Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa
File:                     rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa (raw, json)
Hash identifier:          O/mhWiacQnwRf2uPvdxdK6mxNo31n7+l73Ic6N2s5u0=
Subject key identifier:   AC:F9:5B:43:A7:3D:75:61:C5:DB:D5:B2:E0:D6:89:57:00:63:59:76
Certificate issuer:       /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial:       018E428968149659D28B23E857FCC2B69A35
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa
Signing time:             Fri 15 Mar 2024 14:34:45 +0000
ROA not before:           Fri 15 Mar 2024 14:34:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8362
IP address blocks:        5.158.240.0/20 maxlen: 20
                          37.220.48.0/20 maxlen: 20
                          46.162.128.0/18 maxlen: 18
                          62.64.32.0/19 maxlen: 19
                          79.141.192.0/24 maxlen: 24
                          79.141.193.0/24 maxlen: 24
                          79.141.194.0/24 maxlen: 24
                          79.141.195.0/24 maxlen: 24
                          79.141.197.0/24 maxlen: 24
                          79.141.204.0/24 maxlen: 24
                          79.141.206.0/23 maxlen: 23
                          195.146.224.0/20 maxlen: 20
                          195.146.240.0/20 maxlen: 20
                          2a01:8e80::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:42:89:68:14:96:59:d2:8b:23:e8:57:fc:c2:b6:9a:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
        Validity
            Not Before: Mar 15 14:34:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=acf95b43a73d7561c5dbd5b2e0d6895700635976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:80:f3:0e:13:ca:61:29:ca:8f:59:37:d4:a3:
                    92:75:56:55:11:08:ec:12:b2:04:a0:eb:f4:19:90:
                    bb:ea:47:a9:17:b2:e9:be:36:e4:de:92:30:6a:79:
                    65:f1:e0:52:e9:77:67:b9:66:64:14:c9:89:71:ed:
                    e4:23:5b:fa:bb:5c:ca:d9:d2:6e:05:a0:bf:a6:fc:
                    b2:fa:1f:8c:71:64:ab:15:15:54:e2:cb:35:0d:96:
                    20:41:3d:da:f7:8e:72:36:99:78:b9:2f:ae:9f:b1:
                    9e:a0:ef:50:cb:e3:61:2e:60:16:92:97:e4:72:ae:
                    64:be:0a:a6:b5:67:b7:4e:03:52:b6:59:ea:f2:14:
                    23:2c:96:ae:ab:27:ff:a6:33:7e:0a:00:ae:c7:36:
                    1f:ac:03:4d:2b:66:7c:2e:63:6a:9e:b3:b1:07:44:
                    77:94:94:41:18:0b:a9:a7:62:e7:b1:ae:a9:f6:37:
                    54:8b:b3:77:00:08:0c:fd:13:a4:a3:30:bd:eb:f9:
                    09:b0:9d:48:12:09:f8:75:b4:d9:f0:bb:15:bc:81:
                    7b:07:9f:cb:6e:6c:e3:80:fc:f0:0c:ae:f9:17:fa:
                    75:01:55:70:05:e3:9a:79:58:7e:a6:70:5d:7a:66:
                    78:6a:7d:1a:aa:8d:c8:20:48:51:82:f7:c7:ab:37:
                    ba:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:F9:5B:43:A7:3D:75:61:C5:DB:D5:B2:E0:D6:89:57:00:63:59:76
