Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa
File:                     tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa (raw, json)
Hash identifier:          VNLTNuL2jkv/awqdFeATLIY5BBdYPdMUrtHU1Dsfdu0=
Subject key identifier:   B7:1E:EA:BE:3B:13:9C:B4:78:61:22:E0:97:60:AB:62:91:6D:3F:47
Certificate issuer:       /CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
Certificate serial:       0191E51203E9D1683EB5ADA87A3F21B5539F
Authority key identifier: 8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa
Signing time:             Thu 12 Sep 2024 07:10:48 +0000
ROA not before:           Thu 12 Sep 2024 07:10:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60522
IP address blocks:        37.131.179.0/24 maxlen: 24
                          37.131.180.0/22 maxlen: 24
                          185.212.52.0/22 maxlen: 24
                          2a0b:72c0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:e5:12:03:e9:d1:68:3e:b5:ad:a8:7a:3f:21:b5:53:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a7415ae634d613159cbd2ce74ac261a7d5ac4d4
        Validity
            Not Before: Sep 12 07:10:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b71eeabe3b139cb4786122e09760ab62916d3f47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cd:40:c6:1d:ae:26:46:7b:ec:73:91:45:19:
                    30:40:37:b9:42:32:05:51:1e:2c:09:80:73:d6:8a:
                    ec:d7:9f:5b:59:d7:a1:41:55:eb:55:21:95:64:de:
                    1e:2a:c8:c7:59:95:64:4f:cd:4e:b0:c5:9e:06:d2:
                    f8:95:d5:21:e4:a1:fb:61:aa:10:a5:98:7c:7f:07:
                    8e:1f:98:c8:60:f6:4e:6e:62:f4:c5:c9:f4:49:b5:
                    57:f3:4f:aa:9e:f9:48:e1:fd:42:bd:13:d2:34:91:
                    4f:60:1e:6d:e5:6a:f2:8a:76:9e:13:9e:50:07:b7:
                    f5:a5:20:85:2d:6c:48:e8:15:4c:4a:72:b3:d0:84:
                    a2:c7:83:e6:a6:56:14:67:a5:9d:56:3d:cc:5b:b4:
                    30:a1:15:c1:74:d6:56:80:31:a2:64:71:d8:71:36:
                    c8:fc:26:87:fb:3b:82:43:d1:c2:35:43:15:dc:f5:
                    33:7e:c8:21:ab:12:0b:04:f3:b0:9b:fd:fd:87:f9:
                    91:4e:6b:d2:54:e7:74:e5:b7:07:19:81:78:94:2b:
                    3c:8c:ac:34:d1:fb:ab:f8:c2:9b:24:bd:d1:d0:a4:
                    b9:67:ff:66:f8:53:dc:37:59:aa:53:30:0f:e0:64:
                    2a:bb:e3:91:f6:44:c3:ec:7c:1a:71:ee:99:d9:78:
                    b5:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:1E:EA:BE:3B:13:9C:B4:78:61:22:E0:97:60:AB:62:91:6D:3F:47
            X509v3 Authority Key Identifier:
                keyid:8A:74:15:AE:63:4D:61:31:59:CB:D2:CE:74:AC:26:1A:7D:5A:C4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inQVrmNNYTFZy9LOdKwmGn1axNQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/tx7qvjsTnLR4YSLgl2CrYpFtP0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7dbfe7-3614-456e-bf4c-ef7f56842546/1/inQVrmNNYTFZy9LOdKwmGn1axNQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.131.179.0-37.131.183.255
