Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4rscksz3Q8Ms23TkoAMWNA8yF2I.roa
File:                     4rscksz3Q8Ms23TkoAMWNA8yF2I.roa (raw, json)
Hash identifier:          z4uudfRjk4DysdA4NA8NTRq+NACQ5Rs9vpbuqrVMR4w=
Subject key identifier:   E2:BB:1C:92:CC:F7:43:C3:2C:DB:74:E4:A0:03:16:34:0F:32:17:62
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018EBD778D3239C96C6B1F15E9092CC8A8B6
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4rscksz3Q8Ms23TkoAMWNA8yF2I.roa
Signing time:             Mon 08 Apr 2024 11:28:32 +0000
ROA not before:           Mon 08 Apr 2024 11:28:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     272368
IP address blocks:        141.136.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:bd:77:8d:32:39:c9:6c:6b:1f:15:e9:09:2c:c8:a8:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Apr  8 11:28:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e2bb1c92ccf743c32cdb74e4a00316340f321762
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:7c:f0:71:52:ae:90:f6:6a:a3:e2:e0:c4:80:
                    42:87:79:01:1f:b7:4d:63:00:78:40:d9:95:22:6e:
                    eb:71:8e:81:51:45:5a:84:cf:6d:4b:42:5e:b4:de:
                    f9:40:6a:83:2a:01:1b:43:78:6d:3a:68:19:81:12:
                    d5:2a:53:ea:01:a3:6a:32:a5:07:b7:fe:14:f5:91:
                    22:ca:63:fe:f1:1e:bb:35:90:87:a5:ab:30:b1:5d:
                    34:11:11:a6:5a:1e:33:f2:ba:8d:6c:51:69:78:67:
                    49:21:ad:3e:64:b8:51:72:a9:b3:83:aa:8d:d7:6a:
                    d1:d3:9b:58:24:95:6c:f1:30:c3:8a:7f:0a:f8:c2:
                    e1:f3:65:1b:e6:33:c5:18:87:ec:ef:74:32:7b:30:
                    13:5b:aa:ed:58:34:b1:83:37:96:8c:8b:8e:b8:cc:
                    79:41:31:93:ef:55:90:0c:20:f5:40:d9:51:e4:4f:
                    1a:b8:73:19:b5:8b:3c:5e:0a:11:41:6c:63:8b:5d:
                    68:75:c1:cc:19:c3:f6:db:ac:6a:f4:e0:ee:95:f1:
                    d8:5c:15:33:ed:a7:43:9f:6b:7d:66:60:34:79:47:
                    bf:40:a7:08:36:8a:9d:2e:44:6c:f3:d0:64:aa:65:
                    0f:e9:f3:0e:36:ea:8c:cf:bf:e1:4c:31:ee:a7:08:
                    e9:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:BB:1C:92:CC:F7:43:C3:2C:DB:74:E4:A0:03:16:34:0F:32:17:62
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4rscksz3Q8Ms23TkoAMWNA8yF2I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.136.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:09:af:3b:38:90:d1:aa:da:f9:d1:b5:d8:f6:c6:1b:62:f9:
         33:1d:d0:07:ec:31:cf:88:14:11:92:4e:d8:04:d1:47:ed:68:
         df:58:d8:41:a2:b7:53:6e:fc:78:8f:16:65:b0:3d:16:fb:71:
         5b:ee:d6:f5:75:a5:d9:6f:b1:47:4d:9d:6a:fd:64:04:8c:39:
         32:10:1c:0f:f5:fe:01:dd:43:44:51:06:5a:20:8f:8c:c0:2c:
         4f:8f:60:46:09:a7:11:d6:ad:ab:99:9e:d2:ad:72:e2:47:b0:
         6e:b4:e2:42:f0:9f:81:5c:74:95:ff:34:61:41:59:fb:fc:e7:
         21:84:28:70:61:05:45:f6:c9:b1:6e:c0:da:0c:df:57:ba:bc:
         4c:41:ea:ec:91:99:09:10:6a:19:2d:97:a6:a9:94:49:ba:26:
         af:5a:82:80:60:87:85:a5:ea:55:fd:0b:29:7f:68:3a:e7:a4:
         9b:17:b4:26:19:31:46:ae:b2:f1:fc:03:98:33:26:23:6f:52:
         b9:5a:df:34:82:57:1c:ad:69:f0:c3:a2:05:81:49:db:b0:4d:
         57:b8:2d:02:f3:fc:3f:60:ef:ba:ca:39:a8:ea:9e:aa:f6:73:
         25:47:af:a6:59:34:c5:c1:89:d8:53:8b:24:c8:aa:45:9f:1b:
         59:de:40:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY69d40yOclsax8V6QksyKi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNDA4MTEyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmJiMWM5MmNjZjc0M2MzMmNkYjc0ZTRhMDAzMTYzNDBmMzIxNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHzwcVKukPZqo+LgxIBCh3kBH7dN
YwB4QNmVIm7rcY6BUUVahM9tS0JetN75QGqDKgEbQ3htOmgZgRLVKlPqAaNqMqUH
t/4U9ZEiymP+8R67NZCHpaswsV00ERGmWh4z8rqNbFFpeGdJIa0+ZLhRcqmzg6qN
12rR05tYJJVs8TDDin8K+MLh82Ub5jPFGIfs73QyezATW6rtWDSxgzeWjIuOuMx5
QTGT71WQDCD1QNlR5E8auHMZtYs8XgoRQWxji11odcHMGcP226xq9ODulfHYXBUz
7adDn2t9ZmA0eUe/QKcINoqdLkRs89BkqmUP6fMONuqMz7/hTDHupwjpgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOK7HJLM90PDLNt05KADFjQPMhdiMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNHJzY2tzejNROE1zMjNUa29BTVdOQTh5RjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjYg+MA0G
CSqGSIb3DQEBCwUAA4IBAQAHCa87OJDRqtr50bXY9sYbYvkzHdAH7DHPiBQRkk7Y
BNFH7WjfWNhBordTbvx4jxZlsD0W+3Fb7tb1daXZb7FHTZ1q/WQEjDkyEBwP9f4B
3UNEUQZaII+MwCxPj2BGCacR1q2rmZ7SrXLiR7ButOJC8J+BXHSV/zRhQVn7/Och
hChwYQVF9smxbsDaDN9XurxMQerskZkJEGoZLZemqZRJuiavWoKAYIeFpepV/Qsp
f2g656SbF7QmGTFGrrLx/AOYMyYjb1K5Wt80glccrWnww6IFgUnbsE1XuC0C8/w/
YO+6yjmo6p6q9nMlR6+mWTTFwYnYU4skyKpFnxtZ3kDc
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:09 2024 by rpki-client on console-ams.rpki-client.org