Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/TlDEGKBQAtQoQ3LWaZOtQ_YURI4.roa
File:                     TlDEGKBQAtQoQ3LWaZOtQ_YURI4.roa (raw, json)
Hash identifier:          u77J61M+yvDYZT7HtP8JSmGN0L05Yc4DMIWarCzu7SY=
Subject key identifier:   4E:50:C4:18:A0:50:02:D4:28:43:72:D6:69:93:AD:43:F6:14:44:8E
Certificate issuer:       /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial:       018D12D5BDA589B9A35E964B30B78FECC6AD
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/TlDEGKBQAtQoQ3LWaZOtQ_YURI4.roa
Signing time:             Tue 16 Jan 2024 15:13:34 +0000
ROA not before:           Tue 16 Jan 2024 15:13:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     19905
IP address blocks:        91.106.32.0/24 maxlen: 24
                          91.106.33.0/24 maxlen: 24
                          91.106.34.0/24 maxlen: 24
                          91.106.35.0/24 maxlen: 24
                          91.106.36.0/24 maxlen: 24
                          91.106.37.0/24 maxlen: 24
                          91.106.38.0/24 maxlen: 24
                          91.106.39.0/24 maxlen: 24
                          91.106.40.0/24 maxlen: 24
                          91.106.41.0/24 maxlen: 24
                          91.106.42.0/24 maxlen: 24
                          91.106.43.0/24 maxlen: 24
                          91.106.44.0/24 maxlen: 24
                          91.106.45.0/24 maxlen: 24
                          91.106.46.0/24 maxlen: 24
                          91.106.47.0/24 maxlen: 24
                          91.106.48.0/24 maxlen: 24
                          91.106.49.0/24 maxlen: 24
                          91.106.50.0/24 maxlen: 24
                          91.106.51.0/24 maxlen: 24
                          91.106.52.0/24 maxlen: 24
                          91.106.53.0/24 maxlen: 24
                          91.106.54.0/24 maxlen: 24
                          91.106.55.0/24 maxlen: 24
                          91.106.56.0/24 maxlen: 24
                          91.106.57.0/24 maxlen: 24
                          91.106.58.0/24 maxlen: 24
                          91.106.59.0/24 maxlen: 24
                          91.106.60.0/24 maxlen: 24
                          91.106.61.0/24 maxlen: 24
                          91.106.62.0/24 maxlen: 24
                          91.106.63.0/24 maxlen: 24
                          109.61.4.0/24 maxlen: 24
                          109.61.5.0/24 maxlen: 24
                          109.61.6.0/24 maxlen: 24
                          109.61.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 16:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:12:d5:bd:a5:89:b9:a3:5e:96:4b:30:b7:8f:ec:c6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
        Validity
            Not Before: Jan 16 15:13:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4e50c418a05002d4284372d66993ad43f614448e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:78:db:dd:b2:42:d3:18:a4:1e:1d:b3:e6:
                    a2:33:25:b0:ab:41:c3:8c:07:a0:a5:6e:9e:33:bb:
                    9d:c3:fb:a7:10:be:78:fc:68:a6:06:14:7b:70:88:
                    9a:a8:37:25:06:11:2c:53:ea:65:da:b9:cf:0f:7d:
                    e7:4c:e9:d5:67:17:e7:75:33:f1:30:45:2f:e7:6e:
                    d1:1e:0e:30:57:d2:d1:96:69:7c:86:19:3d:77:11:
                    5d:42:12:3f:9e:d3:ab:19:bb:f3:89:58:6f:75:36:
