Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9Hlng-1ayQZEQ1ZvEiQvmhCquWQ.roa
File:                     9Hlng-1ayQZEQ1ZvEiQvmhCquWQ.roa (raw, json)
Hash identifier:          c6dXPRfLlIlN4ghZ7s0/qGIK/+PQr8Ifghi3wW5h7sI=
Subject key identifier:   F4:79:67:83:ED:5A:C9:06:44:43:56:6F:12:24:2F:9A:10:AA:B9:64
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       018CC34892EB5D691E43F79385658D1B67B3
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9Hlng-1ayQZEQ1ZvEiQvmhCquWQ.roa
Signing time:             Mon 01 Jan 2024 04:29:22 +0000
ROA not before:           Mon 01 Jan 2024 04:29:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198889
IP address blocks:        2a05:1083::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:92:eb:5d:69:1e:43:f7:93:85:65:8d:1b:67:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Jan  1 04:29:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f4796783ed5ac9064443566f12242f9a10aab964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:d9:a6:82:33:58:39:37:e0:47:39:3d:60:57:
                    c4:e7:84:c8:d7:97:01:cc:2e:e5:b9:ff:88:a9:8c:
                    03:fd:a0:76:19:93:66:67:d8:7b:c0:fd:d5:ec:ce:
                    95:d7:68:fc:5e:51:7b:0f:35:84:cf:21:da:7e:da:
                    cf:b9:dc:52:12:42:1d:a9:ae:f2:8d:eb:f9:e9:f3:
                    cd:fa:cb:95:c4:63:59:39:a1:2c:e2:ea:7f:32:53:
                    b9:ee:fb:d8:d1:0d:b8:e9:ff:a4:33:d3:73:92:8b:
                    16:f1:a2:e0:a6:de:ed:4b:18:0b:60:58:a2:2e:08:
                    6c:88:78:04:4f:46:d3:32:67:16:c2:d4:26:b8:b0:
                    e2:83:c0:eb:ac:c5:dc:f3:49:22:96:3c:fd:c5:46:
                    d9:b7:86:be:1e:cf:27:8c:41:b1:08:4e:26:5c:22:
                    3a:c2:30:e1:84:31:38:d9:97:28:2f:8e:3c:44:13:
                    42:22:c6:af:3d:09:3e:60:6e:f0:eb:81:89:a4:99:
                    46:c9:2e:11:f5:55:4a:36:58:72:d2:86:1f:14:56:
                    35:6b:0e:f1:99:6e:2a:09:3b:d2:e2:1c:36:27:87:
                    c4:6d:6b:e6:2a:88:bb:3f:29:6d:14:e5:47:32:ec:
                    ae:45:c5:eb:5d:35:f7:ee:f5:52:ee:a7:39:95:b8:
                    c1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:79:67:83:ED:5A:C9:06:44:43:56:6F:12:24:2F:9A:10:AA:B9:64
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/9Hlng-1ayQZEQ1ZvEiQvmhCquWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:1083::/32

    Signature Algorithm: sha256WithRSAEncryption
         2d:88:fd:21:01:70:7a:24:78:92:98:f6:eb:b2:d4:67:b8:6f:
         48:e2:a6:49:0e:63:ca:92:4b:1f:71:b8:e7:b7:51:44:72:ec:
         b4:1e:ff:6f:15:cc:86:6e:84:87:4b:bc:c4:cb:92:d3:c7:8b:
         bd:0f:9c:05:61:ad:fc:65:92:b6:28:b1:2c:80:dc:33:97:c8:
         5b:b5:85:07:b6:d6:90:f4:63:ff:66:61:0e:88:5a:fc:9b:29:
         cc:b7:ae:57:8e:53:49:51:70:98:e5:3c:cd:13:7a:ef:4a:28:
         82:4d:36:ef:e0:22:db:49:99:fe:9b:88:85:0d:51:3d:62:00:
         68:0d:61:01:e5:e2:54:c9:2d:c4:f4:b4:da:a8:9b:12:d5:02:
         16:0b:ff:6c:bb:7c:1a:32:27:68:51:67:51:03:e9:b8:62:a5:
         b5:f2:13:59:2f:0d:af:1d:5e:54:a0:ba:2b:1f:8e:65:80:14:
         79:c5:58:a0:fa:f9:aa:e5:8e:24:91:4b:ef:bc:0d:54:b3:c5:
         ea:4f:88:28:02:91:16:28:cf:c4:01:b6:b4:d3:27:8a:38:ca:
         29:4f:21:54:0f:5c:ae:f0:ec:0f:a5:7f:f7:10:62:a2:43:c0:
         57:c0:d8:4b:43:f6:d6:85:0c:38:45:0f:f6:b0:51:84:e4:d0:
         f0:1b:14:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSJLrXWkeQ/eThWWNG2ezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDc5Njc4M2VkNWFjOTA2NDQ0MzU2NmYxMjI0MmY5YTEwYWFiOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdmmgjNYOTfgRzk9YFfE54TI15cB
zC7luf+IqYwD/aB2GZNmZ9h7wP3V7M6V12j8XlF7DzWEzyHaftrPudxSEkIdqa7y
jev56fPN+suVxGNZOaEs4up/MlO57vvY0Q246f+kM9NzkosW8aLgpt7tSxgLYFii
LghsiHgET0bTMmcWwtQmuLDig8DrrMXc80kiljz9xUbZt4a+Hs8njEGxCE4mXCI6
wjDhhDE42ZcoL448RBNCIsavPQk+YG7w64GJpJlGyS4R9VVKNlhy0oYfFFY1aw7x
mW4qCTvS4hw2J4fEbWvmKoi7PyltFOVHMuyuRcXrXTX37vVS7qc5lbjB0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPR5Z4PtWskGRENWbxIkL5oQqrlkMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvOUhsbmctMWF5UVpFUTFadkVpUXZtaENxdVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUQgzAN
BgkqhkiG9w0BAQsFAAOCAQEALYj9IQFweiR4kpj267LUZ7hvSOKmSQ5jypJLH3G4
57dRRHLstB7/bxXMhm6Eh0u8xMuS08eLvQ+cBWGt/GWStiixLIDcM5fIW7WFB7bW
kPRj/2ZhDoha/JspzLeuV45TSVFwmOU8zRN670oogk027+Ai20mZ/puIhQ1RPWIA
aA1hAeXiVMktxPS02qibEtUCFgv/bLt8GjInaFFnUQPpuGKltfITWS8Nrx1eVKC6
Kx+OZYAUecVYoPr5quWOJJFL77wNVLPF6k+IKAKRFijPxAG2tNMnijjKKU8hVA9c
rvDsD6V/9xBiokPAV8DYS0P21oUMOEUP9rBRhOTQ8BsUkA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:03 2024 by rpki-client on console-ams.rpki-client.org