Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/A6_jirV_8Mn9bdpUsNl4pCnX8hU.roa
File:                     A6_jirV_8Mn9bdpUsNl4pCnX8hU.roa (raw, json)
Hash identifier:          kl7tu7HdegzG0NeV5s1+DgRpcao4RLkzQW53pVzyurU=
Subject key identifier:   03:AF:E3:8A:B5:7F:F0:C9:FD:6D:DA:54:B0:D9:78:A4:29:D7:F2:15
Certificate issuer:       /CN=7819b096edf8760e8e500f94169bc00378ae9475
Certificate serial:       018CC26D5732E242EC44730CAB5BC982D23E
Authority key identifier: 78:19:B0:96:ED:F8:76:0E:8E:50:0F:94:16:9B:C0:03:78:AE:94:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eBmwlu34dg6OUA-UFpvAA3iulHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/A6_jirV_8Mn9bdpUsNl4pCnX8hU.roa
Signing time:             Mon 01 Jan 2024 00:29:54 +0000
ROA not before:           Mon 01 Jan 2024 00:29:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51294
IP address blocks:        178.23.56.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/eBmwlu34dg6OUA-UFpvAA3iulHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/eBmwlu34dg6OUA-UFpvAA3iulHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eBmwlu34dg6OUA-UFpvAA3iulHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:57:32:e2:42:ec:44:73:0c:ab:5b:c9:82:d2:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7819b096edf8760e8e500f94169bc00378ae9475
        Validity
            Not Before: Jan  1 00:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03afe38ab57ff0c9fd6dda54b0d978a429d7f215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ae:e3:d0:90:aa:3b:a1:da:be:45:b5:6e:93:
                    62:40:9a:86:49:e5:81:8b:4e:e6:89:38:5f:13:82:
                    09:2b:88:50:a5:31:ce:ac:e4:c6:b4:d8:cf:ef:5f:
                    02:70:c9:d6:d7:8b:73:e0:f1:7c:04:3a:51:6b:36:
                    6b:54:4a:ae:fb:bb:6e:d2:c2:41:06:02:1d:cf:0c:
                    bf:c2:05:3e:39:93:7d:3b:82:b3:97:93:81:04:e0:
                    cb:c9:81:d7:2f:7e:a9:57:9d:ec:d4:e7:b1:34:1f:
                    cf:a5:6a:e7:07:3f:3e:87:99:b1:c3:52:56:79:db:
                    e9:04:cc:2c:02:54:44:ff:e8:93:ed:64:e1:4d:9a:
                    60:53:53:7a:e5:39:9e:80:eb:b3:54:3e:e7:8d:3d:
                    76:5f:b4:cc:71:45:58:73:0f:4d:bf:2c:e2:3f:6e:
                    6b:c6:81:e2:33:10:23:df:55:65:c0:bb:c5:1b:29:
                    5d:14:c1:42:26:95:12:19:0e:bc:f6:ed:f1:14:91:
                    4f:75:22:15:da:54:a6:57:f0:4d:41:93:68:f3:e1:
                    3d:69:81:e1:4b:7c:05:56:03:44:f2:33:3a:5f:e9:
                    19:2e:98:10:fe:e2:5b:a7:a0:44:ae:23:86:0c:a2:
                    6a:cf:79:1b:8e:27:31:01:ab:17:ac:18:87:da:55:
                    b9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:AF:E3:8A:B5:7F:F0:C9:FD:6D:DA:54:B0:D9:78:A4:29:D7:F2:15
            X509v3 Authority Key Identifier:
