Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/dl-m_Gf9P9_RzrBSs90rS5zcn0U.roa
File:                     dl-m_Gf9P9_RzrBSs90rS5zcn0U.roa (raw, json)
Hash identifier:          70WZFo64eRdtbnvYLgNcjAvEUcUgmK3h+OXsnDFiGNk=
Subject key identifier:   76:5F:A6:FC:67:FD:3F:DF:D1:CE:B0:52:B3:DD:2B:4B:9C:DC:9F:45
Certificate issuer:       /CN=cf38a513b5c377f91fe4c78474bc26a1b61b4a20
Certificate serial:       018CC34954647F00924FEE69FBD364943F0E
Authority key identifier: CF:38:A5:13:B5:C3:77:F9:1F:E4:C7:84:74:BC:26:A1:B6:1B:4A:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zzilE7XDd_kf5MeEdLwmobYbSiA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/dl-m_Gf9P9_RzrBSs90rS5zcn0U.roa
Signing time:             Mon 01 Jan 2024 04:30:12 +0000
ROA not before:           Mon 01 Jan 2024 04:30:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47692
IP address blocks:        185.205.80.0/24 maxlen: 24
                          185.205.81.0/24 maxlen: 24
                          185.205.82.0/24 maxlen: 24
                          185.205.83.0/24 maxlen: 24
                          185.46.186.0/24 maxlen: 24
                          185.46.184.0/24 maxlen: 24
                          185.46.185.0/24 maxlen: 24
                          185.46.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/zzilE7XDd_kf5MeEdLwmobYbSiA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/zzilE7XDd_kf5MeEdLwmobYbSiA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zzilE7XDd_kf5MeEdLwmobYbSiA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:54:64:7f:00:92:4f:ee:69:fb:d3:64:94:3f:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf38a513b5c377f91fe4c78474bc26a1b61b4a20
        Validity
            Not Before: Jan  1 04:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=765fa6fc67fd3fdfd1ceb052b3dd2b4b9cdc9f45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:18:e5:bb:a2:98:b5:c0:0c:1e:f4:a4:72:b5:
                    19:a9:4f:61:78:02:e5:7c:eb:84:e2:0a:a5:f1:4e:
                    3e:c0:a3:be:e0:17:38:1f:8b:33:56:c9:bb:f2:c4:
                    c2:9e:a1:aa:97:02:28:07:b9:ed:b9:ec:fe:4f:ff:
                    d6:93:d3:b4:fe:3e:03:ae:34:b7:66:0d:16:03:63:
                    6c:62:b1:e5:70:5e:a1:a3:7b:fd:47:43:62:d0:c9:
                    b0:24:51:df:ef:71:b5:9f:95:a6:1e:eb:b4:fb:c7:
                    db:9f:b0:26:50:0a:9c:2d:96:d1:f2:ee:b4:3c:cd:
                    82:95:ff:11:6d:c7:ba:01:0d:c2:df:e6:39:4b:35:
                    8f:ae:43:c5:0f:9e:b8:e5:c3:cc:d2:11:18:cd:0c:
                    2b:d0:54:18:b8:cb:d0:d2:cd:69:30:a9:fc:8a:22:
                    f5:37:c5:47:6c:1a:c4:22:0b:bb:0d:84:36:2a:4a:
                    9c:5f:ff:6e:99:fc:26:9f:68:2c:6b:9c:b7:63:c9:
                    4f:03:eb:b2:ff:1d:98:dc:1b:13:fd:5e:69:06:d9:
                    fc:36:e4:2d:e5:22:1d:71:c3:61:77:5e:35:6e:0a:
                    bc:34:5d:8f:4e:b6:93:79:82:09:79:f8:4b:04:2f:
                    a9:da:0f:f8:bf:b7:4d:24:8c:ca:27:79:d4:15:50:
                    5f:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:5F:A6:FC:67:FD:3F:DF:D1:CE:B0:52:B3:DD:2B:4B:9C:DC:9F:45
