Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_VJlQLIVVH06RPc34Qz4RWySapA.roa
File:                     _VJlQLIVVH06RPc34Qz4RWySapA.roa (raw, json)
Hash identifier:          9u3yNxjP0+XUjclcHf7WD762Il3Ad+Z+wWid85Yi1QM=
Subject key identifier:   FD:52:65:40:B2:15:54:7D:3A:44:F7:37:E1:0C:F8:45:6C:92:6A:90
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7B149E3570AA65FA03750565DD84A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_VJlQLIVVH06RPc34Qz4RWySapA.roa
Signing time:             Mon 01 Jan 2024 20:29:36 +0000
ROA not before:           Mon 01 Jan 2024 20:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48031
IP address blocks:        193.142.253.0/24 maxlen: 24
                          195.245.102.0/24 maxlen: 24
                          45.149.133.0/24 maxlen: 24
                          45.146.170.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b1:49:e3:57:0a:a6:5f:a0:37:50:56:5d:d8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd526540b215547d3a44f737e10cf8456c926a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c9:59:cf:f0:b4:11:aa:03:e9:72:1f:26:33:
                    38:ea:23:1b:ab:d0:fb:9b:3a:4a:21:24:17:15:07:
                    0d:0d:1d:00:7f:9c:03:fc:03:cd:94:58:ed:b1:a0:
                    b9:c7:e4:75:67:6f:9c:0e:fd:d0:57:16:dc:c5:96:
                    2b:04:d1:f2:0d:a5:17:d9:57:44:e5:1e:f7:c3:b4:
                    54:07:c4:b5:c1:ce:ee:27:2a:18:9d:c0:a5:cf:32:
                    32:4e:cd:0e:ac:ae:a0:5f:5f:c8:bb:09:aa:b4:4f:
                    33:37:05:65:48:16:e4:61:66:f2:11:7b:14:2f:28:
                    15:e8:cf:43:b6:cf:0a:b8:82:ae:d5:88:81:de:69:
                    75:df:e5:2f:0d:14:36:fb:29:54:30:f8:a8:9d:4a:
                    30:bf:fb:19:4d:b5:54:e5:54:e9:54:58:9d:40:12:
                    ea:70:f4:26:40:cb:7f:aa:9d:76:be:f5:95:e1:db:
                    7c:1b:48:e4:b5:96:d5:ef:9d:4c:10:21:2b:91:b2:
                    c1:ce:8d:da:12:b6:a5:87:c5:ae:23:4e:04:31:13:
                    ea:66:a7:d5:82:ad:98:95:8d:a4:7c:19:1b:de:03:
                    a4:ff:57:fa:84:9f:44:60:14:0b:a7:e7:52:d1:8a:
                    ca:3a:8b:10:a0:46:8d:0f:ff:0a:09:11:07:1b:dd:
                    0e:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:52:65:40:B2:15:54:7D:3A:44:F7:37:E1:0C:F8:45:6C:92:6A:90
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_VJlQLIVVH06RPc34Qz4RWySapA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.170.0/24
                  45.149.133.0/24
                  193.142.253.0/24
                  195.245.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:80:bb:bc:31:7d:3a:e9:b7:15:2d:ff:89:9f:45:93:fe:d1:
         ca:06:9e:96:c3:28:88:fd:5a:4b:60:02:db:93:45:73:e6:7f:
         f4:26:b1:cb:0f:16:28:e7:a9:34:25:4a:8e:86:03:e3:66:7d:
         80:8b:c3:9c:13:21:dd:30:31:47:97:5a:ac:6e:5d:98:6f:75:
         5c:91:b9:19:04:2e:fc:c1:7e:82:0e:70:16:23:c2:91:e1:93:
         62:98:9c:3b:0a:21:a5:4b:31:f0:a9:e3:32:18:8d:ce:e9:6a:
         a0:8f:06:d7:0e:ac:47:93:4e:10:ba:af:0e:dd:c1:5b:f7:f4:
         a0:86:b6:f8:6a:e6:bc:64:b1:48:22:82:82:fc:1a:39:0c:91:
         07:b0:44:da:67:a7:a8:df:0a:2f:40:90:0c:79:1e:62:af:db:
         a9:c9:ea:ea:55:c9:a8:01:7d:39:f6:9b:57:78:34:44:2b:44:
         ef:72:95:de:27:b0:ab:14:52:fd:05:8d:00:e1:15:93:32:c6:
         9b:06:02:4a:45:65:be:cd:ab:c6:ac:ae:6a:1a:bf:1b:d7:f4:
         45:17:d0:49:25:71:11:2e:a4:03:61:c5:43:ee:7f:4d:ef:3a:
         e6:fa:bd:7c:89:88:ed:b0:48:1e:43:8d:e0:70:00:f9:c6:4e:
         8e:9e:b0:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGt7FJ41cKpl+gN1BWXdhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDUyNjU0MGIyMTU1NDdkM2E0NGY3MzdlMTBjZjg0NTZjOTI2YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8lZz/C0EaoD6XIfJjM46iMbq9D7
mzpKISQXFQcNDR0Af5wD/APNlFjtsaC5x+R1Z2+cDv3QVxbcxZYrBNHyDaUX2VdE
5R73w7RUB8S1wc7uJyoYncClzzIyTs0OrK6gX1/IuwmqtE8zNwVlSBbkYWbyEXsU
LygV6M9Dts8KuIKu1YiB3ml13+UvDRQ2+ylUMPionUowv/sZTbVU5VTpVFidQBLq
cPQmQMt/qp12vvWV4dt8G0jktZbV751MECErkbLBzo3aEralh8WuI04EMRPqZqfV
gq2YlY2kfBkb3gOk/1f6hJ9EYBQLp+dS0YrKOosQoEaND/8KCREHG90OFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP1SZUCyFVR9OkT3N+EM+EVskmqQMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvX1ZKbFFMSVZWSDA2UlBjMzRRejRSV3lTYXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZKqAwQA
LZWFAwQAwY79AwQAw/VmMA0GCSqGSIb3DQEBCwUAA4IBAQBdgLu8MX066bcVLf+J
n0WT/tHKBp6WwyiI/VpLYALbk0Vz5n/0JrHLDxYo56k0JUqOhgPjZn2Ai8OcEyHd
MDFHl1qsbl2Yb3VckbkZBC78wX6CDnAWI8KR4ZNimJw7CiGlSzHwqeMyGI3O6Wqg
jwbXDqxHk04Quq8O3cFb9/Sghrb4aua8ZLFIIoKC/Bo5DJEHsETaZ6eo3wovQJAM
eR5ir9upyerqVcmoAX059ptXeDREK0TvcpXeJ7CrFFL9BY0A4RWTMsabBgJKRWW+
zavGrK5qGr8b1/RFF9BJJXERLqQDYcVD7n9N7zrm+r18iYjtsEgeQ43gcAD5xk6O
nrAf
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:49 2024 by rpki-client on console-ams.rpki-client.org