Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/1QE8Nd7oRWi-Snh2RHzsYUv-nUY.roa
File:                     1QE8Nd7oRWi-Snh2RHzsYUv-nUY.roa (raw, json)
Hash identifier:          CBae13Pudh0OMoL1gPiFld5GVdx5fqwk9evHjRbCzCw=
Subject key identifier:   D5:01:3C:35:DE:E8:45:68:BE:4A:78:76:44:7C:EC:61:4B:FE:9D:46
Certificate issuer:       /CN=e9e415ed5c0c7759981001b8db262da779a04b3d
Certificate serial:       018CC6B77B1C2071BE8AD9FC31AF560D073B
Authority key identifier: E9:E4:15:ED:5C:0C:77:59:98:10:01:B8:DB:26:2D:A7:79:A0:4B:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6eQV7VwMd1mYEAG42yYtp3mgSz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/1QE8Nd7oRWi-Snh2RHzsYUv-nUY.roa
Signing time:             Mon 01 Jan 2024 20:29:22 +0000
ROA not before:           Mon 01 Jan 2024 20:29:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     4755
IP address blocks:        213.132.251.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/6eQV7VwMd1mYEAG42yYtp3mgSz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/6eQV7VwMd1mYEAG42yYtp3mgSz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6eQV7VwMd1mYEAG42yYtp3mgSz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 11:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:7b:1c:20:71:be:8a:d9:fc:31:af:56:0d:07:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9e415ed5c0c7759981001b8db262da779a04b3d
        Validity
            Not Before: Jan  1 20:29:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5013c35dee84568be4a7876447cec614bfe9d46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:20:e4:53:f6:8c:44:bb:73:e9:96:d4:4f:dc:
                    e5:2d:e0:3a:0f:cf:c8:f4:2c:86:28:51:7b:64:ec:
                    38:c8:c1:e5:8c:08:e5:40:a5:19:23:9a:f6:5a:ad:
                    b4:e1:39:61:68:43:ab:fd:ce:6b:75:1e:68:e1:3c:
                    61:7f:3e:93:21:65:41:d1:26:bd:29:2c:46:a2:3e:
                    fb:62:12:7d:ab:6e:59:d6:27:7a:aa:ba:7c:9d:ef:
                    f0:4c:bd:35:df:ba:47:db:a9:da:bc:73:b9:47:0b:
                    f3:d3:4c:76:5c:e6:74:7f:79:ad:f6:aa:bb:6d:ed:
                    9a:88:d0:b4:4b:41:d3:1e:9e:0f:e1:03:32:72:bd:
                    37:cd:cf:28:ff:60:3a:9d:ef:c7:c3:b5:ae:b1:b3:
                    3d:40:a5:a6:0b:6f:f3:55:ee:34:83:ca:3d:a0:47:
                    d3:38:b0:ed:23:a6:d8:1e:97:94:4e:e9:83:44:6c:
                    16:db:ac:fe:c3:5d:60:4c:b8:7f:42:f8:2e:fc:ce:
                    bb:56:e9:8a:dc:2c:71:d2:72:9e:58:23:15:49:94:
                    a9:c6:26:0a:92:42:05:ac:48:82:3d:56:7b:96:0e:
                    a6:e4:9a:4b:1d:94:51:70:1d:00:66:d0:a2:6c:8c:
                    3b:04:8c:ad:4f:b7:e7:7c:1c:9d:3a:68:3c:4b:58:
                    1d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:01:3C:35:DE:E8:45:68:BE:4A:78:76:44:7C:EC:61:4B:FE:9D:46
            X509v3 Authority Key Identifier:
