Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa
File:                     1pLGaXmg9LwEIbcV8CloqRFmBmo.roa (raw, json)
Hash identifier:          AfehIJdCQVP+rnPOl3jTkdUypOGEtCf9OlXjYsP89aQ=
Subject key identifier:   D6:92:C6:69:79:A0:F4:BC:04:21:B7:15:F0:29:68:A9:11:66:06:6A
Certificate issuer:       /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial:       018CC94CD23BEE19F14E4A50179AA7F1B70B
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa
Signing time:             Tue 02 Jan 2024 08:31:44 +0000
ROA not before:           Tue 02 Jan 2024 08:31:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34574
IP address blocks:        188.64.144.0/24 maxlen: 24
                          188.64.144.0/23 maxlen: 23
                          188.64.145.0/24 maxlen: 24
                          188.64.147.0/24 maxlen: 24
                          188.64.146.0/24 maxlen: 24
                          2a00:1120::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:d2:3b:ee:19:f1:4e:4a:50:17:9a:a7:f1:b7:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
        Validity
            Not Before: Jan  2 08:31:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d692c66979a0f4bc0421b715f02968a91166066a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:7f:c2:c3:c5:26:c4:fb:20:f9:13:23:c2:95:
                    4a:8e:e5:c4:7f:f2:fa:29:19:02:24:0c:d8:f4:c4:
                    c9:fc:47:61:7d:3c:43:0c:30:85:19:c4:79:15:ef:
                    05:c2:f3:9c:de:42:b5:a2:86:af:dd:ed:a9:ef:f4:
                    80:2f:5a:f1:13:bf:30:39:ea:1d:1f:19:b8:3b:10:
                    7e:a0:da:85:ed:1b:58:c8:29:8e:60:f6:c7:75:e9:
                    8d:22:e1:d9:40:f8:18:d3:66:08:2a:46:12:7b:3a:
                    b1:20:68:f7:76:16:e6:a9:e1:91:7e:6d:bc:16:d6:
                    10:13:73:b1:f8:c8:4d:0f:20:f9:ff:56:e1:c1:5e:
                    53:37:b1:4c:f0:55:02:a7:76:3c:d9:dd:5b:14:32:
                    9e:0c:f7:91:8c:10:34:27:63:fa:80:e1:93:55:7d:
                    a2:65:52:85:9e:5b:36:a0:54:dd:3c:09:0b:e9:53:
                    a2:24:a4:80:ab:4d:2e:ba:65:68:c2:55:7e:a2:4b:
                    0a:6b:dd:96:13:d3:4e:8b:17:f1:3e:0d:3d:67:c2:
                    e0:20:ea:28:79:df:5c:42:02:f8:7a:ec:4f:39:b6:
                    8e:6f:19:75:43:b8:56:57:99:ce:b5:13:6f:26:bb:
                    6a:df:9b:95:e5:8b:08:a2:ab:7c:fd:d2:e8:a1:c2:
                    70:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:92:C6:69:79:A0:F4:BC:04:21:B7:15:F0:29:68:A9:11:66:06:6A
            X509v3 Authority Key Identifier:
                keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.144.0/22
                IPv6:
                  2a00:1120::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:43:08:93:c7:bb:5f:00:30:4e:bc:42:1a:23:49:b1:f8:d0:
         da:d1:6e:6e:c2:e0:f8:8f:fd:03:e4:fd:2c:e8:7e:27:11:bf:
         2a:3c:49:81:5c:3d:27:03:ea:44:d1:4d:32:c0:34:55:42:db:
         7e:9c:1d:cb:d3:80:d7:dd:63:ec:4e:13:2d:8b:6d:4e:54:d3:
         7e:51:25:81:01:dc:47:6b:d4:e0:d4:7c:3b:63:cc:93:ea:a7:
         35:b8:ca:74:d8:83:72:25:cd:ae:8a:b0:9d:7e:dc:57:00:30:
         8d:af:6e:8c:95:a8:4c:7d:ac:77:e1:24:fe:71:88:36:0a:90:
         24:91:5d:e9:bc:ea:4a:81:01:1d:9d:b2:8d:c4:93:66:13:66:
         9b:79:eb:32:51:5b:82:05:03:8a:20:e4:e0:86:7a:0f:aa:6e:
         49:f0:57:c2:a1:26:3d:93:e0:05:84:f3:b7:d7:68:96:8c:9b:
         b8:33:a8:15:7f:54:89:a2:9d:ce:2d:20:26:02:84:3b:c2:e7:
         77:90:ba:12:63:95:9e:96:6d:83:af:8c:c7:8d:1c:1f:6e:76:
         1f:9d:34:10:e7:36:f7:4c:4a:7a:9e:1c:1a:53:be:94:66:68:
         97:f1:6b:f3:f4:12:91:c3:08:f1:db:83:c8:06:42:07:a6:c3:
         d2:88:f0:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTNI77hnxTkpQF5qn8bcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWY0ZjcxNDNiNDA2NzgwNWNiYTlhNDBmNjM5NzMyZWU3
ZDQyZTUwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkyYzY2OTc5YTBmNGJjMDQyMWI3MTVmMDI5NjhhOTExNjYwNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH/Cw8UmxPsg+RMjwpVKjuXEf/L6
KRkCJAzY9MTJ/EdhfTxDDDCFGcR5Fe8FwvOc3kK1ooav3e2p7/SAL1rxE78wOeod
Hxm4OxB+oNqF7RtYyCmOYPbHdemNIuHZQPgY02YIKkYSezqxIGj3dhbmqeGRfm28
FtYQE3Ox+MhNDyD5/1bhwV5TN7FM8FUCp3Y82d1bFDKeDPeRjBA0J2P6gOGTVX2i
ZVKFnls2oFTdPAkL6VOiJKSAq00uumVowlV+oksKa92WE9NOixfxPg09Z8LgIOoo
ed9cQgL4euxPObaObxl1Q7hWV5nOtRNvJrtq35uV5YsIoqt8/dLoocJwiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNaSxml5oPS8BCG3FfApaKkRZgZqMB8GA1UdIwQY
MBaAFCafT3FDtAZ4BcuppA9jlzLufULlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYt
OTJjNzgwY2EzMjYwLzEvMXBMR2FYbWc5THdFSWJjVjhDbG9xUkZtQm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYtOTJjNzgwY2EzMjYw
LzEvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCvECQMA0E
AgACMAcDBQAqABEgMA0GCSqGSIb3DQEBCwUAA4IBAQBJQwiTx7tfADBOvEIaI0mx
+NDa0W5uwuD4j/0D5P0s6H4nEb8qPEmBXD0nA+pE0U0ywDRVQtt+nB3L04DX3WPs
ThMti21OVNN+USWBAdxHa9Tg1Hw7Y8yT6qc1uMp02INyJc2uirCdftxXADCNr26M
lahMfax34ST+cYg2CpAkkV3pvOpKgQEdnbKNxJNmE2abeesyUVuCBQOKIOTghnoP
qm5J8FfCoSY9k+AFhPO312iWjJu4M6gVf1SJop3OLSAmAoQ7wud3kLoSY5Welm2D
r4zHjRwfbnYfnTQQ5zb3TEp6nhwaU76UZmiX8Wvz9BKRwwjx24PIBkIHpsPSiPBJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:05 2024 by rpki-client on console-fra.rpki-client.org