Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/1-Jfjr0TAKqCpSl3R4pR5UYejoh0.roa
File:                     1-Jfjr0TAKqCpSl3R4pR5UYejoh0.roa (raw, json)
Hash identifier:          HC5b9FyO0eZIokGGpC1Fg+FnUw8J/4S+KK0BV0Fc3kg=
Subject key identifier:   F8:97:E3:AF:44:C0:2A:A0:A9:4A:5D:D1:E2:94:79:51:87:A3:A2:1D
Certificate issuer:       /CN=48ba3701691d2928afad3a1b5735a26f4c99cff6
Certificate serial:       018CC493064C56F0D64E361503DCABB9EACA
Authority key identifier: 48:BA:37:01:69:1D:29:28:AF:AD:3A:1B:57:35:A2:6F:4C:99:CF:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/1-Jfjr0TAKqCpSl3R4pR5UYejoh0.roa
Signing time:             Mon 01 Jan 2024 10:30:18 +0000
ROA not before:           Mon 01 Jan 2024 10:30:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8426
IP address blocks:        193.28.85.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:06:4c:56:f0:d6:4e:36:15:03:dc:ab:b9:ea:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48ba3701691d2928afad3a1b5735a26f4c99cff6
        Validity
            Not Before: Jan  1 10:30:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f897e3af44c02aa0a94a5dd1e294795187a3a21d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:34:e9:38:01:a7:02:71:fc:4f:c5:5a:9b:af:
                    52:5e:d4:8b:36:69:fd:58:b1:3e:36:54:af:03:57:
                    28:17:22:10:94:2a:37:59:87:2c:cf:3b:bb:b0:1f:
                    1f:18:72:b3:36:69:64:b3:de:e4:ab:ee:86:29:50:
                    43:82:e3:4c:b9:6f:aa:05:74:01:3b:e5:a0:0c:de:
                    1a:71:9d:b0:55:d1:a9:75:9b:66:e5:b6:b1:50:c2:
                    50:14:34:a0:a5:cf:87:0d:54:ad:c4:c6:86:19:ac:
                    8b:02:79:95:bd:a9:26:23:c5:ac:03:6f:8f:e9:e8:
                    6f:c9:4b:4d:57:d4:76:84:60:90:0c:7f:08:c2:d4:
                    76:25:4d:e5:01:be:4a:10:54:0a:00:aa:a4:33:93:
                    4b:2d:f4:86:3a:b4:aa:a7:35:9d:63:44:e8:ef:be:
                    64:6f:bd:0b:6e:7e:24:97:98:c0:29:7e:13:77:55:
                    dc:d1:98:00:6e:0c:38:b8:27:6b:8b:ae:dd:c3:ca:
                    fd:09:ac:c3:5b:ca:7f:7c:9c:91:af:6f:91:78:19:
                    e6:0d:af:48:11:03:c2:d9:6f:3c:44:91:54:0e:f9:
                    e0:9c:62:b3:ec:81:6e:b1:38:da:cb:f1:77:ef:7e:
                    3d:6d:e3:eb:20:d5:80:1b:36:5f:b4:aa:45:1b:4a:
                    62:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:97:E3:AF:44:C0:2A:A0:A9:4A:5D:D1:E2:94:79:51:87:A3:A2:1D
            X509v3 Authority Key Identifier:
                keyid:48:BA:37:01:69:1D:29:28:AF:AD:3A:1B:57:35:A2:6F:4C:99:CF:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SLo3AWkdKSivrTobVzWib0yZz_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/1-Jfjr0TAKqCpSl3R4pR5UYejoh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7a8781-e363-46e4-97ed-e3e8151a8760/1/SLo3AWkdKSivrTobVzWib0yZz_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.28.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:ee:28:5a:51:82:c6:71:e6:07:47:3d:52:54:db:63:35:a5:
