Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/L0rh4yhnNJIJx1GXanKf7y5__ow.roa
File:                     L0rh4yhnNJIJx1GXanKf7y5__ow.roa (raw, json)
Hash identifier:          Q+A750hxYkOnxEHwRMkYs1OmRuU2h9+K5OYax2R+NxM=
Subject key identifier:   2F:4A:E1:E3:28:67:34:92:09:C7:51:97:6A:72:9F:EF:2E:7F:FE:8C
Certificate issuer:       /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial:       018CCA28776B866D74A02E24774CD5318717
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/L0rh4yhnNJIJx1GXanKf7y5__ow.roa
Signing time:             Tue 02 Jan 2024 12:31:38 +0000
ROA not before:           Tue 02 Jan 2024 12:31:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211056
IP address blocks:        5.57.38.0/24 maxlen: 24
                          185.215.230.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:77:6b:86:6d:74:a0:2e:24:77:4c:d5:31:87:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
        Validity
            Not Before: Jan  2 12:31:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2f4ae1e32867349209c751976a729fef2e7ffe8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:1b:e3:8e:9a:f3:45:1d:47:f0:4d:87:fa:ff:
                    9a:93:d3:52:f4:34:b0:87:a0:a2:93:c8:77:f9:2f:
                    39:e9:2e:fc:15:fb:82:6c:68:a1:ed:5c:0e:4e:f4:
                    01:59:b4:70:9e:db:67:30:b7:40:23:6c:51:24:1a:
                    6a:dc:fd:d0:53:63:7e:d0:db:e7:92:2f:cf:32:d0:
                    1f:88:94:33:24:f1:42:8e:fb:cb:59:2c:42:56:97:
                    15:3a:0a:94:c1:f5:db:42:f7:84:74:24:67:08:71:
                    86:b0:24:8e:d0:b2:76:07:09:ec:40:3e:37:e9:5a:
                    f2:66:47:d2:e3:d5:66:90:9b:96:b8:d1:44:d1:df:
                    0a:f5:a9:23:ca:12:01:fe:b4:9e:48:51:c3:89:ce:
                    21:37:76:a5:fc:94:ec:b8:29:3e:1f:7b:3e:0b:6c:
                    af:36:3d:8a:0a:fa:23:37:11:0e:55:ef:d5:60:21:
                    97:17:62:a1:86:0b:95:9e:80:1e:d6:f1:6c:ac:8a:
                    cb:33:72:26:64:db:eb:25:a9:45:d3:dd:6f:42:5d:
                    63:4b:a4:b2:1e:7a:bb:9a:65:22:8b:71:c6:7d:7c:
                    da:59:38:42:4b:ef:12:35:d1:6e:7c:36:85:53:8c:
                    2c:cf:8f:40:ef:ea:61:42:e0:86:0f:ae:45:6f:cb:
                    b2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:4A:E1:E3:28:67:34:92:09:C7:51:97:6A:72:9F:EF:2E:7F:FE:8C
            X509v3 Authority Key Identifier:
                keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/L0rh4yhnNJIJx1GXanKf7y5__ow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.57.38.0/24
                  185.215.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:99:92:3c:39:7a:ff:d2:ac:5e:c0:2b:97:a5:25:f1:2b:43:
         aa:6a:5d:d6:89:e5:0a:34:3f:f2:c9:4b:eb:af:52:76:21:a9:
         78:ef:ae:50:f3:87:1c:bc:2b:50:01:9c:b5:39:76:60:a4:ac:
         e3:1e:c4:16:b8:2b:c0:56:69:e7:5a:bf:58:8f:6e:86:4d:15:
         fb:80:39:49:74:46:4e:99:9f:5e:8f:9a:3e:9b:2c:e5:cc:ff:
         d4:5e:9b:31:f5:fc:20:4d:76:9b:a2:3c:5c:91:10:bf:37:05:
         9c:d0:8e:bc:7d:fc:3a:db:ac:a2:05:87:b9:fa:00:25:09:e1:
         21:5f:e5:31:31:5c:02:3f:c1:1d:e6:21:4f:10:35:dc:8d:c6:
         cc:2d:10:90:d7:57:6b:e7:29:8d:8e:c7:55:91:65:47:93:25:
         a7:f7:b6:80:b6:c8:41:9e:be:ac:a4:da:84:db:8a:7c:93:71:
         27:17:92:e3:d6:23:cc:09:fe:38:7d:31:19:83:06:ba:81:0c:
         d1:25:88:90:88:04:89:b8:5e:e2:1a:a0:6b:a3:97:74:59:e2:
         b1:5d:79:22:41:58:21:10:3c:b0:04:06:a4:c2:23:51:e7:e6:
         21:5c:32:15:20:26:35:45:de:c0:0c:0d:87:62:fb:f0:90:e7:
         e5:6b:c6:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKHdrhm10oC4kd0zVMYcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAyMTIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRhZTFlMzI4NjczNDkyMDljNzUxOTc2YTcyOWZlZjJlN2ZmZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BvjjprzRR1H8E2H+v+ak9NS9DSw
h6Cik8h3+S856S78FfuCbGih7VwOTvQBWbRwnttnMLdAI2xRJBpq3P3QU2N+0Nvn
ki/PMtAfiJQzJPFCjvvLWSxCVpcVOgqUwfXbQveEdCRnCHGGsCSO0LJ2BwnsQD43
6VryZkfS49VmkJuWuNFE0d8K9akjyhIB/rSeSFHDic4hN3al/JTsuCk+H3s+C2yv
Nj2KCvojNxEOVe/VYCGXF2KhhguVnoAe1vFsrIrLM3ImZNvrJalF091vQl1jS6Sy
Hnq7mmUii3HGfXzaWThCS+8SNdFufDaFU4wsz49A7+phQuCGD65Fb8uyFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC9K4eMoZzSSCcdRl2pyn+8uf/6MMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTDByaDR5aG5OSklKeDFHWGFuS2Y3eTVfX293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABTkmAwQA
udfmMA0GCSqGSIb3DQEBCwUAA4IBAQCjmZI8OXr/0qxewCuXpSXxK0Oqal3WieUK
ND/yyUvrr1J2Ial4765Q84ccvCtQAZy1OXZgpKzjHsQWuCvAVmnnWr9Yj26GTRX7
gDlJdEZOmZ9ej5o+myzlzP/UXpsx9fwgTXabojxckRC/NwWc0I68ffw626yiBYe5
+gAlCeEhX+UxMVwCP8Ed5iFPEDXcjcbMLRCQ11dr5ymNjsdVkWVHkyWn97aAtshB
nr6spNqE24p8k3EnF5Lj1iPMCf44fTEZgwa6gQzRJYiQiASJuF7iGqBro5d0WeKx
XXkiQVghEDywBAakwiNR5+YhXDIVICY1Rd7ADA2HYvvwkOfla8ZL
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:44 2024 by rpki-client on console-fra.rpki-client.org