Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/WoWS5qU3ESpCX--P2VhfPaGuBLI.roa
File:                     WoWS5qU3ESpCX--P2VhfPaGuBLI.roa (raw, json)
Hash identifier:          Z6GKz9nN+yxfl6GENIlex956QXZ+zSzWLm3hA87A3MQ=
Subject key identifier:   5A:85:92:E6:A5:37:11:2A:42:5F:EF:8F:D9:58:5F:3D:A1:AE:04:B2
Certificate issuer:       /CN=f353c73f1fbf4bfb46d06750e25660cda1d801b1
Certificate serial:       018CC6B879DB184DC3B9699731D2951605F8
Authority key identifier: F3:53:C7:3F:1F:BF:4B:FB:46:D0:67:50:E2:56:60:CD:A1:D8:01:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/81PHPx-_S_tG0GdQ4lZgzaHYAbE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/WoWS5qU3ESpCX--P2VhfPaGuBLI.roa
Signing time:             Mon 01 Jan 2024 20:30:27 +0000
ROA not before:           Mon 01 Jan 2024 20:30:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209242
IP address blocks:        193.162.35.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/81PHPx-_S_tG0GdQ4lZgzaHYAbE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/81PHPx-_S_tG0GdQ4lZgzaHYAbE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/81PHPx-_S_tG0GdQ4lZgzaHYAbE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:79:db:18:4d:c3:b9:69:97:31:d2:95:16:05:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f353c73f1fbf4bfb46d06750e25660cda1d801b1
        Validity
            Not Before: Jan  1 20:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5a8592e6a537112a425fef8fd9585f3da1ae04b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cd:af:ab:06:ed:60:66:1a:42:be:37:7c:62:
                    0a:65:33:fd:c7:20:db:bb:0a:db:dc:c1:b6:60:2a:
                    23:01:58:59:0d:c7:b8:a4:0a:b9:4f:4e:96:20:43:
                    01:e1:ed:28:a2:1d:ca:e5:4f:cb:5b:7d:5b:15:f4:
                    a5:7b:1a:d3:ae:34:d1:e4:43:32:f7:b6:44:0d:21:
                    c3:22:c5:99:98:0e:5e:8f:68:8e:ed:b5:98:84:0b:
                    18:36:46:cc:6a:d7:71:b4:53:46:b2:3a:b4:5b:bc:
                    3e:a1:95:bf:05:68:6c:d4:cb:3a:1f:4a:41:e8:3b:
                    51:75:61:a9:cb:48:57:67:01:3e:2d:c4:aa:ff:6a:
                    cc:b0:fd:40:4e:ae:79:75:a8:20:49:a9:1a:f5:20:
                    1b:c6:03:91:67:b4:0a:ec:ef:98:31:e9:f1:d0:59:
                    85:af:59:f8:9f:a1:af:4d:4a:ee:a2:39:02:84:4d:
                    4d:a9:50:f2:0c:79:16:fc:a6:e3:fd:4d:dc:ea:37:
                    60:da:0a:e5:04:45:04:0f:84:64:85:b1:0b:bb:c0:
                    fc:f2:51:69:4c:e7:8a:0d:bd:4d:80:ad:05:c0:d8:
                    32:e8:cb:7e:c6:5b:ae:e8:73:da:3b:bc:66:53:6d:
                    08:c8:de:de:75:89:9d:8e:84:1a:c5:4d:6f:93:5c:
                    fe:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:85:92:E6:A5:37:11:2A:42:5F:EF:8F:D9:58:5F:3D:A1:AE:04:B2
            X509v3 Authority Key Identifier:
