Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1WHoZeMztcfQAI9nxhTfBOF8LI.roa
File:                     t1WHoZeMztcfQAI9nxhTfBOF8LI.roa (raw, json)
Hash identifier:          FqXzG/4cqqhqKyTBWqYn803Xz5yw9LG+REvjmiufpBY=
Subject key identifier:   B7:55:87:A1:97:8C:CE:D7:1F:40:02:3D:9F:18:53:7C:13:85:F0:B2
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCCA8ED520978C8946211848B28DC7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1WHoZeMztcfQAI9nxhTfBOF8LI.roa
Signing time:             Tue 02 Jan 2024 10:34:02 +0000
ROA not before:           Tue 02 Jan 2024 10:34:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42394
IP address blocks:        2a0e:b107:ff0::/48 maxlen: 48
                          2a0e:b107:1110::/44 maxlen: 48
                          2a0e:b107:fff::/48 maxlen: 48
                          2a0e:97c7:160::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:ca:8e:d5:20:97:8c:89:46:21:18:48:b2:8d:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b75587a1978cced71f40023d9f18537c1385f0b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:89:d9:a8:a1:c2:e5:54:73:f6:0e:aa:54:69:
                    a0:ab:bb:f1:69:ae:e2:20:18:bb:ae:64:c9:3d:a5:
                    52:8c:d4:7a:57:8f:ad:13:a9:48:d6:cc:5a:83:94:
                    81:eb:96:94:50:e6:bd:b7:af:65:27:25:21:4a:76:
                    ca:be:fd:b5:61:67:9d:e4:95:b4:a0:13:e9:00:76:
                    41:f8:79:b4:c4:6c:1b:15:1e:13:9a:bf:04:cb:13:
                    14:16:7d:1e:72:6a:a1:e9:17:59:ee:f8:ae:2e:0b:
                    4f:2b:a5:aa:ac:1e:0a:d5:5d:b1:7e:5e:80:ed:1a:
                    97:94:6d:d0:fe:79:70:e9:04:9e:ea:b4:2a:d6:5b:
                    80:67:9b:b8:82:8f:0b:36:38:b7:2e:28:3e:66:6f:
                    a0:71:0f:06:37:f7:d1:d6:3c:41:28:4c:2f:3a:a3:
                    e6:76:0e:8c:43:a3:80:20:12:bc:48:9e:6c:eb:f6:
                    68:39:9a:9d:11:16:90:6d:f1:eb:f8:94:4e:77:ae:
                    73:fc:9e:7f:d2:fa:58:c4:78:08:ae:79:b0:cd:e2:
                    f8:e7:cb:db:05:21:49:3e:57:db:7e:98:5e:67:c0:
                    30:69:01:9e:7b:83:ea:da:8a:21:dd:92:57:c2:f5:
                    6f:85:b5:ee:69:7d:20:dc:6d:60:90:8f:6e:74:0d:
                    4f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:55:87:A1:97:8C:CE:D7:1F:40:02:3D:9F:18:53:7C:13:85:F0:B2
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1WHoZeMztcfQAI9nxhTfBOF8LI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c7:160::/44
                  2a0e:b107:ff0::/48
                  2a0e:b107:fff::/48
                  2a0e:b107:1110::/44

    Signature Algorithm: sha256WithRSAEncryption
         3f:32:46:53:04:1c:42:a7:42:d6:69:e2:05:0f:c3:ab:e9:5b:
         46:5c:8a:b4:06:95:8a:53:7d:d0:bf:d8:16:c6:8c:a0:b9:63:
         67:9e:68:59:50:75:02:de:f5:16:bd:3f:e3:dc:dd:5e:ff:d6:
         33:53:de:51:b8:4d:c5:d6:60:81:df:c6:54:6d:14:60:9f:5a:
         dc:52:45:6c:37:a1:0a:a9:7f:40:54:dd:a1:3f:6c:d1:bc:77:
         de:3d:84:16:70:7e:50:89:2c:4f:ed:c7:3e:9b:e0:0d:b0:cd:
         f1:b5:79:96:67:c0:e3:13:9b:13:a5:dc:9e:9b:d9:58:9b:f4:
         cd:db:82:b6:44:ea:7c:18:45:03:9e:6f:e6:20:f0:b3:4a:de:
         73:de:99:0a:b8:ee:e4:3d:7b:75:83:18:fd:5a:11:65:40:bd:
         2c:e9:87:a2:f8:32:30:77:ff:1e:91:bc:f1:c7:7c:a1:8c:59:
         a7:d9:6a:0a:c4:31:b6:73:b5:1b:77:b1:09:ad:b7:99:bc:a3:
         ec:1d:60:57:ae:b4:ac:18:27:bf:2a:e2:c5:c3:4e:91:90:ae:
         30:fa:21:30:01:2a:61:b0:1b:63:00:47:ec:81:47:4a:59:83:
         17:77:ac:d8:19:7e:6d:58:40:74:9e:58:51:c2:56:7b:0a:f1:
         60:53:e1:fb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJvMqO1SCXjIlGIRhIso3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU1ODdhMTk3OGNjZWQ3MWY0MDAyM2Q5ZjE4NTM3YzEzODVmMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4nZqKHC5VRz9g6qVGmgq7vxaa7i
IBi7rmTJPaVSjNR6V4+tE6lI1sxag5SB65aUUOa9t69lJyUhSnbKvv21YWed5JW0
oBPpAHZB+Hm0xGwbFR4Tmr8EyxMUFn0ecmqh6RdZ7viuLgtPK6WqrB4K1V2xfl6A
7RqXlG3Q/nlw6QSe6rQq1luAZ5u4go8LNji3Lig+Zm+gcQ8GN/fR1jxBKEwvOqPm
dg6MQ6OAIBK8SJ5s6/ZoOZqdERaQbfHr+JROd65z/J5/0vpYxHgIrnmwzeL458vb
BSFJPlfbfpheZ8AwaQGee4Pq2ooh3ZJXwvVvhbXuaX0g3G1gkI9udA1PSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLdVh6GXjM7XH0ACPZ8YU3wThfCyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdDFXSG9aZU16dGNmUUFJOW54aFRmQk9GOExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XxwFg
AwcAKg6xBw/wAwcAKg6xBw//AwcEKg6xBxEQMA0GCSqGSIb3DQEBCwUAA4IBAQA/
MkZTBBxCp0LWaeIFD8Or6VtGXIq0BpWKU33Qv9gWxoyguWNnnmhZUHUC3vUWvT/j
3N1e/9YzU95RuE3F1mCB38ZUbRRgn1rcUkVsN6EKqX9AVN2hP2zRvHfePYQWcH5Q
iSxP7cc+m+ANsM3xtXmWZ8DjE5sTpdyem9lYm/TN24K2ROp8GEUDnm/mIPCzSt5z
3pkKuO7kPXt1gxj9WhFlQL0s6Yei+DIwd/8ekbzxx3yhjFmn2WoKxDG2c7Ubd7EJ
rbeZvKPsHWBXrrSsGCe/KuLFw06RkK4w+iEwASphsBtjAEfsgUdKWYMXd6zYGX5t
WEB0nlhRwlZ7CvFgU+H7
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:58 2024 by rpki-client on console-ams.rpki-client.org