Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/50VzbXaRNOCG8jG0JEJ2X3iKfOM.roa
File:                     50VzbXaRNOCG8jG0JEJ2X3iKfOM.roa (raw, json)
Hash identifier:          aKRprDcnYisVkLgmM91HfJTR8f1uOekS7p+rTMVMOZc=
Subject key identifier:   E7:45:73:6D:76:91:34:E0:86:F2:31:B4:24:42:76:5F:78:8A:7C:E3
Certificate issuer:       /CN=15286f0225c141d95857fe74646949e75dd96f28
Certificate serial:       018CC26D2F5CB8189FE87AC3343B430F3F8C
Authority key identifier: 15:28:6F:02:25:C1:41:D9:58:57:FE:74:64:69:49:E7:5D:D9:6F:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FShvAiXBQdlYV_50ZGlJ513Zbyg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/50VzbXaRNOCG8jG0JEJ2X3iKfOM.roa
Signing time:             Mon 01 Jan 2024 00:29:44 +0000
ROA not before:           Mon 01 Jan 2024 00:29:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35753
IP address blocks:        193.8.250.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/FShvAiXBQdlYV_50ZGlJ513Zbyg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/FShvAiXBQdlYV_50ZGlJ513Zbyg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FShvAiXBQdlYV_50ZGlJ513Zbyg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:2f:5c:b8:18:9f:e8:7a:c3:34:3b:43:0f:3f:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15286f0225c141d95857fe74646949e75dd96f28
        Validity
            Not Before: Jan  1 00:29:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e745736d769134e086f231b42442765f788a7ce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:30:68:c2:f7:38:25:73:6a:04:3d:8c:b6:75:
                    5a:e9:20:77:99:12:18:4a:75:05:fa:db:4b:f7:e5:
                    cf:f7:61:ca:0d:4e:2b:12:ec:46:b9:4a:ca:e0:b0:
                    4c:85:7c:c3:1c:71:2d:24:06:94:4c:b0:7c:00:eb:
                    25:62:77:4d:1f:20:d9:30:f6:dc:f6:62:db:55:e4:
                    96:a3:56:d0:e4:58:ce:98:57:6e:fa:32:45:94:0f:
                    15:44:0c:7c:ac:33:5d:69:57:7f:6a:af:25:47:dd:
                    f2:dc:40:c4:f8:2e:40:7e:ef:ed:b1:51:d2:19:f7:
                    95:ca:74:9e:b2:2a:a6:3f:ef:2b:4d:af:7b:ef:84:
                    75:f0:73:70:78:05:13:70:1d:ef:59:6c:5b:da:50:
                    43:d9:c2:9b:44:44:e4:23:22:07:eb:26:54:a8:4d:
                    94:2d:9a:4d:d5:3e:7f:e4:b8:4d:b1:c4:10:38:1a:
                    35:4e:54:9f:6d:f1:89:71:27:c3:61:43:b3:5f:46:
                    64:6f:8b:ac:06:d0:e5:cc:d2:49:f8:2d:31:bf:f3:
                    32:3b:96:4a:22:eb:42:4e:c7:d6:5d:43:46:11:fb:
                    e7:ad:d6:80:ed:ac:3f:bf:8d:10:b0:51:a6:23:d4:
                    03:a7:5c:bf:71:0c:99:71:73:99:b8:ed:0b:0c:e1:
                    77:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:45:73:6D:76:91:34:E0:86:F2:31:B4:24:42:76:5F:78:8A:7C:E3
            X509v3 Authority Key Identifier:
