Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_CBI-xUph-EV2AVx8j6qNT6F6cY.roa
File:                     _CBI-xUph-EV2AVx8j6qNT6F6cY.roa (raw, json)
Hash identifier:          eGGoAm6FxxAsHXaz1GYQBlqYvUDtIyHKVdt98DpdZXY=
Subject key identifier:   FC:20:48:FB:15:29:87:E1:15:D8:05:71:F2:3E:AA:35:3E:85:E9:C6
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       018EF15642DE0D2ED345990D4B0772223E90
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_CBI-xUph-EV2AVx8j6qNT6F6cY.roa
Signing time:             Thu 18 Apr 2024 13:12:26 +0000
ROA not before:           Thu 18 Apr 2024 13:12:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206943
IP address blocks:        37.35.54.0/24 maxlen: 24
                          62.216.76.0/22 maxlen: 22
                          91.225.12.0/23 maxlen: 23
                          188.74.246.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f1:56:42:de:0d:2e:d3:45:99:0d:4b:07:72:22:3e:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Apr 18 13:12:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fc2048fb152987e115d80571f23eaa353e85e9c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e3:66:2a:f3:ef:b4:e5:06:38:3e:39:e3:8c:
                    92:34:7c:0f:df:2d:e7:3b:2a:da:68:ce:af:2e:c4:
                    6a:d4:f6:1c:e3:75:74:27:58:02:d9:41:6e:62:a1:
                    5a:0d:7a:98:96:cd:4c:f7:d2:a2:e2:73:42:05:78:
                    08:1c:55:8e:14:2c:bc:35:fa:17:67:51:76:66:d8:
                    68:da:9a:59:18:ca:81:e6:04:1e:05:43:29:d2:ad:
                    4c:14:51:6b:1e:bb:7b:43:24:64:39:1d:06:24:d2:
                    38:ed:f6:f0:bd:b8:7e:8f:1c:48:41:5f:7e:b8:89:
                    34:ea:d6:b3:0f:a0:be:bf:b6:3e:b4:dc:f9:d1:6f:
                    b3:db:9f:9d:d6:de:09:42:41:8f:fe:de:b2:09:e6:
                    ca:30:d4:1a:3b:ca:af:61:1f:db:58:f9:cf:a5:c2:
                    18:f8:cd:d3:04:09:b1:3c:f1:3e:26:e9:68:fa:96:
                    94:c3:c7:e2:5b:69:98:64:16:9b:68:27:0b:23:e8:
                    93:4e:eb:df:9b:66:e4:47:0d:65:cb:06:6d:28:f3:
                    0f:27:a4:7d:16:ce:98:50:59:4e:a1:cb:57:24:1d:
                    e4:b0:85:6f:29:ed:5e:5d:0f:a8:80:88:6d:29:c3:
                    a6:01:a2:89:85:b1:03:35:55:31:6f:32:61:a4:43:
                    71:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:20:48:FB:15:29:87:E1:15:D8:05:71:F2:3E:AA:35:3E:85:E9:C6
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_CBI-xUph-EV2AVx8j6qNT6F6cY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.35.54.0/24
                  62.216.76.0/22
                  91.225.12.0/23
                  188.74.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:9f:74:73:be:a9:a7:9f:5e:81:40:81:ea:6f:38:85:8a:58:
         c8:35:fd:78:55:75:d8:25:16:47:99:09:af:e5:34:14:a6:25:
         e7:ac:ce:b8:8c:53:0d:0a:5b:9b:77:bc:18:a1:6f:e4:8c:31:
         f1:06:5e:13:6f:2f:f5:d6:28:4a:22:fe:a9:27:97:1f:56:6f:
         6f:f8:e1:74:da:a7:af:08:2f:ed:03:88:bd:6e:06:1e:73:f2:
         4d:46:3e:eb:9b:b2:9e:88:46:e9:52:30:ac:b0:d0:32:b9:5c:
         84:8a:f4:fe:a3:4c:58:4f:d6:a6:6f:d0:05:0d:bc:c3:16:e1:
         b5:3c:a3:69:ca:8b:18:bf:73:a2:e6:4a:76:5a:9f:dc:5c:74:
         16:12:a0:d4:4f:08:d9:60:19:50:98:87:79:56:c0:28:a4:e0:
         f4:d2:cb:5d:57:8f:b9:ce:0a:99:04:75:be:de:8c:43:b0:16:
         f9:99:a0:44:d0:e5:0a:47:a9:5f:b0:02:64:00:a9:c6:a2:fd:
         d5:7f:ba:21:1f:13:8a:29:42:45:f7:8d:11:fd:d9:02:18:30:
         82:eb:82:5b:5b:95:da:a5:1e:58:d9:d5:d7:88:3d:5a:e1:eb:
         7f:c1:40:e4:3f:c8:02:e0:81:c9:f1:a8:65:11:9e:81:ce:fd:
         39:fa:83:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7xVkLeDS7TRZkNSwdyIj6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwNDE4MTMxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIwNDhmYjE1Mjk4N2UxMTVkODA1NzFmMjNlYWEzNTNlODVlOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuNmKvPvtOUGOD4544ySNHwP3y3n
OyraaM6vLsRq1PYc43V0J1gC2UFuYqFaDXqYls1M99Ki4nNCBXgIHFWOFCy8NfoX
Z1F2Ztho2ppZGMqB5gQeBUMp0q1MFFFrHrt7QyRkOR0GJNI47fbwvbh+jxxIQV9+
uIk06tazD6C+v7Y+tNz50W+z25+d1t4JQkGP/t6yCebKMNQaO8qvYR/bWPnPpcIY
+M3TBAmxPPE+Julo+paUw8fiW2mYZBabaCcLI+iTTuvfm2bkRw1lywZtKPMPJ6R9
Fs6YUFlOoctXJB3ksIVvKe1eXQ+ogIhtKcOmAaKJhbEDNVUxbzJhpENxEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPwgSPsVKYfhFdgFcfI+qjU+henGMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvX0NCSS14VXBoLUVWMkFWeDhqNnFOVDZGNmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJSM2AwQC
PthMAwQBW+EMAwQBvEr2MA0GCSqGSIb3DQEBCwUAA4IBAQA0n3Rzvqmnn16BQIHq
bziFiljINf14VXXYJRZHmQmv5TQUpiXnrM64jFMNClubd7wYoW/kjDHxBl4Tby/1
1ihKIv6pJ5cfVm9v+OF02qevCC/tA4i9bgYec/JNRj7rm7KeiEbpUjCssNAyuVyE
ivT+o0xYT9amb9AFDbzDFuG1PKNpyosYv3Oi5kp2Wp/cXHQWEqDUTwjZYBlQmId5
VsAopOD00stdV4+5zgqZBHW+3oxDsBb5maBE0OUKR6lfsAJkAKnGov3Vf7ohHxOK
KUJF940R/dkCGDCC64JbW5XapR5Y2dXXiD1a4et/wUDkP8gC4IHJ8ahlEZ6Bzv05
+oPG
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:18:11 2024 by rpki-client on console-fra.rpki-client.org