Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpfGORLvriOl4hAClyE4_fXLoYs.roa
File:                     mpfGORLvriOl4hAClyE4_fXLoYs.roa (raw, json)
Hash identifier:          gHFdT9s2EtDDd7M1AwAmijh0IFoYJ7B2vAIa1nWyfeU=
Subject key identifier:   9A:97:C6:39:12:EF:AE:23:A5:E2:10:02:97:21:38:FD:F5:CB:A1:8B
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018F81E1BA76B843613D72D6A54E58AA8967
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpfGORLvriOl4hAClyE4_fXLoYs.roa
Signing time:             Thu 16 May 2024 14:50:05 +0000
ROA not before:           Thu 16 May 2024 14:50:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214883
IP address blocks:        92.119.160.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:81:e1:ba:76:b8:43:61:3d:72:d6:a5:4e:58:aa:89:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: May 16 14:50:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a97c63912efae23a5e21002972138fdf5cba18b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:10:7e:3d:4b:0d:c3:08:8c:64:8d:5f:d2:1e:
                    3f:93:0f:20:ac:de:00:8b:23:87:84:8a:f3:bc:69:
                    48:65:32:2b:17:64:a1:d1:0b:b4:76:7e:49:11:c2:
                    2a:0d:0a:38:ac:ea:c1:10:b2:ca:6d:e4:57:e6:30:
                    1c:b7:ce:a0:f2:52:70:04:93:35:83:55:f1:bc:0c:
                    66:78:37:2c:26:62:34:58:f4:2b:6e:f2:e7:2a:12:
                    a9:d5:6f:db:d6:2f:d6:77:cd:7b:ad:46:d8:75:d8:
                    61:ff:11:e8:8b:5e:a6:fb:28:11:f2:1e:83:fb:c1:
                    eb:64:0b:ce:da:cd:d4:80:ac:d7:05:a9:26:6d:58:
                    24:92:45:1d:53:15:73:56:76:73:18:32:11:ff:ad:
                    89:e6:8a:aa:e0:8d:e0:e2:6e:bb:18:57:ab:9d:17:
                    64:08:4b:52:01:76:22:59:97:dd:0c:fc:3c:a8:47:
                    23:aa:8e:77:e7:09:38:73:40:d5:16:ee:27:c7:ff:
                    d4:ea:3a:c5:ef:b8:de:e4:e3:36:c6:a7:30:c2:3e:
                    78:85:31:71:b5:6b:ca:67:e4:bd:ee:5b:8b:61:ef:
                    59:d9:b1:ab:9c:d7:00:39:97:7e:22:1d:43:92:c3:
                    32:f5:1e:ce:f7:1b:2d:0b:b4:e2:37:ea:6d:e6:84:
                    82:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:97:C6:39:12:EF:AE:23:A5:E2:10:02:97:21:38:FD:F5:CB:A1:8B
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpfGORLvriOl4hAClyE4_fXLoYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:65:cb:b7:95:a3:bb:80:93:39:7f:be:9a:3e:d6:13:b5:17:
         21:45:5f:ac:bf:a3:ca:02:a0:f1:02:2a:0b:aa:07:aa:9d:b2:
         75:14:d0:60:38:cc:9c:d3:fe:f5:bb:87:7c:e5:b9:24:2d:83:
         06:1b:d5:0e:4a:33:b4:bb:46:c1:df:f7:cf:e5:d3:c0:b7:6b:
         7a:55:fa:30:3f:c2:ac:62:ac:dd:2f:4a:04:ce:96:3f:7d:36:
         16:f1:af:16:16:9d:97:a9:f2:15:0f:fd:53:a9:bc:08:5b:d2:
         13:fb:98:c7:57:fb:9d:d6:20:88:ab:34:36:c2:11:73:f3:6c:
         4f:63:6a:f2:52:4d:3d:75:3b:d8:3e:38:2f:e9:65:8c:36:76:
         9d:a2:44:ee:38:1d:36:18:19:35:09:d1:86:6b:a0:3b:7c:f8:
         84:7a:e9:af:38:b8:e9:ec:89:c4:e0:c2:26:45:ab:49:c4:be:
         1b:c5:62:5c:80:10:b5:d7:5a:7b:b0:65:b8:e6:53:c4:66:9b:
         b2:03:c5:86:4d:6f:3f:ff:05:60:ae:a6:fc:bd:95:59:a9:ce:
         2e:6c:d0:8d:b2:76:3c:2a:60:16:87:2d:0c:3e:f5:83:85:30:
         80:f0:43:35:a3:5a:e3:19:13:0d:fa:f0:0a:77:75:af:ec:c1:
         41:4a:8d:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+B4bp2uENhPXLWpU5YqolnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTE2MTQ1MDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk3YzYzOTEyZWZhZTIzYTVlMjEwMDI5NzIxMzhmZGY1Y2JhMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxB+PUsNwwiMZI1f0h4/kw8grN4A
iyOHhIrzvGlIZTIrF2Sh0Qu0dn5JEcIqDQo4rOrBELLKbeRX5jAct86g8lJwBJM1
g1XxvAxmeDcsJmI0WPQrbvLnKhKp1W/b1i/Wd817rUbYddhh/xHoi16m+ygR8h6D
+8HrZAvO2s3UgKzXBakmbVgkkkUdUxVzVnZzGDIR/62J5oqq4I3g4m67GFernRdk
CEtSAXYiWZfdDPw8qEcjqo535wk4c0DVFu4nx//U6jrF77je5OM2xqcwwj54hTFx
tWvKZ+S97luLYe9Z2bGrnNcAOZd+Ih1DksMy9R7O9xstC7TiN+pt5oSCWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqXxjkS764jpeIQApchOP31y6GLMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbXBmR09STHZyaU9sNGhBQ2x5RTRfZlhMb1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHegMA0G
CSqGSIb3DQEBCwUAA4IBAQByZcu3laO7gJM5f76aPtYTtRchRV+sv6PKAqDxAioL
qgeqnbJ1FNBgOMyc0/71u4d85bkkLYMGG9UOSjO0u0bB3/fP5dPAt2t6VfowP8Ks
YqzdL0oEzpY/fTYW8a8WFp2XqfIVD/1TqbwIW9IT+5jHV/ud1iCIqzQ2whFz82xP
Y2ryUk09dTvYPjgv6WWMNnadokTuOB02GBk1CdGGa6A7fPiEeumvOLjp7InE4MIm
RatJxL4bxWJcgBC111p7sGW45lPEZpuyA8WGTW8//wVgrqb8vZVZqc4ubNCNsnY8
KmAWhy0MPvWDhTCA8EM1o1rjGRMN+vAKd3Wv7MFBSo0W
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:21 2024 by rpki-client on console-ams.rpki-client.org