Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eV2uz_cGDP6ezIE7D8kRMqwktL8.roa
File:                     eV2uz_cGDP6ezIE7D8kRMqwktL8.roa (raw, json)
Hash identifier:          qNwbGF7FRiy1+ewZZuHkiCWp5CjjUEWnVAIpFdbl8yc=
Subject key identifier:   79:5D:AE:CF:F7:06:0C:FE:9E:CC:81:3B:0F:C9:11:32:AC:24:B4:BF
Certificate issuer:       /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial:       018D0D009EC04CF5A3ADFC9880C012DB8056
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eV2uz_cGDP6ezIE7D8kRMqwktL8.roa
Signing time:             Mon 15 Jan 2024 12:02:40 +0000
ROA not before:           Mon 15 Jan 2024 12:02:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47159
IP address blocks:        79.172.229.0/24 maxlen: 24
                          87.229.86.0/23 maxlen: 23
                          87.229.88.0/22 maxlen: 22
                          79.172.244.0/22 maxlen: 22
                          87.229.117.0/24 maxlen: 24
                          84.21.12.0/23 maxlen: 23
                          87.229.20.0/23 maxlen: 23
                          87.229.60.0/22 maxlen: 22
                          95.138.197.0/24 maxlen: 24
                          95.138.199.0/24 maxlen: 24
                          95.138.198.0/24 maxlen: 24
                          213.181.192.0/22 maxlen: 22
                          213.181.208.0/23 maxlen: 23
                          213.181.213.0/24 maxlen: 24
                          213.181.214.0/23 maxlen: 23
                          87.229.122.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 20:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0d:00:9e:c0:4c:f5:a3:ad:fc:98:80:c0:12:db:80:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
        Validity
            Not Before: Jan 15 12:02:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=795daecff7060cfe9ecc813b0fc91132ac24b4bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4d:6c:5f:de:44:9b:0b:fb:b1:57:ac:e8:bf:
                    f8:c3:a7:09:c0:cd:de:96:43:91:56:ab:bc:a6:ec:
                    47:24:29:8f:44:72:5e:23:3a:38:ef:67:7f:73:dc:
                    4b:32:4b:64:6a:94:ed:8c:22:d4:44:5d:ab:16:91:
                    fb:d0:36:4b:97:09:56:95:2a:8b:3d:47:ae:ec:2a:
                    89:f5:3c:78:27:3c:d2:96:a7:a9:63:e6:c2:76:fe:
                    d6:77:25:35:68:58:05:80:46:c2:81:25:36:39:8c:
                    ec:a1:2e:78:cb:95:18:f5:77:2a:3f:08:43:9b:df:
                    da:9a:a7:6e:c9:3f:25:0c:08:31:22:c6:d9:07:ec:
                    fc:03:aa:be:b7:0d:42:e2:f6:35:d7:4d:54:c3:d2:
                    8e:e1:51:a7:55:7c:4e:17:6f:d7:8a:ab:8e:a5:e4:
                    90:61:03:47:f0:76:2b:13:46:a4:b8:e3:b0:6b:5d:
                    6f:17:e1:77:53:60:2a:5f:ae:5f:a6:29:9f:11:22:
                    0d:70:25:21:4e:fc:83:b2:51:fb:e1:18:40:e1:34:
                    2a:59:4a:6d:00:4b:28:8f:d0:19:bd:a6:3c:69:57:
                    44:6e:b5:d2:ab:e9:33:4f:1c:68:b6:e5:86:01:1f:
                    2a:7d:5c:c1:18:0f:6e:6d:96:30:f3:03:8c:45:1b:
                    2d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:5D:AE:CF:F7:06:0C:FE:9E:CC:81:3B:0F:C9:11:32:AC:24:B4:BF
