Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JNCXdQJfTSZxITWTFtmGMHpkG8g.roa
File:                     JNCXdQJfTSZxITWTFtmGMHpkG8g.roa (raw, json)
Hash identifier:          HtAYmC6KeLmr37t6Ye76z9T8BRe7qjufXr8OiDjlVXE=
Subject key identifier:   24:D0:97:75:02:5F:4D:26:71:21:35:93:16:D9:86:30:7A:64:1B:C8
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       018CCA96E99E17FAFA795B4A6C7D39D12F80
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JNCXdQJfTSZxITWTFtmGMHpkG8g.roa
Signing time:             Tue 02 Jan 2024 14:32:16 +0000
ROA not before:           Tue 02 Jan 2024 14:32:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50741
IP address blocks:        79.173.79.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 19 Jun 2024 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:96:e9:9e:17:fa:fa:79:5b:4a:6c:7d:39:d1:2f:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Jan  2 14:32:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24d09775025f4d267121359316d986307a641bc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:42:8e:1a:be:88:5d:23:ed:ad:80:80:fd:b1:
                    6e:39:bf:53:6a:05:62:09:09:20:6c:e6:d8:92:cd:
                    bc:38:b2:26:9f:54:e1:55:a3:f5:4d:75:5b:14:15:
                    e7:a8:d0:b8:90:67:1c:e2:e5:6e:ba:26:29:eb:4a:
                    55:5b:98:64:10:f1:d5:b8:e2:ec:87:d6:93:10:36:
                    df:b3:36:b5:eb:5f:1e:eb:b1:8b:c3:a8:7c:c1:5a:
                    e5:f3:7e:4f:3f:54:c6:91:8a:a0:7d:13:ea:42:8c:
                    9a:30:50:08:3a:72:7d:d8:cb:bf:87:fa:f2:36:74:
                    1f:a4:de:c1:f8:f0:7b:73:a0:3b:3c:2a:41:de:02:
                    1a:c3:2f:2d:66:a5:43:b5:df:64:8d:a2:10:ae:bd:
                    56:a1:67:18:55:5f:b5:6b:6b:e3:b3:c5:42:55:7e:
                    e8:98:e4:07:1b:2b:01:77:9c:c8:ab:9c:4b:76:12:
                    84:c1:a1:99:c8:f3:9b:5c:4c:37:cc:0b:19:44:15:
                    d8:23:49:4e:ae:ad:dd:6f:73:71:e6:80:ea:2b:e6:
                    12:4f:11:82:a5:42:db:9a:c5:5b:83:3a:e3:97:2d:
                    89:83:6d:77:4b:a5:b3:de:2d:10:d4:c8:0a:97:e6:
                    b1:91:92:ba:6e:65:dd:85:e5:ec:99:07:d8:f1:56:
                    00:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:D0:97:75:02:5F:4D:26:71:21:35:93:16:D9:86:30:7A:64:1B:C8
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/JNCXdQJfTSZxITWTFtmGMHpkG8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.173.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:97:ae:fb:12:b9:d7:6e:61:ea:03:cf:d1:12:eb:b7:6f:5f:
         8e:92:a8:53:52:13:9f:99:e1:30:0e:9f:3d:95:6f:51:79:7d:
         66:d4:18:48:4e:a8:0f:2f:ea:04:28:5e:bd:d7:c9:2e:b5:bc:
         60:86:7e:2b:e6:31:48:75:86:38:8b:1e:57:bd:a6:7a:df:e7:
         7e:1f:7f:e5:4d:ed:f1:ed:bf:f1:ce:cb:c2:51:2d:59:d7:66:
         93:55:02:09:ce:dd:b4:45:52:5e:e7:b4:e1:9e:5a:00:2f:c7:
         3e:48:94:d3:bf:67:04:74:65:30:2a:4d:68:1d:ea:bc:c5:62:
         ed:1d:a8:8e:cd:f0:76:94:16:e7:b6:dc:03:c8:19:67:e3:4a:
         2d:97:73:f8:5a:92:ab:1e:47:0c:b2:f3:c3:81:17:5a:0f:cf:
         e1:f9:2f:35:2e:27:81:07:b5:39:2e:d3:01:0e:40:c3:65:0e:
         72:5e:c9:7c:95:f7:45:a2:8a:df:5e:ed:d6:92:49:55:0c:ef:
         fe:d7:f7:30:d5:ce:88:78:6f:2b:bd:94:24:ef:4d:0e:c1:58:
         ee:d2:34:4d:3c:bb:a1:11:98:9f:62:87:16:41:ab:3c:5d:d1:
         07:6d:11:fa:aa:41:59:aa:d3:1a:83:3a:91:88:3f:aa:bc:15:
         94:02:e7:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKlumeF/r6eVtKbH050S+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQwMTAyMTQzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQwOTc3NTAyNWY0ZDI2NzEyMTM1OTMxNmQ5ODYzMDdhNjQxYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0KOGr6IXSPtrYCA/bFuOb9TagVi
CQkgbObYks28OLImn1ThVaP1TXVbFBXnqNC4kGcc4uVuuiYp60pVW5hkEPHVuOLs
h9aTEDbfsza1618e67GLw6h8wVrl835PP1TGkYqgfRPqQoyaMFAIOnJ92Mu/h/ry
NnQfpN7B+PB7c6A7PCpB3gIawy8tZqVDtd9kjaIQrr1WoWcYVV+1a2vjs8VCVX7o
mOQHGysBd5zIq5xLdhKEwaGZyPObXEw3zAsZRBXYI0lOrq3db3Nx5oDqK+YSTxGC
pULbmsVbgzrjly2Jg213S6Wz3i0Q1MgKl+axkZK6bmXdheXsmQfY8VYAhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTQl3UCX00mcSE1kxbZhjB6ZBvIMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvSk5DWGRRSmZUU1p4SVRXVEZ0bUdNSHBrRzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT61PMA0G
CSqGSIb3DQEBCwUAA4IBAQArl677ErnXbmHqA8/REuu3b1+OkqhTUhOfmeEwDp89
lW9ReX1m1BhITqgPL+oEKF6918kutbxghn4r5jFIdYY4ix5XvaZ63+d+H3/lTe3x
7b/xzsvCUS1Z12aTVQIJzt20RVJe57ThnloAL8c+SJTTv2cEdGUwKk1oHeq8xWLt
HaiOzfB2lBbnttwDyBln40otl3P4WpKrHkcMsvPDgRdaD8/h+S81LieBB7U5LtMB
DkDDZQ5yXsl8lfdFoorfXu3WkklVDO/+1/cw1c6IeG8rvZQk700OwVju0jRNPLuh
EZifYocWQas8XdEHbRH6qkFZqtMagzqRiD+qvBWUAuej
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:31:50 2024 by rpki-client on console-ams.rpki-client.org