Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/_TX-oduHsVcZN7IinNCQGoupdaM.roa
File:                     _TX-oduHsVcZN7IinNCQGoupdaM.roa (raw, json)
Hash identifier:          Cg5X4elt7xhu3FwwZP+mdaXOg3TTTR1GFc+N4VE5r7I=
Subject key identifier:   FD:35:FE:A1:DB:87:B1:57:19:37:B2:22:9C:D0:90:1A:8B:A9:75:A3
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       019008C8C7EFE9454C2E3298F7BE7E810553
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/_TX-oduHsVcZN7IinNCQGoupdaM.roa
Signing time:             Tue 11 Jun 2024 19:31:34 +0000
ROA not before:           Tue 11 Jun 2024 19:31:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     273208
IP address blocks:        185.229.219.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:08:c8:c7:ef:e9:45:4c:2e:32:98:f7:be:7e:81:05:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jun 11 19:31:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd35fea1db87b1571937b2229cd0901a8ba975a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f3:00:a0:70:52:81:74:ff:20:b2:96:37:6d:
                    c4:7b:2a:9e:47:b2:bd:72:7b:a2:20:cd:0e:57:7e:
                    cb:c9:1c:c7:21:56:b8:bf:af:e4:1b:83:94:71:05:
                    8e:32:5c:d2:d1:f0:66:88:cb:21:d0:25:1b:57:7d:
                    2a:bb:9c:3d:ae:94:f1:3e:c9:61:ea:81:00:0a:fa:
                    33:f6:e3:19:d8:47:d6:d9:88:0b:dc:78:27:68:bb:
                    4e:56:67:be:01:fd:51:93:45:55:2c:c9:5c:3a:ce:
                    bd:59:29:b8:e8:71:4a:33:d4:b1:f9:f9:83:fd:f6:
                    51:37:26:71:b1:0b:d0:14:ab:ab:43:0e:2a:44:5a:
                    c9:86:d3:4f:08:0a:21:f8:f9:62:c6:53:cd:75:0a:
                    d3:bf:17:e1:65:ee:56:da:7c:fa:8d:43:aa:dd:b0:
                    4a:83:ad:7a:e7:b2:f3:2f:3d:7c:19:ed:a9:45:31:
                    67:66:c4:d4:70:f7:4b:c1:75:62:de:10:26:50:06:
                    53:71:03:76:06:07:d3:25:19:ed:9c:23:0d:a9:d5:
                    83:25:47:54:92:43:88:a3:25:4c:22:3c:2b:98:58:
                    23:40:23:58:57:3a:d0:64:71:ee:a0:fe:2e:b7:36:
                    70:24:4d:de:ae:df:52:5b:73:07:39:26:ba:00:bb:
                    0c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:35:FE:A1:DB:87:B1:57:19:37:B2:22:9C:D0:90:1A:8B:A9:75:A3
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/_TX-oduHsVcZN7IinNCQGoupdaM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:60:54:ca:32:85:72:fc:d8:f4:ab:30:c3:86:6c:c1:a9:74:
         06:b4:c9:3a:34:3f:6f:35:17:6d:e4:56:68:37:aa:5b:1c:0d:
         bb:e6:f2:6d:43:ab:ee:de:04:56:83:61:7a:17:f6:a0:e0:9b:
         f8:0e:0a:64:c3:9b:33:b5:24:6d:05:61:0e:6a:d0:d0:19:b0:
         4e:b2:4e:0c:cf:09:4a:fd:d3:80:5c:7a:d9:49:f2:14:a9:4f:
         86:c4:71:f4:66:85:7f:14:69:99:26:b0:b6:19:4b:95:65:22:
         7b:7f:56:86:34:9b:8a:02:3f:6f:13:42:da:e7:3d:e8:f2:4d:
         9a:95:53:ed:f4:62:19:d0:ca:d9:fb:4d:29:65:6b:62:82:ac:
         66:91:71:6f:6d:80:2b:07:6b:9f:2e:3c:11:78:79:b2:a9:c5:
         de:25:47:0f:ea:ce:a0:a6:68:e3:05:f6:b3:39:62:60:9c:fd:
         de:7d:40:1f:e9:cd:65:4a:4b:79:c3:83:d6:2f:92:6f:71:fa:
         e8:37:ed:b3:74:7c:1b:b8:7a:a8:24:0e:85:9e:49:b1:a3:3a:
         00:d4:54:ba:3b:a4:ba:66:8e:5c:60:ed:08:00:75:0b:23:0d:
         34:5d:c3:5b:0a:54:90:93:51:0a:0f:47:87:ee:36:0a:d7:6d:
         c0:1c:fa:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAIyMfv6UVMLjKY975+gQVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNjExMTkzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDM1ZmVhMWRiODdiMTU3MTkzN2IyMjI5Y2QwOTAxYThiYTk3NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPMAoHBSgXT/ILKWN23EeyqeR7K9
cnuiIM0OV37LyRzHIVa4v6/kG4OUcQWOMlzS0fBmiMsh0CUbV30qu5w9rpTxPslh
6oEACvoz9uMZ2EfW2YgL3HgnaLtOVme+Af1Rk0VVLMlcOs69WSm46HFKM9Sx+fmD
/fZRNyZxsQvQFKurQw4qRFrJhtNPCAoh+PlixlPNdQrTvxfhZe5W2nz6jUOq3bBK
g61657LzLz18Ge2pRTFnZsTUcPdLwXVi3hAmUAZTcQN2BgfTJRntnCMNqdWDJUdU
kkOIoyVMIjwrmFgjQCNYVzrQZHHuoP4utzZwJE3ert9SW3MHOSa6ALsMUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP01/qHbh7FXGTeyIpzQkBqLqXWjMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvX1RYLW9kdUhzVmNaTjdJaW5OQ1FHb3VwZGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueXbMA0G
CSqGSIb3DQEBCwUAA4IBAQBsYFTKMoVy/Nj0qzDDhmzBqXQGtMk6ND9vNRdt5FZo
N6pbHA275vJtQ6vu3gRWg2F6F/ag4Jv4Dgpkw5sztSRtBWEOatDQGbBOsk4MzwlK
/dOAXHrZSfIUqU+GxHH0ZoV/FGmZJrC2GUuVZSJ7f1aGNJuKAj9vE0La5z3o8k2a
lVPt9GIZ0MrZ+00pZWtigqxmkXFvbYArB2ufLjwReHmyqcXeJUcP6s6gpmjjBfaz
OWJgnP3efUAf6c1lSkt5w4PWL5JvcfroN+2zdHwbuHqoJA6FnkmxozoA1FS6O6S6
Zo5cYO0IAHULIw00XcNbClSQk1EKD0eH7jYK123AHPq5
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:09 2024 by rpki-client on console-ams.rpki-client.org