Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/jDGLLpmAcrQ99YYseq522TDpwQc.roa
File:                     jDGLLpmAcrQ99YYseq522TDpwQc.roa (raw, json)
Hash identifier:          PZ/uT713dgeHbHtatOxca/xf6sZ8Ij6LCtTjVmiSVfI=
Subject key identifier:   8C:31:8B:2E:99:80:72:B4:3D:F5:86:2C:7A:AE:76:D9:30:E9:C1:07
Certificate issuer:       /CN=9eee4669fc08a4d4337509110613862b314f1ac7
Certificate serial:       018CC86F2B055313A6144E1FF3B9432188F9
Authority key identifier: 9E:EE:46:69:FC:08:A4:D4:33:75:09:11:06:13:86:2B:31:4F:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/jDGLLpmAcrQ99YYseq522TDpwQc.roa
Signing time:             Tue 02 Jan 2024 04:29:37 +0000
ROA not before:           Tue 02 Jan 2024 04:29:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60475
IP address blocks:        45.10.84.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:2b:05:53:13:a6:14:4e:1f:f3:b9:43:21:88:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9eee4669fc08a4d4337509110613862b314f1ac7
        Validity
            Not Before: Jan  2 04:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8c318b2e998072b43df5862c7aae76d930e9c107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:7c:2b:67:58:7d:16:4a:71:84:f6:01:0f:af:
                    8a:73:5c:d9:54:6b:de:b9:11:08:e8:1b:74:9a:0a:
                    1b:af:e3:f2:fb:51:a9:87:42:43:40:ed:53:c2:85:
                    09:2b:cd:3c:e3:e4:56:a2:8f:d3:49:e3:81:e3:6c:
                    e3:2f:4e:50:e3:dc:27:8d:cc:c1:69:ea:20:0a:c5:
                    50:e6:0c:01:cf:2a:64:71:de:d0:d0:2d:67:ee:41:
                    df:4a:53:b2:0a:91:5a:9b:2c:27:92:d0:50:45:38:
                    c2:9f:b3:10:2f:58:3f:7b:f1:16:e9:eb:9f:e9:96:
                    de:54:c0:3b:b9:cc:5a:54:b1:02:de:65:41:2b:e7:
                    1e:3b:49:46:bc:11:fe:03:62:9e:84:5f:b3:3a:92:
                    4c:7b:c2:db:5b:3e:b0:62:6f:43:37:9c:00:87:47:
                    50:42:7f:66:2d:a3:eb:4c:94:03:54:6c:74:12:aa:
                    a3:21:65:2f:24:58:5d:f4:ab:04:37:3b:a2:8c:8e:
                    15:29:31:86:4f:21:1a:be:e6:2b:b0:bc:d5:18:ae:
                    ce:6e:36:95:f7:a5:e1:fb:0f:74:0c:8e:4e:10:45:
                    8c:d3:53:06:39:53:d0:a6:ab:77:bc:9c:28:26:9f:
                    20:6f:4f:d9:ca:ca:5c:a1:fe:d5:4a:0a:1d:33:fe:
                    8c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:31:8B:2E:99:80:72:B4:3D:F5:86:2C:7A:AE:76:D9:30:E9:C1:07
            X509v3 Authority Key Identifier:
                keyid:9E:EE:46:69:FC:08:A4:D4:33:75:09:11:06:13:86:2B:31:4F:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/jDGLLpmAcrQ99YYseq522TDpwQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:2c:c5:a2:2e:47:53:ab:7c:89:df:a4:be:bb:d0:ef:ca:7f:
