Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/pyZadd2PTtamneerbOfrizJpG-c.roa
File:                     pyZadd2PTtamneerbOfrizJpG-c.roa (raw, json)
Hash identifier:          od5Cac7V9niCcxQBOzujtWw5ck2ZRgwpZ9wvX8bRBhE=
Subject key identifier:   A7:26:5A:75:DD:8F:4E:D6:A6:9D:E7:AB:6C:E7:EB:8B:32:69:1B:E7
Certificate issuer:       /CN=a6116d043e44b404144e6a42d26aa9daf53d04a7
Certificate serial:       018CC424E3901CA08718EC43D8D801CBF40D
Authority key identifier: A6:11:6D:04:3E:44:B4:04:14:4E:6A:42:D2:6A:A9:DA:F5:3D:04:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/phFtBD5EtAQUTmpC0mqp2vU9BKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/pyZadd2PTtamneerbOfrizJpG-c.roa
Signing time:             Mon 01 Jan 2024 08:30:01 +0000
ROA not before:           Mon 01 Jan 2024 08:30:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42518
IP address blocks:        91.192.190.0/23 maxlen: 23
                          91.215.122.0/23 maxlen: 23
                          91.192.188.0/23 maxlen: 23
                          91.215.120.0/22 maxlen: 22
                          91.215.120.0/23 maxlen: 23
                          91.192.188.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/phFtBD5EtAQUTmpC0mqp2vU9BKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/phFtBD5EtAQUTmpC0mqp2vU9BKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/phFtBD5EtAQUTmpC0mqp2vU9BKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:e3:90:1c:a0:87:18:ec:43:d8:d8:01:cb:f4:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6116d043e44b404144e6a42d26aa9daf53d04a7
        Validity
            Not Before: Jan  1 08:30:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a7265a75dd8f4ed6a69de7ab6ce7eb8b32691be7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:bc:62:23:ac:71:0d:b3:9a:41:b3:61:8b:8d:
                    83:2c:22:0e:dc:99:44:a6:5c:2e:7a:47:42:6f:86:
                    35:ac:98:14:2d:fe:12:e7:d4:68:5c:57:34:21:8e:
                    ed:07:05:e0:63:c9:52:de:68:fb:1f:47:11:e6:62:
                    2a:8f:7d:e9:27:25:ca:e3:4e:ec:ea:49:5a:32:40:
                    56:55:dc:f7:c0:b5:83:4c:a4:b7:44:15:b1:d8:2c:
                    5d:0d:53:13:61:a3:fd:15:a7:fb:c5:0d:ff:ff:bb:
                    57:cb:0f:69:61:77:f8:b0:c9:82:d9:b8:f3:33:0f:
                    86:6d:e5:89:c9:94:ff:a1:3c:ea:d1:65:e7:03:cd:
                    af:b3:6f:01:f4:0f:41:42:35:0e:70:2d:70:53:6a:
                    48:f9:06:73:76:c7:d4:e6:6b:ab:15:e7:98:cb:99:
                    fd:6d:79:41:be:b1:e6:a9:64:2d:28:47:bd:a3:ee:
                    55:88:7d:cb:bf:20:f6:ce:1a:d0:5e:81:81:34:c9:
                    af:e9:19:c7:39:0a:e1:9a:12:cd:e7:da:99:62:b9:
                    c9:a9:1e:6c:05:4a:c9:a6:0e:56:7a:7a:dc:fb:99:
                    a2:76:e1:d9:ba:fa:a7:66:3d:4e:58:ef:db:fe:15:
                    cd:c4:70:4a:46:2d:a7:b2:5f:fb:0e:51:87:9c:94:
                    ac:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:26:5A:75:DD:8F:4E:D6:A6:9D:E7:AB:6C:E7:EB:8B:32:69:1B:E7
            X509v3 Authority Key Identifier:
