Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/S26V1eeUt3EvAJRt7WqNXK1RWIc.roa
File:                     S26V1eeUt3EvAJRt7WqNXK1RWIc.roa (raw, json)
Hash identifier:          E8b4LxDuopeApkfITAqIeqDZ+QkLsLxx7XXEM7q7KSs=
Subject key identifier:   4B:6E:95:D5:E7:94:B7:71:2F:00:94:6D:ED:6A:8D:5C:AD:51:58:87
Certificate issuer:       /CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
Certificate serial:       018CFA79456EBE65143F614DE52E05B57411
Authority key identifier: 7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/S26V1eeUt3EvAJRt7WqNXK1RWIc.roa
Signing time:             Thu 11 Jan 2024 21:41:40 +0000
ROA not before:           Thu 11 Jan 2024 21:41:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56373
IP address blocks:        62.122.120.0/21 maxlen: 32
                          91.224.116.0/23 maxlen: 32
                          185.53.144.0/22 maxlen: 32
                          194.49.104.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fa:79:45:6e:be:65:14:3f:61:4d:e5:2e:05:b5:74:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a10ee228073328a2c2081cbb2a96cd1264dbef1
        Validity
            Not Before: Jan 11 21:41:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b6e95d5e794b7712f00946ded6a8d5cad515887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:88:58:5d:42:ee:7f:35:a1:4d:3b:43:6f:84:
                    d2:cf:46:40:1c:b2:bc:b7:25:7d:70:94:d4:a1:ba:
                    f4:95:3d:eb:3c:32:47:2f:48:3e:81:f3:6c:4d:47:
                    43:dd:3f:27:cd:0f:32:81:d1:59:ec:0c:a0:9a:e4:
                    d8:26:9c:cc:14:83:08:67:c0:46:f6:a5:32:9a:9c:
                    19:da:64:79:9a:ef:51:0d:98:25:82:d2:15:fd:8f:
                    4c:41:dd:9c:ad:b5:b8:19:ed:af:e5:64:97:88:36:
                    07:84:76:ad:98:5c:52:c7:27:47:a3:37:dc:4f:89:
                    2a:e9:43:76:2e:5a:c2:1a:23:7b:ab:83:4b:bc:7b:
                    d8:18:1f:db:eb:fe:5b:83:59:b3:0c:c4:a1:8b:3e:
                    53:7c:fe:68:85:64:a5:13:8b:7a:eb:d5:92:85:c8:
                    d5:21:79:e4:79:49:c5:e4:0c:ea:e8:4d:3e:e3:df:
                    6a:f9:15:57:ea:10:b5:5b:7e:b9:2b:0f:47:3c:c8:
                    4d:dd:99:cd:a3:e4:22:80:b3:1c:4f:bd:2d:ba:a5:
                    28:71:98:af:0c:75:7c:8c:7d:48:b1:a8:2a:59:f1:
                    bf:21:98:f0:ef:fb:93:f0:15:91:53:b2:cf:8b:a6:
                    05:40:fe:23:20:f3:0d:67:8d:91:66:33:b2:cb:5b:
                    14:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:6E:95:D5:E7:94:B7:71:2F:00:94:6D:ED:6A:8D:5C:AD:51:58:87
            X509v3 Authority Key Identifier:
                keyid:7A:10:EE:22:80:73:32:8A:2C:20:81:CB:B2:A9:6C:D1:26:4D:BE:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehDuIoBzMoosIIHLsqls0SZNvvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/S26V1eeUt3EvAJRt7WqNXK1RWIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fb1827-a7e9-45c8-b643-76e07a577e4d/1/ehDuIoBzMoosIIHLsqls0SZNvvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.120.0/21
