:c5:23:d3:45:1f:34:c6:17:7d:b4:47:e6:47:c6:
                    7b:40:2b:58:09:0c:d7:63:a6:95:88:d2:66:67:3f:
                    67:7e:78:d8:8e:01:78:0b:b1:34:ea:b4:82:e0:81:
                    cc:22:75:e6:ed:3a:88:86:15:b9:af:a9:37:e5:a3:
                    dc:b4:9c:57:08:b6:eb:cd:e0:bd:50:13:8c:e3:d8:
                    1f:be:c4:5d:35:e5:bd:10:c4:3e:ba:aa:e4:9e:75:
                    6a:ac:6b:1d:31:86:41:b2:cd:f0:fa:3a:fd:ae:4d:
                    1c:2d:c4:4f:b0:e9:f1:2e:94:8c:26:af:98:cc:67:
                    4b:89:17:fc:45:dd:ea:b9:83:15:66:b3:5f:e5:ae:
                    71:9f:81:36:c5:3c:29:a9:13:45:93:e0:8d:1c:1a:
                    3a:d0:3e:d8:00:48:3e:d9:ad:fa:a2:e3:fa:ee:2e:
                    43:f2:59:89:e4:86:4d:80:31:2e:2b:70:4d:af:ba:
                    87:4d:32:6e:71:80:c7:da:59:01:23:78:28:51:27:
                    f6:66:de:ab:16:27:0f:f6:c1:b8:48:cc:87:e9:27:
                    d9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E9:D3:86:9A:40:1D:FA:19:F0:0F:D6:0F:C5:E9:55:9A:76:40:5B
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/YenThppAHfoZ8A_WD8XpVZp2QFs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.50.0/24
                  5.183.130.0/24
                  45.11.20.0/23
                  45.15.236.0/23
                  45.84.176.0/23
                  45.90.196.0/24
                  45.135.32.0/23
                  92.119.193.0/24
                  94.158.190.0/24
                  193.53.168.0/24
                  193.58.168.0/23
                  194.32.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:dd:35:ca:9a:4f:a5:1a:a3:ef:e0:70:4e:d8:ed:4f:2f:28:
         f1:22:64:bc:26:dc:3d:1c:29:38:21:c7:f7:f4:01:61:be:eb:
         f9:f7:01:78:86:60:4e:61:37:a9:c8:1c:70:63:df:a4:96:af:
         76:2c:09:a4:9b:b8:d8:87:80:4f:f4:ac:1f:d2:b4:cc:5f:ea:
         cc:d6:fd:36:d4:cd:e0:ce:c7:00:af:29:00:0c:d9:cf:30:00:
         fb:77:b7:2a:fe:87:77:3e:3f:42:c1:40:56:aa:02:cd:64:9d:
         62:8c:fe:3f:29:a6:05:9f:ec:86:fe:03:af:7b:f1:98:99:93:
         35:48:c9:1c:d3:ef:7b:cd:c0:41:86:69:d1:c9:cc:8b:c2:4c:
         6b:78:4d:2a:ed:60:75:f2:f4:e6:06:43:d5:13:0c:c4:0f:b2:
         ac:42:86:33:be:33:83:ea:bc:41:b7:e3:f5:72:f2:2c:27:96:
         55:6e:b6:e1:9c:17:56:c5:2a:00:8d:e2:2f:12:da:74:53:ee:
         a4:9d:7f:65:ef:71:ee:52:8c:83:b0:0e:92:4d:60:b2:1b:81:
         37:d5:a2:65:1f:c3:19:1c:9b:6c:04:53:2b:14:86:53:90:4d:
         2a:78:52:a7:2e:97:31:fe:a6:d5:41:f3:f0:01:72:f7:82:2d:
         49:8d:98:b0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY3R6MKSSXKCFwCOlkGUpq61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU5ZDM4NjlhNDAxZGZhMTlmMDBmZDYwZmM1ZTk1NTlhNzY0MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG8aLfQF+RwBrTbAa/F8zX944apX
8nyPhTH14u8W3ZsODtsOeU2W3+7xBV1nxSPTRR80xhd9tEfmR8Z7QCtYCQzXY6aV
iNJmZz9nfnjYjgF4C7E06rSC4IHMInXm7TqIhhW5r6k35aPctJxXCLbrzeC9UBOM
49gfvsRdNeW9EMQ+uqrknnVqrGsdMYZBss3w+jr9rk0cLcRPsOnxLpSMJq+YzGdL
iRf8Rd3quYMVZrNf5a5xn4E2xTwpqRNFk+CNHBo60D7YAEg+2a36ouP67i5D8lmJ
5IZNgDEuK3BNr7qHTTJucYDH2lkBI3goUSf2Zt6rFicP9sG4SMyH6SfZgQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGHp04aaQB36GfAP1g/F6VWadkBbMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvWWVuVGhwcEFIZm9aOEFfV0Q4WHBWWnAyUUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjsyAwQA
BbeCAwQBLQsUAwQBLQ/sAwQBLVSwAwQALVrEAwQBLYcgAwQAXHfBAwQAXp6+AwQA
wTWoAwQBwTqoAwQAwiDtMA0GCSqGSIb3DQEBCwUAA4IBAQA63TXKmk+lGqPv4HBO
2O1PLyjxImS8Jtw9HCk4Icf39AFhvuv59wF4hmBOYTepyBxwY9+klq92LAmkm7jY
h4BP9Kwf0rTMX+rM1v021M3gzscArykADNnPMAD7d7cq/od3Pj9CwUBWqgLNZJ1i
jP4/KaYFn+yG/gOve/GYmZM1SMkc0+97zcBBhmnRycyLwkxreE0q7WB18vTmBkPV
EwzED7KsQoYzvjOD6rxBt+P1cvIsJ5ZVbrbhnBdWxSoAjeIvEtp0U+6knX9l73Hu
UoyDsA6STWCyG4E31aJlH8MZHJtsBFMrFIZTkE0qeFKnLpcx/qbVQfPwAXL3gi1J
jZiw
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:20 2024 by rpki-client on console-fra.rpki-client.org