Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa
File:                     F1zmsppR_Ns6ZBGciHERruKiqwY.roa (raw, json)
Hash identifier:          EXyflOWJvPeaRMI81GEA3DRaBQ/1SZh5wfFM2Jr0dw0=
Subject key identifier:   17:5C:E6:B2:9A:51:FC:DB:3A:64:11:9C:88:71:11:AE:E2:A2:AB:06
Certificate issuer:       /CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
Certificate serial:       018CC9BC1F7D149C14C78639680A8ACDB6D4
Authority key identifier: 4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa
Signing time:             Tue 02 Jan 2024 10:33:18 +0000
ROA not before:           Tue 02 Jan 2024 10:33:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35108
IP address blocks:        194.8.32.0/21 maxlen: 24
                          194.8.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:1f:7d:14:9c:14:c7:86:39:68:0a:8a:cd:b6:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
        Validity
            Not Before: Jan  2 10:33:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=175ce6b29a51fcdb3a64119c887111aee2a2ab06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a6:fb:12:ef:90:8f:37:90:83:05:bf:d5:9d:
                    4f:e1:29:a0:04:5f:8a:26:7e:9c:28:ef:eb:b6:f3:
                    b2:28:b1:a1:9b:04:22:31:3d:8e:a1:61:2b:af:5a:
                    84:a6:dd:d9:7e:a8:f8:dd:f5:7c:3f:b0:6e:9a:60:
                    52:79:70:40:bd:7c:c2:eb:e0:ba:dc:de:33:a7:33:
                    79:76:bf:51:1a:60:3b:d3:0b:5a:44:1f:c1:0c:d5:
                    86:0f:e5:25:3a:ef:4a:85:5a:11:80:3e:8d:78:23:
                    b9:16:e9:b6:58:4d:09:cc:ec:c4:f8:0a:18:38:c3:
                    97:07:c7:3b:57:18:00:aa:4c:00:af:f5:6e:00:b5:
                    ee:1d:04:57:7f:ac:af:ad:39:b1:86:8f:4b:2d:4f:
                    7b:9b:4a:40:1d:02:0d:c6:76:e6:b7:14:27:5b:f6:
                    be:e5:18:dc:32:54:75:da:32:68:a7:fb:48:9f:58:
                    e2:88:fa:96:5a:29:e3:98:78:2f:d6:5d:ff:88:b9:
                    49:52:70:1d:48:3a:54:ed:57:92:9a:e3:33:e4:bc:
                    03:e9:0d:10:c8:64:33:8d:23:4c:54:ae:99:93:c8:
                    c7:23:41:66:ed:d2:52:98:ab:d3:ad:13:3a:42:a7:
                    a5:36:da:53:8a:22:5b:d7:4a:4e:c8:d9:c2:4b:f1:
                    6e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:5C:E6:B2:9A:51:FC:DB:3A:64:11:9C:88:71:11:AE:E2:A2:AB:06
            X509v3 Authority Key Identifier:
                keyid:4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.8.32.0-194.8.43.255

    Signature Algorithm: sha256WithRSAEncryption
         2c:07:79:7b:e7:48:b3:b5:96:98:ac:9b:7c:02:d6:8c:7d:dc:
         41:57:bc:07:f7:c4:04:fd:16:22:08:d3:73:1c:17:65:c3:03:
         2e:26:51:7c:72:6c:ab:a2:b3:04:10:ac:6b:18:74:4d:73:c0:
         57:36:a0:9a:66:cc:7e:5b:a9:ff:eb:18:0b:7e:4f:f1:57:c1:
         1c:08:aa:d5:4e:40:ee:34:e6:2e:50:b3:80:57:17:c4:f9:27:
         cd:b6:5d:68:41:85:03:78:1b:af:70:c9:c5:7c:e0:f2:d8:0f:
         e7:b9:fb:ce:8d:40:40:dd:b2:1f:73:19:2b:4f:1d:b2:45:25:
         65:d9:91:04:02:ce:11:64:a6:0b:7c:4f:72:10:3e:3a:bd:29:
         18:53:3c:ab:62:bd:8e:79:41:df:ef:d1:87:76:49:0c:ec:c1:
         23:83:44:a2:b2:73:1d:c9:c6:1d:ee:3f:eb:32:78:ae:db:c8:
         b2:fa:36:7a:83:ba:05:f8:de:9a:32:f3:1e:e1:00:78:ee:29:
         2c:99:59:34:95:e5:ac:e7:43:ee:ee:67:2f:67:47:34:17:de:
         4b:9d:6a:33:0b:60:bc:b2:6c:82:9d:94:d2:9c:ad:e9:a9:af:
         ac:ab:e4:59:b0:6d:79:2b:e8:c5:02:fd:06:d1:e1:fd:33:21:
         b5:52:49:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvB99FJwUx4Y5aAqKzbbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDAzN2Q0ZWUzZTVkMjcwNjVhZDgwMzU2NTgyYTJmZGMy
YjQ4OGQwHhcNMjQwMTAyMTAzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVjZTZiMjlhNTFmY2RiM2E2NDExOWM4ODcxMTFhZWUyYTJhYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqb7Eu+QjzeQgwW/1Z1P4SmgBF+K
Jn6cKO/rtvOyKLGhmwQiMT2OoWErr1qEpt3Zfqj43fV8P7BummBSeXBAvXzC6+C6
3N4zpzN5dr9RGmA70wtaRB/BDNWGD+UlOu9KhVoRgD6NeCO5Fum2WE0JzOzE+AoY
OMOXB8c7VxgAqkwAr/VuALXuHQRXf6yvrTmxho9LLU97m0pAHQINxnbmtxQnW/a+
5RjcMlR12jJop/tIn1jiiPqWWinjmHgv1l3/iLlJUnAdSDpU7VeSmuMz5LwD6Q0Q
yGQzjSNMVK6Zk8jHI0Fm7dJSmKvTrRM6QqelNtpTiiJb10pOyNnCS/FuUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBdc5rKaUfzbOmQRnIhxEa7ioqsGMB8GA1UdIwQY
MBaAFE7QN9TuPl0nBlrYA1ZYKi/cK0iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRBMzFPNC1YU2NHV3RnRFZsZ3FMOXdyU0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83NGI5OTYtODBlZS00YzM5LThlNzQt
MzUwZTY4MWI5OWQxLzEvRjF6bXNwcFJfTnM2WkJHY2lIRVJydUtpcXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83NGI5OTYtODBlZS00YzM5LThlNzQtMzUwZTY4MWI5OWQx
LzEvVHRBMzFPNC1YU2NHV3RnRFZsZ3FMOXdyU0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCCCAD
BALCCCgwDQYJKoZIhvcNAQELBQADggEBACwHeXvnSLO1lpism3wC1ox93EFXvAf3
xAT9FiII03McF2XDAy4mUXxybKuiswQQrGsYdE1zwFc2oJpmzH5bqf/rGAt+T/FX
wRwIqtVOQO405i5Qs4BXF8T5J822XWhBhQN4G69wycV84PLYD+e5+86NQEDdsh9z
GStPHbJFJWXZkQQCzhFkpgt8T3IQPjq9KRhTPKtivY55Qd/v0Yd2SQzswSODRKKy
cx3Jxh3uP+syeK7byLL6NnqDugX43poy8x7hAHjuKSyZWTSV5aznQ+7uZy9nRzQX
3kudajMLYLyybIKdlNKcrempr6yr5FmwbXkr6MUC/QbR4f0zIbVSSeA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:23 2024 by rpki-client on console-ams.rpki-client.org