Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/_PmvG2jNxsEtPs6VLQIMRqsu75g.roa
File:                     _PmvG2jNxsEtPs6VLQIMRqsu75g.roa (raw, json)
Hash identifier:          FHVu241Hm5l6kDZUeKWahF30mXNK/QQdlyhklCVWSF4=
Subject key identifier:   FC:F9:AF:1B:68:CD:C6:C1:2D:3E:CE:95:2D:02:0C:46:AB:2E:EF:98
Certificate issuer:       /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial:       018FA1850DBA0A78DCADAF7AB1FFF763CE46
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/_PmvG2jNxsEtPs6VLQIMRqsu75g.roa
Signing time:             Wed 22 May 2024 18:16:42 +0000
ROA not before:           Wed 22 May 2024 18:16:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60203
IP address blocks:        5.45.160.0/21 maxlen: 21
                          5.45.160.0/24 maxlen: 24
                          5.45.165.0/24 maxlen: 24
                          5.45.166.0/24 maxlen: 24
                          5.45.168.0/21 maxlen: 21
                          5.45.168.0/22 maxlen: 22
                          5.45.169.0/24 maxlen: 24
                          5.45.172.0/24 maxlen: 24
                          5.45.174.0/23 maxlen: 23
                          5.61.200.0/23 maxlen: 23
                          171.22.8.0/24 maxlen: 24
                          171.22.9.0/24 maxlen: 24
                          171.22.10.0/24 maxlen: 24
                          171.22.11.0/24 maxlen: 24
                          185.43.72.0/24 maxlen: 24
                          185.43.73.0/24 maxlen: 24
                          185.43.74.0/23 maxlen: 23
                          185.62.20.0/24 maxlen: 24
                          185.62.21.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a1:85:0d:ba:0a:78:dc:ad:af:7a:b1:ff:f7:63:ce:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
        Validity
            Not Before: May 22 18:16:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fcf9af1b68cdc6c12d3ece952d020c46ab2eef98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:35:db:2e:49:ba:34:23:c4:13:35:ca:28:6d:
                    63:4f:46:d6:92:41:92:32:c8:53:89:76:4b:fb:f9:
                    a3:6f:18:30:33:0c:ac:80:52:33:65:e4:9e:83:5e:
                    17:0b:49:b5:9c:73:77:28:00:0f:31:6c:98:ec:85:
                    49:f4:62:18:41:0a:f0:91:c7:e2:de:e6:91:88:64:
                    1e:5a:c5:b9:93:38:54:51:c7:7f:b7:1d:c9:0f:52:
                    8b:bd:be:96:1d:97:d0:53:db:1f:3f:f6:6c:30:3f:
                    2d:1b:2b:4d:98:3f:96:9f:fd:a6:aa:6d:14:f2:bb:
                    fb:03:63:bb:05:ca:ff:e5:ae:fe:cc:a6:99:ab:ed:
                    60:75:7a:46:22:54:85:db:0a:0a:a1:85:53:e4:84:
                    51:aa:70:7a:96:a6:52:19:52:14:e2:e2:a6:24:0b:
                    d7:e6:1b:fd:3e:72:cf:82:22:f2:70:2d:9e:7e:a0:
                    8d:94:d6:ac:0a:f8:32:17:f5:1f:b5:6e:98:75:71:
                    cc:e1:7e:ea:34:f4:c7:40:e4:de:c4:82:db:28:84:
                    b6:ae:79:9c:18:68:48:ad:47:01:1c:b7:a6:e4:ac:
