Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/4dgSSv2K398PndRREXz3sGv8nJY.roa
File:                     4dgSSv2K398PndRREXz3sGv8nJY.roa (raw, json)
Hash identifier:          86Gbfr/WVa/7PT2W1JrKIG4LfxuLjJDfBh2inSgPWSo=
Subject key identifier:   E1:D8:12:4A:FD:8A:DF:DF:0F:9D:D4:51:11:7C:F7:B0:6B:FC:9C:96
Certificate issuer:       /CN=03d8024188491a319c5276721f940efae7fc21af
Certificate serial:       018CC87142A6AEE54A0BA33BE452E98DF71B
Authority key identifier: 03:D8:02:41:88:49:1A:31:9C:52:76:72:1F:94:0E:FA:E7:FC:21:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/4dgSSv2K398PndRREXz3sGv8nJY.roa
Signing time:             Tue 02 Jan 2024 04:31:54 +0000
ROA not before:           Tue 02 Jan 2024 04:31:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206574
IP address blocks:        185.105.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Nov 2024 04:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:42:a6:ae:e5:4a:0b:a3:3b:e4:52:e9:8d:f7:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03d8024188491a319c5276721f940efae7fc21af
        Validity
            Not Before: Jan  2 04:31:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1d8124afd8adfdf0f9dd451117cf7b06bfc9c96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2c:91:d7:b1:6d:78:d6:5e:d0:af:ba:a9:18:
                    74:42:c0:be:bf:eb:37:03:41:07:65:0f:24:73:b1:
                    26:a5:d1:4d:cc:03:9d:c7:75:56:15:a8:e0:80:de:
                    4e:8c:8d:d7:4c:84:71:ec:35:bf:ea:bf:90:44:17:
                    47:6f:16:fc:ed:6e:25:28:b3:5d:bb:5b:7e:ca:1e:
                    fd:e6:ad:b3:a8:c4:74:c8:25:eb:6d:ed:6e:74:98:
                    f6:5a:f3:b0:72:3c:23:54:1b:6d:bc:a5:de:a4:9d:
                    af:6e:c7:a2:b7:78:76:b3:6e:25:7b:5e:ff:6b:45:
                    0a:fd:b1:f8:f5:c0:42:14:4a:d5:fe:61:4b:26:cf:
                    61:0f:3b:aa:e8:d3:9c:13:68:69:8a:61:12:59:0a:
                    cd:12:59:94:e3:2f:12:72:c2:f0:9f:0d:32:4a:78:
                    d5:31:a5:0c:ef:dc:7e:03:40:d9:d4:2f:93:94:6d:
                    32:2f:6c:fc:af:65:1a:6e:a3:b5:20:7d:75:41:f8:
                    50:1f:05:f1:cd:c3:6f:cc:be:cd:64:57:43:41:2d:
                    aa:7e:38:fa:8f:10:e7:25:3c:76:6f:03:c3:0f:f3:
                    eb:43:4d:95:46:06:fa:10:30:05:13:29:3c:55:a6:
                    c6:cf:98:09:b8:ba:1f:12:f9:a6:77:ee:83:20:00:
                    c5:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:D8:12:4A:FD:8A:DF:DF:0F:9D:D4:51:11:7C:F7:B0:6B:FC:9C:96
            X509v3 Authority Key Identifier:
                keyid:03:D8:02:41:88:49:1A:31:9C:52:76:72:1F:94:0E:FA:E7:FC:21:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/4dgSSv2K398PndRREXz3sGv8nJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2097dd-c396-48f6-be87-7bbac8cc2783/1/A9gCQYhJGjGcUnZyH5QO-uf8Ia8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.105.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:69:db:7b:42:bc:19:8c:83:68:00:89:59:9c:dd:e7:4b:4f:
