Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/GBVdK9K3Xt7C_LG7I-eJrp0nWsI.roa
File:                     GBVdK9K3Xt7C_LG7I-eJrp0nWsI.roa (raw, json)
Hash identifier:          CoDPeIzSSUYXZAjpCPdVmmzdPg1ACQgh6KsuccunGkk=
Subject key identifier:   18:15:5D:2B:D2:B7:5E:DE:C2:FC:B1:BB:23:E7:89:AE:9D:27:5A:C2
Certificate issuer:       /CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
Certificate serial:       018CC94DED5ADB4E9D30966E0AE045063186
Authority key identifier: DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/GBVdK9K3Xt7C_LG7I-eJrp0nWsI.roa
Signing time:             Tue 02 Jan 2024 08:32:56 +0000
ROA not before:           Tue 02 Jan 2024 08:32:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50331
IP address blocks:        178.217.192.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/2jQhazvZIbbGYYeoyGpKS7DuUj8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/2jQhazvZIbbGYYeoyGpKS7DuUj8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:ed:5a:db:4e:9d:30:96:6e:0a:e0:45:06:31:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da34216b3bd921b6c66187a8c86a4a4bb0ee523f
        Validity
            Not Before: Jan  2 08:32:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=18155d2bd2b75edec2fcb1bb23e789ae9d275ac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:45:89:ad:51:01:29:b4:a2:fe:de:0d:4d:98:
                    f2:b1:0b:27:23:d2:47:55:06:3a:a6:50:5e:a9:26:
                    0c:2b:30:56:2b:54:dc:05:91:c7:1b:f1:b3:07:c8:
                    8b:5f:26:6d:52:fd:54:4b:6b:7d:95:1d:c3:20:dd:
                    ef:ea:96:09:b2:09:b2:07:73:36:5c:8c:9a:ba:54:
                    3b:11:bb:b0:6f:4d:16:28:12:a0:a2:08:33:9a:7e:
                    7a:7a:03:b3:06:19:45:47:75:09:1c:28:74:7d:75:
                    56:f4:b0:cc:a3:48:3b:92:11:3e:02:74:c1:c5:c8:
                    a8:18:95:9f:57:b8:4d:de:76:c9:8a:e1:d8:2b:ed:
                    eb:8b:82:b2:72:a2:9c:23:09:69:6d:75:0b:68:41:
                    19:17:4a:86:9e:0b:84:4a:99:18:9b:8f:03:8d:91:
                    4f:c0:e2:8f:2e:a6:ef:c9:6b:9b:83:07:ad:1a:ec:
                    3a:a7:8f:ba:69:2d:15:c4:55:e3:5b:77:25:d9:47:
                    67:b9:9c:87:f8:4d:cd:06:36:68:cd:b0:4d:36:16:
                    aa:06:81:fc:05:95:34:16:65:68:c6:be:49:9c:3e:
                    b0:78:f3:47:bc:1d:3d:ad:be:78:a5:e9:2a:d0:95:
                    fd:83:35:82:42:07:9f:2b:52:81:6f:6d:ec:49:60:
                    f1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:15:5D:2B:D2:B7:5E:DE:C2:FC:B1:BB:23:E7:89:AE:9D:27:5A:C2
            X509v3 Authority Key Identifier:
