Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/B_ITBtzXYya6OUCfM9LRDnHYPP4.roa
File:                     B_ITBtzXYya6OUCfM9LRDnHYPP4.roa (raw, json)
Hash identifier:          oxL5v3d9D31WHojub4bc999wsuc1Hh0xNy7Cp1N4/dE=
Subject key identifier:   07:F2:13:06:DC:D7:63:26:BA:39:40:9F:33:D2:D1:0E:71:D8:3C:FE
Certificate issuer:       /CN=ed772c2fa23be6fa8e28aea4a715d5ac31f0cc9f
Certificate serial:       019025489E5B7B357B205DEBB1F62E63DF58
Authority key identifier: ED:77:2C:2F:A2:3B:E6:FA:8E:28:AE:A4:A7:15:D5:AC:31:F0:CC:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7XcsL6I75vqOKK6kpxXVrDHwzJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/B_ITBtzXYya6OUCfM9LRDnHYPP4.roa
Signing time:             Mon 17 Jun 2024 08:20:34 +0000
ROA not before:           Mon 17 Jun 2024 08:20:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16110
IP address blocks:        46.174.208.0/24 maxlen: 24
                          46.174.209.0/24 maxlen: 24
                          46.174.211.0/24 maxlen: 24
                          46.174.212.0/24 maxlen: 24
                          46.174.213.0/24 maxlen: 24
                          46.174.214.0/24 maxlen: 24
                          46.174.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/7XcsL6I75vqOKK6kpxXVrDHwzJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/7XcsL6I75vqOKK6kpxXVrDHwzJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7XcsL6I75vqOKK6kpxXVrDHwzJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 11:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:25:48:9e:5b:7b:35:7b:20:5d:eb:b1:f6:2e:63:df:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed772c2fa23be6fa8e28aea4a715d5ac31f0cc9f
        Validity
            Not Before: Jun 17 08:20:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07f21306dcd76326ba39409f33d2d10e71d83cfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:46:17:ce:88:c8:96:6e:ab:0a:bc:f8:39:a8:
                    ed:2b:ea:b6:99:2e:e2:ef:f2:d0:d0:f6:a8:1b:af:
                    9e:b4:4e:c0:e4:4d:5d:1f:06:fe:2c:88:00:13:d4:
                    9f:67:a7:8b:35:73:ea:38:35:21:ac:72:b0:6b:d0:
                    04:bb:a9:3d:e6:1a:82:88:1e:ba:1b:8e:89:29:53:
                    ed:74:46:33:e9:e5:9f:dd:aa:ed:a3:7b:11:7f:54:
                    62:13:fb:ae:7f:ae:69:95:39:eb:d3:5d:3e:c6:67:
                    8d:ba:d4:bf:44:6d:33:ba:93:18:e3:bd:2f:c9:03:
                    b9:c6:71:f4:c3:8f:ee:a1:e7:f5:0f:8b:83:5a:bf:
                    e1:4e:ee:23:27:f2:76:7c:0f:7a:2b:a0:41:24:4f:
                    37:20:64:14:16:23:4b:ca:2f:7f:57:05:14:f6:74:
                    d2:61:fc:ba:c6:c9:43:a1:25:69:91:f0:61:9f:6c:
                    47:b5:49:f9:85:72:eb:39:4d:b6:55:b7:a8:3b:4d:
                    d0:ce:ee:c8:75:a9:d3:7f:7d:3f:7f:4f:17:e7:e5:
                    d7:f0:95:ce:65:d9:1c:52:12:2e:d8:29:bf:57:1e:
                    72:72:67:c2:a5:ee:71:a8:d9:e4:08:20:57:cb:95:
                    10:46:dd:6d:cc:b1:81:1d:4a:d6:d5:6d:8e:af:69:
                    af:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F2:13:06:DC:D7:63:26:BA:39:40:9F:33:D2:D1:0E:71:D8:3C:FE
            X509v3 Authority Key Identifier:
