Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/W9uo4lxJu3XhOmx4C6aIUXcp_xU.roa
File:                     W9uo4lxJu3XhOmx4C6aIUXcp_xU.roa (raw, json)
Hash identifier:          ZT+ymqTJQIXlftz5qTL4/0R8/cTG2LwdNy0SKPVTDBI=
Subject key identifier:   5B:DB:A8:E2:5C:49:BB:75:E1:3A:6C:78:0B:A6:88:51:77:29:FF:15
Certificate issuer:       /CN=30a27580649a992e41e32cf8c12245e07ff9f9c5
Certificate serial:       018CC80162DEF7DE7B0F16E3AFB4E12325D0
Authority key identifier: 30:A2:75:80:64:9A:99:2E:41:E3:2C:F8:C1:22:45:E0:7F:F9:F9:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJ1gGSamS5B4yz4wSJF4H_5-cU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/W9uo4lxJu3XhOmx4C6aIUXcp_xU.roa
Signing time:             Tue 02 Jan 2024 02:29:43 +0000
ROA not before:           Tue 02 Jan 2024 02:29:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3303
IP address blocks:        193.247.58.0/24 maxlen: 24
                          193.247.60.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/MKJ1gGSamS5B4yz4wSJF4H_5-cU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/MKJ1gGSamS5B4yz4wSJF4H_5-cU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJ1gGSamS5B4yz4wSJF4H_5-cU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:62:de:f7:de:7b:0f:16:e3:af:b4:e1:23:25:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a27580649a992e41e32cf8c12245e07ff9f9c5
        Validity
            Not Before: Jan  2 02:29:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5bdba8e25c49bb75e13a6c780ba688517729ff15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e6:02:3d:08:01:3a:59:7c:ae:78:a0:72:bd:
                    f6:b2:46:f9:46:a6:ee:57:20:c4:3e:cb:96:52:3a:
                    f9:0a:47:f0:ce:84:fe:ce:e1:fd:11:a2:f6:28:c6:
                    56:e4:73:45:f9:a9:76:bc:46:d7:f8:22:d7:25:04:
                    fb:8d:28:22:56:f7:f2:7e:7f:91:1b:10:d9:28:d6:
                    2d:53:c4:7c:4b:82:24:95:f9:f8:39:6c:c8:51:d8:
                    22:09:dc:f6:31:94:1e:e4:ce:35:63:a8:38:d8:72:
                    59:80:9d:a3:37:7b:57:a8:58:3e:60:52:5c:8f:d2:
                    1b:67:0d:58:ab:6e:7c:83:c9:07:bd:89:3a:e2:d3:
                    4a:03:2a:0f:fc:f2:fc:6c:ce:43:5b:85:a2:93:a5:
                    38:e4:d3:aa:b1:23:af:74:c7:65:20:fc:88:66:ea:
                    2e:af:16:46:83:a5:de:28:29:48:20:fa:b0:57:07:
                    32:40:44:41:1f:66:ae:d1:96:0c:71:11:a9:0d:d4:
                    e0:c6:91:28:80:ee:dd:13:b0:01:f8:8a:20:db:1b:
                    5e:46:09:9e:d0:9e:62:c9:a5:0d:3d:86:0c:6f:11:
                    5c:d6:99:2b:c7:83:38:10:31:8e:f7:06:60:60:2b:
                    88:68:36:a4:c7:20:c9:62:04:40:48:8d:d2:c1:7e:
                    79:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DB:A8:E2:5C:49:BB:75:E1:3A:6C:78:0B:A6:88:51:77:29:FF:15
            X509v3 Authority Key Identifier:
