Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/O_TH6tSALCYUQLwztNFJIayLFkc.roa
File:                     O_TH6tSALCYUQLwztNFJIayLFkc.roa (raw, json)
Hash identifier:          XmLr0EqhL2nhOH85dlrjFxhqSNIyTDaYIkD6cB7m/t8=
Subject key identifier:   3B:F4:C7:EA:D4:80:2C:26:14:40:BC:33:B4:D1:49:21:AC:8B:16:47
Certificate issuer:       /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial:       018CC72746FC72D3DAD83BA00EC31B58B320
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/O_TH6tSALCYUQLwztNFJIayLFkc.roa
Signing time:             Mon 01 Jan 2024 22:31:29 +0000
ROA not before:           Mon 01 Jan 2024 22:31:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41612
IP address blocks:        94.31.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:46:fc:72:d3:da:d8:3b:a0:0e:c3:1b:58:b3:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
        Validity
            Not Before: Jan  1 22:31:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3bf4c7ead4802c261440bc33b4d14921ac8b1647
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:56:ee:17:4a:89:34:97:aa:eb:b6:97:f0:5c:
                    63:d5:8f:8b:a5:97:01:53:77:67:ac:f1:b2:ca:01:
                    be:40:f3:cb:a2:d8:38:83:59:b6:c8:5d:86:58:03:
                    90:12:cd:24:73:c6:5b:d2:e2:cf:18:35:1f:1f:80:
                    97:60:9e:7a:07:78:87:3b:e6:86:59:ac:fe:02:79:
                    55:26:b3:38:fb:88:8d:56:e8:13:3b:33:44:01:8c:
                    cf:12:ed:7b:e8:0d:b1:69:15:d5:d3:0a:ab:17:ac:
                    62:1a:a0:de:64:1d:91:f7:32:ed:da:93:88:74:3f:
                    a6:b0:79:97:8f:3c:57:bd:7c:a6:aa:44:b2:46:ad:
                    23:af:f5:ba:ef:f4:09:40:e6:e6:bf:f3:e9:e0:96:
                    b4:65:83:3d:67:ae:e1:2b:56:66:0e:b9:62:af:3b:
                    e6:e9:24:ee:b8:81:33:96:5e:78:a3:c2:87:4a:16:
                    57:c7:e7:fb:ce:b3:69:8e:59:bb:5d:b3:c4:2d:2f:
                    51:3d:7c:2c:29:e1:96:72:e2:4a:2d:8a:32:0b:68:
                    ac:36:df:9d:01:54:e7:e7:95:3f:22:b9:a3:47:82:
                    a2:f9:2f:fd:27:c8:9e:70:ad:2d:10:5c:70:51:72:
                    8b:a6:52:3b:9c:ef:ac:5a:e9:19:eb:bd:6c:ba:e2:
                    1e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:F4:C7:EA:D4:80:2C:26:14:40:BC:33:B4:D1:49:21:AC:8B:16:47
            X509v3 Authority Key Identifier:
                keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/O_TH6tSALCYUQLwztNFJIayLFkc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.31.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:b2:79:3b:16:fc:80:0c:34:b3:3d:a4:f8:a0:22:7f:ec:1d:
         fb:a3:62:8f:99:2d:d1:42:07:c6:ca:0f:1c:57:8b:a4:35:63:
         f8:51:f9:a7:e4:83:8a:a4:b7:c7:55:72:87:4c:88:ad:8a:d1:
         0e:e6:ef:69:d4:f9:f2:15:c9:ab:ce:0e:98:23:a6:31:a3:af:
         2f:d6:ac:4b:4e:0d:79:c1:df:54:1c:16:35:06:77:02:b8:84:
         0b:de:a5:71:86:ee:35:8c:56:87:03:6d:c4:59:d0:2a:71:72:
         e1:6d:b4:63:c4:23:fe:e3:30:d7:65:af:8f:5e:2a:46:82:f5:
         2e:8e:ef:26:c1:fd:f5:5c:da:a3:d5:38:b8:f7:bc:13:9a:2d:
         c3:77:08:45:7a:21:13:63:ca:30:f5:9c:cd:d2:a7:90:04:1a:
         3b:8b:1b:42:a3:52:2a:86:b0:15:b4:b5:c1:69:56:33:80:9b:
         7c:24:78:47:70:25:61:f2:18:b7:2b:e2:83:93:7a:9b:30:c7:
         0a:03:8d:59:74:92:c8:dd:84:ea:4a:38:79:7a:33:46:3f:36:
         9e:4c:7c:4e:3b:83:49:bd:04:a5:46:45:ab:54:19:ed:4e:b6:
         b1:16:95:2c:2c:39:6f:d3:1a:83:cd:02:9c:a4:e5:af:9c:b3:
         0a:da:ea:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ0b8ctPa2DugDsMbWLMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGNjOTQyOWI2MzM4MmU5YjE3MTRkMjFiM2M5NmQyZTVl
YmUyNTcwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY0YzdlYWQ0ODAyYzI2MTQ0MGJjMzNiNGQxNDkyMWFjOGIxNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVbuF0qJNJeq67aX8Fxj1Y+LpZcB
U3dnrPGyygG+QPPLotg4g1m2yF2GWAOQEs0kc8Zb0uLPGDUfH4CXYJ56B3iHO+aG
Waz+AnlVJrM4+4iNVugTOzNEAYzPEu176A2xaRXV0wqrF6xiGqDeZB2R9zLt2pOI
dD+msHmXjzxXvXymqkSyRq0jr/W67/QJQObmv/Pp4Ja0ZYM9Z67hK1ZmDrlirzvm
6STuuIEzll54o8KHShZXx+f7zrNpjlm7XbPELS9RPXwsKeGWcuJKLYoyC2isNt+d
AVTn55U/IrmjR4Ki+S/9J8iecK0tEFxwUXKLplI7nO+sWukZ671suuIeYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDv0x+rUgCwmFEC8M7TRSSGsixZHMB8GA1UdIwQY
MBaAFOMMyUKbYzgumxcU0hs8ltLl6+JXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUt
ZGI0ZjM1MmU5YWQzLzEvT19USDZ0U0FMQ1lVUUx3enRORkpJYXlMRmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUtZGI0ZjM1MmU5YWQz
LzEvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXh88MA0G
CSqGSIb3DQEBCwUAA4IBAQAusnk7FvyADDSzPaT4oCJ/7B37o2KPmS3RQgfGyg8c
V4ukNWP4Ufmn5IOKpLfHVXKHTIititEO5u9p1PnyFcmrzg6YI6Yxo68v1qxLTg15
wd9UHBY1BncCuIQL3qVxhu41jFaHA23EWdAqcXLhbbRjxCP+4zDXZa+PXipGgvUu
ju8mwf31XNqj1Ti497wTmi3DdwhFeiETY8ow9ZzN0qeQBBo7ixtCo1IqhrAVtLXB
aVYzgJt8JHhHcCVh8hi3K+KDk3qbMMcKA41ZdJLI3YTqSjh5ejNGPzaeTHxOO4NJ
vQSlRkWrVBntTraxFpUsLDlv0xqDzQKcpOWvnLMK2uq4
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:06 2024 by rpki-client on console-fra.rpki-client.org