Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/KomAupEUTouLTNpFp_Xcp2v6Q94.roa
File:                     KomAupEUTouLTNpFp_Xcp2v6Q94.roa (raw, json)
Hash identifier:          CfOLa21BWT2MywXQRh6RsQhwQt4z4rp32IUSoUjAEFU=
Subject key identifier:   2A:89:80:BA:91:14:4E:8B:8B:4C:DA:45:A7:F5:DC:A7:6B:FA:43:DE
Certificate issuer:       /CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Certificate serial:       018CC94D9C20880C4F9387180053CAA9958A
Authority key identifier: E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/KomAupEUTouLTNpFp_Xcp2v6Q94.roa
Signing time:             Tue 02 Jan 2024 08:32:35 +0000
ROA not before:           Tue 02 Jan 2024 08:32:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206882
IP address blocks:        193.135.112.0/22 maxlen: 24
                          91.205.4.0/22 maxlen: 22
                          103.198.80.0/23 maxlen: 24
                          91.206.194.0/23 maxlen: 24
                          194.187.128.0/22 maxlen: 24
                          193.238.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:9c:20:88:0c:4f:93:87:18:00:53:ca:a9:95:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
        Validity
            Not Before: Jan  2 08:32:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2a8980ba91144e8b8b4cda45a7f5dca76bfa43de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:69:ce:b2:fc:89:31:7a:42:11:7f:34:26:38:
                    62:21:b4:c8:14:34:f2:a3:a9:db:1e:e7:b7:4a:e5:
                    a1:57:bd:6a:d8:c4:7a:8f:ae:67:b3:72:e3:f2:56:
                    e3:6e:74:35:03:af:57:23:0d:36:15:6b:06:e6:1c:
                    35:24:90:72:34:ec:74:63:d9:97:99:26:b9:85:56:
                    08:8e:35:8e:00:0e:63:33:3b:46:23:ec:eb:2f:d0:
                    65:b8:76:38:54:6e:86:32:5b:52:37:dc:41:07:cf:
                    84:a2:0b:42:ca:49:9e:21:8f:49:a8:8d:3b:39:4b:
                    b5:8d:8b:f5:de:b8:7d:76:71:19:17:47:4e:a9:02:
                    5a:e9:5b:e0:32:14:a6:fb:1c:c0:d4:5b:a9:da:ce:
                    94:ee:5c:7e:35:82:09:bb:0e:32:60:73:b1:3d:c2:
                    91:e5:a5:b7:ae:d5:21:3e:ce:17:e4:17:cc:4e:6a:
                    5f:00:2c:19:80:74:99:c9:c3:d6:a6:df:d7:d0:a7:
                    0b:11:3d:0b:01:aa:c7:af:d0:18:9e:b3:c8:c9:f8:
                    24:11:e1:34:b0:c9:66:eb:08:6b:b5:29:3b:af:7b:
                    f5:5d:69:e0:d6:b0:2b:3f:51:87:b1:66:15:0b:3b:
                    a7:ae:05:a5:a0:e9:d4:fb:63:6c:8f:d3:5a:5f:2a:
                    3f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:89:80:BA:91:14:4E:8B:8B:4C:DA:45:A7:F5:DC:A7:6B:FA:43:DE
            X509v3 Authority Key Identifier:
                keyid:E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/KomAupEUTouLTNpFp_Xcp2v6Q94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.4.0/22
