Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa
File:                     1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa (raw, json)
Hash identifier:          /G55D6bOilGVOnCBUg4j7rTkhDu6lquxLY/WCzPaV2w=
Subject key identifier:   F8:99:8E:E4:A0:B1:E8:56:30:C0:30:49:C4:7A:BE:7D:1F:19:88:47
Certificate issuer:       /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial:       018CC86FF3A273FEFB8467BDD0BB7BF1499B
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa
Signing time:             Tue 02 Jan 2024 04:30:29 +0000
ROA not before:           Tue 02 Jan 2024 04:30:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197633
IP address blocks:        185.5.176.0/22 maxlen: 22
                          37.122.229.0/24 maxlen: 24
                          37.123.0.0/20 maxlen: 20
                          31.44.192.0/24 maxlen: 24
                          31.44.193.0/24 maxlen: 24
                          31.44.204.0/23 maxlen: 23
                          31.44.202.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:f3:a2:73:fe:fb:84:67:bd:d0:bb:7b:f1:49:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
        Validity
            Not Before: Jan  2 04:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f8998ee4a0b1e85630c03049c47abe7d1f198847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:37:42:f1:9b:ff:84:87:a3:13:65:61:32:61:
                    8e:bd:00:d6:01:cb:63:99:ad:a0:13:e5:18:e1:72:
                    2f:26:79:97:44:84:e5:11:03:46:e2:52:a0:15:b4:
                    79:98:90:f7:a2:85:15:11:43:29:79:48:e1:28:1b:
                    09:fb:8e:0c:48:f9:e8:ed:bd:e5:cf:89:28:df:2c:
                    ca:d3:a3:72:71:cd:6d:84:88:4f:8b:97:a5:df:17:
                    e6:c9:d1:97:88:c6:71:34:ef:84:92:e9:99:1e:e6:
                    04:25:11:05:20:4b:61:5d:9b:fb:f5:23:a8:4c:df:
                    c3:b8:f8:f5:92:66:a7:36:28:95:46:64:81:d6:2f:
                    26:63:0b:e7:ed:e4:53:24:4f:b9:43:01:16:a5:21:
                    38:f2:14:0d:1a:93:43:36:72:70:96:f0:b0:56:9a:
                    1d:55:d0:4b:5e:25:c0:87:8d:03:e0:58:ad:86:78:
                    18:7b:95:05:90:8f:f2:14:8c:69:4e:38:b2:01:53:
                    d3:f6:fd:34:75:7a:af:d7:cc:c9:10:42:3b:bd:dc:
                    63:b9:f9:61:9a:9b:61:95:92:37:48:1c:49:35:38:
                    56:2c:f8:8a:3b:48:b8:4e:ec:9b:4b:4e:b7:d7:75:
                    32:a2:f1:dd:ce:be:0a:f6:f6:4f:f8:64:14:61:8d:
                    ae:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:99:8E:E4:A0:B1:E8:56:30:C0:30:49:C4:7A:BE:7D:1F:19:88:47
            X509v3 Authority Key Identifier:
                keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/1-JmO5KCx6FYwwDBJxHq-fR8ZiEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.192.0/23
                  31.44.202.0-31.44.205.255
                  37.122.229.0/24
                  37.123.0.0/20
                  185.5.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:1e:40:ec:11:4e:9a:c1:18:5c:f3:6e:ee:63:bf:0b:81:07:
         2a:1d:f0:f2:a4:db:f4:59:f6:05:58:fc:dd:91:78:78:4e:dc:
         f2:0d:89:b3:54:fc:d3:e0:af:04:fe:70:31:f7:ab:80:6b:54:
         f0:ac:8d:a2:7e:21:75:3a:fa:7c:79:f0:dc:6c:b6:ac:52:24:
         91:52:ba:92:b8:ea:3c:3c:38:fb:a3:b1:96:80:b9:2c:43:33:
         0f:db:cb:1b:81:cf:64:93:7a:2b:09:e5:1a:63:3a:e2:2b:1e:
         d7:3e:63:ae:f0:5a:7d:76:ed:6f:b7:9d:6b:89:f4:e7:69:35:
         fb:3a:87:c3:35:59:37:d6:a0:12:40:9e:75:cf:c9:01:f3:44:
         e4:fd:26:49:7a:f7:bd:fd:96:25:6d:28:51:73:b5:bb:c1:55:
         54:7d:e3:58:29:3f:c1:06:36:fd:99:db:cc:34:0d:41:28:72:
         00:9b:d4:8e:c7:60:a4:98:76:26:c1:a1:1d:26:d2:1f:82:5e:
         07:45:40:70:0b:32:7a:9b:57:d1:ac:46:75:24:9e:51:c7:08:
         a1:b0:a6:2d:25:5c:94:ee:05:a1:03:78:06:1b:d4:b0:20:67:
         6b:2f:f7:b0:e5:c6:5a:f0:dd:05:e5:59:cc:d6:f6:85:71:77:
         2f:1d:74:0c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIb/Oic/77hGe90Lt78UmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk5OGVlNGEwYjFlODU2MzBjMDMwNDljNDdhYmU3ZDFmMTk4ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjdC8Zv/hIejE2VhMmGOvQDWActj
ma2gE+UY4XIvJnmXRITlEQNG4lKgFbR5mJD3ooUVEUMpeUjhKBsJ+44MSPno7b3l
z4ko3yzK06Nycc1thIhPi5el3xfmydGXiMZxNO+EkumZHuYEJREFIEthXZv79SOo
TN/DuPj1kmanNiiVRmSB1i8mYwvn7eRTJE+5QwEWpSE48hQNGpNDNnJwlvCwVpod
VdBLXiXAh40D4FithngYe5UFkI/yFIxpTjiyAVPT9v00dXqv18zJEEI7vdxjuflh
mpthlZI3SBxJNThWLPiKO0i4TuybS06313UyovHdzr4K9vZP+GQUYY2u0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPiZjuSgsehWMMAwScR6vn0fGYhHMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvMS1KbU81S0N4NkZZd3dEQkp4SHEtZlI4WmlFYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0
Yy8xL2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAR8swDAM
AwQBHyzKAwQBHyzMAwQAJXrlAwQEJXsAAwQCuQWwMA0GCSqGSIb3DQEBCwUAA4IB
AQA1HkDsEU6awRhc827uY78LgQcqHfDypNv0WfYFWPzdkXh4TtzyDYmzVPzT4K8E
/nAx96uAa1TwrI2ifiF1Ovp8efDcbLasUiSRUrqSuOo8PDj7o7GWgLksQzMP28sb
gc9kk3orCeUaYzriKx7XPmOu8Fp9du1vt51rifTnaTX7OofDNVk31qASQJ51z8kB
80Tk/SZJeve9/ZYlbShRc7W7wVVUfeNYKT/BBjb9mdvMNA1BKHIAm9SOx2CkmHYm
waEdJtIfgl4HRUBwCzJ6m1fRrEZ1JJ5RxwihsKYtJVyU7gWhA3gGG9SwIGdrL/ew
5cZa8N0F5VnM1vaFcXcvHXQM
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:00:03 2024 by rpki-client on console-ams.rpki-client.org