                keyid:ED:77:2C:2F:A2:3B:E6:FA:8E:28:AE:A4:A7:15:D5:AC:31:F0:CC:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XcsL6I75vqOKK6kpxXVrDHwzJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/B_ITBtzXYya6OUCfM9LRDnHYPP4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/790648-dd90-44eb-9a8f-8fa09874113e/1/7XcsL6I75vqOKK6kpxXVrDHwzJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.174.208.0/23
                  46.174.211.0-46.174.215.255

    Signature Algorithm: sha256WithRSAEncryption
         92:1c:0c:c2:bb:90:81:92:1d:f2:6e:66:0e:41:e8:e7:68:b4:
         d2:e0:08:e9:d5:0f:8e:15:15:fe:46:4f:17:74:f6:b3:4e:21:
         fb:9d:40:9f:47:9e:c2:b8:1e:49:41:c2:51:9d:c7:5c:85:a2:
         0f:29:d2:5e:b2:14:cd:2e:fa:9f:9a:05:2a:51:76:03:db:df:
         69:36:e6:9b:59:eb:e7:01:0e:7d:5c:ef:b1:fd:ec:34:13:55:
         a0:eb:18:cf:c5:7e:0f:77:d7:c7:a0:07:fe:d5:49:f1:c5:1c:
         b4:39:6e:fe:93:91:f1:fd:31:a2:4e:89:f8:f8:0a:4e:7f:de:
         80:96:36:5c:5e:79:39:f5:d9:45:fc:c7:47:7a:84:03:80:e8:
         84:0c:a2:b7:23:d5:91:52:a4:41:28:dd:eb:5a:77:d9:c4:32:
         8a:28:1c:ce:af:94:21:1c:8c:a0:60:a4:a9:0a:aa:11:2c:09:
         3a:b7:32:be:ce:3a:00:dd:6d:05:2b:f8:5e:f2:81:a0:1d:bf:
         48:2a:0f:3d:81:b7:d9:51:c1:25:94:c1:93:7f:c4:b8:a1:89:
         14:76:36:d3:e9:a7:69:db:a6:b1:46:1e:53:89:69:7a:4b:b3:
         07:b3:25:f7:a0:1d:27:ff:09:4d:0a:ab:2b:4f:4e:ab:63:1b:
         8b:b4:e3:60
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZAlSJ5bezV7IF3rsfYuY99YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzcyYzJmYTIzYmU2ZmE4ZTI4YWVhNGE3MTVkNWFjMzFm
MGNjOWYwHhcNMjQwNjE3MDgyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2YyMTMwNmRjZDc2MzI2YmEzOTQwOWYzM2QyZDEwZTcxZDgzY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0YXzojIlm6rCrz4OajtK+q2mS7i
7/LQ0PaoG6+etE7A5E1dHwb+LIgAE9SfZ6eLNXPqODUhrHKwa9AEu6k95hqCiB66
G46JKVPtdEYz6eWf3arto3sRf1RiE/uuf65plTnr010+xmeNutS/RG0zupMY470v
yQO5xnH0w4/uoef1D4uDWr/hTu4jJ/J2fA96K6BBJE83IGQUFiNLyi9/VwUU9nTS
Yfy6xslDoSVpkfBhn2xHtUn5hXLrOU22VbeoO03Qzu7IdanTf30/f08X5+XX8JXO
ZdkcUhIu2Cm/Vx5ycmfCpe5xqNnkCCBXy5UQRt1tzLGBHUrW1W2Or2mv9wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAfyEwbc12MmujlAnzPS0Q5x2Dz+MB8GA1UdIwQY
MBaAFO13LC+iO+b6jiiupKcV1awx8MyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hjc0w2STc1dnFPS0s2a3B4WFZyREh3eko4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83OTA2NDgtZGQ5MC00NGViLTlhOGYt
OGZhMDk4NzQxMTNlLzEvQl9JVEJ0elhZeWE2T1VDZk05TFJEbkhZUFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy83OTA2NDgtZGQ5MC00NGViLTlhOGYtOGZhMDk4NzQxMTNl
LzEvN1hjc0w2STc1dnFPS0s2a3B4WFZyREh3eko4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLq7QMAwD
BAAurtMDBAMurtAwDQYJKoZIhvcNAQELBQADggEBAJIcDMK7kIGSHfJuZg5B6Odo
tNLgCOnVD44VFf5GTxd09rNOIfudQJ9HnsK4HklBwlGdx1yFog8p0l6yFM0u+p+a
BSpRdgPb32k25ptZ6+cBDn1c77H97DQTVaDrGM/Ffg9318egB/7VSfHFHLQ5bv6T
kfH9MaJOifj4Ck5/3oCWNlxeeTn12UX8x0d6hAOA6IQMorcj1ZFSpEEo3etad9nE
MoooHM6vlCEcjKBgpKkKqhEsCTq3Mr7OOgDdbQUr+F7ygaAdv0gqDz2Bt9lRwSWU
wZN/xLihiRR2NtPpp2nbprFGHlOJaXpLswezJfegHSf/CU0KqytPTqtjG4u042A=
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:38:01 2024 by rpki-client on console-ams.rpki-client.org