                    3e:43:58:42:cd:33:4a:ad:3c:6d:da:e0:cc:e2:10:
                    4a:b4:3f:0e:db:2a:f1:c8:12:dc:cb:85:70:7b:3e:
                    11:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:F9:AF:1B:68:CD:C6:C1:2D:3E:CE:95:2D:02:0C:46:AB:2E:EF:98
            X509v3 Authority Key Identifier:
                keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/_PmvG2jNxsEtPs6VLQIMRqsu75g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.45.160.0/20
                  5.61.200.0/23
                  171.22.8.0/22
                  185.43.72.0/22
                  185.62.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:ae:69:11:c7:da:bb:2a:f4:42:60:91:ce:0f:60:68:e5:6a:
         03:bf:b6:84:cd:44:1d:78:fc:88:8a:f1:79:fa:c2:71:c6:3b:
         23:40:3a:b8:2b:37:6f:1c:81:e8:23:65:91:67:73:f2:59:e5:
         2e:38:7f:b2:10:c9:c4:f2:bb:c3:9a:6b:b6:cb:60:41:6d:ce:
         44:77:19:55:41:05:56:2b:83:f1:34:58:cc:67:dc:9e:ec:ec:
         36:46:34:72:b5:69:93:27:4a:7a:b4:8c:f4:a6:d8:45:72:7f:
         1b:f9:88:c6:b0:70:04:48:0c:06:8d:21:62:d9:5e:ef:9d:8e:
         08:76:e9:3f:ab:f3:44:0e:f1:da:6b:11:de:f0:78:2d:36:e8:
         11:46:5b:79:8a:98:65:01:33:7a:07:b8:24:ee:cf:81:0e:d2:
         14:7b:30:d5:27:64:c2:55:bd:f3:21:52:6c:9f:09:ea:f0:83:
         36:ad:2f:ce:5f:2c:92:a9:d0:82:2c:8d:d5:f2:ae:71:94:b7:
         d6:3a:b2:a1:cd:2d:8b:64:bc:3b:92:bc:f7:73:5e:c8:fa:7c:
         11:7d:99:93:fa:23:b1:df:4f:7d:c2:34:48:f4:a5:57:bb:8a:
         7f:19:cc:44:88:01:bb:ce:c8:06:ad:f3:f0:40:f8:3e:72:d0:
         c4:6a:39:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+hhQ26Cnjcra96sf/3Y85GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjQwNTIyMTgxNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y5YWYxYjY4Y2RjNmMxMmQzZWNlOTUyZDAyMGM0NmFiMmVlZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TXbLkm6NCPEEzXKKG1jT0bWkkGS
MshTiXZL+/mjbxgwMwysgFIzZeSeg14XC0m1nHN3KAAPMWyY7IVJ9GIYQQrwkcfi
3uaRiGQeWsW5kzhUUcd/tx3JD1KLvb6WHZfQU9sfP/ZsMD8tGytNmD+Wn/2mqm0U
8rv7A2O7Bcr/5a7+zKaZq+1gdXpGIlSF2woKoYVT5IRRqnB6lqZSGVIU4uKmJAvX
5hv9PnLPgiLycC2efqCNlNasCvgyF/UftW6YdXHM4X7qNPTHQOTexILbKIS2rnmc
GGhIrUcBHLem5Kw+Q1hCzTNKrTxt2uDM4hBKtD8O2yrxyBLcy4Vwez4R+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPz5rxtozcbBLT7OlS0CDEarLu+YMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvX1Btdkcyak54c0V0UHM2VkxRSU1ScXN1NzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBS2gAwQB
BT3IAwQCqxYIAwQCuStIAwQBuT4UMA0GCSqGSIb3DQEBCwUAA4IBAQBIrmkRx9q7
KvRCYJHOD2Bo5WoDv7aEzUQdePyIivF5+sJxxjsjQDq4KzdvHIHoI2WRZ3PyWeUu
OH+yEMnE8rvDmmu2y2BBbc5EdxlVQQVWK4PxNFjMZ9ye7Ow2RjRytWmTJ0p6tIz0
pthFcn8b+YjGsHAESAwGjSFi2V7vnY4Iduk/q/NEDvHaaxHe8HgtNugRRlt5iphl
ATN6B7gk7s+BDtIUezDVJ2TCVb3zIVJsnwnq8IM2rS/OXyySqdCCLI3V8q5xlLfW
OrKhzS2LZLw7krz3c17I+nwRfZmT+iOx3099wjRI9KVXu4p/GcxEiAG7zsgGrfPw
QPg+ctDEajlQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:02:33 2024 by rpki-client on console-ams.rpki-client.org