Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/c-VPo0FCzveHwdsUvM4iU7Ajimo.roa
File:                     c-VPo0FCzveHwdsUvM4iU7Ajimo.roa (raw, json)
Hash identifier:          g+VqFjVevO4srl2sjfWMGTV40DEjjlxVx0v2xzx44TM=
Subject key identifier:   73:E5:4F:A3:41:42:CE:F7:87:C1:DB:14:BC:CE:22:53:B0:23:8A:6A
Certificate issuer:       /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial:       018572A7F4D0109A102CCB849590FEDFCB67
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/c-VPo0FCzveHwdsUvM4iU7Ajimo.roa
Signing time:             Mon 02 Jan 2023 13:24:47 +0000
ROA not before:           Mon 02 Jan 2023 13:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        5.182.22.0/24 maxlen: 24
                          5.182.23.0/24 maxlen: 24
                          2a0e:b800:cccc::/48 maxlen: 48
                          2a0e:b800:aaaa::/48 maxlen: 48
                          2a0e:b800:abcd::/48 maxlen: 48
                          2a0e:b800:bbbb::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Mar 2023 03:28:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a7:f4:d0:10:9a:10:2c:cb:84:95:90:fe:df:cb:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
        Validity
            Not Before: Jan  2 13:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73e54fa34142cef787c1db14bcce2253b0238a6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:cf:4b:d2:72:1c:59:2b:b2:ff:62:f7:6e:ac:
                    21:c8:63:ec:6d:d7:a2:8e:53:10:fb:23:55:7f:b2:
                    47:c0:96:5d:00:d4:93:5a:64:07:6d:37:e3:fa:45:
                    24:d6:64:3e:87:55:e4:db:33:76:7b:38:db:64:89:
                    46:f7:e7:37:5e:1b:ff:21:82:1e:1b:c7:cc:64:41:
                    5f:8e:cd:64:b2:c8:06:96:a1:40:13:95:5c:d6:cc:
                    52:c5:13:79:6c:ae:90:a7:b3:59:79:5c:50:de:56:
                    8f:7b:a8:ce:9a:e8:87:33:1b:c0:20:21:82:e2:e4:
                    6c:54:83:83:ae:5b:d7:7e:18:05:3e:a0:ba:1c:74:
                    89:c4:b4:30:5e:39:67:71:54:06:bf:45:6f:ed:1e:
                    bc:f9:b0:26:e6:48:f8:92:6f:0f:61:f8:32:92:31:
                    4e:b5:fd:27:d2:ad:b8:90:cf:8c:36:f4:41:65:47:
                    49:b5:59:db:d7:b8:c8:c6:f6:9b:6e:c4:8d:60:03:
                    d6:87:cf:2d:04:7d:12:0f:80:c9:0a:86:2e:90:51:
                    95:f2:2d:e4:29:0c:1f:5c:c8:5b:a5:3f:8b:3e:89:
                    9e:08:fa:61:a3:e3:b6:60:a4:e1:22:3c:11:03:22:
                    0d:23:57:1f:ee:94:a0:59:43:d3:6f:14:52:e7:02:
                    b0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                73:E5:4F:A3:41:42:CE:F7:87:C1:DB:14:BC:CE:22:53:B0:23:8A:6A
            X509v3 Authority Key Identifier: 
                keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/c-VPo0FCzveHwdsUvM4iU7Ajimo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.22.0/23
                IPv6:
                  2a0e:b800:aaaa::/48
                  2a0e:b800:abcd::/48
                  2a0e:b800:bbbb::/48
                  2a0e:b800:cccc::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:77:35:e5:9e:1c:1b:9c:0f:4f:e3:7f:9d:32:28:ed:38:3f:
         c4:b0:01:b2:01:64:60:e0:af:c7:9f:4f:22:47:b8:05:a5:82:
         73:1a:de:9e:f3:98:6b:0f:ae:13:b0:e7:4c:9d:85:bc:9d:ff:
         b6:a7:05:a4:e8:d9:1f:ba:f2:96:68:da:36:b4:b6:20:35:80:
         0b:d6:f1:b2:f3:e8:b9:2d:96:a8:9c:73:3a:0d:69:b0:14:0e:
         78:a2:06:42:15:f7:ab:1e:95:f7:c6:ce:d4:6d:28:45:21:ac:
         59:14:43:de:3a:1e:01:5e:95:80:c7:9a:15:51:96:f6:54:54:
         d0:3f:46:c7:ef:94:b7:34:6d:cc:0e:30:c2:71:e6:eb:3e:de:
         4a:aa:88:e6:95:d3:a3:00:59:a8:21:d5:19:7a:66:33:56:1d:
         c9:2d:0f:be:b6:7f:e0:92:92:78:18:76:61:76:8d:dd:d8:ca:
         8a:2b:82:65:c2:4e:9c:ab:5a:22:7a:2f:12:9a:e3:ab:0a:15:
         90:93:25:37:a5:05:53:fb:64:c0:a9:bd:df:4b:5d:1c:0d:f4:
         cf:da:cf:70:5a:e3:64:ca:ed:82:b0:f0:f6:5c:19:4e:90:e4:
         3d:5e:fb:45:5e:60:4d:23:14:77:eb:8c:e8:1b:24:08:34:3a:
         02:cb:40:6e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVyp/TQEJoQLMuElZD+38tnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjMwMTAyMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U1NGZhMzQxNDJjZWY3ODdjMWRiMTRiY2NlMjI1M2IwMjM4YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgs9L0nIcWSuy/2L3bqwhyGPsbdei
jlMQ+yNVf7JHwJZdANSTWmQHbTfj+kUk1mQ+h1Xk2zN2ezjbZIlG9+c3Xhv/IYIe
G8fMZEFfjs1kssgGlqFAE5Vc1sxSxRN5bK6Qp7NZeVxQ3laPe6jOmuiHMxvAICGC
4uRsVIODrlvXfhgFPqC6HHSJxLQwXjlncVQGv0Vv7R68+bAm5kj4km8PYfgykjFO
tf0n0q24kM+MNvRBZUdJtVnb17jIxvabbsSNYAPWh88tBH0SD4DJCoYukFGV8i3k
KQwfXMhbpT+LPomeCPpho+O2YKThIjwRAyINI1cf7pSgWUPTbxRS5wKwbQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHPlT6NBQs73h8HbFLzOIlOwI4pqMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvYy1WUG8wRkN6dmVId2RzVXZNNGlVN0FqaW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQBBbYWMCoE
AgACMCQDBwAqDrgAqqoDBwAqDrgAq80DBwAqDrgAu7sDBwAqDrgAzMwwDQYJKoZI
hvcNAQELBQADggEBAFF3NeWeHBucD0/jf50yKO04P8SwAbIBZGDgr8efTyJHuAWl
gnMa3p7zmGsPrhOw50ydhbyd/7anBaTo2R+68pZo2ja0tiA1gAvW8bLz6Lktlqic
czoNabAUDniiBkIV96selffGztRtKEUhrFkUQ946HgFelYDHmhVRlvZUVNA/Rsfv
lLc0bcwOMMJx5us+3kqqiOaV06MAWagh1Rl6ZjNWHcktD762f+CSkngYdmF2jd3Y
yoorgmXCTpyrWiJ6LxKa46sKFZCTJTelBVP7ZMCpvd9LXRwN9M/az3Ba42TK7YKw
8PZcGU6Q5D1e+0VeYE0jFHfrjOgbJAg0OgLLQG4=
-----END CERTIFICATE-----
Generated at Wed Mar 15 12:20:23 2023 by rpki-client on console-fra.rpki-client.org