Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/WWl7oY5azcSuucmc1VehXX2ToU8.roa
File:                     WWl7oY5azcSuucmc1VehXX2ToU8.roa (raw, json)
Hash identifier:          VVR6m6iS9uDyy/9YnkfInsEFygSxWVSTX1oLbzAuRNM=
Subject key identifier:   59:69:7B:A1:8E:5A:CD:C4:AE:B9:C9:9C:D5:57:A1:5D:7D:93:A1:4F
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018F72D83FD7F50420DA8730738CB8F60831
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/WWl7oY5azcSuucmc1VehXX2ToU8.roa
Signing time:             Mon 13 May 2024 16:45:25 +0000
ROA not before:           Mon 13 May 2024 16:45:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58033
IP address blocks:        92.246.79.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 11:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:72:d8:3f:d7:f5:04:20:da:87:30:73:8c:b8:f6:08:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: May 13 16:45:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=59697ba18e5acdc4aeb9c99cd557a15d7d93a14f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:3e:6a:68:06:a0:b2:3c:f5:8f:04:08:1e:66:
                    f4:25:04:3a:1a:8d:8b:82:a3:39:ff:18:46:4e:bb:
                    93:8a:7d:5e:e9:08:38:6d:a7:92:28:42:8d:4e:8a:
                    4a:a4:dd:38:6d:28:22:57:90:44:c1:98:b3:e6:28:
                    08:f1:49:aa:2e:8f:84:fb:57:ec:96:1f:5b:41:7e:
                    e9:c9:72:f5:b5:36:28:4d:d2:60:e8:21:e9:42:2d:
                    f6:b5:6b:68:6b:a1:38:3b:1a:8e:54:11:28:04:7f:
                    59:96:d9:b5:51:2c:29:a5:03:09:27:31:cf:21:92:
                    44:c0:f1:59:d3:33:92:51:ad:e2:48:fc:c3:82:c8:
                    17:ce:f1:f7:23:a3:c4:3e:1f:61:78:d1:d2:7b:0f:
                    83:73:32:b5:bd:af:8b:9f:92:cb:9d:cd:fb:88:50:
                    bd:35:25:ff:51:1b:d2:c7:45:71:c1:b8:08:e7:da:
                    36:32:86:38:5a:04:93:04:31:11:b7:8d:b8:97:bd:
                    6a:4e:bf:b2:c3:17:b6:46:05:66:b4:89:f9:3a:ae:
                    a5:40:6b:e7:3a:67:85:fc:79:c6:51:4d:7b:b0:b7:
                    23:be:46:44:85:a4:aa:7e:0d:73:64:ae:e6:97:d4:
                    1f:8e:43:6b:95:df:76:85:fe:e2:de:46:d2:95:4f:
                    41:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:69:7B:A1:8E:5A:CD:C4:AE:B9:C9:9C:D5:57:A1:5D:7D:93:A1:4F
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/WWl7oY5azcSuucmc1VehXX2ToU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.246.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:88:83:10:a3:7d:69:8d:c4:f4:7d:ab:3b:c7:dc:60:1c:90:
         ce:91:ee:d7:01:54:69:97:be:a0:57:72:55:bf:51:f8:54:3d:
         98:41:93:bd:e1:22:b3:9d:54:93:18:48:01:42:81:cd:b1:7b:
         eb:6e:35:0c:7d:fc:25:a7:86:8b:01:78:d2:2f:28:23:25:05:
         6e:3b:f5:a4:55:9e:c3:87:27:e8:52:8f:8e:2f:f8:3a:8a:f0:
         b1:49:b7:59:4d:27:83:8c:95:7a:65:06:2a:96:45:7b:e6:f8:
         94:bd:0d:a8:e1:90:2a:a9:08:a8:fa:2b:31:e1:69:c2:cf:e2:
         af:40:ca:36:2b:21:3a:5a:71:5a:0e:fd:dd:e8:b7:66:a7:d9:
         fc:dd:6d:35:be:82:0a:b4:54:16:4c:0e:b7:dd:f0:98:22:f0:
         45:7e:18:84:22:cc:3b:76:c8:5d:01:a3:0d:21:2e:cc:fb:12:
         25:79:bc:0b:2d:07:f9:c2:eb:3b:4b:4e:e8:64:5e:33:df:e5:
         f6:10:8a:52:82:23:b0:61:44:2d:22:96:17:a7:e8:63:47:73:
         51:15:de:a1:6b:e5:15:4c:d0:4f:a4:08:c6:8d:c8:01:f0:53:
         0b:ce:a0:eb:66:1b:49:d4:06:b6:1d:39:8d:55:12:bb:b3:6f:
         90:c2:55:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9y2D/X9QQg2ocwc4y49ggxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNTEzMTY0NTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTY5N2JhMThlNWFjZGM0YWViOWM5OWNkNTU3YTE1ZDdkOTNhMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz5qaAagsjz1jwQIHmb0JQQ6Go2L
gqM5/xhGTruTin1e6Qg4baeSKEKNTopKpN04bSgiV5BEwZiz5igI8UmqLo+E+1fs
lh9bQX7pyXL1tTYoTdJg6CHpQi32tWtoa6E4OxqOVBEoBH9Zltm1USwppQMJJzHP
IZJEwPFZ0zOSUa3iSPzDgsgXzvH3I6PEPh9heNHSew+DczK1va+Ln5LLnc37iFC9
NSX/URvSx0VxwbgI59o2MoY4WgSTBDERt424l71qTr+ywxe2RgVmtIn5Oq6lQGvn
OmeF/HnGUU17sLcjvkZEhaSqfg1zZK7ml9QfjkNrld92hf7i3kbSlU9BPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlpe6GOWs3ErrnJnNVXoV19k6FPMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvV1dsN29ZNWF6Y1N1dWNtYzFWZWhYWDJUb1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPZPMA0G
CSqGSIb3DQEBCwUAA4IBAQBViIMQo31pjcT0fas7x9xgHJDOke7XAVRpl76gV3JV
v1H4VD2YQZO94SKznVSTGEgBQoHNsXvrbjUMffwlp4aLAXjSLygjJQVuO/WkVZ7D
hyfoUo+OL/g6ivCxSbdZTSeDjJV6ZQYqlkV75viUvQ2o4ZAqqQio+isx4WnCz+Kv
QMo2KyE6WnFaDv3d6Ldmp9n83W01voIKtFQWTA633fCYIvBFfhiEIsw7dshdAaMN
IS7M+xIlebwLLQf5wus7S07oZF4z3+X2EIpSgiOwYUQtIpYXp+hjR3NRFd6ha+UV
TNBPpAjGjcgB8FMLzqDrZhtJ1Aa2HTmNVRK7s2+QwlVI
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:27 2024 by rpki-client on console-fra.rpki-client.org