Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/TE8OSuJH3pb3sgwBzMUigdgvqFQ.roa
File:                     TE8OSuJH3pb3sgwBzMUigdgvqFQ.roa (raw, json)
Hash identifier:          UuIBeKE24vnIbQDyOV3hpBiianU/0tMxxwKuvilWQ+o=
Subject key identifier:   4C:4F:0E:4A:E2:47:DE:96:F7:B2:0C:01:CC:C5:22:81:D8:2F:A8:54
Certificate issuer:       /CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Certificate serial:       018CC8DEF4EBD3C1A93F90883FA18CC83039
Authority key identifier: 7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/TE8OSuJH3pb3sgwBzMUigdgvqFQ.roa
Signing time:             Tue 02 Jan 2024 06:31:43 +0000
ROA not before:           Tue 02 Jan 2024 06:31:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216090
IP address blocks:        84.23.51.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:f4:eb:d3:c1:a9:3f:90:88:3f:a1:8c:c8:30:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
        Validity
            Not Before: Jan  2 06:31:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4c4f0e4ae247de96f7b20c01ccc52281d82fa854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:58:97:bb:2b:5d:6e:fe:c5:ac:5b:50:93:27:
                    1c:e2:e7:13:1c:db:5b:77:e6:7b:55:90:94:43:a0:
                    0a:7b:2a:88:79:41:bf:fc:41:a8:8c:58:ba:50:27:
                    84:ed:d6:67:74:7d:fb:3f:87:e5:78:f5:b7:7b:a7:
                    eb:ad:06:ca:e9:9c:fb:7d:33:4b:da:8b:4e:37:a4:
                    b1:19:5d:dd:16:90:dc:66:ba:8e:8a:1e:ca:92:e9:
                    58:40:fa:76:43:a1:1e:bc:ae:f5:de:30:95:2e:d6:
                    6c:29:9c:98:be:f2:f2:94:5c:95:b6:6e:c3:c0:65:
                    f1:76:fc:f6:28:4b:63:1c:10:48:a7:7b:a2:d1:d6:
                    05:74:53:47:86:5c:80:00:0d:90:31:69:53:8c:a3:
                    15:63:7f:bb:74:da:70:70:d1:60:3d:22:e2:62:c9:
                    45:1e:4d:d0:6e:0f:f0:a8:64:81:c6:46:d4:4f:55:
                    26:f1:bc:15:f6:bd:88:95:77:d1:dc:6f:2a:33:45:
                    bc:f2:b0:32:2c:c2:98:11:9b:c1:ed:46:d5:49:57:
                    f6:c7:97:6c:9c:8d:fa:da:f5:b1:3e:76:75:a0:86:
                    b4:39:f9:c0:de:6f:08:58:6b:05:c1:0d:ec:de:f9:
                    96:e1:6b:bd:79:29:ae:f8:b9:71:1d:e7:7c:8d:3e:
                    8f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:4F:0E:4A:E2:47:DE:96:F7:B2:0C:01:CC:C5:22:81:D8:2F:A8:54
            X509v3 Authority Key Identifier:
                keyid:7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/TE8OSuJH3pb3sgwBzMUigdgvqFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.23.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:6a:db:8f:82:65:dd:96:8f:d1:be:20:a9:05:f2:20:0c:ed:
         a0:47:ef:c9:df:4f:28:54:90:4e:72:d2:d1:fc:f2:97:ca:80:
         b4:ad:b8:b2:44:de:54:61:2f:30:14:c7:83:3d:cc:ec:d8:f3:
         d0:9c:a6:6b:bd:36:33:50:c5:05:07:25:f5:68:68:ab:3b:26:
         72:ff:5e:17:0c:7b:4a:28:01:54:53:77:b1:a6:37:24:f8:6b:
         ec:13:7e:6e:b6:7a:8f:5f:d6:ff:13:80:2b:4b:18:90:34:f3:
         48:d6:f0:ff:69:62:16:d5:db:30:5e:39:ba:7d:7e:a8:3e:5c:
         70:d4:16:89:84:4f:e0:58:a7:b6:90:30:4a:bc:bd:b4:4b:78:
         b3:d6:01:42:6a:2c:28:2c:c7:7b:d8:05:cd:07:4f:8f:f9:d8:
         36:9d:1c:26:c9:48:07:81:e5:c0:8f:9d:07:61:46:8e:72:e2:
         41:6a:0f:23:b2:03:40:ae:f7:94:0c:14:72:c5:e0:2d:8a:b2:
         76:50:24:6c:37:c4:2a:f5:64:74:9a:cf:a0:e3:30:95:9c:f2:
         7c:d9:a4:59:8d:76:1a:8a:59:a4:2d:2d:e4:16:ca:17:11:ac:
         a5:8a:0a:da:d0:3b:5c:49:f0:ff:18:67:e2:ff:ce:e2:25:4f:
         07:04:99:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3vTr08GpP5CIP6GMyDA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGJjZGVlOGNlODM5YzRkMjA0MTNjODYyNDIzY2NhMDRm
ZGM2MGEwHhcNMjQwMTAyMDYzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzRmMGU0YWUyNDdkZTk2ZjdiMjBjMDFjY2M1MjI4MWQ4MmZhODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1iXuytdbv7FrFtQkycc4ucTHNtb
d+Z7VZCUQ6AKeyqIeUG//EGojFi6UCeE7dZndH37P4flePW3e6frrQbK6Zz7fTNL
2otON6SxGV3dFpDcZrqOih7KkulYQPp2Q6EevK713jCVLtZsKZyYvvLylFyVtm7D
wGXxdvz2KEtjHBBIp3ui0dYFdFNHhlyAAA2QMWlTjKMVY3+7dNpwcNFgPSLiYslF
Hk3Qbg/wqGSBxkbUT1Um8bwV9r2IlXfR3G8qM0W88rAyLMKYEZvB7UbVSVf2x5ds
nI362vWxPnZ1oIa0OfnA3m8IWGsFwQ3s3vmW4Wu9eSmu+LlxHed8jT6PvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExPDkriR96W97IMAczFIoHYL6hUMB8GA1UdIwQY
MBaAFHoLze6M6DnE0gQTyGJCPMoE/cYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMt
NGRlZjU3MzY1MTY5LzEvVEU4T1N1SkgzcGIzc2d3QnpNVWlnZGd2cUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMtNGRlZjU3MzY1MTY5
LzEvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBczMA0G
CSqGSIb3DQEBCwUAA4IBAQCTatuPgmXdlo/RviCpBfIgDO2gR+/J308oVJBOctLR
/PKXyoC0rbiyRN5UYS8wFMeDPczs2PPQnKZrvTYzUMUFByX1aGirOyZy/14XDHtK
KAFUU3expjck+GvsE35utnqPX9b/E4ArSxiQNPNI1vD/aWIW1dswXjm6fX6oPlxw
1BaJhE/gWKe2kDBKvL20S3iz1gFCaiwoLMd72AXNB0+P+dg2nRwmyUgHgeXAj50H
YUaOcuJBag8jsgNArveUDBRyxeAtirJ2UCRsN8Qq9WR0ms+g4zCVnPJ82aRZjXYa
ilmkLS3kFsoXEayligra0DtcSfD/GGfi/87iJU8HBJnJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:35:54 2024 by rpki-client on console-ams.rpki-client.org