            X509v3 Authority Key Identifier:
                keyid:CF:38:A5:13:B5:C3:77:F9:1F:E4:C7:84:74:BC:26:A1:B6:1B:4A:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zzilE7XDd_kf5MeEdLwmobYbSiA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/dl-m_Gf9P9_RzrBSs90rS5zcn0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8cee81-d466-4137-a91b-fec083f63e0e/1/zzilE7XDd_kf5MeEdLwmobYbSiA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.46.184.0/22
                  185.205.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:43:4f:f8:4a:ed:73:fb:51:8b:b9:54:fd:14:b1:4e:87:69:
         a2:3e:c0:c8:df:fb:3c:a8:4f:a2:75:b8:dd:b2:1d:e9:f9:92:
         3c:b0:3a:a2:80:40:be:7f:38:65:d9:98:a3:cd:e9:ca:dd:aa:
         14:c8:39:a3:4c:af:3f:76:e9:f8:20:c3:0a:51:63:cd:4b:6c:
         51:e3:75:ca:10:a1:a7:62:9c:90:41:23:ea:60:28:2f:3f:55:
         a1:14:be:81:8f:0e:6b:8c:df:2b:1f:38:8f:41:4f:aa:f7:76:
         38:1e:23:59:ba:ec:d6:70:6f:e5:d1:c8:00:bb:bf:17:8d:60:
         ce:ee:ac:62:42:f8:79:88:70:b8:cc:25:a9:8c:c8:8b:89:c6:
         72:d4:f1:91:fa:ff:ef:65:da:b8:73:29:22:73:7b:29:b5:85:
         f8:cb:bc:37:0d:bd:4b:d5:61:d5:85:34:c4:23:07:59:1e:17:
         6d:8a:74:f8:3f:d5:70:43:3a:8a:88:ec:ac:cd:ae:ec:ef:52:
         11:5c:cb:a3:04:85:22:c7:d0:4a:f0:88:a2:b8:91:82:d2:81:
         10:66:c7:c7:64:18:25:ca:f3:b4:22:81:c6:b8:db:cf:aa:75:
         42:51:55:d1:ec:1a:c7:6c:25:4d:28:7a:3e:16:5e:f1:8a:30:
         0f:7e:9d:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSVRkfwCST+5p+9NklD8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMzhhNTEzYjVjMzc3ZjkxZmU0Yzc4NDc0YmMyNmExYjYx
YjRhMjAwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjVmYTZmYzY3ZmQzZmRmZDFjZWIwNTJiM2RkMmI0YjljZGM5ZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Bjlu6KYtcAMHvSkcrUZqU9heALl
fOuE4gql8U4+wKO+4Bc4H4szVsm78sTCnqGqlwIoB7ntuez+T//Wk9O0/j4DrjS3
Zg0WA2NsYrHlcF6ho3v9R0Ni0MmwJFHf73G1n5WmHuu0+8fbn7AmUAqcLZbR8u60
PM2Clf8Rbce6AQ3C3+Y5SzWPrkPFD5645cPM0hEYzQwr0FQYuMvQ0s1pMKn8iiL1
N8VHbBrEIgu7DYQ2KkqcX/9umfwmn2gsa5y3Y8lPA+uy/x2Y3BsT/V5pBtn8NuQt
5SIdccNhd141bgq8NF2PTraTeYIJefhLBC+p2g/4v7dNJIzKJ3nUFVBfyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZfpvxn/T/f0c6wUrPdK0uc3J9FMB8GA1UdIwQY
MBaAFM84pRO1w3f5H+THhHS8JqG2G0ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenppbEU3WERkX2tmNU1lRWRMd21vYlliU2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84Y2VlODEtZDQ2Ni00MTM3LWE5MWIt
ZmVjMDgzZjYzZTBlLzEvZGwtbV9HZjlQOV9SenJCU3M5MHJTNXpjbjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84Y2VlODEtZDQ2Ni00MTM3LWE5MWItZmVjMDgzZjYzZTBl
LzEvenppbEU3WERkX2tmNU1lRWRMd21vYlliU2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS64AwQC
uc1QMA0GCSqGSIb3DQEBCwUAA4IBAQAKQ0/4Su1z+1GLuVT9FLFOh2miPsDI3/s8
qE+idbjdsh3p+ZI8sDqigEC+fzhl2ZijzenK3aoUyDmjTK8/dun4IMMKUWPNS2xR
43XKEKGnYpyQQSPqYCgvP1WhFL6Bjw5rjN8rHziPQU+q93Y4HiNZuuzWcG/l0cgA
u78XjWDO7qxiQvh5iHC4zCWpjMiLicZy1PGR+v/vZdq4cykic3sptYX4y7w3Db1L
1WHVhTTEIwdZHhdtinT4P9VwQzqKiOysza7s71IRXMujBIUix9BK8IiiuJGC0oEQ
ZsfHZBglyvO0IoHGuNvPqnVCUVXR7BrHbCVNKHo+Fl7xijAPfp09
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:58 2024 by rpki-client on console-ams.rpki-client.org