Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/fUedKLudoJec2G2Ny35Vu9UI-u8.roa
File:                     fUedKLudoJec2G2Ny35Vu9UI-u8.roa (raw, json)
Hash identifier:          AMnzucHTo9B79slXV3Cr0dA5SYcNq4ELcQD4URKwMAs=
Subject key identifier:   7D:47:9D:28:BB:9D:A0:97:9C:D8:6D:8D:CB:7E:55:BB:D5:08:FA:EF
Certificate issuer:       /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial:       018CCA2A253C503A856490F50B2798A4D192
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/fUedKLudoJec2G2Ny35Vu9UI-u8.roa
Signing time:             Tue 02 Jan 2024 12:33:28 +0000
ROA not before:           Tue 02 Jan 2024 12:33:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56466
IP address blocks:        5.200.64.0/19 maxlen: 24
                          5.200.80.0/20 maxlen: 20
                          89.235.77.0/24 maxlen: 24
                          31.24.200.0/21 maxlen: 21
                          87.247.179.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:25:3c:50:3a:85:64:90:f5:0b:27:98:a4:d1:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
        Validity
            Not Before: Jan  2 12:33:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d479d28bb9da0979cd86d8dcb7e55bbd508faef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e2:f6:9e:45:d5:1f:1e:81:99:14:37:8d:90:
                    c3:10:de:93:3e:3c:85:77:db:d1:ca:5e:2e:77:ea:
                    41:18:53:0d:e6:91:65:88:b0:e3:86:b3:6d:f9:a1:
                    56:73:5d:6a:07:07:6e:23:fc:79:29:9f:24:b4:dc:
                    80:6a:9b:31:6d:e2:2f:f2:05:6e:71:31:39:eb:bc:
                    da:f7:81:34:ae:df:b0:96:58:2b:b4:36:29:c7:da:
                    98:c8:b4:33:c6:99:89:b8:3a:58:a1:7b:cb:bc:98:
                    83:85:5f:ca:0a:c7:02:2f:01:1f:c8:67:f3:7c:9b:
                    fa:eb:11:96:14:a4:96:3f:d5:ae:60:dd:4c:4c:8d:
                    d5:77:07:8d:e9:10:a5:fe:aa:d2:13:a9:aa:42:4b:
                    42:62:fc:db:3b:9d:08:83:3f:27:8a:27:e0:1c:f9:
                    78:0c:b6:0d:a9:b7:4e:ca:01:7c:57:38:86:e6:23:
                    28:87:4e:7e:c5:57:19:c7:61:11:9b:dc:c7:55:02:
                    e7:11:ab:17:a6:bc:61:ef:b5:d3:0b:dd:c8:3d:1a:
                    f2:40:59:51:94:71:8b:1f:e9:0e:66:23:c7:a7:db:
                    94:77:bd:47:1f:b7:6c:b2:24:55:a0:f0:17:4e:f5:
                    6f:45:7a:52:48:e6:43:81:5a:34:5e:6d:d1:dd:22:
                    f3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:47:9D:28:BB:9D:A0:97:9C:D8:6D:8D:CB:7E:55:BB:D5:08:FA:EF
            X509v3 Authority Key Identifier:
                keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/fUedKLudoJec2G2Ny35Vu9UI-u8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.200.64.0/19
                  31.24.200.0/21
                  87.247.179.0/24
                  89.235.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:7f:54:a3:c4:96:d4:38:0e:39:4f:c6:e7:1b:fd:67:0a:d5:
         60:65:95:50:e2:f8:5a:cc:5a:b0:e9:ba:9a:af:78:62:93:5e:
         cd:ec:9b:28:4a:aa:6d:4a:8b:a5:60:a2:c0:c5:09:6e:76:19:
         16:9d:db:78:8e:a5:7d:4a:03:19:cf:8c:30:df:f8:50:95:14:
         37:40:92:23:05:fd:02:dc:09:92:cd:70:cf:0f:9c:26:7e:fd:
         22:2f:69:c7:64:75:71:f7:88:48:4a:fc:50:fc:d3:63:13:3f:
         e9:f3:fe:c5:5a:6d:0f:9f:30:fe:d5:91:0d:6c:01:fb:f4:42:
         fa:0a:f2:5b:d9:da:6e:07:56:fe:75:59:80:1b:ae:b8:52:2a:
         68:9c:fe:65:2d:a9:b3:cd:ed:68:ae:00:fa:1b:98:d9:31:41:
         40:6d:18:44:46:12:4f:21:e4:6b:2b:ac:7a:88:73:57:99:67:
         44:73:b1:0e:a0:ff:a8:21:97:91:07:8c:7d:41:da:da:b9:0c:
         54:9e:9d:58:3b:74:3b:eb:77:98:dc:2f:d8:16:28:be:0c:d1:
         04:0b:d4:d4:38:be:1c:c3:16:f6:2b:8d:fc:25:16:94:3c:50:
         7c:6e:0b:19:87:ed:b1:bd:ee:88:b3:db:a0:19:64:43:a9:79:
         01:c4:52:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKiU8UDqFZJD1CyeYpNGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQ3OWQyOGJiOWRhMDk3OWNkODZkOGRjYjdlNTViYmQ1MDhmYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleL2nkXVHx6BmRQ3jZDDEN6TPjyF
d9vRyl4ud+pBGFMN5pFliLDjhrNt+aFWc11qBwduI/x5KZ8ktNyAapsxbeIv8gVu
cTE567za94E0rt+wllgrtDYpx9qYyLQzxpmJuDpYoXvLvJiDhV/KCscCLwEfyGfz
fJv66xGWFKSWP9WuYN1MTI3VdweN6RCl/qrSE6mqQktCYvzbO50Igz8niifgHPl4
DLYNqbdOygF8VziG5iMoh05+xVcZx2ERm9zHVQLnEasXprxh77XTC93IPRryQFlR
lHGLH+kOZiPHp9uUd71HH7dssiRVoPAXTvVvRXpSSOZDgVo0Xm3R3SLzBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH1HnSi7naCXnNhtjct+VbvVCPrvMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvZlVlZEtMdWRvSmVjMkcyTnkzNVZ1OVVJLXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFBchAAwQD
HxjIAwQAV/ezAwQAWetNMA0GCSqGSIb3DQEBCwUAA4IBAQA5f1SjxJbUOA45T8bn
G/1nCtVgZZVQ4vhazFqw6bqar3hik17N7JsoSqptSoulYKLAxQludhkWndt4jqV9
SgMZz4ww3/hQlRQ3QJIjBf0C3AmSzXDPD5wmfv0iL2nHZHVx94hISvxQ/NNjEz/p
8/7FWm0PnzD+1ZENbAH79EL6CvJb2dpuB1b+dVmAG664UiponP5lLamzze1orgD6
G5jZMUFAbRhERhJPIeRrK6x6iHNXmWdEc7EOoP+oIZeRB4x9QdrauQxUnp1YO3Q7
63eY3C/YFii+DNEEC9TUOL4cwxb2K438JRaUPFB8bgsZh+2xve6Is9ugGWRDqXkB
xFJK
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:08 2024 by rpki-client on console-fra.rpki-client.org