                keyid:A6:11:6D:04:3E:44:B4:04:14:4E:6A:42:D2:6A:A9:DA:F5:3D:04:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phFtBD5EtAQUTmpC0mqp2vU9BKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/pyZadd2PTtamneerbOfrizJpG-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/250dc8-0701-427a-a89d-43f5bcf6775d/1/phFtBD5EtAQUTmpC0mqp2vU9BKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.188.0/22
                  91.215.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:28:66:fc:7e:48:08:97:1f:16:e8:63:0d:e9:ca:4e:a9:c3:
         0e:85:3e:94:5b:f3:b1:cb:49:17:b0:47:c6:ea:b6:c7:4f:7d:
         fe:ca:d2:18:09:73:11:55:68:27:aa:e3:97:7c:16:38:c6:87:
         c7:b7:0f:06:a8:51:69:f7:69:28:83:8c:f8:86:cb:d3:c3:e3:
         90:d8:b7:b6:73:df:02:3a:a1:ad:11:42:31:95:9d:11:20:46:
         61:cb:bd:8b:1b:5a:9e:da:af:1f:da:96:58:b6:3c:68:40:0a:
         7b:a8:24:c8:54:ab:68:c4:97:19:f3:a1:8a:09:c1:51:13:6b:
         0e:20:aa:cd:d4:3c:1e:31:8f:84:44:bb:4a:34:7d:ea:fe:58:
         55:e6:cd:21:20:85:d1:e1:94:20:f8:44:08:ac:0a:49:8f:e6:
         1c:5d:29:15:f3:9f:34:96:84:f0:ae:28:f7:6d:4e:c5:28:8d:
         92:e8:ac:f2:69:35:3d:16:c4:4b:49:0c:a7:98:49:99:f0:8a:
         33:3a:9e:ef:65:e2:8a:1c:01:28:02:1d:30:06:fa:04:45:d7:
         ae:72:09:43:2d:0c:80:88:46:b4:fd:19:93:f2:50:7e:95:57:
         d3:3b:0a:53:8d:89:14:35:3d:03:30:2f:d3:4f:d6:62:a1:6f:
         1f:94:eb:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJOOQHKCHGOxD2NgBy/QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MTE2ZDA0M2U0NGI0MDQxNDRlNmE0MmQyNmFhOWRhZjUz
ZDA0YTcwHhcNMjQwMTAxMDgzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI2NWE3NWRkOGY0ZWQ2YTY5ZGU3YWI2Y2U3ZWI4YjMyNjkxYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbxiI6xxDbOaQbNhi42DLCIO3JlE
plwuekdCb4Y1rJgULf4S59RoXFc0IY7tBwXgY8lS3mj7H0cR5mIqj33pJyXK407s
6klaMkBWVdz3wLWDTKS3RBWx2CxdDVMTYaP9Faf7xQ3//7tXyw9pYXf4sMmC2bjz
Mw+GbeWJyZT/oTzq0WXnA82vs28B9A9BQjUOcC1wU2pI+QZzdsfU5murFeeYy5n9
bXlBvrHmqWQtKEe9o+5ViH3LvyD2zhrQXoGBNMmv6RnHOQrhmhLN59qZYrnJqR5s
BUrJpg5Wenrc+5miduHZuvqnZj1OWO/b/hXNxHBKRi2nsl/7DlGHnJSsZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcmWnXdj07Wpp3nq2zn64syaRvnMB8GA1UdIwQY
MBaAFKYRbQQ+RLQEFE5qQtJqqdr1PQSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhGdEJENUV0QVFVVG1wQzBtcXAydlU5QktjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yNTBkYzgtMDcwMS00MjdhLWE4OWQt
NDNmNWJjZjY3NzVkLzEvcHlaYWRkMlBUdGFtbmVlcmJPZnJpekpwRy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yNTBkYzgtMDcwMS00MjdhLWE4OWQtNDNmNWJjZjY3NzVk
LzEvcGhGdEJENUV0QVFVVG1wQzBtcXAydlU5QktjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8C8AwQC
W9d4MA0GCSqGSIb3DQEBCwUAA4IBAQA1KGb8fkgIlx8W6GMN6cpOqcMOhT6UW/Ox
y0kXsEfG6rbHT33+ytIYCXMRVWgnquOXfBY4xofHtw8GqFFp92kog4z4hsvTw+OQ
2Le2c98COqGtEUIxlZ0RIEZhy72LG1qe2q8f2pZYtjxoQAp7qCTIVKtoxJcZ86GK
CcFRE2sOIKrN1DweMY+ERLtKNH3q/lhV5s0hIIXR4ZQg+EQIrApJj+YcXSkV8580
loTwrij3bU7FKI2S6KzyaTU9FsRLSQynmEmZ8IozOp7vZeKKHAEoAh0wBvoERdeu
cglDLQyAiEa0/RmT8lB+lVfTOwpTjYkUNT0DMC/TT9ZioW8flOvW
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:00 2024 by rpki-client on console-fra.rpki-client.org