Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa
File:                     scIMp8TC2aWlNMYlAmlCkACdZio.roa (raw, json)
Hash identifier:          N+KCUQJrGX2A5U9nbmiKqQxqFETd3GKfhkwcRTOeBfo=
Subject key identifier:   B1:C2:0C:A7:C4:C2:D9:A5:A5:34:C6:25:02:69:42:90:00:9D:66:2A
Certificate issuer:       /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial:       018CC801F14104D3D42A5DC3DCA1EBE26190
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa
Signing time:             Tue 02 Jan 2024 02:30:19 +0000
ROA not before:           Tue 02 Jan 2024 02:30:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35219
IP address blocks:        185.185.228.0/24 maxlen: 24
                          185.64.64.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:f1:41:04:d3:d4:2a:5d:c3:dc:a1:eb:e2:61:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
        Validity
            Not Before: Jan  2 02:30:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b1c20ca7c4c2d9a5a534c62502694290009d662a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9d:70:87:ab:1c:ca:e5:4d:85:3a:f0:ce:aa:
                    bf:59:84:c5:ce:4c:bd:5f:99:70:4b:f2:1d:15:26:
                    71:f8:95:0b:47:f5:5f:53:f4:8b:b3:1e:9a:da:03:
                    eb:e4:3b:ac:42:c6:3a:5c:ce:7a:11:fd:ad:bd:65:
                    9f:e3:af:87:1a:5c:0d:64:0d:4d:d6:76:b1:ba:e8:
                    8b:73:be:bf:c9:96:12:04:10:5d:02:63:70:5b:0b:
                    2f:23:30:7d:d2:53:9f:bb:8b:8e:ea:de:61:dc:d4:
                    df:d0:26:4c:2a:d0:60:b6:2e:62:13:b7:8e:0d:78:
                    dd:b2:28:cd:6e:89:05:73:8b:92:2b:0c:e1:28:bc:
                    11:a7:7d:85:42:d0:7c:66:c6:65:f0:92:69:23:17:
                    23:8b:e9:e7:f5:68:e0:5d:e5:30:40:fc:15:1e:7e:
                    e7:39:c7:0e:08:e9:f3:cf:ac:da:3c:49:e6:2d:ca:
                    fd:9e:d5:97:1e:66:1b:e7:7f:ad:a4:4a:73:af:e2:
                    18:66:52:21:ef:dd:26:b1:42:f9:54:52:75:31:c5:
                    8d:5a:7e:84:f8:41:d8:62:ed:fe:19:ef:dc:11:54:
                    e2:3a:6e:ec:b0:25:ef:cf:c5:31:43:92:76:92:90:
                    f8:0d:fb:ac:3e:56:ab:e5:29:a5:47:4c:d1:9f:9a:
                    4b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C2:0C:A7:C4:C2:D9:A5:A5:34:C6:25:02:69:42:90:00:9D:66:2A
            X509v3 Authority Key Identifier:
                keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.64.0/22
                  185.185.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:d7:65:7a:0e:3d:39:63:ca:7f:91:1b:49:63:3d:36:17:8c:
         b9:dd:6c:cb:e9:1d:58:ed:43:dd:ba:a1:55:02:8b:49:42:46:
         d9:24:03:3c:8a:6e:f6:34:10:65:77:97:64:36:a4:04:1d:55:
         5e:7b:cd:f8:20:18:84:25:21:32:43:a3:cc:5d:17:03:b0:d6:
         ad:b8:04:6d:1b:46:7e:8a:0a:cd:26:82:fe:87:1b:94:39:59:
         05:a0:9f:7c:29:7e:af:78:66:f3:1c:98:bf:cd:6e:fb:f0:67:
         43:d9:03:02:67:81:cb:a0:5d:4f:01:05:43:4f:76:d2:73:a4:
         e6:fe:49:00:9c:c6:e9:c5:e2:e4:f3:71:98:9e:0e:be:c4:d8:
         52:e4:a4:fb:04:82:51:6b:69:ed:05:ad:a9:e0:f3:b6:0f:85:
         c5:71:2b:2f:9b:12:b4:0b:c6:60:15:1c:97:73:93:da:4e:5a:
         2d:55:b2:55:41:1c:c8:3f:65:0e:57:63:89:89:5c:22:f2:98:
         63:94:fa:29:5e:76:a7:7b:0d:ba:1b:5e:9d:d2:5d:60:7e:eb:
         94:aa:92:71:ca:d7:31:a6:24:43:67:e8:cc:a7:2a:1a:bb:a6:
         a1:50:1a:19:6e:22:91:2a:0b:4a:48:56:cb:52:fe:fb:44:72:
         e9:11:46:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAfFBBNPUKl3D3KHr4mGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWMyMGNhN2M0YzJkOWE1YTUzNGM2MjUwMjY5NDI5MDAwOWQ2NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp1wh6scyuVNhTrwzqq/WYTFzky9
X5lwS/IdFSZx+JULR/VfU/SLsx6a2gPr5DusQsY6XM56Ef2tvWWf46+HGlwNZA1N
1naxuuiLc76/yZYSBBBdAmNwWwsvIzB90lOfu4uO6t5h3NTf0CZMKtBgti5iE7eO
DXjdsijNbokFc4uSKwzhKLwRp32FQtB8ZsZl8JJpIxcji+nn9WjgXeUwQPwVHn7n
OccOCOnzz6zaPEnmLcr9ntWXHmYb53+tpEpzr+IYZlIh790msUL5VFJ1McWNWn6E
+EHYYu3+Ge/cEVTiOm7ssCXvz8UxQ5J2kpD4DfusPlar5SmlR0zRn5pLvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHCDKfEwtmlpTTGJQJpQpAAnWYqMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvc2NJTXA4VEMyYVdsTk1ZbEFtbENrQUNkWmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUBAAwQA
ubnkMA0GCSqGSIb3DQEBCwUAA4IBAQC312V6Dj05Y8p/kRtJYz02F4y53WzL6R1Y
7UPduqFVAotJQkbZJAM8im72NBBld5dkNqQEHVVee834IBiEJSEyQ6PMXRcDsNat
uARtG0Z+igrNJoL+hxuUOVkFoJ98KX6veGbzHJi/zW778GdD2QMCZ4HLoF1PAQVD
T3bSc6Tm/kkAnMbpxeLk83GYng6+xNhS5KT7BIJRa2ntBa2p4PO2D4XFcSsvmxK0
C8ZgFRyXc5PaTlotVbJVQRzIP2UOV2OJiVwi8phjlPopXnanew26G16d0l1gfuuU
qpJxytcxpiRDZ+jMpyoau6ahUBoZbiKRKgtKSFbLUv77RHLpEUa9
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:41:55 2024 by rpki-client on console-fra.rpki-client.org