            X509v3 Authority Key Identifier:
                keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eV2uz_cGDP6ezIE7D8kRMqwktL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.172.229.0/24
                  79.172.244.0/22
                  84.21.12.0/23
                  87.229.20.0/23
                  87.229.60.0/22
                  87.229.86.0-87.229.91.255
                  87.229.117.0/24
                  87.229.122.0/23
                  95.138.197.0-95.138.199.255
                  213.181.192.0/22
                  213.181.208.0/23
                  213.181.213.0-213.181.215.255

    Signature Algorithm: sha256WithRSAEncryption
         7b:c4:a1:86:5d:01:42:d3:34:dc:49:32:3d:44:85:34:33:5b:
         03:12:6a:02:c2:4b:3a:5e:af:59:e5:31:44:4b:42:b3:2b:5f:
         d9:15:f5:94:0e:3b:ca:ee:33:e7:a5:bc:7a:17:0c:da:47:10:
         46:b9:b2:1c:cf:fc:c0:62:82:fe:ad:84:54:6f:4d:92:ec:1a:
         da:f4:c4:e2:c8:1f:db:3b:b9:2f:09:fe:f7:e0:94:33:e5:df:
         16:97:d1:44:9c:2d:3e:7c:7a:4f:10:67:49:5a:45:9f:9a:f5:
         b6:76:33:63:a7:68:44:b9:a0:67:f6:18:75:45:8d:64:85:2c:
         9c:12:bf:97:a1:3a:28:a7:1a:ad:f1:e2:77:83:22:67:0a:f2:
         05:a7:4e:bd:00:91:a4:8d:04:24:4e:2f:59:58:62:ae:62:83:
         ff:6a:73:74:88:b9:be:fd:f5:b0:f2:a4:bf:37:34:27:ec:9b:
         77:50:62:69:f1:ec:01:ae:3b:8f:cb:a2:14:15:75:d2:7d:ef:
         48:99:15:80:34:df:5d:53:c6:c4:b6:52:8b:b4:ea:c5:42:bf:
         ad:fb:8d:5f:7a:72:1b:2a:08:78:c9:dd:76:6e:b6:37:5a:6e:
         b3:3a:46:5f:e4:b6:8f:36:73:9a:61:10:09:4c:d2:5d:08:fa:
         6b:1a:c6:bc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY0NAJ7ATPWjrfyYgMAS24BWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTE1MTIwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVkYWVjZmY3MDYwY2ZlOWVjYzgxM2IwZmM5MTEzMmFjMjRiNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU1sX95Emwv7sVes6L/4w6cJwM3e
lkORVqu8puxHJCmPRHJeIzo472d/c9xLMktkapTtjCLURF2rFpH70DZLlwlWlSqL
PUeu7CqJ9Tx4JzzSlqepY+bCdv7WdyU1aFgFgEbCgSU2OYzsoS54y5UY9XcqPwhD
m9/amqduyT8lDAgxIsbZB+z8A6q+tw1C4vY1101Uw9KO4VGnVXxOF2/XiquOpeSQ
YQNH8HYrE0akuOOwa11vF+F3U2AqX65fpimfESINcCUhTvyDslH74RhA4TQqWUpt
AEsoj9AZvaY8aVdEbrXSq+kzTxxotuWGAR8qfVzBGA9ubZYw8wOMRRstQQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHldrs/3Bgz+nsyBOw/JETKsJLS/MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZVYydXpfY0dEUDZleklFN0Q4a1JNcXdrdEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAT6zlAwQC
T6z0AwQBVBUMAwQBV+UUAwQCV+U8MAwDBAFX5VYDBAJX5VgDBABX5XUDBAFX5Xow
DAMEAF+KxQMEA1+KwAMEAtW1wAMEAdW10DAMAwQA1bXVAwQD1bXQMA0GCSqGSIb3
DQEBCwUAA4IBAQB7xKGGXQFC0zTcSTI9RIU0M1sDEmoCwks6Xq9Z5TFES0KzK1/Z
FfWUDjvK7jPnpbx6FwzaRxBGubIcz/zAYoL+rYRUb02S7Bra9MTiyB/bO7kvCf73
4JQz5d8Wl9FEnC0+fHpPEGdJWkWfmvW2djNjp2hEuaBn9hh1RY1khSycEr+XoToo
pxqt8eJ3gyJnCvIFp069AJGkjQQkTi9ZWGKuYoP/anN0iLm+/fWw8qS/NzQn7Jt3
UGJp8ewBrjuPy6IUFXXSfe9ImRWANN9dU8bEtlKLtOrFQr+t+41fenIbKgh4yd12
brY3Wm6zOkZf5LaPNnOaYRAJTNJdCPprGsa8
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:20:37 2024 by rpki-client on console-fra.rpki-client.org