Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/v-P00hCxPjeZLilp45ktkGiEltw.roa
File:                     v-P00hCxPjeZLilp45ktkGiEltw.roa (raw, json)
Hash identifier:          1MHyuLKDFlE6DDyQ6vjv/5YQlLy9070QzzjnPYOKYQ8=
Subject key identifier:   BF:E3:F4:D2:10:B1:3E:37:99:2E:29:69:E3:99:2D:90:68:84:96:DC
Certificate issuer:       /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial:       018F20937943DD6AEB9B7F5059CFC4674A46
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/v-P00hCxPjeZLilp45ktkGiEltw.roa
Signing time:             Sat 27 Apr 2024 17:21:26 +0000
ROA not before:           Sat 27 Apr 2024 17:21:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215158
IP address blocks:        2a12:3040::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:20:93:79:43:dd:6a:eb:9b:7f:50:59:cf:c4:67:4a:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
        Validity
            Not Before: Apr 27 17:21:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bfe3f4d210b13e37992e2969e3992d90688496dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0f:f9:57:26:05:1e:c2:21:d6:97:4d:15:ad:
                    d5:b9:1d:1d:0e:90:0c:df:2a:14:c6:51:0d:da:ee:
                    12:d4:b8:d8:b8:a1:4a:2b:52:7f:c9:12:f1:cf:a0:
                    ad:b8:e3:7f:cf:a8:cb:ad:4d:f4:18:39:ff:77:9e:
                    0f:5c:24:b4:a5:2d:ec:55:65:0e:b3:55:6a:aa:38:
                    05:5b:21:48:3a:dd:22:4f:a9:3e:c8:be:91:35:c3:
                    9a:9a:2e:b9:b7:f8:10:15:80:49:64:6f:9e:fd:c2:
                    e9:46:e6:e5:e3:6d:2b:50:2e:68:06:d0:9d:0a:33:
                    49:6b:f8:2e:c5:e8:11:8d:61:0e:9a:11:a0:0f:36:
                    68:58:b6:32:2b:7b:a0:13:09:b1:5a:8e:c1:c8:47:
                    88:b8:56:ca:e4:4b:df:cc:4a:73:aa:63:2a:7e:ef:
                    32:f2:26:08:09:7f:b4:32:c3:ac:74:ff:e5:ed:71:
                    0d:f3:85:9c:b8:c5:53:05:e0:a0:3c:0c:fb:aa:7c:
                    3f:8d:17:fd:38:f2:97:f4:e6:75:69:d9:a7:59:31:
                    9f:4f:73:c2:4b:5f:94:b4:42:3b:3d:90:20:8f:c7:
                    71:0c:bc:52:a2:f4:85:9e:1b:1a:91:43:2e:27:4b:
                    51:f0:c6:af:b8:10:90:92:f1:8f:22:92:1f:44:b0:
                    69:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E3:F4:D2:10:B1:3E:37:99:2E:29:69:E3:99:2D:90:68:84:96:DC
            X509v3 Authority Key Identifier:
                keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/v-P00hCxPjeZLilp45ktkGiEltw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:3040::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:e8:8c:8d:5e:e0:d1:db:de:2c:32:9e:56:ef:31:a5:54:db:
         12:ac:c2:8c:85:4d:01:f9:49:a7:4a:52:21:88:65:89:92:aa:
         8a:e7:94:0d:8f:12:03:b1:5d:65:8b:42:39:0f:1f:61:71:ce:
         9a:ae:2e:31:5d:fc:c9:27:e4:79:76:af:1d:ea:a9:a1:60:8c:
         b4:cb:57:5f:65:2c:8f:5d:18:04:98:3f:c0:79:3e:1d:2e:fe:
         71:cc:75:da:60:a5:7d:ff:69:03:2f:ed:c0:58:84:a9:18:ac:
         f2:7b:0d:1b:50:91:80:ba:bc:c2:65:d8:b3:d1:c3:30:14:fb:
         3c:9c:74:b7:64:49:d5:e9:cf:b4:a6:f4:a6:a9:e5:29:52:32:
         d3:a0:99:34:9f:47:cd:98:7f:3c:32:48:d8:de:38:b6:8d:d9:
         e1:2d:fb:00:25:5a:0e:de:21:89:69:81:18:21:14:7b:b0:cd:
         22:16:56:07:42:2b:ef:99:80:a4:97:cd:01:30:53:17:44:c4:
         8a:d4:29:cb:23:75:9b:20:36:11:a1:45:ab:f7:24:fb:e4:5e:
         6b:ec:b4:7f:36:98:62:79:2a:84:b3:18:6e:13:67:a9:60:28:
         2d:9e:93:fc:40:4a:92:28:ca:bb:c9:ec:1a:22:74:5d:dc:e8:
         32:2b:82:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8gk3lD3Wrrm39QWc/EZ0pGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNDI3MTcyMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUzZjRkMjEwYjEzZTM3OTkyZTI5NjllMzk5MmQ5MDY4ODQ5NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw/5VyYFHsIh1pdNFa3VuR0dDpAM
3yoUxlEN2u4S1LjYuKFKK1J/yRLxz6CtuON/z6jLrU30GDn/d54PXCS0pS3sVWUO
s1VqqjgFWyFIOt0iT6k+yL6RNcOami65t/gQFYBJZG+e/cLpRubl420rUC5oBtCd
CjNJa/guxegRjWEOmhGgDzZoWLYyK3ugEwmxWo7ByEeIuFbK5EvfzEpzqmMqfu8y
8iYICX+0MsOsdP/l7XEN84WcuMVTBeCgPAz7qnw/jRf9OPKX9OZ1admnWTGfT3PC
S1+UtEI7PZAgj8dxDLxSovSFnhsakUMuJ0tR8MavuBCQkvGPIpIfRLBpEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL/j9NIQsT43mS4paeOZLZBohJbcMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvdi1QMDBoQ3hQamVaTGlscDQ1a3RrR2lFbHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIwQDAN
BgkqhkiG9w0BAQsFAAOCAQEAg+iMjV7g0dveLDKeVu8xpVTbEqzCjIVNAflJp0pS
IYhliZKqiueUDY8SA7FdZYtCOQ8fYXHOmq4uMV38ySfkeXavHeqpoWCMtMtXX2Us
j10YBJg/wHk+HS7+ccx12mClff9pAy/twFiEqRis8nsNG1CRgLq8wmXYs9HDMBT7
PJx0t2RJ1enPtKb0pqnlKVIy06CZNJ9HzZh/PDJI2N44to3Z4S37ACVaDt4hiWmB
GCEUe7DNIhZWB0Ir75mApJfNATBTF0TEitQpyyN1myA2EaFFq/ck++Rea+y0fzaY
YnkqhLMYbhNnqWAoLZ6T/EBKkijKu8nsGiJ0XdzoMiuCHQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:51:28 2024 by rpki-client on console-fra.rpki-client.org