                keyid:DA:34:21:6B:3B:D9:21:B6:C6:61:87:A8:C8:6A:4A:4B:B0:EE:52:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jQhazvZIbbGYYeoyGpKS7DuUj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/GBVdK9K3Xt7C_LG7I-eJrp0nWsI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/71ee7c-3c04-4a9c-9df7-0bf5905b35ef/1/2jQhazvZIbbGYYeoyGpKS7DuUj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.217.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0e:58:c5:45:0a:d9:e8:1e:63:12:d0:07:24:b7:87:f4:31:85:
         ea:6d:08:c3:a1:76:8e:a0:ef:ad:8d:f3:ae:a3:98:82:10:bf:
         02:d3:c2:d8:30:27:bc:10:6e:88:05:68:25:22:2c:6b:56:38:
         d5:97:cf:6d:94:7a:8f:f1:df:76:a4:03:3f:93:4c:1e:ce:19:
         bf:e2:dd:b0:ad:ed:55:d2:b4:b4:e4:19:a1:92:c6:b8:11:60:
         fc:e2:9e:a9:f0:03:16:02:7e:19:b6:e6:6e:f7:ec:88:64:4d:
         7a:eb:4f:3d:7d:c9:0e:00:2b:48:74:c4:9e:c6:ec:1e:86:38:
         10:e0:4f:8b:d5:93:33:13:52:9d:4f:95:36:fb:5e:03:f2:7e:
         88:cc:4f:2f:1a:7e:da:12:09:ae:66:32:2f:db:de:04:94:4d:
         1d:ac:c2:77:b4:c5:66:e6:7e:3a:57:14:4d:53:3f:49:8f:b9:
         33:42:7d:36:66:e0:96:51:a8:ea:53:d8:6f:c2:fb:26:d2:a0:
         29:14:84:63:bb:b8:fb:65:0b:85:37:38:2f:51:4b:aa:8a:30:
         87:b6:30:8f:1f:7b:b9:52:83:da:2c:3e:06:1b:a1:f2:74:54:
         98:e7:6e:28:09:26:f2:d3:f9:d8:e5:89:16:f2:07:d1:ee:10:
         6a:40:d8:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTe1a206dMJZuCuBFBjGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMzQyMTZiM2JkOTIxYjZjNjYxODdhOGM4NmE0YTRiYjBl
ZTUyM2YwHhcNMjQwMTAyMDgzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODE1NWQyYmQyYjc1ZWRlYzJmY2IxYmIyM2U3ODlhZTlkMjc1YWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEWJrVEBKbSi/t4NTZjysQsnI9JH
VQY6plBeqSYMKzBWK1TcBZHHG/GzB8iLXyZtUv1US2t9lR3DIN3v6pYJsgmyB3M2
XIyaulQ7Ebuwb00WKBKgoggzmn56egOzBhlFR3UJHCh0fXVW9LDMo0g7khE+AnTB
xcioGJWfV7hN3nbJiuHYK+3ri4KycqKcIwlpbXULaEEZF0qGnguESpkYm48DjZFP
wOKPLqbvyWubgwetGuw6p4+6aS0VxFXjW3cl2UdnuZyH+E3NBjZozbBNNhaqBoH8
BZU0FmVoxr5JnD6wePNHvB09rb54pekq0JX9gzWCQgefK1KBb23sSWDxawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgVXSvSt17ewvyxuyPnia6dJ1rCMB8GA1UdIwQY
MBaAFNo0IWs72SG2xmGHqMhqSkuw7lI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmpRaGF6dlpJYmJHWVllb3lHcEtTN0R1VWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MWVlN2MtM2MwNC00YTljLTlkZjct
MGJmNTkwNWIzNWVmLzEvR0JWZEs5SzNYdDdDX0xHN0ktZUpycDBuV3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MWVlN2MtM2MwNC00YTljLTlkZjctMGJmNTkwNWIzNWVm
LzEvMmpRaGF6dlpJYmJHWVllb3lHcEtTN0R1VWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstnAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOWMVFCtnoHmMS0Ackt4f0MYXqbQjDoXaOoO+tjfOu
o5iCEL8C08LYMCe8EG6IBWglIixrVjjVl89tlHqP8d92pAM/k0wezhm/4t2wre1V
0rS05Bmhksa4EWD84p6p8AMWAn4ZtuZu9+yIZE166089fckOACtIdMSexuwehjgQ
4E+L1ZMzE1KdT5U2+14D8n6IzE8vGn7aEgmuZjIv294ElE0drMJ3tMVm5n46VxRN
Uz9Jj7kzQn02ZuCWUajqU9hvwvsm0qApFIRju7j7ZQuFNzgvUUuqijCHtjCPH3u5
UoPaLD4GG6HydFSY524oCSby0/nY5YkW8gfR7hBqQNgo
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:02 2024 by rpki-client on console-ams.rpki-client.org