Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j96oux7eg6nogRDPjR8829nC6So.roa
File:                     j96oux7eg6nogRDPjR8829nC6So.roa (raw, json)
Hash identifier:          8719MW7LTdFKdvFSQgHDSwVO6lURpWD2qPFIUWb5tfY=
Subject key identifier:   8F:DE:A8:BB:1E:DE:83:A9:E8:81:10:CF:8D:1F:3C:DB:D9:C2:E9:2A
Certificate issuer:       /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial:       018CCA2A1A7CCE48310689E7724BF97E9FAD
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j96oux7eg6nogRDPjR8829nC6So.roa
Signing time:             Tue 02 Jan 2024 12:33:25 +0000
ROA not before:           Tue 02 Jan 2024 12:33:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58060
IP address blocks:        95.46.78.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:1a:7c:ce:48:31:06:89:e7:72:4b:f9:7e:9f:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
        Validity
            Not Before: Jan  2 12:33:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8fdea8bb1ede83a9e88110cf8d1f3cdbd9c2e92a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ec:5f:01:d2:89:cd:71:d0:5a:a5:31:0d:a6:
                    6d:cc:2d:3d:ce:80:30:4f:53:48:25:f7:aa:df:77:
                    38:b4:38:9a:37:96:b2:66:cc:25:3a:d0:58:fa:f5:
                    fb:63:32:45:28:77:90:bc:4e:4f:2e:4f:70:ab:3e:
                    b0:ac:b4:97:20:db:2f:39:b4:e8:62:d2:a5:fd:71:
                    e1:f2:dc:46:c7:73:42:26:0f:56:13:c0:d5:20:3b:
                    7e:28:80:5f:74:95:9b:31:c0:ae:cd:01:f5:6a:bb:
                    c5:fd:72:dc:6f:11:6c:5f:3b:cb:cf:ca:87:7b:ae:
                    c4:2f:97:10:0a:72:af:21:80:8f:25:89:10:88:94:
                    23:f8:a9:ac:83:a2:dd:e2:85:ed:b0:db:12:55:40:
                    74:4a:78:2f:f2:61:13:59:d7:bf:f9:c4:9c:4d:09:
                    f4:ec:67:54:21:11:47:4a:f2:a9:2b:73:5a:0f:4a:
                    87:20:18:68:38:bd:24:7c:b7:e2:a6:47:86:66:ad:
                    8c:d0:a3:05:95:5f:e4:8d:f7:61:40:00:b2:80:a3:
                    cb:62:a9:0e:d6:ed:0f:06:49:e2:aa:46:14:cd:6f:
                    94:b2:29:81:f3:d8:a6:0a:5b:7a:65:84:f5:42:ef:
                    bd:83:08:26:79:4c:14:84:55:bd:d8:b0:4d:ec:3d:
                    d6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DE:A8:BB:1E:DE:83:A9:E8:81:10:CF:8D:1F:3C:DB:D9:C2:E9:2A
            X509v3 Authority Key Identifier:
                keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j96oux7eg6nogRDPjR8829nC6So.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.46.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:62:b0:aa:64:36:9b:58:4a:21:45:ee:5d:3b:0a:6e:97:84:
         36:90:0b:be:e1:02:91:6e:8a:74:56:ce:d5:9f:0e:6b:89:73:
         28:c5:2f:b8:01:04:36:fe:d8:ee:59:71:b4:11:c9:ba:d1:8b:
         5e:9b:29:17:38:cd:33:dd:09:f0:be:04:4c:8c:be:07:5b:ca:
         ac:56:fd:2f:a4:de:18:37:f9:af:ff:cb:b7:3a:f4:c5:4d:78:
         ac:0e:c8:f3:ae:8d:15:16:d8:41:3f:3b:c9:a8:aa:b2:2a:4d:
         61:4e:03:50:24:d8:e0:4f:55:de:bf:9d:87:b3:70:37:1e:da:
         37:b4:94:d0:79:e6:e7:9a:7f:d1:52:7b:fa:6a:e5:ed:e9:3b:
         1f:7a:85:11:23:11:53:70:be:f7:a7:93:7f:42:e6:44:1e:a1:
         d9:53:da:4b:5a:54:32:71:79:bb:17:0d:f8:19:14:04:bc:1a:
         3f:84:75:7d:cc:05:0c:70:76:33:30:0d:fe:54:40:54:dc:30:
         f0:96:2d:25:f8:91:55:eb:92:5d:7d:bc:c3:44:86:8b:24:57:
         80:ee:d2:f4:23:3a:05:59:a1:b5:b1:ad:81:19:83:93:e3:a3:
         f7:fc:fc:e5:7e:e0:4b:c2:e0:90:8b:39:9f:15:cc:09:cf:93:
         67:92:80:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhp8zkgxBonnckv5fp+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmRlYThiYjFlZGU4M2E5ZTg4MTEwY2Y4ZDFmM2NkYmQ5YzJlOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+xfAdKJzXHQWqUxDaZtzC09zoAw
T1NIJfeq33c4tDiaN5ayZswlOtBY+vX7YzJFKHeQvE5PLk9wqz6wrLSXINsvObTo
YtKl/XHh8txGx3NCJg9WE8DVIDt+KIBfdJWbMcCuzQH1arvF/XLcbxFsXzvLz8qH
e67EL5cQCnKvIYCPJYkQiJQj+Kmsg6Ld4oXtsNsSVUB0Sngv8mETWde/+cScTQn0
7GdUIRFHSvKpK3NaD0qHIBhoOL0kfLfipkeGZq2M0KMFlV/kjfdhQACygKPLYqkO
1u0PBkniqkYUzW+UsimB89imClt6ZYT1Qu+9gwgmeUwUhFW92LBN7D3WwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/eqLse3oOp6IEQz40fPNvZwukqMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvajk2b3V4N2VnNm5vZ1JEUGpSODgyOW5DNlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXy5OMA0G
CSqGSIb3DQEBCwUAA4IBAQAKYrCqZDabWEohRe5dOwpul4Q2kAu+4QKRbop0Vs7V
nw5riXMoxS+4AQQ2/tjuWXG0Ecm60YtemykXOM0z3QnwvgRMjL4HW8qsVv0vpN4Y
N/mv/8u3OvTFTXisDsjzro0VFthBPzvJqKqyKk1hTgNQJNjgT1Xev52Hs3A3Hto3
tJTQeebnmn/RUnv6auXt6TsfeoURIxFTcL73p5N/QuZEHqHZU9pLWlQycXm7Fw34
GRQEvBo/hHV9zAUMcHYzMA3+VEBU3DDwli0l+JFV65JdfbzDRIaLJFeA7tL0IzoF
WaG1sa2BGYOT46P3/PzlfuBLwuCQizmfFcwJz5NnkoAm
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:31:03 2024 by rpki-client on console-ams.rpki-client.org