                keyid:15:28:6F:02:25:C1:41:D9:58:57:FE:74:64:69:49:E7:5D:D9:6F:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FShvAiXBQdlYV_50ZGlJ513Zbyg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/50VzbXaRNOCG8jG0JEJ2X3iKfOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/63440c-3d43-458f-879e-021f50932156/1/FShvAiXBQdlYV_50ZGlJ513Zbyg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:08:41:1e:1c:ce:3c:ad:4f:7c:e6:77:7a:a8:96:08:f9:4b:
         7e:98:b3:e4:e3:8c:ca:fd:fe:1f:8f:ce:1d:ec:46:33:f3:de:
         1c:ca:86:64:d4:15:48:1a:a9:d7:8a:51:60:09:4d:60:aa:4f:
         db:23:85:8b:bc:8b:a7:4f:80:4e:7a:62:c4:b4:35:54:4e:68:
         52:63:26:ab:f0:9c:46:d3:45:38:5c:ae:31:99:78:26:bd:0d:
         05:ef:52:26:33:88:93:c2:23:03:c2:d1:aa:35:c9:c0:c5:34:
         7b:0a:62:aa:b4:93:a5:9e:37:dc:6b:fc:ce:ba:1e:89:7a:bb:
         29:ff:b1:7d:4d:bd:f4:f5:48:00:14:b5:97:5a:89:c6:80:0f:
         ea:2e:b0:d0:c5:fc:09:0e:56:d0:c7:8e:9e:b2:79:ee:c3:6b:
         23:04:86:5f:43:d6:5f:76:35:f1:67:83:12:1b:bf:7c:1a:93:
         80:a9:2f:0f:2f:e9:2c:73:7e:72:4b:f7:6b:21:a1:2e:c9:3d:
         17:63:75:7c:ac:f9:95:0d:2a:0d:88:8c:80:54:af:db:34:d6:
         2b:81:3a:2c:df:bc:96:6d:0d:c8:e4:12:10:32:5c:29:b9:10:
         a2:82:60:f8:3c:b5:c0:20:26:3e:cd:af:80:68:bb:78:d4:70:
         53:a9:7b:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbS9cuBif6HrDNDtDDz+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Mjg2ZjAyMjVjMTQxZDk1ODU3ZmU3NDY0Njk0OWU3NWRk
OTZmMjgwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ1NzM2ZDc2OTEzNGUwODZmMjMxYjQyNDQyNzY1Zjc4OGE3Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzBowvc4JXNqBD2MtnVa6SB3mRIY
SnUF+ttL9+XP92HKDU4rEuxGuUrK4LBMhXzDHHEtJAaUTLB8AOslYndNHyDZMPbc
9mLbVeSWo1bQ5FjOmFdu+jJFlA8VRAx8rDNdaVd/aq8lR93y3EDE+C5Afu/tsVHS
GfeVynSesiqmP+8rTa9774R18HNweAUTcB3vWWxb2lBD2cKbRETkIyIH6yZUqE2U
LZpN1T5/5LhNscQQOBo1TlSfbfGJcSfDYUOzX0Zkb4usBtDlzNJJ+C0xv/MyO5ZK
IutCTsfWXUNGEfvnrdaA7aw/v40QsFGmI9QDp1y/cQyZcXOZuO0LDOF3+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOdFc212kTTghvIxtCRCdl94inzjMB8GA1UdIwQY
MBaAFBUobwIlwUHZWFf+dGRpSedd2W8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNodkFpWEJRZGxZVl81MFpHbEo1MTNaYnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni82MzQ0MGMtM2Q0My00NThmLTg3OWUt
MDIxZjUwOTMyMTU2LzEvNTBWemJYYVJOT0NHOGpHMEpFSjJYM2lLZk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni82MzQ0MGMtM2Q0My00NThmLTg3OWUtMDIxZjUwOTMyMTU2
LzEvRlNodkFpWEJRZGxZVl81MFpHbEo1MTNaYnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQj6MA0G
CSqGSIb3DQEBCwUAA4IBAQBvCEEeHM48rU985nd6qJYI+Ut+mLPk44zK/f4fj84d
7EYz894cyoZk1BVIGqnXilFgCU1gqk/bI4WLvIunT4BOemLEtDVUTmhSYyar8JxG
00U4XK4xmXgmvQ0F71ImM4iTwiMDwtGqNcnAxTR7CmKqtJOlnjfca/zOuh6Jersp
/7F9Tb309UgAFLWXWonGgA/qLrDQxfwJDlbQx46esnnuw2sjBIZfQ9ZfdjXxZ4MS
G798GpOAqS8PL+ksc35yS/drIaEuyT0XY3V8rPmVDSoNiIyAVK/bNNYrgTos37yW
bQ3I5BIQMlwpuRCigmD4PLXAICY+za+AaLt41HBTqXvY
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:08:08 2024 by rpki-client on console-fra.rpki-client.org