                keyid:30:A2:75:80:64:9A:99:2E:41:E3:2C:F8:C1:22:45:E0:7F:F9:F9:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJ1gGSamS5B4yz4wSJF4H_5-cU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/W9uo4lxJu3XhOmx4C6aIUXcp_xU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/29b42b-566e-43e9-a2dc-f548699f947a/1/MKJ1gGSamS5B4yz4wSJF4H_5-cU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.247.58.0/24
                  193.247.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:a3:a5:18:1d:c0:11:27:79:2b:38:af:9c:74:52:7e:64:da:
         c7:90:28:f6:89:d0:40:2c:2f:c2:92:13:a7:a9:17:d7:6d:0e:
         cf:eb:f7:33:44:a2:31:fa:17:79:6c:5e:c1:c5:5b:09:8b:4e:
         ab:76:0a:89:3c:9a:4f:85:57:ae:7b:12:cf:3b:27:8e:63:ae:
         36:82:4d:5a:16:6f:46:b9:08:e8:a4:35:fe:9e:6f:b8:85:44:
         5c:64:05:3b:9c:f2:68:db:3a:57:72:c1:83:d9:2f:37:d4:6b:
         05:d7:18:fe:19:f5:72:0e:79:65:13:9c:83:98:5a:68:b3:fc:
         8b:13:24:fe:2b:1e:33:ad:ea:59:23:94:b2:09:61:5b:26:e0:
         c2:bc:6d:37:7a:b4:71:6b:f9:4b:e5:8b:3a:5f:e3:c8:a4:c8:
         5d:a2:a9:b3:41:9c:1b:56:64:28:d7:ec:c6:89:63:fd:74:22:
         fc:db:f1:b3:22:2f:8b:f8:f2:67:91:50:84:a9:2f:52:bd:d4:
         aa:e2:ab:07:90:77:7e:a7:d5:d5:ea:e7:02:79:d3:71:33:df:
         e0:96:01:2b:4b:b9:2c:14:83:e1:c1:54:28:61:72:7c:aa:1f:
         d6:f5:bf:3f:de:62:15:04:5a:7b:18:35:c7:44:b7:22:82:4e:
         9f:22:b1:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAWLe9957Dxbjr7ThIyXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI3NTgwNjQ5YTk5MmU0MWUzMmNmOGMxMjI0NWUwN2Zm
OWY5YzUwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmRiYThlMjVjNDliYjc1ZTEzYTZjNzgwYmE2ODg1MTc3MjlmZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+YCPQgBOll8rnigcr32skb5Rqbu
VyDEPsuWUjr5CkfwzoT+zuH9EaL2KMZW5HNF+al2vEbX+CLXJQT7jSgiVvfyfn+R
GxDZKNYtU8R8S4Iklfn4OWzIUdgiCdz2MZQe5M41Y6g42HJZgJ2jN3tXqFg+YFJc
j9IbZw1Yq258g8kHvYk64tNKAyoP/PL8bM5DW4Wik6U45NOqsSOvdMdlIPyIZuou
rxZGg6XeKClIIPqwVwcyQERBH2au0ZYMcRGpDdTgxpEogO7dE7AB+Iog2xteRgme
0J5iyaUNPYYMbxFc1pkrx4M4EDGO9wZgYCuIaDakxyDJYgRASI3SwX55QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFvbqOJcSbt14TpseAumiFF3Kf8VMB8GA1UdIwQY
MBaAFDCidYBkmpkuQeMs+MEiReB/+fnFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKMWdHU2FtUzVCNHl6NHdTSkY0SF81LWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yOWI0MmItNTY2ZS00M2U5LWEyZGMt
ZjU0ODY5OWY5NDdhLzEvVzl1bzRseEp1M1hoT214NEM2YUlVWGNwX3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yOWI0MmItNTY2ZS00M2U5LWEyZGMtZjU0ODY5OWY5NDdh
LzEvTUtKMWdHU2FtUzVCNHl6NHdTSkY0SF81LWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwfc6AwQB
wfc8MA0GCSqGSIb3DQEBCwUAA4IBAQCSo6UYHcARJ3krOK+cdFJ+ZNrHkCj2idBA
LC/CkhOnqRfXbQ7P6/czRKIx+hd5bF7BxVsJi06rdgqJPJpPhVeuexLPOyeOY642
gk1aFm9GuQjopDX+nm+4hURcZAU7nPJo2zpXcsGD2S831GsF1xj+GfVyDnllE5yD
mFpos/yLEyT+Kx4zrepZI5SyCWFbJuDCvG03erRxa/lL5Ys6X+PIpMhdoqmzQZwb
VmQo1+zGiWP9dCL82/GzIi+L+PJnkVCEqS9SvdSq4qsHkHd+p9XV6ucCedNxM9/g
lgErS7ksFIPhwVQoYXJ8qh/W9b8/3mIVBFp7GDXHRLcigk6fIrF9
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:13:32 2024 by rpki-client on console-fra.rpki-client.org