         2f:04:b5:8c:44:7c:7d:70:d6:c5:33:b5:b1:71:c1:3e:34:57:
         11:0d:85:f7:c9:47:0f:cd:6b:c1:ce:68:b2:05:3f:4b:04:ea:
         d3:f4:a1:e6:fb:c6:59:28:3b:c0:f5:ba:2c:6f:b1:18:07:47:
         ec:12:ef:c7:56:6e:39:3f:2f:a8:2d:8a:ad:d2:cc:83:7a:b8:
         24:1b:a8:01:95:8a:66:89:bb:74:89:68:88:cf:e4:96:d9:b7:
         d6:34:57:0a:06:d0:2e:59:97:5c:ab:0e:ff:36:8c:8b:83:3e:
         ec:f2:04:0f:50:03:25:79:46:43:97:eb:db:eb:7f:b2:84:3b:
         e3:27:30:66:80:43:bc:b8:2b:be:03:a7:ce:2d:f7:ba:31:5a:
         aa:71:f5:73:b5:a9:35:58:c5:27:01:97:2c:50:34:6e:ce:43:
         97:87:b1:b1:0d:c1:20:35:64:76:86:1c:81:3d:43:5b:24:cd:
         44:31:22:7b:8a:21:3a:5c:bf:cc:bf:6a:25:cb:4b:eb:e0:e6:
         45:64:a0:e8:d7:d5:45:f4:e4:94:be:be:27:9b:89:80:92:f7:
         0f:b2:1f:dd:91:ba:81:65:8b:df:ee:8d:7c:10:1e:35:aa:5e:
         94:a2:da:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcUKmruVKC6M75FLpjfcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZDgwMjQxODg0OTFhMzE5YzUyNzY3MjFmOTQwZWZhZTdm
YzIxYWYwHhcNMjQwMTAyMDQzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ4MTI0YWZkOGFkZmRmMGY5ZGQ0NTExMTdjZjdiMDZiZmM5Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCyR17FteNZe0K+6qRh0QsC+v+s3
A0EHZQ8kc7EmpdFNzAOdx3VWFajggN5OjI3XTIRx7DW/6r+QRBdHbxb87W4lKLNd
u1t+yh795q2zqMR0yCXrbe1udJj2WvOwcjwjVBttvKXepJ2vbseit3h2s24le17/
a0UK/bH49cBCFErV/mFLJs9hDzuq6NOcE2hpimESWQrNElmU4y8ScsLwnw0ySnjV
MaUM79x+A0DZ1C+TlG0yL2z8r2UabqO1IH11QfhQHwXxzcNvzL7NZFdDQS2qfjj6
jxDnJTx2bwPDD/PrQ02VRgb6EDAFEyk8VabGz5gJuLofEvmmd+6DIADFhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHYEkr9it/fD53UURF897Br/JyWMB8GA1UdIwQY
MBaAFAPYAkGISRoxnFJ2ch+UDvrn/CGvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTlnQ1FZaEpHakdjVW5aeUg1UU8tdWY4SWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMDk3ZGQtYzM5Ni00OGY2LWJlODct
N2JiYWM4Y2MyNzgzLzEvNGRnU1N2MkszOThQbmRSUkVYejNzR3Y4bkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMDk3ZGQtYzM5Ni00OGY2LWJlODctN2JiYWM4Y2MyNzgz
LzEvQTlnQ1FZaEpHakdjVW5aeUg1UU8tdWY4SWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWm3MA0G
CSqGSIb3DQEBCwUAA4IBAQAmadt7QrwZjINoAIlZnN3nS08vBLWMRHx9cNbFM7Wx
ccE+NFcRDYX3yUcPzWvBzmiyBT9LBOrT9KHm+8ZZKDvA9bosb7EYB0fsEu/HVm45
Py+oLYqt0syDergkG6gBlYpmibt0iWiIz+SW2bfWNFcKBtAuWZdcqw7/NoyLgz7s
8gQPUAMleUZDl+vb63+yhDvjJzBmgEO8uCu+A6fOLfe6MVqqcfVztak1WMUnAZcs
UDRuzkOXh7GxDcEgNWR2hhyBPUNbJM1EMSJ7iiE6XL/Mv2oly0vr4OZFZKDo19VF
9OSUvr4nm4mAkvcPsh/dkbqBZYvf7o18EB41ql6UotrH
-----END CERTIFICATE-----
Generated at Wed Nov 27 11:42:18 2024 by rpki-client on console-ams.rpki-client.org