                  185.212.52.0/22
                IPv6:
                  2a0b:72c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         83:31:74:27:eb:be:dd:d8:13:7b:62:f8:27:e5:e0:9f:8b:2c:
         49:3f:25:9e:c2:99:61:9e:6d:98:51:62:3f:64:98:d1:85:5b:
         0e:03:6e:91:b3:1b:45:d0:3a:3a:0f:cf:fe:77:0e:9f:db:86:
         e4:24:91:c4:e9:6f:b0:4f:1c:63:f3:30:cd:7a:13:ee:63:24:
         81:8e:53:cf:1d:ee:21:95:c9:5a:d0:77:a5:f9:3d:95:9f:97:
         13:e8:e0:03:52:2b:f8:5c:98:5a:59:02:20:7b:8f:0a:2c:2c:
         38:b3:73:30:b8:65:52:ad:c7:74:2b:ab:93:7c:12:ef:75:7b:
         8d:9d:e5:71:9c:65:2d:ed:0d:95:be:3a:7e:d0:7e:7c:66:a8:
         f4:7f:e8:7f:69:e3:6b:7f:8f:40:2c:eb:c9:0c:6f:c2:19:54:
         52:39:0f:46:ca:6a:9f:4c:1f:33:5c:dc:2d:9e:a1:c6:68:3d:
         e7:a6:a5:da:dd:49:8d:63:c7:66:15:f5:ad:f6:88:41:60:df:
         27:16:1b:a2:32:43:8a:05:ae:ce:e0:32:73:d9:c3:8c:51:a6:
         1d:47:77:31:ef:04:9f:f1:52:ad:61:2f:73:b1:29:17:7d:27:
         b7:91:5a:2a:6d:24:32:3d:f8:97:5d:ae:13:7c:b2:69:7a:ab:
         ed:f8:ef:8e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHlEgPp0Wg+ta2oej8htVOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNzQxNWFlNjM0ZDYxMzE1OWNiZDJjZTc0YWMyNjFhN2Q1
YWM0ZDQwHhcNMjQwOTEyMDcxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFlZWFiZTNiMTM5Y2I0Nzg2MTIyZTA5NzYwYWI2MjkxNmQzZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc1Axh2uJkZ77HORRRkwQDe5QjIF
UR4sCYBz1ors159bWdehQVXrVSGVZN4eKsjHWZVkT81OsMWeBtL4ldUh5KH7YaoQ
pZh8fweOH5jIYPZObmL0xcn0SbVX80+qnvlI4f1CvRPSNJFPYB5t5WryinaeE55Q
B7f1pSCFLWxI6BVMSnKz0ISix4PmplYUZ6WdVj3MW7QwoRXBdNZWgDGiZHHYcTbI
/CaH+zuCQ9HCNUMV3PUzfsghqxILBPOwm/39h/mRTmvSVOd05bcHGYF4lCs8jKw0
0fur+MKbJL3R0KS5Z/9m+FPcN1mqUzAP4GQqu+OR9kTD7Hwace6Z2Xi1ZQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLce6r47E5y0eGEi4Jdgq2KRbT9HMB8GA1UdIwQY
MBaAFIp0Fa5jTWExWcvSznSsJhp9WsTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMt
ZWY3ZjU2ODQyNTQ2LzEvdHg3cXZqc1RuTFI0WVNMZ2wyQ3JZcEZ0UDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83ZGJmZTctMzYxNC00NTZlLWJmNGMtZWY3ZjU2ODQyNTQ2
LzEvaW5RVnJtTk5ZVEZaeTlMT2RLd21HbjFheE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAAlg7MD
BAMlg7ADBAK51DQwDQQCAAIwBwMFACoLcsAwDQYJKoZIhvcNAQELBQADggEBAIMx
dCfrvt3YE3ti+Cfl4J+LLEk/JZ7CmWGebZhRYj9kmNGFWw4DbpGzG0XQOjoPz/53
Dp/bhuQkkcTpb7BPHGPzMM16E+5jJIGOU88d7iGVyVrQd6X5PZWflxPo4ANSK/hc
mFpZAiB7jwosLDizczC4ZVKtx3Qrq5N8Eu91e42d5XGcZS3tDZW+On7QfnxmqPR/
6H9p42t/j0As68kMb8IZVFI5D0bKap9MHzNc3C2eocZoPeempdrdSY1jx2YV9a32
iEFg3ycWG6IyQ4oFrs7gMnPZw4xRph1HdzHvBJ/xUq1hL3OxKRd9J7eRWiptJDI9
+JddrhN8sml6q+34744=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:20 2024 by rpki-client on console-ams.rpki-client.org