                  91.224.116.0/23
                  185.53.144.0/22
                  194.49.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:5f:61:14:2f:d7:4b:54:9c:83:07:4e:6d:91:47:b6:9d:06:
         8f:26:f6:f0:c1:10:74:47:9c:90:8a:dd:ae:23:35:33:c6:3a:
         5d:ba:f8:8d:0a:62:97:ba:ee:91:b4:ae:ad:1f:26:25:31:17:
         73:a7:59:d0:2d:b1:5d:48:a8:e4:75:b6:e9:23:4b:a3:84:f7:
         a5:7a:71:56:c2:ca:37:2b:ba:e5:30:f3:73:b5:55:2c:67:a3:
         87:80:12:e3:f4:24:22:71:85:a9:51:6b:73:c1:9d:39:83:bd:
         14:04:12:31:ac:54:eb:75:d0:d5:71:5d:75:66:16:08:53:54:
         c3:0c:1c:3a:a6:1e:d6:1f:df:49:a7:75:3b:b8:10:6e:7f:a3:
         99:da:e9:0c:33:08:d4:c5:7b:1d:58:a9:8d:e1:28:54:1f:a5:
         a9:14:55:65:ed:f5:b3:63:72:28:7f:06:9e:0b:5b:1d:00:b8:
         4d:cc:ed:fc:f3:07:70:ef:76:ca:89:7d:4a:f9:a3:43:cd:05:
         7b:77:7f:83:b4:13:5f:1d:fc:ed:fe:ef:7a:25:b8:13:d8:ec:
         77:14:07:c8:2e:81:8c:93:01:b2:ad:26:02:59:9a:92:b9:7d:
         e4:f3:8f:34:b8:ea:1f:b4:00:bd:bf:39:ae:49:1e:2b:cc:f9:
         25:9c:90:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYz6eUVuvmUUP2FN5S4FtXQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTBlZTIyODA3MzMyOGEyYzIwODFjYmIyYTk2Y2QxMjY0
ZGJlZjEwHhcNMjQwMTExMjE0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZlOTVkNWU3OTRiNzcxMmYwMDk0NmRlZDZhOGQ1Y2FkNTE1ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIhYXULufzWhTTtDb4TSz0ZAHLK8
tyV9cJTUobr0lT3rPDJHL0g+gfNsTUdD3T8nzQ8ygdFZ7AygmuTYJpzMFIMIZ8BG
9qUympwZ2mR5mu9RDZglgtIV/Y9MQd2crbW4Ge2v5WSXiDYHhHatmFxSxydHozfc
T4kq6UN2LlrCGiN7q4NLvHvYGB/b6/5bg1mzDMShiz5TfP5ohWSlE4t669WShcjV
IXnkeUnF5Azq6E0+499q+RVX6hC1W365Kw9HPMhN3ZnNo+QigLMcT70tuqUocZiv
DHV8jH1IsagqWfG/IZjw7/uT8BWRU7LPi6YFQP4jIPMNZ42RZjOyy1sU/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEtuldXnlLdxLwCUbe1qjVytUViHMB8GA1UdIwQY
MBaAFHoQ7iKAczKKLCCBy7KpbNEmTb7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMt
NzZlMDdhNTc3ZTRkLzEvUzI2VjFlZVV0M0V2QUpSdDdXcU5YSzFSV0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mYjE4MjctYTdlOS00NWM4LWI2NDMtNzZlMDdhNTc3ZTRk
LzEvZWhEdUlvQnpNb29zSUlITHNxbHMwU1pOdnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPnp4AwQB
W+B0AwQCuTWQAwQCwjFoMA0GCSqGSIb3DQEBCwUAA4IBAQA8X2EUL9dLVJyDB05t
kUe2nQaPJvbwwRB0R5yQit2uIzUzxjpduviNCmKXuu6RtK6tHyYlMRdzp1nQLbFd
SKjkdbbpI0ujhPelenFWwso3K7rlMPNztVUsZ6OHgBLj9CQicYWpUWtzwZ05g70U
BBIxrFTrddDVcV11ZhYIU1TDDBw6ph7WH99Jp3U7uBBuf6OZ2ukMMwjUxXsdWKmN
4ShUH6WpFFVl7fWzY3IofwaeC1sdALhNzO388wdw73bKiX1K+aNDzQV7d3+DtBNf
Hfzt/u96JbgT2Ox3FAfILoGMkwGyrSYCWZqSuX3k8480uOoftAC9vzmuSR4rzPkl
nJBv
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:01:17 2024 by rpki-client on console-fra.rpki-client.org