Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/NLW01DZVFyztsd7cwNdeP8d6ct0.roa
File:                     NLW01DZVFyztsd7cwNdeP8d6ct0.roa (raw, json)
Hash identifier:          j/R2Lr63WXHx+MUqbKy/50ME+RSpa71cOXWo0ULL9Lk=
Subject key identifier:   34:B5:B4:D4:36:55:17:2C:ED:B1:DE:DC:C0:D7:5E:3F:C7:7A:72:DD
Certificate issuer:       /CN=8559fea7e83e64e5d82562313c3a3f190f49f032
Certificate serial:       018CC26D0A53838DF30C02B92CEA4239EF9C
Authority key identifier: 85:59:FE:A7:E8:3E:64:E5:D8:25:62:31:3C:3A:3F:19:0F:49:F0:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/NLW01DZVFyztsd7cwNdeP8d6ct0.roa
Signing time:             Mon 01 Jan 2024 00:29:35 +0000
ROA not before:           Mon 01 Jan 2024 00:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200869
IP address blocks:        185.93.17.0/24 maxlen: 24
                          185.93.16.0/24 maxlen: 24
                          185.93.19.0/24 maxlen: 24
                          185.93.18.0/24 maxlen: 24
                          62.112.16.0/24 maxlen: 24
                          62.112.15.0/24 maxlen: 24
                          62.112.14.0/24 maxlen: 24
                          62.112.17.0/24 maxlen: 24
                          62.112.20.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:0a:53:83:8d:f3:0c:02:b9:2c:ea:42:39:ef:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8559fea7e83e64e5d82562313c3a3f190f49f032
        Validity
            Not Before: Jan  1 00:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=34b5b4d43655172cedb1dedcc0d75e3fc77a72dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:12:44:28:ca:1e:97:b9:8c:c0:07:f2:99:88:
                    90:a2:72:53:55:4d:5f:6d:5b:53:17:67:52:1a:89:
                    62:7b:52:f0:54:21:97:46:ec:35:19:94:1b:df:a1:
                    00:77:bf:3a:a6:43:07:1b:9e:90:08:9f:3d:3c:38:
                    30:6c:60:9a:fd:99:3a:ff:a3:97:d0:91:88:08:37:
                    48:f5:54:2d:8c:91:1b:1a:2e:69:3a:be:59:7c:dd:
                    d4:a7:7c:e5:a6:6e:2a:f4:ed:a4:6c:0b:b7:a6:10:
                    22:66:51:dd:72:a1:6c:69:ad:ea:70:95:a9:84:7e:
                    60:fa:57:d5:e6:0b:2c:b6:85:c3:70:f4:85:fa:85:
                    dc:f2:cc:87:58:48:d3:7f:87:20:d9:87:43:98:1e:
                    8f:e5:3d:2a:97:de:78:f9:3b:4d:54:9e:cb:12:11:
                    46:b2:f2:a8:7d:ea:e6:33:46:b4:1f:ec:77:36:ba:
                    51:18:c1:54:98:0a:c3:d3:17:b0:50:68:96:b9:86:
                    6a:29:11:b0:3d:8e:44:20:68:66:ba:a8:5d:9a:05:
                    ab:ed:26:3c:75:e8:ad:f8:65:6b:b1:15:88:85:b1:
                    b0:73:1e:3c:57:ad:f5:9e:af:7a:75:fa:20:c7:8b:
                    60:d2:22:66:be:b3:cd:c0:24:58:aa:2b:5a:b5:24:
                    f9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B5:B4:D4:36:55:17:2C:ED:B1:DE:DC:C0:D7:5E:3F:C7:7A:72:DD
            X509v3 Authority Key Identifier:
                keyid:85:59:FE:A7:E8:3E:64:E5:D8:25:62:31:3C:3A:3F:19:0F:49:F0:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/NLW01DZVFyztsd7cwNdeP8d6ct0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/76e87d-7595-4ba1-a2d7-870e64d464d5/1/hVn-p-g-ZOXYJWIxPDo_GQ9J8DI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.112.14.0-62.112.17.255
                  62.112.20.0/24
                  185.93.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:03:45:a3:bf:7c:a0:b2:71:78:5c:aa:fc:09:97:35:e8:24:
         2e:a8:67:b9:9c:60:09:ff:d7:65:3d:d5:2f:fa:fe:b5:61:39:
         86:67:ab:48:11:9b:d8:eb:0a:c7:02:7e:d0:3c:f0:d8:ef:76:
         5d:70:9b:ad:e9:bd:ca:f8:a5:05:c1:ec:be:fc:63:6d:d4:7b:
         69:da:fb:c5:f7:0b:46:54:28:32:97:9c:db:0d:3e:2e:11:06:
         ca:55:84:53:11:a9:1a:5f:2a:bc:e3:87:5c:db:fd:40:ac:73:
         5a:d2:56:2f:5c:a7:33:49:51:79:7c:57:29:5d:62:0c:e8:d0:
         fc:67:49:6a:49:0e:87:d4:56:15:83:db:c8:d2:db:ff:6b:e2:
         70:05:4d:d6:07:9a:a8:8d:95:9c:c8:0d:cf:20:a5:16:d2:cb:
         78:8e:b6:b0:6c:ae:e9:02:f3:54:44:d1:bc:41:5a:2a:40:52:
         36:e6:fd:43:97:33:c8:a2:86:28:48:7a:1a:3a:cd:50:23:37:
         85:d6:53:19:86:f8:bb:40:a5:84:2c:40:07:20:bf:87:bf:19:
         4d:7f:24:ae:87:35:ea:ad:1a:e5:a0:38:7d:23:de:89:72:76:
         e1:c4:e5:5a:93:fc:21:cb:53:3b:55:0d:be:bb:9f:bb:53:65:
         eb:9d:13:13
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzCbQpTg43zDAK5LOpCOe+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTlmZWE3ZTgzZTY0ZTVkODI1NjIzMTNjM2EzZjE5MGY0
OWYwMzIwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI1YjRkNDM2NTUxNzJjZWRiMWRlZGNjMGQ3NWUzZmM3N2E3MmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RJEKMoel7mMwAfymYiQonJTVU1f
bVtTF2dSGolie1LwVCGXRuw1GZQb36EAd786pkMHG56QCJ89PDgwbGCa/Zk6/6OX
0JGICDdI9VQtjJEbGi5pOr5ZfN3Up3zlpm4q9O2kbAu3phAiZlHdcqFsaa3qcJWp
hH5g+lfV5gsstoXDcPSF+oXc8syHWEjTf4cg2YdDmB6P5T0ql954+TtNVJ7LEhFG
svKofermM0a0H+x3NrpRGMFUmArD0xewUGiWuYZqKRGwPY5EIGhmuqhdmgWr7SY8
deit+GVrsRWIhbGwcx48V631nq96dfogx4tg0iJmvrPNwCRYqitatST5nQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDS1tNQ2VRcs7bHe3MDXXj/HenLdMB8GA1UdIwQY
MBaAFIVZ/qfoPmTl2CViMTw6PxkPSfAyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZuLXAtZy1aT1hZSldJeFBEb19HUTlKOERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83NmU4N2QtNzU5NS00YmExLWEyZDct
ODcwZTY0ZDQ2NGQ1LzEvTkxXMDFEWlZGeXp0c2Q3Y3dOZGVQOGQ2Y3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83NmU4N2QtNzU5NS00YmExLWEyZDctODcwZTY0ZDQ2NGQ1
LzEvaFZuLXAtZy1aT1hZSldJeFBEb19HUTlKOERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAE+cA4D
BAE+cBADBAA+cBQDBAK5XRAwDQYJKoZIhvcNAQELBQADggEBAEoDRaO/fKCycXhc
qvwJlzXoJC6oZ7mcYAn/12U91S/6/rVhOYZnq0gRm9jrCscCftA88Njvdl1wm63p
vcr4pQXB7L78Y23Ue2na+8X3C0ZUKDKXnNsNPi4RBspVhFMRqRpfKrzjh1zb/UCs
c1rSVi9cpzNJUXl8VyldYgzo0PxnSWpJDofUVhWD28jS2/9r4nAFTdYHmqiNlZzI
Dc8gpRbSy3iOtrBsrukC81RE0bxBWipAUjbm/UOXM8iihihIeho6zVAjN4XWUxmG
+LtApYQsQAcgv4e/GU1/JK6HNeqtGuWgOH0j3olyduHE5VqT/CHLUztVDb67n7tT
ZeudExM=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:03 2024 by rpki-client on console-ams.rpki-client.org