Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/1-RxlRyygfeRidULSDCVw9BDLvoo.roa
File:                     1-RxlRyygfeRidULSDCVw9BDLvoo.roa (raw, json)
Hash identifier:          rNkZP9yBDG7yJ3OUbZEdFcMlQk31wrLry0/sX874pvk=
Subject key identifier:   F9:1C:65:47:2C:A0:7D:E4:62:75:42:D2:0C:25:70:F4:10:CB:BE:8A
Certificate issuer:       /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial:       018D8EF4AAAC7463E8B23F372827BA3D8DE4
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/1-RxlRyygfeRidULSDCVw9BDLvoo.roa
Signing time:             Fri 09 Feb 2024 17:40:15 +0000
ROA not before:           Fri 09 Feb 2024 17:40:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44812
IP address blocks:        2a12:9502::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8e:f4:aa:ac:74:63:e8:b2:3f:37:28:27:ba:3d:8d:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
        Validity
            Not Before: Feb  9 17:40:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f91c65472ca07de4627542d20c2570f410cbbe8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:2d:1a:68:35:df:e1:18:ee:9f:79:b2:b6:df:
                    7f:66:a0:1f:a4:67:13:a6:b8:99:63:3a:37:51:86:
                    b5:f9:e8:09:33:53:02:1c:48:38:8d:9a:46:25:ef:
                    27:72:68:82:22:3f:d9:db:4a:b5:22:34:37:8e:f6:
                    1d:fb:75:19:ed:f9:5c:4a:16:b6:af:40:c8:a0:84:
                    0d:81:dc:6b:81:75:24:44:d7:3d:1a:27:da:52:36:
                    de:78:e3:79:73:dd:fc:77:9e:95:e6:1a:3f:67:ef:
                    7e:2f:3b:aa:1a:34:cd:07:5d:ea:8e:5c:06:94:4d:
                    87:b9:6c:b3:e4:28:aa:1f:4a:34:69:98:f7:4d:60:
                    01:a8:ec:8a:8b:5e:0b:ae:cc:3b:82:17:21:85:44:
                    3a:bb:13:44:ef:48:ad:3d:5a:ab:75:7f:0d:4c:6a:
                    0a:67:c5:4b:03:14:c8:a1:26:23:19:32:42:6f:7c:
                    39:4e:72:9d:e2:c6:eb:f3:6e:c0:6e:62:32:ce:2a:
                    65:40:21:fa:08:3c:37:34:ac:c7:09:72:a9:be:04:
                    79:bf:54:1a:5c:b0:8a:f3:ec:5d:1a:9a:62:10:e4:
                    d9:2c:4b:77:b3:88:d2:9e:91:f5:cb:fb:fe:bf:ce:
                    cb:7e:e6:43:67:2e:1a:89:76:23:82:73:66:65:b8:
                    70:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:1C:65:47:2C:A0:7D:E4:62:75:42:D2:0C:25:70:F4:10:CB:BE:8A
            X509v3 Authority Key Identifier:
                keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/1-RxlRyygfeRidULSDCVw9BDLvoo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:9502::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:84:13:21:75:cb:67:dc:fb:f1:77:80:b6:21:f9:fb:38:4f:
         d4:3c:38:dc:85:bd:04:e5:0c:5a:52:8e:5c:7e:d5:46:9c:dd:
         c7:d3:45:e7:f0:27:67:b3:f6:7e:9e:c6:34:49:41:dd:2f:3c:
         5e:f7:32:7d:24:1c:08:68:17:73:fa:60:26:f0:7b:1b:b6:3d:
         4c:b3:c7:80:54:87:cb:3a:d8:d8:bd:dc:59:87:30:28:9a:1b:
         c4:39:8a:02:80:d7:3f:a3:ac:a0:46:0c:77:79:f2:77:ae:f5:
         fc:f1:d8:79:db:71:46:71:21:13:c7:4e:c4:4d:a2:99:ef:85:
         41:8e:e8:9a:1f:4b:57:55:34:c2:39:4a:ce:05:df:e8:25:67:
         29:45:e4:9c:e4:fb:61:ea:21:be:81:42:11:c9:c8:55:fc:f0:
         54:2d:4e:98:c0:89:47:76:40:de:1b:2a:1f:33:19:68:06:2e:
         a0:9d:a3:56:c0:7f:ae:2f:f9:a3:6e:71:66:85:ac:bd:da:7b:
         3f:0b:34:1c:9e:1a:0d:fe:f9:bd:74:77:42:b1:78:33:d1:7a:
         4b:f8:08:e5:84:78:c3:6e:07:f3:ed:79:22:03:a1:60:24:22:
         10:4b:9e:68:56:85:a6:39:d2:d6:e0:3c:7d:dd:76:27:4b:2e:
         fa:59:87:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY2O9KqsdGPosj83KCe6PY3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwMjA5MTc0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFjNjU0NzJjYTA3ZGU0NjI3NTQyZDIwYzI1NzBmNDEwY2JiZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS0aaDXf4Rjun3mytt9/ZqAfpGcT
priZYzo3UYa1+egJM1MCHEg4jZpGJe8ncmiCIj/Z20q1IjQ3jvYd+3UZ7flcSha2
r0DIoIQNgdxrgXUkRNc9GifaUjbeeON5c938d56V5ho/Z+9+LzuqGjTNB13qjlwG
lE2HuWyz5CiqH0o0aZj3TWABqOyKi14Lrsw7ghchhUQ6uxNE70itPVqrdX8NTGoK
Z8VLAxTIoSYjGTJCb3w5TnKd4sbr827AbmIyziplQCH6CDw3NKzHCXKpvgR5v1Qa
XLCK8+xdGppiEOTZLEt3s4jSnpH1y/v+v87LfuZDZy4aiXYjgnNmZbhw4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPkcZUcsoH3kYnVC0gwlcPQQy76KMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvMS1SeGxSeXlnZmVSaWRVTFNEQ1Z3OUJETHZvby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzIvYzJlMTZlLWFiNjgtNDQyOS05NmVlLTAwMmYyNmUzYjg5
OC8xL0wxeXJpZ21wX2VJOGxqWDQ0V1N1OEo0WGxJdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoSlQIw
DQYJKoZIhvcNAQELBQADggEBAHSEEyF1y2fc+/F3gLYh+fs4T9Q8ONyFvQTlDFpS
jlx+1Uac3cfTRefwJ2ez9n6exjRJQd0vPF73Mn0kHAhoF3P6YCbwexu2PUyzx4BU
h8s62Ni93FmHMCiaG8Q5igKA1z+jrKBGDHd58neu9fzx2HnbcUZxIRPHTsRNopnv
hUGO6JofS1dVNMI5Ss4F3+glZylF5Jzk+2HqIb6BQhHJyFX88FQtTpjAiUd2QN4b
Kh8zGWgGLqCdo1bAf64v+aNucWaFrL3aez8LNByeGg3++b10d0KxeDPRekv4COWE
eMNuB/PteSIDoWAkIhBLnmhWhaY50tbgPH3ddidLLvpZh/A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:19 2024 by rpki-client on console-fra.rpki-client.org