            X509v3 Authority Key Identifier:
                keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.158.240.0/20
                  37.220.48.0/20
                  46.162.128.0/18
                  62.64.32.0/19
                  79.141.192.0/22
                  79.141.197.0/24
                  79.141.204.0/24
                  79.141.206.0/23
                  195.146.224.0/19
                IPv6:
                  2a01:8e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         bc:7e:bc:ef:32:54:76:e7:fa:f4:31:03:22:42:23:58:66:4f:
         c2:ad:94:f5:ae:5f:a8:8f:66:d1:cc:69:31:f3:80:3d:21:f0:
         32:06:ef:43:e5:3c:70:75:83:03:d2:91:33:d4:6a:95:f8:9f:
         ce:e4:db:be:84:44:6d:dc:9b:f5:fb:9b:bc:0a:a1:a6:44:53:
         23:51:bf:f8:c3:82:9a:9e:00:7f:01:cc:a6:2c:37:cc:18:b2:
         99:10:fa:a8:f1:0f:9b:c3:22:66:c1:59:81:14:da:8b:ec:de:
         7b:e8:7a:74:ee:db:2c:b3:a5:c5:1a:3e:96:c3:18:a9:66:ff:
         c0:83:25:32:f2:1f:4f:e1:30:42:65:a8:30:c1:50:b2:da:63:
         82:0b:7e:d3:ff:98:33:23:29:be:11:06:06:5d:79:f3:2c:dc:
         ea:91:a6:61:7a:fa:f6:d1:6f:a8:a3:1d:61:92:bf:c8:ad:30:
         42:5d:43:29:63:36:9b:55:bc:89:9c:5f:8d:c9:bc:5c:f7:b0:
         ee:10:f6:97:8d:da:39:8a:c1:d2:6c:d0:19:a1:20:91:60:f6:
         e3:5f:8d:44:60:f2:26:a4:5c:63:12:c0:9c:87:57:0e:dc:cb:
         4a:ae:77:f7:7a:e8:4f:93:b7:94:4d:5c:3e:2b:d6:93:b9:a8:
         6a:4f:74:64
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY5CiWgUllnSiyPoV/zCtpo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjQwMzE1MTQzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Y5NWI0M2E3M2Q3NTYxYzVkYmQ1YjJlMGQ2ODk1NzAwNjM1OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4DzDhPKYSnKj1k31KOSdVZVEQjs
ErIEoOv0GZC76kepF7Lpvjbk3pIwanll8eBS6XdnuWZkFMmJce3kI1v6u1zK2dJu
BaC/pvyy+h+McWSrFRVU4ss1DZYgQT3a945yNpl4uS+un7GeoO9Qy+NhLmAWkpfk
cq5kvgqmtWe3TgNStlnq8hQjLJauqyf/pjN+CgCuxzYfrANNK2Z8LmNqnrOxB0R3
lJRBGAupp2Lnsa6p9jdUi7N3AAgM/ROkozC96/kJsJ1IEgn4dbTZ8LsVvIF7B5/L
bmzjgPzwDK75F/p1AVVwBeOaeVh+pnBdemZ4an0aqo3IIEhRgvfHqze6LwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKz5W0OnPXVhxdvVsuDWiVcAY1l2MB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvclBsYlE2YzlkV0hGMjlXeTROYUpWd0JqV1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEBZ7wAwQE
JdwwAwQGLqKAAwQFPkAgAwQCT43AAwQAT43FAwQAT43MAwQBT43OAwQFw5LgMA0E
AgACMAcDBQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQC8frzvMlR25/r0MQMiQiNY
Zk/CrZT1rl+oj2bRzGkx84A9IfAyBu9D5TxwdYMD0pEz1GqV+J/O5Nu+hERt3Jv1
+5u8CqGmRFMjUb/4w4KangB/AcymLDfMGLKZEPqo8Q+bwyJmwVmBFNqL7N576Hp0
7tsss6XFGj6WwxipZv/AgyUy8h9P4TBCZagwwVCy2mOCC37T/5gzIym+EQYGXXnz
LNzqkaZhevr20W+oox1hkr/IrTBCXUMpYzabVbyJnF+Nybxc97DuEPaXjdo5isHS
bNAZoSCRYPbjX41EYPImpFxjEsCch1cO3MtKrnf3euhPk7eUTVw+K9aTuahqT3Rk
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:31 2024 by rpki-client on console-ams.rpki-client.org