Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/93uXQCB9GY47D5FoOPdSV-uZSbc.roa
File:                     93uXQCB9GY47D5FoOPdSV-uZSbc.roa (raw, json)
Hash identifier:          Pj2Y94o0Ccg/8UNlZjXD+5kAhd74RydDmI2E1AHXXCM=
Subject key identifier:   F7:7B:97:40:20:7D:19:8E:3B:0F:91:68:38:F7:52:57:EB:99:49:B7
Certificate issuer:       /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial:       018F9AA12AA729EAAEA19F3CB0FADC5F0E03
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/93uXQCB9GY47D5FoOPdSV-uZSbc.roa
Signing time:             Tue 21 May 2024 10:10:04 +0000
ROA not before:           Tue 21 May 2024 10:10:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212165
IP address blocks:        5.42.90.0/24 maxlen: 24
                          5.42.91.0/24 maxlen: 24
                          5.42.93.0/24 maxlen: 24
                          5.42.96.0/24 maxlen: 24
                          2a13:5980::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 16:03:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9a:a1:2a:a7:29:ea:ae:a1:9f:3c:b0:fa:dc:5f:0e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
        Validity
            Not Before: May 21 10:10:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f77b9740207d198e3b0f916838f75257eb9949b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:3c:5d:7f:e6:f2:67:95:40:5a:cb:f6:92:f0:
                    3d:f7:48:f9:72:dc:0e:f1:9d:32:f3:81:e9:38:5f:
                    6f:91:93:ce:ca:8e:3e:cd:57:87:27:de:81:80:ab:
                    9b:52:5c:6c:66:a6:9c:3e:ea:ad:df:4f:50:21:0f:
                    38:45:8b:de:7e:bc:14:3e:fd:eb:b4:b9:c5:c6:dd:
                    bf:13:7b:c7:57:45:f3:13:70:1c:ab:6f:5f:e4:37:
                    c0:08:3c:d5:c3:f8:1f:30:75:f0:27:06:21:42:60:
                    67:e6:91:1b:5a:c1:98:4e:8a:3e:2b:b5:c5:74:aa:
                    ed:e8:fe:44:fa:62:2a:72:dc:4c:ed:75:42:9c:16:
                    69:ee:dd:3e:82:9f:e5:2a:25:6e:6f:c9:aa:5a:1c:
                    88:d8:1d:15:88:8e:ad:4a:f9:bd:e1:d3:01:b5:29:
                    df:c1:b3:f3:3a:14:a2:37:2d:6a:c1:c3:03:82:49:
                    30:0b:3a:d6:6c:da:6b:90:94:15:6b:99:a0:73:be:
                    00:2f:c9:59:22:c2:ef:08:59:af:4f:c5:87:1b:42:
                    d9:fa:1f:ba:ab:c4:b0:eb:8e:9f:04:be:cd:58:bb:
                    6e:0a:1d:09:62:84:67:bf:82:9a:ee:ec:6c:a2:e5:
                    1e:76:5a:22:6b:92:ae:9f:32:8e:94:4b:0b:72:82:
                    be:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:7B:97:40:20:7D:19:8E:3B:0F:91:68:38:F7:52:57:EB:99:49:B7
            X509v3 Authority Key Identifier:
                keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/93uXQCB9GY47D5FoOPdSV-uZSbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.90.0/23
                  5.42.93.0/24
                  5.42.96.0/24
                IPv6:
                  2a13:5980::/29

    Signature Algorithm: sha256WithRSAEncryption
         c5:b5:99:75:9d:c0:21:06:40:d5:d8:0b:00:c1:dd:f1:70:8f:
         db:b9:8b:af:b1:99:36:94:a7:3c:06:99:1b:89:f0:dd:3b:6a:
         1a:3c:02:ed:52:ef:cd:35:33:e3:4f:c4:ff:7e:2e:69:15:3e:
         73:84:b1:f8:91:e8:f1:0b:4e:9c:1d:a7:ec:44:31:cc:c3:f3:
         10:b9:39:e5:5e:2c:2b:39:2c:ec:77:8a:df:0f:3b:6b:6b:33:
         ca:c4:32:7f:a2:91:12:cf:5b:64:27:84:55:02:49:12:89:59:
         40:bf:92:da:f9:08:f0:39:77:3c:c0:b3:12:4b:46:a3:c8:7d:
         32:0d:75:fc:72:40:22:66:c0:5d:e6:93:77:18:f5:c3:98:c4:
         58:fa:36:5b:97:25:7e:ec:d3:76:24:35:12:9b:91:a8:71:e3:
         89:f1:f8:1b:9a:5f:78:c7:c6:fd:00:33:dd:9d:bd:92:7c:59:
         df:21:da:07:f8:a0:07:5d:05:07:94:e6:06:36:a1:cb:e3:4b:
         bf:5e:12:1f:88:1b:20:e6:03:59:e0:f9:17:9b:80:f5:6a:ba:
         3c:be:a2:62:b2:7b:e5:8c:38:ab:ef:e1:26:af:7a:2f:c1:a1:
         9d:8a:2b:bd:1b:1f:cd:bb:45:5b:53:d3:d6:f8:dc:01:75:99:
         db:3d:d4:74
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY+aoSqnKequoZ88sPrcXw4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjQwNTIxMTAxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzdiOTc0MDIwN2QxOThlM2IwZjkxNjgzOGY3NTI1N2ViOTk0OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjxdf+byZ5VAWsv2kvA990j5ctwO
8Z0y84HpOF9vkZPOyo4+zVeHJ96BgKubUlxsZqacPuqt309QIQ84RYvefrwUPv3r
tLnFxt2/E3vHV0XzE3Acq29f5DfACDzVw/gfMHXwJwYhQmBn5pEbWsGYToo+K7XF
dKrt6P5E+mIqctxM7XVCnBZp7t0+gp/lKiVub8mqWhyI2B0ViI6tSvm94dMBtSnf
wbPzOhSiNy1qwcMDgkkwCzrWbNprkJQVa5mgc74AL8lZIsLvCFmvT8WHG0LZ+h+6
q8Sw646fBL7NWLtuCh0JYoRnv4Ka7uxsouUedloia5KunzKOlEsLcoK+TQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPd7l0AgfRmOOw+RaDj3UlfrmUm3MB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvOTN1WFFDQjlHWTQ3RDVGb09QZFNWLXVaU2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBBSpaAwQA
BSpdAwQABSpgMA0EAgACMAcDBQMqE1mAMA0GCSqGSIb3DQEBCwUAA4IBAQDFtZl1
ncAhBkDV2AsAwd3xcI/buYuvsZk2lKc8BpkbifDdO2oaPALtUu/NNTPjT8T/fi5p
FT5zhLH4kejxC06cHafsRDHMw/MQuTnlXiwrOSzsd4rfDztrazPKxDJ/opESz1tk
J4RVAkkSiVlAv5La+QjwOXc8wLMSS0ajyH0yDXX8ckAiZsBd5pN3GPXDmMRY+jZb
lyV+7NN2JDUSm5GoceOJ8fgbml94x8b9ADPdnb2SfFnfIdoH+KAHXQUHlOYGNqHL
40u/XhIfiBsg5gNZ4PkXm4D1aro8vqJisnvljDir7+Emr3ovwaGdiiu9Gx/Nu0Vb
U9PW+NwBdZnbPdR0
-----END CERTIFICATE-----
Generated at Sun Jun 16 21:45:52 2024 by rpki-client on console-fra.rpki-client.org