                keyid:F3:53:C7:3F:1F:BF:4B:FB:46:D0:67:50:E2:56:60:CD:A1:D8:01:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81PHPx-_S_tG0GdQ4lZgzaHYAbE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/WoWS5qU3ESpCX--P2VhfPaGuBLI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/31a837-952b-4341-bf6c-5e13ff3ef3e9/1/81PHPx-_S_tG0GdQ4lZgzaHYAbE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.162.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:e8:2b:73:6b:7c:da:e4:2f:54:db:3a:a4:10:91:3a:e4:20:
         91:7c:98:5b:9c:32:63:ae:9e:a9:82:2d:df:f3:3a:06:17:1e:
         f6:f8:bd:d0:d9:d3:06:c0:08:35:82:1d:9e:9a:7b:e8:4a:e0:
         2c:c0:43:be:3f:69:02:8b:b4:5f:d3:2f:54:52:40:d0:eb:6e:
         f7:8a:b5:32:77:22:14:09:f1:4e:66:7f:46:42:ae:5c:46:a1:
         56:82:11:49:c4:82:76:10:96:35:1d:7b:64:42:be:e3:5f:04:
         2a:4f:f1:da:89:f4:fa:59:8f:8a:29:79:f0:7a:72:7c:dc:89:
         69:cb:c5:09:45:7d:6e:76:31:1e:9e:1e:c9:a4:b8:0a:e4:55:
         8c:1a:cd:8b:fe:2f:5c:07:34:b1:cf:e7:0f:93:c9:51:4f:32:
         43:8d:52:e1:24:b6:82:4d:c0:1c:37:08:e0:90:94:ae:86:d2:
         dc:c1:82:66:93:d5:13:60:3e:68:e5:bb:74:28:af:80:99:d0:
         79:28:a3:27:40:c8:1c:79:02:e7:96:8e:fd:30:46:ae:31:fe:
         db:25:ba:c3:aa:04:9f:43:1f:30:30:29:bb:36:70:13:88:7c:
         5b:f3:c9:be:42:45:91:b4:d0:4e:60:aa:ca:aa:a4:da:b1:6d:
         d8:6e:09:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuHnbGE3DuWmXMdKVFgX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNTNjNzNmMWZiZjRiZmI0NmQwNjc1MGUyNTY2MGNkYTFk
ODAxYjEwHhcNMjQwMTAxMjAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg1OTJlNmE1MzcxMTJhNDI1ZmVmOGZkOTU4NWYzZGExYWUwNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr82vqwbtYGYaQr43fGIKZTP9xyDb
uwrb3MG2YCojAVhZDce4pAq5T06WIEMB4e0ooh3K5U/LW31bFfSlexrTrjTR5EMy
97ZEDSHDIsWZmA5ej2iO7bWYhAsYNkbMatdxtFNGsjq0W7w+oZW/BWhs1Ms6H0pB
6DtRdWGpy0hXZwE+LcSq/2rMsP1ATq55daggSaka9SAbxgORZ7QK7O+YMenx0FmF
r1n4n6GvTUruojkChE1NqVDyDHkW/Kbj/U3c6jdg2grlBEUED4RkhbELu8D88lFp
TOeKDb1NgK0FwNgy6Mt+xluu6HPaO7xmU20IyN7edYmdjoQaxU1vk1z+1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqFkualNxEqQl/vj9lYXz2hrgSyMB8GA1UdIwQY
MBaAFPNTxz8fv0v7RtBnUOJWYM2h2AGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODFQSFB4LV9TX3RHMEdkUTRsWmd6YUhZQWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zMWE4MzctOTUyYi00MzQxLWJmNmMt
NWUxM2ZmM2VmM2U5LzEvV29XUzVxVTNFU3BDWC0tUDJWaGZQYUd1QkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zMWE4MzctOTUyYi00MzQxLWJmNmMtNWUxM2ZmM2VmM2U5
LzEvODFQSFB4LV9TX3RHMEdkUTRsWmd6YUhZQWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaIjMA0G
CSqGSIb3DQEBCwUAA4IBAQAn6Ctza3za5C9U2zqkEJE65CCRfJhbnDJjrp6pgi3f
8zoGFx72+L3Q2dMGwAg1gh2emnvoSuAswEO+P2kCi7Rf0y9UUkDQ6273irUydyIU
CfFOZn9GQq5cRqFWghFJxIJ2EJY1HXtkQr7jXwQqT/HaifT6WY+KKXnwenJ83Ilp
y8UJRX1udjEenh7JpLgK5FWMGs2L/i9cBzSxz+cPk8lRTzJDjVLhJLaCTcAcNwjg
kJSuhtLcwYJmk9UTYD5o5bt0KK+AmdB5KKMnQMgceQLnlo79MEauMf7bJbrDqgSf
Qx8wMCm7NnATiHxb88m+QkWRtNBOYKrKqqTasW3YbgnW
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:57 2024 by rpki-client on console-ams.rpki-client.org