                keyid:E9:E4:15:ED:5C:0C:77:59:98:10:01:B8:DB:26:2D:A7:79:A0:4B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eQV7VwMd1mYEAG42yYtp3mgSz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/1QE8Nd7oRWi-Snh2RHzsYUv-nUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/7eb683-e218-4382-bfd9-28da6a1ba128/1/6eQV7VwMd1mYEAG42yYtp3mgSz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.132.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:f1:3d:b7:f4:c2:38:2c:bd:3f:30:8e:3c:60:24:dd:a6:3f:
         c2:d8:a1:7b:00:aa:53:3d:96:af:fb:55:fa:72:50:de:92:aa:
         08:e3:e7:98:79:d0:b7:21:1f:2b:a7:24:3a:4b:7f:00:45:5e:
         43:ef:4d:99:1f:e3:72:07:de:05:f3:18:76:70:75:88:54:03:
         b4:c5:93:50:cc:30:d3:79:b3:a2:2f:7c:5f:72:f8:03:ea:61:
         74:fa:a5:bb:ea:b1:ba:21:11:58:d0:78:ee:13:32:8b:60:26:
         a4:23:67:0b:10:ba:32:3b:27:30:74:5b:ba:96:c0:51:d1:bd:
         65:27:78:34:bf:e9:63:98:4a:46:52:86:7e:65:8a:f8:97:eb:
         53:1c:80:90:3e:03:dd:f0:37:25:3c:c2:06:26:eb:da:7e:d5:
         3c:36:28:a1:80:d6:06:92:a5:20:d3:8f:86:2b:c8:13:7a:f9:
         00:94:72:e9:55:d8:b3:58:55:c6:6a:07:ff:ff:dd:1e:fc:49:
         86:2e:1e:d1:bc:5c:f5:99:c2:19:67:2f:34:e8:10:09:c8:b3:
         cf:8e:62:e6:dc:1a:51:98:17:9d:0e:c0:f4:05:6f:3d:6e:3e:
         18:f3:df:c4:aa:30:ba:14:80:b2:5e:00:85:39:3a:51:7a:43:
         94:74:2f:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt3scIHG+itn8Ma9WDQc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTQxNWVkNWMwYzc3NTk5ODEwMDFiOGRiMjYyZGE3Nzlh
MDRiM2QwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAxM2MzNWRlZTg0NTY4YmU0YTc4NzY0NDdjZWM2MTRiZmU5ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CDkU/aMRLtz6ZbUT9zlLeA6D8/I
9CyGKFF7ZOw4yMHljAjlQKUZI5r2Wq204TlhaEOr/c5rdR5o4Txhfz6TIWVB0Sa9
KSxGoj77YhJ9q25Z1id6qrp8ne/wTL0137pH26navHO5Rwvz00x2XOZ0f3mt9qq7
be2aiNC0S0HTHp4P4QMycr03zc8o/2A6ne/Hw7WusbM9QKWmC2/zVe40g8o9oEfT
OLDtI6bYHpeUTumDRGwW26z+w11gTLh/Qvgu/M67VumK3Cxx0nKeWCMVSZSpxiYK
kkIFrEiCPVZ7lg6m5JpLHZRRcB0AZtCibIw7BIytT7fnfBydOmg8S1gdiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUBPDXe6EVovkp4dkR87GFL/p1GMB8GA1UdIwQY
MBaAFOnkFe1cDHdZmBABuNsmLad5oEs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVRVjdWd01kMW1ZRUFHNDJ5WXRwM21nU3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS83ZWI2ODMtZTIxOC00MzgyLWJmZDkt
MjhkYTZhMWJhMTI4LzEvMVFFOE5kN29SV2ktU25oMlJIenNZVXYtblVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS83ZWI2ODMtZTIxOC00MzgyLWJmZDktMjhkYTZhMWJhMTI4
LzEvNmVRVjdWd01kMW1ZRUFHNDJ5WXRwM21nU3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YT7MA0G
CSqGSIb3DQEBCwUAA4IBAQCS8T239MI4LL0/MI48YCTdpj/C2KF7AKpTPZav+1X6
clDekqoI4+eYedC3IR8rpyQ6S38ARV5D702ZH+NyB94F8xh2cHWIVAO0xZNQzDDT
ebOiL3xfcvgD6mF0+qW76rG6IRFY0HjuEzKLYCakI2cLELoyOycwdFu6lsBR0b1l
J3g0v+ljmEpGUoZ+ZYr4l+tTHICQPgPd8DclPMIGJuvaftU8NiihgNYGkqUg04+G
K8gTevkAlHLpVdizWFXGagf//90e/EmGLh7RvFz1mcIZZy806BAJyLPPjmLm3BpR
mBedDsD0BW89bj4Y89/EqjC6FICyXgCFOTpRekOUdC+5
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:15:48 2024 by rpki-client on console-fra.rpki-client.org