Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/BabrmfCoXe19CGY4Xx4w9ov4ij8.roa
File:                     BabrmfCoXe19CGY4Xx4w9ov4ij8.roa (raw, json)
Hash identifier:          N3sGLb4Ah56XZ4zstHo91A8T5wK1mVV0WpmTf0Khy8U=
Subject key identifier:   05:A6:EB:99:F0:A8:5D:ED:7D:08:66:38:5F:1E:30:F6:8B:F8:8A:3F
Certificate issuer:       /CN=6b3ae80cecb56f5b3003883a95e26f441d749f2e
Certificate serial:       018CC5DC8B4D8B40A41D4BA3C1119DB161EE
Authority key identifier: 6B:3A:E8:0C:EC:B5:6F:5B:30:03:88:3A:95:E2:6F:44:1D:74:9F:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/azroDOy1b1swA4g6leJvRB10ny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/BabrmfCoXe19CGY4Xx4w9ov4ij8.roa
Signing time:             Mon 01 Jan 2024 16:30:14 +0000
ROA not before:           Mon 01 Jan 2024 16:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30720
IP address blocks:        80.85.175.0/24 maxlen: 24
                          80.85.160.0/24 maxlen: 24
                          2a01:6a40:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/azroDOy1b1swA4g6leJvRB10ny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/azroDOy1b1swA4g6leJvRB10ny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/azroDOy1b1swA4g6leJvRB10ny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:8b:4d:8b:40:a4:1d:4b:a3:c1:11:9d:b1:61:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b3ae80cecb56f5b3003883a95e26f441d749f2e
        Validity
            Not Before: Jan  1 16:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=05a6eb99f0a85ded7d0866385f1e30f68bf88a3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5a:a6:fa:0f:4e:e8:66:76:f3:7b:41:a8:6a:
                    66:e1:9b:a1:f9:ce:0f:17:1a:57:20:5d:2c:66:69:
                    5f:58:30:9b:4f:7d:32:84:f0:d1:df:99:2c:33:53:
                    4d:ea:02:d2:6f:0d:da:80:37:c8:da:e8:14:66:f1:
                    b9:24:d0:3e:95:8a:df:cc:a9:8c:3f:23:14:e5:4f:
                    81:34:c5:88:02:0f:2d:0e:75:2e:d2:5a:08:bf:e5:
                    aa:95:ff:5a:49:4f:b7:38:e9:80:73:b4:19:3e:62:
                    32:e8:56:23:60:45:b6:94:5a:2c:f9:e4:03:56:52:
                    cd:93:9a:37:e9:3b:9e:8f:00:ad:28:61:2b:1d:6f:
                    46:a8:7b:ac:ac:d3:2c:e6:b5:3b:5f:bb:d6:da:b1:
                    74:59:bd:b2:3d:89:1d:2f:4d:18:1f:d7:da:bc:e0:
                    69:51:d6:72:0c:35:28:21:3a:6a:20:43:7c:db:8d:
                    42:83:ca:3b:0a:1a:7a:87:fa:21:48:09:fe:3b:39:
                    26:8c:8a:fc:d8:03:4c:2a:48:64:12:24:14:8a:00:
                    27:47:11:ae:c4:6b:57:66:f4:fd:17:ba:41:90:70:
                    fa:24:3b:85:f9:06:e7:6a:7f:58:c9:06:5c:4e:48:
                    15:15:70:db:9c:45:72:37:11:4e:01:fa:35:19:1d:
                    2f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:A6:EB:99:F0:A8:5D:ED:7D:08:66:38:5F:1E:30:F6:8B:F8:8A:3F
            X509v3 Authority Key Identifier:
                keyid:6B:3A:E8:0C:EC:B5:6F:5B:30:03:88:3A:95:E2:6F:44:1D:74:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azroDOy1b1swA4g6leJvRB10ny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/BabrmfCoXe19CGY4Xx4w9ov4ij8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/637377-cadc-4fd4-b66d-c9a56c5d3e91/1/azroDOy1b1swA4g6leJvRB10ny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.85.160.0/24
                  80.85.175.0/24
                IPv6:
                  2a01:6a40:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:43:c4:ab:e5:92:4f:cd:7e:27:48:cf:c2:46:56:ff:d2:08:
         0c:1e:63:6d:96:f0:c3:31:5d:b5:17:0c:e9:84:fd:e5:a7:bf:
         98:b7:b2:1f:55:14:64:f6:5d:80:25:04:9e:95:e6:88:22:aa:
         5f:e0:24:9c:16:95:d5:ca:d9:9a:8e:6f:37:62:bc:4f:85:c5:
         bd:a6:b0:96:60:e0:97:2f:8c:5a:89:8b:41:ff:21:ec:1f:05:
         ab:51:65:bd:d9:e1:95:7a:da:a5:08:4b:0f:7d:94:3d:2e:fb:
         78:91:74:38:d4:2e:0f:54:33:e9:7b:4b:d9:c7:25:df:17:a5:
         67:f8:aa:26:d9:70:6f:79:d7:68:78:66:a1:a3:30:45:d8:dc:
         66:59:c3:c3:cb:5b:0b:7c:47:91:66:1e:bd:d6:76:4a:37:c9:
         1b:d7:db:cd:c7:99:44:14:a9:d7:ad:66:55:69:d1:49:bd:31:
         0c:60:b6:d7:29:5f:62:c3:de:56:19:0e:26:71:df:70:e2:8c:
         b1:2a:47:36:cc:fa:be:5e:1e:a3:dc:9c:5b:e6:c0:3f:4d:bd:
         00:25:c4:eb:ca:88:a5:50:0d:8f:12:64:88:7d:20:95:cd:87:
         3b:f3:ee:6b:41:74:c8:f9:35:5d:b7:3a:67:2e:c7:7d:3d:ae:
         77:cc:5c:10
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3ItNi0CkHUujwRGdsWHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiM2FlODBjZWNiNTZmNWIzMDAzODgzYTk1ZTI2ZjQ0MWQ3
NDlmMmUwHhcNMjQwMTAxMTYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE2ZWI5OWYwYTg1ZGVkN2QwODY2Mzg1ZjFlMzBmNjhiZjg4YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1qm+g9O6GZ283tBqGpm4Zuh+c4P
FxpXIF0sZmlfWDCbT30yhPDR35ksM1NN6gLSbw3agDfI2ugUZvG5JNA+lYrfzKmM
PyMU5U+BNMWIAg8tDnUu0loIv+Wqlf9aSU+3OOmAc7QZPmIy6FYjYEW2lFos+eQD
VlLNk5o36TuejwCtKGErHW9GqHusrNMs5rU7X7vW2rF0Wb2yPYkdL00YH9favOBp
UdZyDDUoITpqIEN8241Cg8o7Chp6h/ohSAn+OzkmjIr82ANMKkhkEiQUigAnRxGu
xGtXZvT9F7pBkHD6JDuF+Qbnan9YyQZcTkgVFXDbnEVyNxFOAfo1GR0vrQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAWm65nwqF3tfQhmOF8eMPaL+Io/MB8GA1UdIwQY
MBaAFGs66AzstW9bMAOIOpXib0QddJ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXpyb0RPeTFiMXN3QTRnNmxlSnZSQjEwbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi82MzczNzctY2FkYy00ZmQ0LWI2NmQt
YzlhNTZjNWQzZTkxLzEvQmFicm1mQ29YZTE5Q0dZNFh4NHc5b3Y0aWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi82MzczNzctY2FkYy00ZmQ0LWI2NmQtYzlhNTZjNWQzZTkx
LzEvYXpyb0RPeTFiMXN3QTRnNmxlSnZSQjEwbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUFWgAwQA
UFWvMA8EAgACMAkDBwAqAWpAAAEwDQYJKoZIhvcNAQELBQADggEBALBDxKvlkk/N
fidIz8JGVv/SCAweY22W8MMxXbUXDOmE/eWnv5i3sh9VFGT2XYAlBJ6V5ogiql/g
JJwWldXK2ZqObzdivE+Fxb2msJZg4JcvjFqJi0H/IewfBatRZb3Z4ZV62qUISw99
lD0u+3iRdDjULg9UM+l7S9nHJd8XpWf4qibZcG9512h4ZqGjMEXY3GZZw8PLWwt8
R5FmHr3Wdko3yRvX283HmUQUqdetZlVp0Um9MQxgttcpX2LD3lYZDiZx33DijLEq
RzbM+r5eHqPcnFvmwD9NvQAlxOvKiKVQDY8SZIh9IJXNhzvz7mtBdMj5NV23Omcu
x309rnfMXBA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:27 2024 by rpki-client on console-ams.rpki-client.org