Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/fYQIDCUBz09YHjLTgp6LdjN-ifY.roa
File:                     fYQIDCUBz09YHjLTgp6LdjN-ifY.roa (raw, json)
Hash identifier:          wQtcHmGRboS5aL7AO502CV5u+D9L9EYQsY3HCKJrRlE=
Subject key identifier:   7D:84:08:0C:25:01:CF:4F:58:1E:32:D3:82:9E:8B:76:33:7E:89:F6
Certificate issuer:       /CN=7373c1ff55403d4792346493f769f8d033bef02c
Certificate serial:       018CC7950C73B7BF5202F56F8B5469A240B5
Authority key identifier: 73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/fYQIDCUBz09YHjLTgp6LdjN-ifY.roa
Signing time:             Tue 02 Jan 2024 00:31:23 +0000
ROA not before:           Tue 02 Jan 2024 00:31:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2856
IP address blocks:        213.230.244.0/23 maxlen: 23
                          213.230.246.0/23 maxlen: 23
                          213.230.242.0/23 maxlen: 23
                          213.230.251.0/24 maxlen: 24
                          213.230.252.0/23 maxlen: 23
                          213.230.248.0/24 maxlen: 24
                          213.230.214.0/24 maxlen: 24
                          213.230.225.0/24 maxlen: 24
                          213.230.224.0/24 maxlen: 24
                          213.230.226.0/23 maxlen: 23
                          213.230.230.0/23 maxlen: 23
                          213.230.232.0/24 maxlen: 24
                          213.230.233.0/24 maxlen: 24
                          213.230.228.0/23 maxlen: 23
                          213.230.238.0/23 maxlen: 23
                          213.230.234.0/23 maxlen: 23
                          213.230.240.0/23 maxlen: 23
                          213.230.236.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:0c:73:b7:bf:52:02:f5:6f:8b:54:69:a2:40:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7373c1ff55403d4792346493f769f8d033bef02c
        Validity
            Not Before: Jan  2 00:31:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d84080c2501cf4f581e32d3829e8b76337e89f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d0:66:7d:05:27:21:08:a6:56:0f:2f:dd:22:
                    23:80:91:04:93:b9:4b:42:4b:a0:fb:4e:6f:d1:95:
                    f1:c6:fa:18:94:ad:64:03:95:50:61:ee:81:84:7c:
                    8d:38:be:a3:f5:74:16:fd:dc:92:01:7e:0c:8d:85:
                    1e:ba:6d:38:65:86:88:12:dc:9e:b0:fb:90:a5:f3:
                    a8:c9:6c:8b:59:2e:18:b0:d1:f2:d3:21:d2:ad:f3:
                    ee:e4:85:08:55:25:cf:f5:e8:53:45:ca:10:6a:af:
                    11:55:2b:c2:96:be:eb:1e:00:7b:4c:ed:86:65:c7:
                    a5:df:4a:bd:41:1b:cf:56:25:5c:32:96:19:40:c6:
                    b5:b4:4f:a8:83:3b:12:8c:51:37:31:80:3c:cf:5c:
                    48:1d:4a:68:7f:c0:78:33:19:63:a5:e9:49:a3:6c:
                    8c:48:4c:cf:df:61:19:8e:25:a9:bb:23:a8:d4:50:
                    d6:52:de:44:d2:6e:e2:00:ad:b9:68:52:85:2a:09:
                    3a:f6:53:4d:bf:53:8a:9b:b4:54:c5:79:f1:cd:75:
                    5f:55:77:44:07:e5:e5:ec:64:d9:c8:b2:ca:4a:b1:
                    09:7a:8a:68:72:56:18:1d:ee:ae:0f:16:ab:85:c2:
                    68:4d:38:67:8d:8a:b5:8c:66:d9:77:7a:4c:ce:09:
                    8e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:84:08:0C:25:01:CF:4F:58:1E:32:D3:82:9E:8B:76:33:7E:89:F6