         c2:17:11:f9:6a:87:17:ad:57:e5:ce:d5:6e:58:df:80:c2:f9:
         4e:15:f0:ff:9b:ff:6a:68:b0:ae:a2:4e:fd:98:0b:df:cf:70:
         f4:03:3a:93:2a:c6:73:f2:a6:c2:5c:35:ac:68:56:22:1b:04:
         0c:ce:b6:ed:37:f7:06:f7:71:b9:2a:59:27:f1:c3:c8:e2:ea:
         d3:af:e0:5c:86:33:61:45:4c:a4:7b:aa:b9:f0:a4:32:67:74:
         04:fb:bd:e1:f7:af:72:0d:46:34:7a:fe:7e:59:27:63:24:e1:
         ec:54:58:72:c0:6a:de:2f:d1:25:c5:2c:04:d6:35:ea:78:d5:
         6d:ca:2b:89:c0:cd:8b:1a:4d:80:a1:63:23:02:93:63:d1:26:
         fb:b8:83:4a:c7:41:14:bc:86:6f:42:46:67:2a:75:0f:ea:10:
         c6:47:d3:e0:26:a1:35:d5:46:2b:a4:41:b7:08:8a:f8:14:bc:
         30:38:d1:4b:71:a1:8b:3f:59:36:b2:57:d2:9e:1c:eb:c0:91:
         2f:c9:d7:1b:d1:3f:c3:e0:da:f8:ab:54:0c:81:eb:f9:cc:c2:
         ab:6f:a9:0d:29:bd:41:ff:e6:90:96:7c:75:6b:c8:92:43:a3:
         0c:68:5f:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbysFUxOmFE4f87lDIYj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWU0NjY5ZmMwOGE0ZDQzMzc1MDkxMTA2MTM4NjJiMzE0
ZjFhYzcwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzMxOGIyZTk5ODA3MmI0M2RmNTg2MmM3YWFlNzZkOTMwZTljMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHwrZ1h9FkpxhPYBD6+Kc1zZVGve
uREI6Bt0mgobr+Py+1Gph0JDQO1TwoUJK8084+RWoo/TSeOB42zjL05Q49wnjczB
aeogCsVQ5gwBzypkcd7Q0C1n7kHfSlOyCpFamywnktBQRTjCn7MQL1g/e/EW6euf
6ZbeVMA7ucxaVLEC3mVBK+ceO0lGvBH+A2KehF+zOpJMe8LbWz6wYm9DN5wAh0dQ
Qn9mLaPrTJQDVGx0EqqjIWUvJFhd9KsENzuijI4VKTGGTyEavuYrsLzVGK7ObjaV
96Xh+w90DI5OEEWM01MGOVPQpqt3vJwoJp8gb0/Zyspcof7VSgodM/6MYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwxiy6ZgHK0PfWGLHqudtkw6cEHMB8GA1UdIwQY
MBaAFJ7uRmn8CKTUM3UJEQYThisxTxrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnU1R2Fmd0lwTlF6ZFFrUkJoT0dLekZQR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iOTQ2N2MtODRhZi00OTNhLTlkYjkt
NGRkNTljN2M2MzA1LzEvakRHTExwbUFjclE5OVlZc2VxNTIyVERwd1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iOTQ2N2MtODRhZi00OTNhLTlkYjktNGRkNTljN2M2MzA1
LzEvbnU1R2Fmd0lwTlF6ZFFrUkJoT0dLekZQR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQpUMA0G
CSqGSIb3DQEBCwUAA4IBAQBSLMWiLkdTq3yJ36S+u9Dvyn/CFxH5aocXrVflztVu
WN+AwvlOFfD/m/9qaLCuok79mAvfz3D0AzqTKsZz8qbCXDWsaFYiGwQMzrbtN/cG
93G5Klkn8cPI4urTr+BchjNhRUyke6q58KQyZ3QE+73h969yDUY0ev5+WSdjJOHs
VFhywGreL9ElxSwE1jXqeNVtyiuJwM2LGk2AoWMjApNj0Sb7uINKx0EUvIZvQkZn
KnUP6hDGR9PgJqE11UYrpEG3CIr4FLwwONFLcaGLP1k2slfSnhzrwJEvydcb0T/D
4Nr4q1QMgev5zMKrb6kNKb1B/+aQlnx1a8iSQ6MMaF8j
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:39:44 2024 by rpki-client on console-ams.rpki-client.org