Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/atj-mILuL669zZU6NsEr3Cl-Rvo.roa
File:                     atj-mILuL669zZU6NsEr3Cl-Rvo.roa (raw, json)
Hash identifier:          l7e7/RbROSzv21/aqjecU4pVHJBt9uABWiqfJEkdOGA=
Subject key identifier:   6A:D8:FE:98:82:EE:2F:AE:BD:CD:95:3A:36:C1:2B:DC:29:7E:46:FA
Certificate issuer:       /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial:       018CC2DB368B8E0D4814D86EB6E87B5D8F90
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/atj-mILuL669zZU6NsEr3Cl-Rvo.roa
Signing time:             Mon 01 Jan 2024 02:29:55 +0000
ROA not before:           Mon 01 Jan 2024 02:29:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49571
IP address blocks:        212.126.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:36:8b:8e:0d:48:14:d8:6e:b6:e8:7b:5d:8f:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
        Validity
            Not Before: Jan  1 02:29:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ad8fe9882ee2faebdcd953a36c12bdc297e46fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:98:a1:53:5e:98:ee:79:34:91:91:9b:ad:4c:
                    79:e8:92:21:48:3a:4e:07:15:d0:43:68:e3:d0:76:
                    27:a4:7f:4a:0c:1b:3f:75:31:58:f3:ea:95:e8:41:
                    ba:bb:6c:8a:f4:87:83:01:50:e5:2f:8b:24:c0:26:
                    63:3d:0c:ed:11:af:40:2f:39:34:b4:b0:47:43:be:
                    9e:c4:b0:44:d9:22:72:ae:00:2c:c2:60:20:cd:53:
                    88:c7:84:c1:d0:22:dc:18:3c:67:b9:df:0a:d7:b0:
                    c8:6b:15:86:9a:52:a4:17:fe:c9:1b:e2:46:3c:b0:
                    f2:d2:d7:e7:c4:52:73:33:17:d7:15:68:6f:f2:17:
                    21:de:72:ed:26:27:c6:06:9c:7c:09:b0:95:be:e6:
                    bd:19:5f:bb:0f:12:fe:8d:88:64:5f:f5:a2:42:d7:
                    e2:f9:4e:77:92:f0:e1:20:84:a4:5d:6c:a6:06:24:
                    19:f8:e7:21:cc:af:44:bb:4a:3e:0f:aa:9b:a2:59:
                    bd:bd:03:c6:61:64:d7:c9:98:df:97:34:ef:14:ec:
                    17:dc:f4:cf:00:e7:05:60:65:35:73:94:41:47:6a:
                    73:fc:dd:5e:db:3a:55:28:d6:c3:30:74:0e:f7:86:
                    9d:91:ab:06:0d:d5:f3:9a:9e:2f:02:18:8e:23:63:
                    5e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D8:FE:98:82:EE:2F:AE:BD:CD:95:3A:36:C1:2B:DC:29:7E:46:FA
            X509v3 Authority Key Identifier:
                keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/atj-mILuL669zZU6NsEr3Cl-Rvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.126.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:b1:dc:db:a8:9c:e8:fb:19:05:ea:be:73:11:3b:57:91:40:
         96:45:23:d5:1d:31:27:f3:86:ea:ee:ff:81:4b:d5:a5:fe:ee:
         2d:57:91:0e:c7:97:e3:12:6d:e8:fa:89:01:c4:7f:be:fe:ed:
         ff:20:ff:f8:10:f1:b3:bc:77:aa:9a:2f:a6:5f:43:9d:b2:54:
         2c:7c:d8:cc:a0:ce:ad:37:9d:7d:55:58:ed:4b:34:2a:e0:37:
         99:9a:46:6e:72:04:c1:5d:9e:f1:af:d9:6d:cc:d3:fb:0e:9a:
         b9:77:9d:c3:39:8e:6f:98:b2:f2:81:28:e2:86:60:12:f1:11:
         99:14:8a:ea:07:47:59:16:53:a1:9d:f0:11:ef:08:c5:bb:57:
         7c:42:b8:9e:64:26:6d:92:22:f3:37:94:c3:0f:4a:80:8d:2a:
         47:bb:7c:96:11:c4:56:01:94:d6:57:ef:e5:ab:c5:b6:d2:e8:
         55:5c:f5:9c:7c:6e:3c:9a:55:0f:a9:63:7d:01:bc:33:07:3f:
         51:d4:92:ad:90:b0:47:c3:cc:eb:44:d7:da:32:7b:cd:0f:a9:
         22:7a:59:46:bd:34:3b:90:cd:76:fc:d0:e3:4d:de:8c:11:31:
         d1:62:fd:57:da:d0:02:07:7f:cd:5c:37:66:e7:60:08:35:00:
         c5:0e:f8:14
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzC2zaLjg1IFNhutuh7XY+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ4ZmU5ODgyZWUyZmFlYmRjZDk1M2EzNmMxMmJkYzI5N2U0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5ihU16Y7nk0kZGbrUx56JIhSDpO
BxXQQ2jj0HYnpH9KDBs/dTFY8+qV6EG6u2yK9IeDAVDlL4skwCZjPQztEa9ALzk0
tLBHQ76exLBE2SJyrgAswmAgzVOIx4TB0CLcGDxnud8K17DIaxWGmlKkF/7JG+JG
PLDy0tfnxFJzMxfXFWhv8hch3nLtJifGBpx8CbCVvua9GV+7DxL+jYhkX/WiQtfi
+U53kvDhIISkXWymBiQZ+OchzK9Eu0o+D6qbolm9vQPGYWTXyZjflzTvFOwX3PTP
AOcFYGU1c5RBR2pz/N1e2zpVKNbDMHQO94adkasGDdXzmp4vAhiOI2NewwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGrY/piC7i+uvc2VOjbBK9wpfkb6MB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL2F0ai1tSUx1TDY2OXpaVTZOc0VyM0NsLVJ2by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADUfnAw
DQYJKoZIhvcNAQELBQADggEBAJex3NuonOj7GQXqvnMRO1eRQJZFI9UdMSfzhuru
/4FL1aX+7i1XkQ7Hl+MSbej6iQHEf77+7f8g//gQ8bO8d6qaL6ZfQ52yVCx82Myg
zq03nX1VWO1LNCrgN5maRm5yBMFdnvGv2W3M0/sOmrl3ncM5jm+YsvKBKOKGYBLx
EZkUiuoHR1kWU6Gd8BHvCMW7V3xCuJ5kJm2SIvM3lMMPSoCNKke7fJYRxFYBlNZX
7+WrxbbS6FVc9Zx8bjyaVQ+pY30BvDMHP1HUkq2QsEfDzOtE19oye80PqSJ6WUa9
NDuQzXb80ONN3owRMdFi/Vfa0AIHf81cN2bnYAg1AMUO+BQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:15 2024 by rpki-client on console-ams.rpki-client.org