                  91.206.194.0/23
                  103.198.80.0/23
                  193.135.112.0/22
                  193.238.120.0/22
                  194.187.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:17:4d:5d:d3:08:f8:22:0e:11:22:ed:7f:50:56:67:bd:10:
         ee:26:59:f0:84:75:4f:8e:1e:24:64:04:2a:71:15:19:2c:ef:
         a5:13:dd:08:f5:d3:ec:18:8d:42:50:ab:a6:78:56:ef:2f:bc:
         51:13:5f:3f:8a:c8:82:67:ae:ee:10:3f:5f:1e:b3:5b:ba:88:
         e1:80:92:7d:b7:51:91:43:1d:13:81:4e:d1:0c:56:aa:c6:6b:
         3e:04:8a:4c:47:98:73:37:7d:c8:15:97:bb:b8:4f:9d:e6:b0:
         1a:8b:be:7e:00:93:9a:12:a9:43:8e:22:5c:83:93:b1:50:2a:
         1a:ad:c6:56:d9:31:c0:20:f3:d0:37:18:dd:a7:3b:94:84:ef:
         9e:fd:91:84:34:78:e7:19:0a:95:af:d4:d6:b2:20:d6:b5:2a:
         39:12:a4:2e:7d:00:5e:07:b9:96:bc:a3:60:df:c9:fe:49:4a:
         26:0f:33:19:e3:d6:d4:db:04:53:01:33:23:92:9d:3f:1c:86:
         18:2a:8c:d0:84:f6:7c:8e:99:36:c0:3c:cb:09:6c:45:66:38:
         2f:03:9b:14:9f:bf:f5:96:b1:89:45:20:2f:a5:77:bc:70:6b:
         6d:e6:45:e1:15:13:27:68:4d:b5:7f:84:ab:cd:6b:cb:17:e8:
         1f:29:a7:ad
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTZwgiAxPk4cYAFPKqZWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YzNkNDJmM2IyOTIxYmE3NDE4ZjM4MjAzMmQ2YjM1Yzcx
NTliODgwHhcNMjQwMTAyMDgzMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg5ODBiYTkxMTQ0ZThiOGI0Y2RhNDVhN2Y1ZGNhNzZiZmE0M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGnOsvyJMXpCEX80JjhiIbTIFDTy
o6nbHue3SuWhV71q2MR6j65ns3Lj8lbjbnQ1A69XIw02FWsG5hw1JJByNOx0Y9mX
mSa5hVYIjjWOAA5jMztGI+zrL9BluHY4VG6GMltSN9xBB8+EogtCykmeIY9JqI07
OUu1jYv13rh9dnEZF0dOqQJa6VvgMhSm+xzA1Fup2s6U7lx+NYIJuw4yYHOxPcKR
5aW3rtUhPs4X5BfMTmpfACwZgHSZycPWpt/X0KcLET0LAarHr9AYnrPIyfgkEeE0
sMlm6whrtSk7r3v1XWng1rArP1GHsWYVCzunrgWloOnU+2Nsj9NaXyo/bQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCqJgLqRFE6Li0zaRaf13Kdr+kPeMB8GA1UdIwQY
MBaAFOnD1C87KSG6dBjzggMtazXHFZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDIt
MWExZWFkMmNkMmIxLzEvS29tQXVwRVVUb3VMVE5wRnBfWGNwMnY2UTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIx
LzEvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW80EAwQB
W87CAwQBZ8ZQAwQCwYdwAwQCwe54AwQCwruAMA0GCSqGSIb3DQEBCwUAA4IBAQAz
F01d0wj4Ig4RIu1/UFZnvRDuJlnwhHVPjh4kZAQqcRUZLO+lE90I9dPsGI1CUKum
eFbvL7xRE18/isiCZ67uED9fHrNbuojhgJJ9t1GRQx0TgU7RDFaqxms+BIpMR5hz
N33IFZe7uE+d5rAai75+AJOaEqlDjiJcg5OxUCoarcZW2THAIPPQNxjdpzuUhO+e
/ZGENHjnGQqVr9TWsiDWtSo5EqQufQBeB7mWvKNg38n+SUomDzMZ49bU2wRTATMj
kp0/HIYYKozQhPZ8jpk2wDzLCWxFZjgvA5sUn7/1lrGJRSAvpXe8cGtt5kXhFRMn
aE21f4SrzWvLF+gfKaet
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:31 2024 by rpki-client on console-ams.rpki-client.org