                keyid:78:19:B0:96:ED:F8:76:0E:8E:50:0F:94:16:9B:C0:03:78:AE:94:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBmwlu34dg6OUA-UFpvAA3iulHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/A6_jirV_8Mn9bdpUsNl4pCnX8hU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1bca6a-511e-4150-9cfa-c52c6c0e3a8a/1/eBmwlu34dg6OUA-UFpvAA3iulHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.23.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3f:b3:44:1b:b4:87:9d:75:ac:7d:8c:71:34:b6:71:e9:9b:2f:
         21:12:95:f4:b4:09:63:9d:42:88:01:4b:a0:82:49:7b:e1:f8:
         74:dc:ed:e3:2a:fa:d8:a5:c2:77:f4:8f:32:22:b0:88:f7:08:
         c3:37:25:60:6b:68:27:f6:10:38:43:73:e3:0c:58:57:7e:ac:
         8d:0e:38:a1:97:c1:fa:ab:11:5e:8d:02:7f:2d:de:5e:d0:2a:
         2d:f9:35:8f:fc:3a:89:cf:34:d3:70:26:a6:bd:ca:7a:48:a0:
         e0:c0:08:db:2d:29:17:7f:50:36:bc:91:44:b2:86:17:93:59:
         94:47:0c:20:2c:53:ef:11:17:c7:98:d8:5b:f1:02:c9:c2:5f:
         91:3f:17:e4:58:ee:c3:5d:b3:a8:63:8d:e9:93:e5:33:96:83:
         17:b1:a3:77:1a:aa:12:5a:30:8f:53:b8:4a:fa:c7:18:42:ff:
         7c:02:e7:68:28:f0:19:62:5e:c6:cf:70:76:c8:92:12:60:59:
         e6:ca:4f:4a:ef:eb:7e:d0:a0:79:7b:84:6b:e0:b1:bc:af:85:
         74:37:42:e7:56:55:3c:40:bc:39:d1:2b:6b:7b:96:82:ed:e4:
         c5:4e:b0:d0:0e:45:6c:eb:38:d2:a6:b5:e0:66:37:60:ed:f8:
         60:ff:ae:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVcy4kLsRHMMq1vJgtI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MTliMDk2ZWRmODc2MGU4ZTUwMGY5NDE2OWJjMDAzNzhh
ZTk0NzUwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2FmZTM4YWI1N2ZmMGM5ZmQ2ZGRhNTRiMGQ5NzhhNDI5ZDdmMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta7j0JCqO6HavkW1bpNiQJqGSeWB
i07miThfE4IJK4hQpTHOrOTGtNjP718CcMnW14tz4PF8BDpRazZrVEqu+7tu0sJB
BgIdzwy/wgU+OZN9O4Kzl5OBBODLyYHXL36pV53s1OexNB/PpWrnBz8+h5mxw1JW
edvpBMwsAlRE/+iT7WThTZpgU1N65TmegOuzVD7njT12X7TMcUVYcw9NvyziP25r
xoHiMxAj31VlwLvFGyldFMFCJpUSGQ689u3xFJFPdSIV2lSmV/BNQZNo8+E9aYHh
S3wFVgNE8jM6X+kZLpgQ/uJbp6BEriOGDKJqz3kbjicxAasXrBiH2lW5fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOv44q1f/DJ/W3aVLDZeKQp1/IVMB8GA1UdIwQY
MBaAFHgZsJbt+HYOjlAPlBabwAN4rpR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUJtd2x1MzRkZzZPVUEtVUZwdkFBM2l1bEhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xYmNhNmEtNTExZS00MTUwLTljZmEt
YzUyYzZjMGUzYThhLzEvQTZfamlyVl84TW45YmRwVXNObDRwQ25YOGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xYmNhNmEtNTExZS00MTUwLTljZmEtYzUyYzZjMGUzYThh
LzEvZUJtd2x1MzRkZzZPVUEtVUZwdkFBM2l1bEhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDshc4MA0G
CSqGSIb3DQEBCwUAA4IBAQA/s0QbtIeddax9jHE0tnHpmy8hEpX0tAljnUKIAUug
gkl74fh03O3jKvrYpcJ39I8yIrCI9wjDNyVga2gn9hA4Q3PjDFhXfqyNDjihl8H6
qxFejQJ/Ld5e0Cot+TWP/DqJzzTTcCamvcp6SKDgwAjbLSkXf1A2vJFEsoYXk1mU
RwwgLFPvERfHmNhb8QLJwl+RPxfkWO7DXbOoY43pk+UzloMXsaN3GqoSWjCPU7hK
+scYQv98AudoKPAZYl7Gz3B2yJISYFnmyk9K7+t+0KB5e4Rr4LG8r4V0N0LnVlU8
QLw50Stre5aC7eTFTrDQDkVs6zjSprXgZjdg7fhg/67r
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:21 2024 by rpki-client on console-fra.rpki-client.org