Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/Eyol6pyT_o04T_1noR2XEu-F_bw.roa
File:                     Eyol6pyT_o04T_1noR2XEu-F_bw.roa (raw, json)
Hash identifier:          mLB5PMgSdZodfrjjnOFfKd5+F+R3YQyjWixaPPiGNig=
Subject key identifier:   13:2A:25:EA:9C:93:FE:8D:38:4F:FD:67:A1:1D:97:12:EF:85:FD:BC
Certificate issuer:       /CN=7879eb9dd62d51afa5012efa1a9d10c66400c445
Certificate serial:       018CC26D4F48C7D89AA2E0AD90D4128E256C
Authority key identifier: 78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/Eyol6pyT_o04T_1noR2XEu-F_bw.roa
Signing time:             Mon 01 Jan 2024 00:29:52 +0000
ROA not before:           Mon 01 Jan 2024 00:29:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20546
IP address blocks:        91.198.250.0/24 maxlen: 24
                          195.10.208.0/24 maxlen: 24
                          91.223.20.0/24 maxlen: 24
                          80.241.56.0/21 maxlen: 24
                          80.241.60.0/24 maxlen: 24
                          185.97.172.0/22 maxlen: 24
                          2001:67c:2050::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 16:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:4f:48:c7:d8:9a:a2:e0:ad:90:d4:12:8e:25:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7879eb9dd62d51afa5012efa1a9d10c66400c445
        Validity
            Not Before: Jan  1 00:29:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=132a25ea9c93fe8d384ffd67a11d9712ef85fdbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1b:66:4b:80:b8:e7:23:8b:bd:fe:09:13:a8:
                    54:8c:c6:ec:fb:89:e3:cd:e8:b9:94:d6:5d:98:30:
                    58:d8:ec:7a:cf:21:17:24:a3:62:1d:4e:3f:84:85:
                    5d:d9:4b:5c:74:cb:2b:31:25:70:c8:00:34:98:9a:
                    83:b8:03:91:29:5e:20:54:d5:f1:46:04:f2:3d:67:
                    98:84:cf:38:0c:05:b2:b8:f4:53:a2:25:c3:86:55:
                    4f:6e:78:ca:d5:e2:5b:5d:91:9a:6a:ac:ca:91:be:
                    18:35:b8:5e:35:db:08:4e:df:f5:71:35:21:af:6e:
                    c9:4d:50:b7:f1:4e:8b:35:4b:49:b4:c7:46:0b:26:
                    4b:f5:b4:4e:b9:02:e5:f8:c7:5e:ec:9b:8e:f0:a4:
                    4f:40:94:08:87:96:f4:57:f4:54:06:97:56:99:b0:
                    d3:e4:86:65:e6:80:ef:4b:f9:6b:ea:9d:44:0d:10:
                    e9:76:a2:65:8a:51:64:49:de:c8:22:46:63:2a:d8:
                    de:95:a2:42:ff:46:5f:c9:f9:c3:5c:5c:af:a6:32:
                    fa:29:15:1e:ed:cd:8a:45:a8:62:7c:25:20:f5:73:
                    48:57:5a:75:64:eb:5d:59:8b:5e:53:51:91:b8:be:
                    d3:0c:b4:95:72:01:75:66:cf:b0:66:87:19:a6:90:
                    d8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:2A:25:EA:9C:93:FE:8D:38:4F:FD:67:A1:1D:97:12:EF:85:FD:BC
            X509v3 Authority Key Identifier:
                keyid:78:79:EB:9D:D6:2D:51:AF:A5:01:2E:FA:1A:9D:10:C6:64:00:C4:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHnrndYtUa-lAS76Gp0QxmQAxEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/Eyol6pyT_o04T_1noR2XEu-F_bw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2c58fa-06d5-4d39-8b5d-74acf82af596/1/eHnrndYtUa-lAS76Gp0QxmQAxEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.241.56.0/21