            X509v3 Authority Key Identifier:
                keyid:73:73:C1:FF:55:40:3D:47:92:34:64:93:F7:69:F8:D0:33:BE:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3PB_1VAPUeSNGST92n40DO-8Cw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/fYQIDCUBz09YHjLTgp6LdjN-ifY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/1aff10-dd29-439f-8d23-bc9a5f6605fc/1/c3PB_1VAPUeSNGST92n40DO-8Cw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.230.214.0/24
                  213.230.224.0-213.230.248.255
                  213.230.251.0-213.230.253.255

    Signature Algorithm: sha256WithRSAEncryption
         46:4f:d5:61:1c:e2:9f:b6:c6:85:e9:39:13:80:f6:0b:83:87:
         92:cb:1c:f0:16:6a:99:69:91:b2:cd:b2:8a:46:40:c2:e3:91:
         71:5e:b8:da:ab:51:a0:0b:3e:d1:84:43:c3:3b:1a:18:7d:75:
         08:a8:25:59:b7:96:f5:c2:28:f8:0f:86:42:5a:c8:43:23:52:
         e1:49:e9:02:a9:cb:fd:bb:b3:c0:47:24:82:ca:8c:f6:54:2b:
         e7:1d:df:e3:5c:93:22:d8:c1:4b:05:d4:d5:37:3b:1d:b5:89:
         c4:cd:b9:34:a2:13:15:52:5d:84:42:90:eb:f7:ee:95:d8:f8:
         86:99:7b:bb:0d:6c:80:04:36:6a:ad:36:90:12:3c:ae:35:2c:
         7c:eb:19:fb:ae:bf:78:ca:dd:1a:9c:38:85:90:11:e2:56:02:
         5a:ac:f6:7e:fd:13:3e:2c:f6:8d:d2:74:20:24:8c:47:45:7b:
         39:bd:ef:b7:b7:32:ad:46:88:64:cf:1c:1b:41:b8:fb:56:3a:
         8f:e2:2d:de:5d:44:28:77:de:23:95:f6:64:bf:f5:40:a5:da:
         c8:cf:4f:33:74:eb:cf:57:00:cc:39:2d:34:2a:dc:b6:14:9c:
         ce:7b:c7:5c:24:95:48:a2:c3:12:c9:d5:d9:07:bd:b7:f4:e3:
         1b:48:ae:3f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlQxzt79SAvVvi1RpokC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNzNjMWZmNTU0MDNkNDc5MjM0NjQ5M2Y3NjlmOGQwMzNi
ZWYwMmMwHhcNMjQwMTAyMDAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg0MDgwYzI1MDFjZjRmNTgxZTMyZDM4MjllOGI3NjMzN2U4OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNBmfQUnIQimVg8v3SIjgJEEk7lL
Qkug+05v0ZXxxvoYlK1kA5VQYe6BhHyNOL6j9XQW/dySAX4MjYUeum04ZYaIEtye
sPuQpfOoyWyLWS4YsNHy0yHSrfPu5IUIVSXP9ehTRcoQaq8RVSvClr7rHgB7TO2G
Zcel30q9QRvPViVcMpYZQMa1tE+ogzsSjFE3MYA8z1xIHUpof8B4MxljpelJo2yM
SEzP32EZjiWpuyOo1FDWUt5E0m7iAK25aFKFKgk69lNNv1OKm7RUxXnxzXVfVXdE
B+Xl7GTZyLLKSrEJeopoclYYHe6uDxarhcJoTThnjYq1jGbZd3pMzgmOpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH2ECAwlAc9PWB4y04Kei3Yzfon2MB8GA1UdIwQY
MBaAFHNzwf9VQD1HkjRkk/dp+NAzvvAsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMt
YmM5YTVmNjYwNWZjLzEvZllRSURDVUJ6MDlZSGpMVGdwNkxkak4taWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xYWZmMTAtZGQyOS00MzlmLThkMjMtYmM5YTVmNjYwNWZj
LzEvYzNQQl8xVkFQVWVTTkdTVDkybjQwRE8tOEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQA1ebWMAwD
BAXV5uADBADV5vgwDAMEANXm+wMEAdXm/DANBgkqhkiG9w0BAQsFAAOCAQEARk/V
YRzin7bGhek5E4D2C4OHkssc8BZqmWmRss2yikZAwuORcV642qtRoAs+0YRDwzsa
GH11CKglWbeW9cIo+A+GQlrIQyNS4UnpAqnL/buzwEckgsqM9lQr5x3f41yTItjB
SwXU1Tc7HbWJxM25NKITFVJdhEKQ6/fuldj4hpl7uw1sgAQ2aq02kBI8rjUsfOsZ
+66/eMrdGpw4hZAR4lYCWqz2fv0TPiz2jdJ0ICSMR0V7Ob3vt7cyrUaIZM8cG0G4
+1Y6j+It3l1EKHfeI5X2ZL/1QKXayM9PM3Trz1cAzDktNCrcthScznvHXCSVSKLD
EsnV2Qe9t/TjG0iuPw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:32 2024 by rpki-client on console-fra.rpki-client.org