         7f:0f:cf:37:30:4b:55:8a:98:ba:01:8c:b8:0f:31:d8:6a:00:
         9f:f4:e2:36:95:b0:89:e5:9e:24:56:ee:50:ba:d8:42:67:23:
         e4:e4:41:84:6a:e9:9a:ac:62:f4:dc:52:76:09:e7:ce:f9:45:
         9a:69:ca:0d:d3:96:20:03:a1:e9:a0:f1:f3:fd:bc:26:72:95:
         88:87:9c:88:a4:39:4d:1f:dc:3e:96:fe:a8:07:ad:26:f3:16:
         b4:f5:fb:ce:fd:48:eb:36:a4:98:77:b4:ba:39:56:9b:69:79:
         ce:56:18:46:cd:36:b2:78:eb:ce:88:1c:f9:e9:8b:19:4c:f4:
         61:31:be:a8:9b:33:dd:b6:54:dd:d0:74:98:4d:d6:2b:47:8a:
         87:19:0a:41:df:b2:89:be:38:fd:23:74:d5:0d:50:57:b0:2f:
         e0:89:cc:b5:9a:5f:f1:a9:47:a5:af:a5:95:8e:56:1b:bd:c2:
         f7:dd:35:68:f3:71:e6:9c:89:bd:88:fd:37:78:84:b3:5d:3e:
         45:45:a5:a0:6f:9e:18:f0:1b:82:d5:e7:ac:11:b9:24:a2:f6:
         52:e8:69:de:ae:af:b0:81:c7:35:4f:27:4f:8b:1c:36:cd:b3:
         b2:17:38:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkwZMVvDWTjYVA9yruerKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YmEzNzAxNjkxZDI5MjhhZmFkM2ExYjU3MzVhMjZmNGM5
OWNmZjYwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk3ZTNhZjQ0YzAyYWEwYTk0YTVkZDFlMjk0Nzk1MTg3YTNhMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzTpOAGnAnH8T8Vam69SXtSLNmn9
WLE+NlSvA1coFyIQlCo3WYcszzu7sB8fGHKzNmlks97kq+6GKVBDguNMuW+qBXQB
O+WgDN4acZ2wVdGpdZtm5baxUMJQFDSgpc+HDVStxMaGGayLAnmVvakmI8WsA2+P
6ehvyUtNV9R2hGCQDH8IwtR2JU3lAb5KEFQKAKqkM5NLLfSGOrSqpzWdY0To775k
b70Lbn4kl5jAKX4Td1Xc0ZgAbgw4uCdri67dw8r9CazDW8p/fJyRr2+ReBnmDa9I
EQPC2W88RJFUDvngnGKz7IFusTjay/F37349bePrINWAGzZftKpFG0pibQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPiX469EwCqgqUpd0eKUeVGHo6IdMB8GA1UdIwQY
MBaAFEi6NwFpHSkor606G1c1om9Mmc/2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0xvM0FXa2RLU2l2clRvYlZ6V2liMHlael9ZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YTg3ODEtZTM2My00NmU0LTk3ZWQt
ZTNlODE1MWE4NzYwLzEvMS1KZmpyMFRBS3FDcFNsM1I0cFI1VVllam9oMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvN2E4NzgxLWUzNjMtNDZlNC05N2VkLWUzZTgxNTFhODc2
MC8xL1NMbzNBV2tkS1NpdnJUb2JWeldpYjB5WnpfWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEcVTAN
BgkqhkiG9w0BAQsFAAOCAQEAHu4oWlGCxnHmB0c9UlTbYzWlfw/PNzBLVYqYugGM
uA8x2GoAn/TiNpWwieWeJFbuULrYQmcj5ORBhGrpmqxi9NxSdgnnzvlFmmnKDdOW
IAOh6aDx8/28JnKViIeciKQ5TR/cPpb+qAetJvMWtPX7zv1I6zakmHe0ujlWm2l5
zlYYRs02snjrzogc+emLGUz0YTG+qJsz3bZU3dB0mE3WK0eKhxkKQd+yib44/SN0
1Q1QV7Av4InMtZpf8alHpa+llY5WG73C9901aPNx5pyJvYj9N3iEs10+RUWloG+e
GPAbgtXnrBG5JKL2Uuhp3q6vsIHHNU8nT4scNs2zshc4Dw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:08:58 2024 by rpki-client on console-ams.rpki-client.org