                    35:cb:4a:20:02:f0:82:4b:5b:5c:b8:f0:6e:c7:17:
                    63:ba:d7:f0:d7:38:00:a7:82:9d:db:67:f7:d2:16:
                    70:9a:76:2f:19:20:8d:33:82:0e:0e:ca:55:16:2b:
                    b1:0c:4e:cb:c1:0c:bd:0b:f9:49:7b:c9:6f:bd:3a:
                    41:34:e1:5f:ed:b4:22:ec:5d:6e:b8:86:ed:80:7d:
                    84:92:6e:f4:fe:29:6a:e0:d3:1a:ec:cd:f5:9b:a6:
                    32:c6:48:dd:a1:24:e4:7c:52:ed:a9:da:1e:a8:40:
                    e6:b6:30:95:65:97:2a:3f:5d:1b:cf:59:bc:38:46:
                    f0:85:af:98:11:d3:a3:3d:76:e8:eb:93:c3:2f:c1:
                    bb:87:a7:97:ba:c5:09:ec:d6:04:a3:30:2e:9c:42:
                    ab:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:50:C4:18:A0:50:02:D4:28:43:72:D6:69:93:AD:43:F6:14:44:8E
            X509v3 Authority Key Identifier:
                keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/TlDEGKBQAtQoQ3LWaZOtQ_YURI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.106.32.0/19
                  109.61.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e4:59:d0:d0:49:b2:30:9f:42:9a:7b:83:c6:8e:8f:5e:d7:0e:
         24:ec:23:f2:48:68:3c:a3:58:df:c3:0d:75:03:1d:db:e8:b0:
         a8:76:14:f1:a6:39:c6:59:bd:a8:60:b8:73:47:ce:b4:06:6e:
         ef:45:9d:40:79:e2:ef:94:92:b0:02:90:ec:c8:0b:34:00:66:
         fc:95:de:69:cf:73:9e:2c:ab:19:7d:89:cd:9e:f4:26:31:28:
         c7:bc:f6:71:de:cc:73:2e:13:44:68:fd:a5:09:a2:11:b6:ba:
         7d:e5:64:24:9b:91:3b:07:19:bb:6e:86:0a:1b:16:54:21:13:
         ba:e7:bb:b8:b6:27:ff:da:95:88:c4:74:48:60:52:8b:40:c8:
         73:57:dd:af:88:61:05:c4:0e:f3:a9:56:24:27:55:39:e2:d3:
         be:cf:ac:77:97:50:22:47:66:48:c8:ba:6c:fc:a1:6a:ca:37:
         bf:ee:7b:82:03:00:cd:e2:07:95:1c:8b:9b:a7:50:5e:ae:b0:
         9e:b9:29:11:15:16:3b:40:1d:bb:55:16:96:e1:87:42:fe:e6:
         a4:54:65:b6:b6:b0:a3:5c:5b:30:65:4b:0c:3f:be:d4:24:44:
         fe:de:34:c8:d8:e7:55:0a:a0:80:85:d1:8d:13:10:c5:65:0d:
         86:68:95:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0S1b2libmjXpZLMLeP7MatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjQwMTE2MTUxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUwYzQxOGEwNTAwMmQ0Mjg0MzcyZDY2OTkzYWQ0M2Y2MTQ0NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVZ4292yQtMYpB4ds+aiMyWwq0HD
jAegpW6eM7udw/unEL54/GimBhR7cIiaqDclBhEsU+pl2rnPD33nTOnVZxfndTPx
MEUv527RHg4wV9LRlml8hhk9dxFdQhI/ntOrGbvziVhvdTY1y0ogAvCCS1tcuPBu
xxdjutfw1zgAp4Kd22f30hZwmnYvGSCNM4IODspVFiuxDE7LwQy9C/lJe8lvvTpB
NOFf7bQi7F1uuIbtgH2Ekm70/ilq4NMa7M31m6YyxkjdoSTkfFLtqdoeqEDmtjCV
ZZcqP10bz1m8OEbwha+YEdOjPXbo65PDL8G7h6eXusUJ7NYEozAunEKrDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE5QxBigUALUKENy1mmTrUP2FESOMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvVGxERUdLQlFBdFFvUTNMV2FaT3RRX1lVUkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFW2ogAwQC
bT0EMA0GCSqGSIb3DQEBCwUAA4IBAQDkWdDQSbIwn0Kae4PGjo9e1w4k7CPySGg8
o1jfww11Ax3b6LCodhTxpjnGWb2oYLhzR860Bm7vRZ1AeeLvlJKwApDsyAs0AGb8
ld5pz3OeLKsZfYnNnvQmMSjHvPZx3sxzLhNEaP2lCaIRtrp95WQkm5E7Bxm7boYK
GxZUIRO657u4tif/2pWIxHRIYFKLQMhzV92viGEFxA7zqVYkJ1U54tO+z6x3l1Ai
R2ZIyLps/KFqyje/7nuCAwDN4geVHIubp1BerrCeuSkRFRY7QB27VRaW4YdC/uak
VGW2trCjXFswZUsMP77UJET+3jTI2OdVCqCAhdGNExDFZQ2GaJWH
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:31 2024 by rpki-client on console-fra.rpki-client.org