                  91.198.250.0/24
                  91.223.20.0/24
                  185.97.172.0/22
                  195.10.208.0/24
                IPv6:
                  2001:67c:2050::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:35:f7:3a:87:4e:0d:a2:ec:7b:f4:7a:7f:f1:72:3e:19:4f:
         2c:84:1f:13:ed:43:9a:66:69:d2:13:70:19:6b:da:4c:9b:4c:
         3c:66:5f:31:70:78:a5:a9:c2:68:6b:8b:e1:38:c5:8d:eb:34:
         cb:85:6c:bf:73:fd:bf:36:20:54:f1:de:20:68:b9:ee:be:f8:
         6b:45:ac:05:d7:94:d6:37:af:90:e7:c3:f1:29:35:2c:a5:e2:
         e8:df:70:e2:c0:32:84:f3:f9:af:8e:e4:3e:fc:bd:bf:2c:98:
         b3:b5:58:aa:f2:3c:c1:ff:33:57:81:41:51:25:fc:85:00:54:
         28:e5:78:4f:78:49:70:51:28:e5:b5:8b:56:76:cb:0d:a1:38:
         88:6b:51:36:ed:1c:12:9d:b9:f5:06:bc:d4:9a:9b:0d:3d:da:
         23:89:74:2d:a5:87:f5:07:c3:b9:c8:c3:6b:8a:8f:00:8c:ca:
         81:a3:42:c9:00:c5:06:44:86:04:2a:a3:1a:d0:44:5f:ab:fb:
         0b:ec:3d:2d:32:86:91:25:86:c7:8a:c1:08:53:68:46:a7:8e:
         88:a6:57:38:d9:40:ce:ec:92:fb:a7:6b:a8:0a:7b:6f:b4:c1:
         bd:16:30:ee:e8:63:f7:31:a6:4e:ae:63:29:f4:04:32:db:54:
         ba:b1:dd:f6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzCbU9Ix9iaouCtkNQSjiVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzllYjlkZDYyZDUxYWZhNTAxMmVmYTFhOWQxMGM2NjQw
MGM0NDUwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJhMjVlYTljOTNmZThkMzg0ZmZkNjdhMTFkOTcxMmVmODVmZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBtmS4C45yOLvf4JE6hUjMbs+4nj
zei5lNZdmDBY2Ox6zyEXJKNiHU4/hIVd2UtcdMsrMSVwyAA0mJqDuAORKV4gVNXx
RgTyPWeYhM84DAWyuPRToiXDhlVPbnjK1eJbXZGaaqzKkb4YNbheNdsITt/1cTUh
r27JTVC38U6LNUtJtMdGCyZL9bROuQLl+Mde7JuO8KRPQJQIh5b0V/RUBpdWmbDT
5IZl5oDvS/lr6p1EDRDpdqJlilFkSd7IIkZjKtjelaJC/0ZfyfnDXFyvpjL6KRUe
7c2KRahifCUg9XNIV1p1ZOtdWYteU1GRuL7TDLSVcgF1Zs+wZocZppDYUwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBMqJeqck/6NOE/9Z6EdlxLvhf28MB8GA1UdIwQY
MBaAFHh5653WLVGvpQEu+hqdEMZkAMRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhucm5kWXRVYS1sQVM3NkdwMFF4bVFBeEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yYzU4ZmEtMDZkNS00ZDM5LThiNWQt
NzRhY2Y4MmFmNTk2LzEvRXlvbDZweVRfbzA0VF8xbm9SMlhFdS1GX2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yYzU4ZmEtMDZkNS00ZDM5LThiNWQtNzRhY2Y4MmFmNTk2
LzEvZUhucm5kWXRVYS1sQVM3NkdwMFF4bVFBeEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQDUPE4AwQA
W8b6AwQAW98UAwQCuWGsAwQAwwrQMA8EAgACMAkDBwAgAQZ8IFAwDQYJKoZIhvcN
AQELBQADggEBADM19zqHTg2i7Hv0en/xcj4ZTyyEHxPtQ5pmadITcBlr2kybTDxm
XzFweKWpwmhri+E4xY3rNMuFbL9z/b82IFTx3iBoue6++GtFrAXXlNY3r5Dnw/Ep
NSyl4ujfcOLAMoTz+a+O5D78vb8smLO1WKryPMH/M1eBQVEl/IUAVCjleE94SXBR
KOW1i1Z2yw2hOIhrUTbtHBKdufUGvNSamw092iOJdC2lh/UHw7nIw2uKjwCMyoGj
QskAxQZEhgQqoxrQRF+r+wvsPS0yhpElhseKwQhTaEanjoimVzjZQM7skvuna6gK
e2+0wb0WMO7oY/cxpk6uYyn0BDLbVLqx3fY=
-----END CERTIFICATE-----
Generated at Sun Jun 16 21:48:28 2024 by rpki-client on console-fra.rpki-client.org