Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3jE7pU4kR_hCjyL9-lTRMPwzTso.roa
File:                     3jE7pU4kR_hCjyL9-lTRMPwzTso.roa (raw, json)
Hash identifier:          lmy65vdvglWc75y8p0ktBm1dxEeIMLdYJ54OESfJcIs=
Subject key identifier:   DE:31:3B:A5:4E:24:47:F8:42:8F:22:FD:FA:54:D1:30:FC:33:4E:CA
Certificate issuer:       /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Certificate serial:       018CC4936C55DBCA8EAA57E9488ADE490FAB
Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3jE7pU4kR_hCjyL9-lTRMPwzTso.roa
Signing time:             Mon 01 Jan 2024 10:30:45 +0000
ROA not before:           Mon 01 Jan 2024 10:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201600
IP address blocks:        93.159.115.0/24 maxlen: 24
                          46.227.220.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:6c:55:db:ca:8e:aa:57:e9:48:8a:de:49:0f:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
        Validity
            Not Before: Jan  1 10:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=de313ba54e2447f8428f22fdfa54d130fc334eca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:36:9e:03:e9:d1:6f:09:64:dc:2d:66:2a:9d:
                    0a:9e:f9:6b:1c:1e:4c:0b:dd:62:47:77:c7:75:cf:
                    6e:55:46:4d:4b:47:e0:8c:e8:d3:9a:8b:b0:7e:e5:
                    35:bf:6a:a2:4c:da:87:0c:ac:72:1a:66:97:a2:2f:
                    79:26:3a:ea:90:d6:d4:7a:1c:97:d0:a3:d0:48:e5:
                    a3:eb:af:17:00:ed:34:27:60:c6:29:4b:50:81:26:
                    31:5e:7b:40:df:8f:ca:b1:95:ad:f3:96:4b:09:3f:
                    4f:5f:4f:64:e2:73:f2:07:af:26:e4:02:4e:f2:23:
                    87:c6:e6:a2:45:7c:84:be:eb:85:89:17:9e:b2:8a:
                    16:f1:24:32:70:e4:09:03:a0:ee:41:bb:ee:1b:ee:
                    c0:52:68:d5:2d:30:63:9e:90:4b:b5:94:80:25:d2:
                    a5:a4:6d:d9:e9:df:c1:a5:95:d7:02:12:af:fb:89:
                    37:c3:27:ff:ee:50:09:be:63:d7:56:ba:f4:7a:69:
                    ad:99:0a:21:00:31:68:34:fb:c7:87:23:f0:c0:21:
                    d4:65:b9:5a:7a:f6:84:fa:5f:e1:d1:0f:34:b8:64:
                    62:12:74:7e:17:97:d5:a2:f1:b4:65:e8:2c:2a:24:
                    93:90:9b:98:2e:b9:ee:7c:8f:e1:33:12:f6:0b:1a:
                    6a:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:31:3B:A5:4E:24:47:F8:42:8F:22:FD:FA:54:D1:30:FC:33:4E:CA
            X509v3 Authority Key Identifier:
                keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3jE7pU4kR_hCjyL9-lTRMPwzTso.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.227.220.0/24
                  93.159.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:ba:bc:a6:ed:9d:4b:95:b8:43:18:d6:4a:f3:8e:1c:af:b9:
         0c:a2:ca:22:73:a9:cb:d8:71:a9:3f:a3:af:59:17:0d:9b:bc:
         16:b7:7e:86:bc:54:0f:dd:ba:8d:47:56:fd:5c:fa:7b:a7:d8:
         1a:f8:6b:36:14:1a:30:ca:74:d8:f3:57:bf:af:1c:91:26:6c:
         6b:b3:84:cf:90:4c:62:28:3b:de:8b:1c:b1:78:7a:1f:33:f9:
         c3:ef:58:21:66:b3:01:96:de:f3:34:2f:d3:c6:e6:3c:2a:07:
         2b:5a:f6:b8:a6:35:43:54:27:9a:91:5f:a0:42:e5:f7:2d:54:
         9e:06:8e:44:ac:ac:ff:c2:33:63:71:e7:19:a6:c8:71:c9:0a:
         05:22:8b:b3:a8:42:5b:a3:46:3f:94:09:7d:a2:da:6e:a6:73:
         e0:01:15:ec:71:f8:50:d0:f0:8a:e8:a3:f5:aa:00:ef:c5:08:
         5c:da:99:4f:8a:70:51:1b:ab:f9:6d:46:79:44:34:45:4d:38:
         ae:1a:01:e9:9b:4b:01:49:4a:fc:c9:05:fd:9c:b2:01:a1:7f:
         db:54:a6:10:8d:2b:64:85:03:ef:3f:37:25:72:6a:89:d3:14:
         0c:b3:a0:32:c4:14:ff:53:0c:cb:a7:9f:9f:2e:b3:3f:b4:06:
         35:0f:eb:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk2xV28qOqlfpSIreSQ+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOTZhZTI3NzAyNjVhZjMyZTdkNGJlODZiYWIwN2EwN2My
ZDMzNTMwHhcNMjQwMTAxMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMxM2JhNTRlMjQ0N2Y4NDI4ZjIyZmRmYTU0ZDEzMGZjMzM0ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTaeA+nRbwlk3C1mKp0KnvlrHB5M
C91iR3fHdc9uVUZNS0fgjOjTmouwfuU1v2qiTNqHDKxyGmaXoi95JjrqkNbUehyX
0KPQSOWj668XAO00J2DGKUtQgSYxXntA34/KsZWt85ZLCT9PX09k4nPyB68m5AJO
8iOHxuaiRXyEvuuFiReesooW8SQycOQJA6DuQbvuG+7AUmjVLTBjnpBLtZSAJdKl
pG3Z6d/BpZXXAhKv+4k3wyf/7lAJvmPXVrr0emmtmQohADFoNPvHhyPwwCHUZbla
evaE+l/h0Q80uGRiEnR+F5fVovG0ZegsKiSTkJuYLrnufI/hMxL2CxpqPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4xO6VOJEf4Qo8i/fpU0TD8M07KMB8GA1UdIwQY
MBaAFJ+WridwJlrzLn1L6GurB6B8LTNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUt
ZTY0Yzg4NWY2MmNlLzEvM2pFN3BVNGtSX2hDanlMOS1sVFJNUHd6VHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUtZTY0Yzg4NWY2MmNl
LzEvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALuPcAwQA
XZ9zMA0GCSqGSIb3DQEBCwUAA4IBAQCpurym7Z1LlbhDGNZK844cr7kMosoic6nL
2HGpP6OvWRcNm7wWt36GvFQP3bqNR1b9XPp7p9ga+Gs2FBowynTY81e/rxyRJmxr
s4TPkExiKDveixyxeHofM/nD71ghZrMBlt7zNC/TxuY8KgcrWva4pjVDVCeakV+g
QuX3LVSeBo5ErKz/wjNjcecZpshxyQoFIouzqEJbo0Y/lAl9otpupnPgARXscfhQ
0PCK6KP1qgDvxQhc2plPinBRG6v5bUZ5RDRFTTiuGgHpm0sBSUr8yQX9nLIBoX/b
VKYQjStkhQPvPzclcmqJ0xQMs6AyxBT/UwzLp5+fLrM/tAY1D+sW
-----END CERTIFICATE-----
Generated at Sun Jun 16 07:56:32 2024 by rpki-client on console-ams.rpki-client.org