Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bhy7LEIIVI8SHDRk1o8D1JxrHTE.roa
File:                     bhy7LEIIVI8SHDRk1o8D1JxrHTE.roa (raw, json)
Hash identifier:          sfvpNXt/X8ZAOxOaofULsdgg3r5+8h4Pljx9NlDVGAA=
Subject key identifier:   6E:1C:BB:2C:42:08:54:8F:12:1C:34:64:D6:8F:03:D4:9C:6B:1D:31
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       018CC64B936D3A031153D311A59F75D2B6C3
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bhy7LEIIVI8SHDRk1o8D1JxrHTE.roa
Signing time:             Mon 01 Jan 2024 18:31:30 +0000
ROA not before:           Mon 01 Jan 2024 18:31:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203050
IP address blocks:        85.202.58.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:93:6d:3a:03:11:53:d3:11:a5:9f:75:d2:b6:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 18:31:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6e1cbb2c4208548f121c3464d68f03d49c6b1d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e9:83:11:f3:19:55:28:39:2c:d7:62:b6:15:
                    42:54:41:85:ba:e8:d7:c2:6d:3c:93:75:85:aa:58:
                    27:df:a2:53:46:d8:9e:f2:c1:86:4b:72:5a:d7:8b:
                    18:8a:ab:9a:13:3b:c3:0e:0d:c0:d3:48:d6:a5:65:
                    06:d7:0c:69:3f:a2:ce:cb:b9:90:ee:2c:0f:c4:5b:
                    48:43:1f:db:ec:3a:37:49:cb:20:a9:4f:4f:eb:31:
                    9e:41:7f:85:3a:ff:13:a0:cd:a1:e0:1c:62:a4:6e:
                    6f:87:50:30:16:a7:8a:ab:1c:53:bd:41:fc:1b:17:
                    1a:d7:64:76:fe:c9:4f:c0:f9:13:f3:13:89:59:17:
                    9f:49:00:27:6f:33:3d:ae:8a:4f:ec:5c:48:d2:a2:
                    40:ec:21:21:80:f2:60:66:ea:e6:63:35:cb:8c:96:
                    7b:ba:88:91:28:eb:20:0f:60:fd:70:c8:5a:20:67:
                    57:49:41:27:90:24:ba:70:b7:18:5e:20:e7:0e:91:
                    ef:8f:b7:17:82:4f:03:a4:4b:75:86:de:e9:fc:32:
                    67:24:ef:42:90:06:cd:61:ff:ab:9f:1b:b7:30:e1:
                    7f:1d:7f:6b:75:c2:d0:d1:3d:16:e5:23:f4:21:a1:
                    b2:d1:57:4f:29:3c:59:37:22:4c:a2:b6:4e:40:cd:
                    c4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:1C:BB:2C:42:08:54:8F:12:1C:34:64:D6:8F:03:D4:9C:6B:1D:31
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/bhy7LEIIVI8SHDRk1o8D1JxrHTE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:17:1e:79:77:b0:ac:c9:86:b8:91:f3:45:f7:51:d3:c1:f5:
         34:9a:3c:ed:69:0f:3d:8c:41:7f:85:0a:ab:09:0b:0c:d8:db:
         a2:97:64:8e:30:7c:c1:ff:68:c2:95:d6:45:8c:91:ea:fe:4c:
         ed:e1:29:fc:39:6c:21:3e:c8:0c:85:8d:f7:67:4b:b5:58:b2:
         2d:84:23:db:30:a3:f0:63:54:53:ef:db:31:b0:84:d5:de:34:
         1c:2e:73:9d:8f:90:d2:9c:03:bf:d5:58:ab:67:76:8a:51:f4:
         47:0b:41:23:26:3f:8e:4a:01:dd:61:e5:2c:8a:03:fa:35:77:
         a7:b9:54:5b:79:da:90:d6:f0:fc:75:a0:f3:60:cd:26:a1:bf:
         db:2a:50:c2:a4:16:f1:8b:9e:31:0e:42:f4:91:86:fc:05:b3:
         a3:13:2d:09:1d:df:ff:99:b7:dd:d6:29:cf:54:2c:dd:a0:dd:
         73:d4:a8:11:49:a7:21:f7:27:e6:09:ad:a1:97:98:d4:47:07:
         32:aa:b4:e7:39:f8:6f:59:32:17:d8:fb:37:a8:81:c4:36:83:
         ae:57:44:b8:5d:cc:2a:ec:f0:27:6d:d5:eb:58:a1:7f:61:df:
         ca:a4:0e:63:3f:f4:37:8d:09:89:57:ef:23:29:d1:99:69:c5:
         06:ff:a0:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS5NtOgMRU9MRpZ910rbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFjYmIyYzQyMDg1NDhmMTIxYzM0NjRkNjhmMDNkNDljNmIxZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6umDEfMZVSg5LNdithVCVEGFuujX
wm08k3WFqlgn36JTRtie8sGGS3Ja14sYiquaEzvDDg3A00jWpWUG1wxpP6LOy7mQ
7iwPxFtIQx/b7Do3ScsgqU9P6zGeQX+FOv8ToM2h4BxipG5vh1AwFqeKqxxTvUH8
Gxca12R2/slPwPkT8xOJWRefSQAnbzM9ropP7FxI0qJA7CEhgPJgZurmYzXLjJZ7
uoiRKOsgD2D9cMhaIGdXSUEnkCS6cLcYXiDnDpHvj7cXgk8DpEt1ht7p/DJnJO9C
kAbNYf+rnxu3MOF/HX9rdcLQ0T0W5SP0IaGy0VdPKTxZNyJMorZOQM3EFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4cuyxCCFSPEhw0ZNaPA9Scax0xMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvYmh5N0xFSUlWSThTSERSazFvOEQxSnhySFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVco6MA0G
CSqGSIb3DQEBCwUAA4IBAQBjFx55d7CsyYa4kfNF91HTwfU0mjztaQ89jEF/hQqr
CQsM2Nuil2SOMHzB/2jCldZFjJHq/kzt4Sn8OWwhPsgMhY33Z0u1WLIthCPbMKPw
Y1RT79sxsITV3jQcLnOdj5DSnAO/1VirZ3aKUfRHC0EjJj+OSgHdYeUsigP6NXen
uVRbedqQ1vD8daDzYM0mob/bKlDCpBbxi54xDkL0kYb8BbOjEy0JHd//mbfd1inP
VCzdoN1z1KgRSach9yfmCa2hl5jURwcyqrTnOfhvWTIX2Ps3qIHENoOuV0S4Xcwq
7PAnbdXrWKF/Yd/KpA5jP/Q3jQmJV+8jKdGZacUG/6Ck
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:07 2024 by rpki-client on console-ams.rpki-client.org