Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/EIs-TM0J617h8IJhOrGQXdMLO8Q.roa
File:                     EIs-TM0J617h8IJhOrGQXdMLO8Q.roa (raw, json)
Hash identifier:          Lqs/NAIeWtGqt0vqueg/AtnxhSTxrrHWUN7494sud9g=
Subject key identifier:   10:8B:3E:4C:CD:09:EB:5E:E1:F0:82:61:3A:B1:90:5D:D3:0B:3B:C4
Certificate issuer:       /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial:       018CC64A7A9BF8976EC89C6D9DA17C474615
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/EIs-TM0J617h8IJhOrGQXdMLO8Q.roa
Signing time:             Mon 01 Jan 2024 18:30:18 +0000
ROA not before:           Mon 01 Jan 2024 18:30:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58071
IP address blocks:        37.230.156.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 09:26:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:7a:9b:f8:97:6e:c8:9c:6d:9d:a1:7c:47:46:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
        Validity
            Not Before: Jan  1 18:30:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=108b3e4ccd09eb5ee1f082613ab1905dd30b3bc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:14:11:65:ab:b6:bd:98:02:bb:96:5d:9d:c9:
                    ba:08:1e:86:43:80:73:e2:47:f4:00:36:24:4a:2d:
                    c3:a8:4c:c4:9c:77:17:11:94:de:99:a3:ff:79:88:
                    70:e3:1a:f4:2c:ab:c4:42:77:c0:bd:0b:ea:fe:85:
                    34:17:c7:58:0a:94:08:1a:68:4c:a3:94:df:5a:0d:
                    12:f6:5d:dd:88:f6:c6:c9:f9:23:51:f7:63:ab:99:
                    e8:73:42:08:60:87:4d:79:b7:fa:65:67:d6:22:a6:
                    51:5a:c8:b7:33:a4:06:8a:ab:04:9d:57:44:68:19:
                    ba:12:dd:6c:38:5f:b6:c3:a6:f8:c0:ac:4c:c5:1d:
                    01:10:f8:90:1f:22:54:96:73:a8:4a:33:ac:df:cb:
                    ff:bb:8c:15:c3:3f:cd:eb:09:36:43:f0:f5:fd:9f:
                    3c:a0:ee:b7:f9:74:e5:93:5c:26:1a:38:ef:4b:fa:
                    8b:b7:c9:33:94:0c:db:5b:2a:c6:d0:0f:dd:31:8f:
                    29:10:b5:33:45:69:b6:ad:ab:d3:e4:bc:64:74:c8:
                    c1:b2:cd:d8:a2:f3:64:ba:91:fb:5d:91:c0:04:6a:
                    f2:d8:85:cd:19:f7:13:c3:02:cd:d1:0e:c0:dd:97:
                    d3:47:7b:2c:03:b9:9f:d0:a0:05:cc:ac:0e:53:35:
                    2c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:8B:3E:4C:CD:09:EB:5E:E1:F0:82:61:3A:B1:90:5D:D3:0B:3B:C4
            X509v3 Authority Key Identifier:
                keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/EIs-TM0J617h8IJhOrGQXdMLO8Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:9d:01:c7:4e:7c:79:ba:77:3f:c2:0f:74:a2:15:0e:22:77:
         14:c3:bf:5d:8c:52:5c:89:d7:31:5e:8a:99:09:5e:14:40:07:
         ae:39:fa:23:ac:7c:9e:58:a2:44:9d:64:19:fa:ea:4a:18:dc:
         d3:67:01:16:09:87:93:3c:ea:7b:f3:23:10:5f:c5:59:e8:e7:
         dd:5c:d6:43:00:d5:d0:b2:0b:76:43:b5:c9:b4:f7:41:c3:fd:
         b8:6a:18:ba:dc:87:e2:9b:59:b4:5c:bf:1b:82:36:59:48:7f:
         6e:01:a0:e8:79:57:e8:05:b3:e1:67:f6:17:2a:c2:bc:d5:14:
         90:8f:ae:e7:31:82:54:a5:bf:56:d8:de:86:3c:02:12:21:9d:
         ad:1b:d2:21:9f:52:a7:e0:17:f1:35:16:ab:02:4d:89:a7:e3:
         bb:40:5c:a6:09:d0:b1:34:1b:a6:e2:c0:57:e3:16:a7:a1:f8:
         7f:60:1f:1d:07:dc:21:c6:9b:2e:df:62:39:50:04:1b:eb:5a:
         16:f2:cd:16:d9:ec:c4:9d:a3:44:d7:9b:45:43:35:2a:28:3b:
         83:d5:75:71:01:bf:d1:3e:0b:56:3e:cb:fc:c6:a3:40:63:c8:
         a8:75:5d:c8:0a:83:98:e8:3e:8f:5c:f7:d1:2b:39:37:77:70:
         67:0f:cf:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSnqb+JduyJxtnaF8R0YVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDhiM2U0Y2NkMDllYjVlZTFmMDgyNjEzYWIxOTA1ZGQzMGIzYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBQRZau2vZgCu5Zdncm6CB6GQ4Bz
4kf0ADYkSi3DqEzEnHcXEZTemaP/eYhw4xr0LKvEQnfAvQvq/oU0F8dYCpQIGmhM
o5TfWg0S9l3diPbGyfkjUfdjq5noc0IIYIdNebf6ZWfWIqZRWsi3M6QGiqsEnVdE
aBm6Et1sOF+2w6b4wKxMxR0BEPiQHyJUlnOoSjOs38v/u4wVwz/N6wk2Q/D1/Z88
oO63+XTlk1wmGjjvS/qLt8kzlAzbWyrG0A/dMY8pELUzRWm2ravT5LxkdMjBss3Y
ovNkupH7XZHABGry2IXNGfcTwwLN0Q7A3ZfTR3ssA7mf0KAFzKwOUzUs+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCLPkzNCete4fCCYTqxkF3TCzvEMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvRUlzLVRNMEo2MTdoOElKaE9yR1FYZE1MTzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeacMA0G
CSqGSIb3DQEBCwUAA4IBAQCBnQHHTnx5unc/wg90ohUOIncUw79djFJcidcxXoqZ
CV4UQAeuOfojrHyeWKJEnWQZ+upKGNzTZwEWCYeTPOp78yMQX8VZ6OfdXNZDANXQ
sgt2Q7XJtPdBw/24ahi63Ifim1m0XL8bgjZZSH9uAaDoeVfoBbPhZ/YXKsK81RSQ
j67nMYJUpb9W2N6GPAISIZ2tG9Ihn1Kn4BfxNRarAk2Jp+O7QFymCdCxNBum4sBX
4xanofh/YB8dB9whxpsu32I5UAQb61oW8s0W2ezEnaNE15tFQzUqKDuD1XVxAb/R
PgtWPsv8xqNAY8iodV3ICoOY6D6PXPfRKzk3d3BnD8+z
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:12 2024 by rpki-client on console-ams.rpki-client.org