Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/d-h2eQoARMF7OZy-I7hpiw4IpVk.roa
File:                     d-h2eQoARMF7OZy-I7hpiw4IpVk.roa (raw, json)
Hash identifier:          zR0HUcxjFjll7PaQQ17eU4O0MDjeIgBp6TC+OHL0NYs=
Subject key identifier:   77:E8:76:79:0A:00:44:C1:7B:39:9C:BE:23:B8:69:8B:0E:08:A5:59
Certificate issuer:       /CN=6b6e969fe8fb7b2a6b6e464426a4a703d37eb554
Certificate serial:       0192BDBAEC2E4DDB6F940964763DDB8E2FAC
Authority key identifier: 6B:6E:96:9F:E8:FB:7B:2A:6B:6E:46:44:26:A4:A7:03:D3:7E:B5:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a26Wn-j7eyprbkZEJqSnA9N-tVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/d-h2eQoARMF7OZy-I7hpiw4IpVk.roa
Signing time:             Thu 24 Oct 2024 08:53:16 +0000
ROA not before:           Thu 24 Oct 2024 08:53:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61978
IP address blocks:        193.203.116.0/23 maxlen: 23
                          2001:67c:a08::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/a26Wn-j7eyprbkZEJqSnA9N-tVQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/a26Wn-j7eyprbkZEJqSnA9N-tVQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a26Wn-j7eyprbkZEJqSnA9N-tVQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 08:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:bd:ba:ec:2e:4d:db:6f:94:09:64:76:3d:db:8e:2f:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6e969fe8fb7b2a6b6e464426a4a703d37eb554
        Validity
            Not Before: Oct 24 08:53:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=77e876790a0044c17b399cbe23b8698b0e08a559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0e:d3:d5:af:a9:8f:b3:e6:f9:95:1d:a6:30:
                    28:16:e6:85:71:3a:6e:ab:68:ae:71:78:a2:00:2a:
                    02:75:c6:f9:f4:12:19:15:69:1f:5d:73:12:bc:17:
                    c8:6c:9e:9e:f0:ab:50:e5:36:c7:2a:ca:2b:04:01:
                    5d:a0:05:77:91:29:a1:ed:34:b2:e1:90:79:77:8d:
                    95:f3:74:aa:65:67:4d:67:45:ae:74:52:70:aa:17:
                    25:0a:64:c6:cd:8e:5b:92:6e:5d:ca:00:55:af:eb:
                    1c:5c:37:3d:09:3d:fe:b9:b2:e7:f1:9a:2a:7f:68:
                    95:ed:2f:a5:a0:b0:9d:86:c2:09:92:e6:af:58:99:
                    1b:2b:bd:7f:a3:21:55:02:91:43:53:0a:75:c5:5e:
                    3c:63:d5:b7:de:9f:ab:d1:92:c6:2f:c6:86:6a:bd:
                    ac:81:5c:74:cb:d1:e0:78:f4:c9:0e:d4:da:97:95:
                    a5:eb:b3:c5:d1:d9:4b:72:42:70:60:a6:2b:ed:d2:
                    9e:a5:d2:31:1e:ae:f1:e6:fd:63:65:a8:96:8c:67:
                    2b:5f:ab:67:8a:51:70:4e:e7:26:42:c1:48:f4:be:
                    f3:1d:80:06:a2:1c:30:31:89:15:3f:77:ac:87:6b:
                    da:7d:86:7e:d2:e9:3f:98:67:3d:9d:25:e0:39:11:
                    c4:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:E8:76:79:0A:00:44:C1:7B:39:9C:BE:23:B8:69:8B:0E:08:A5:59
            X509v3 Authority Key Identifier:
                keyid:6B:6E:96:9F:E8:FB:7B:2A:6B:6E:46:44:26:A4:A7:03:D3:7E:B5:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a26Wn-j7eyprbkZEJqSnA9N-tVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/d-h2eQoARMF7OZy-I7hpiw4IpVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/a97926-410c-466b-8bf4-ab16b69e6ad5/1/a26Wn-j7eyprbkZEJqSnA9N-tVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.203.116.0/23
                IPv6:
                  2001:67c:a08::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:5a:a6:46:d9:11:fa:13:52:88:7b:ff:28:64:4b:1f:5f:52:
         f8:4c:0c:71:ac:a2:91:6b:b8:5c:29:aa:e6:eb:5b:2f:11:aa:
         d1:f4:a3:6a:76:07:fa:08:4d:e2:32:8e:c2:e8:52:46:43:6f:
         0e:89:4c:e6:5b:2b:a6:b2:36:ea:53:bc:92:8c:09:94:ae:c9:
         f6:01:f2:d0:16:45:36:d1:fd:eb:f0:6f:f8:8d:92:38:b6:c9:
         9f:62:c9:16:76:57:1e:98:b3:41:a0:9b:11:4b:1b:39:2e:5b:
         84:c0:0f:da:63:21:63:e6:bb:db:d3:cc:7a:a3:48:bd:96:07:
         2a:33:15:ac:e5:55:8a:c7:58:a6:f7:12:74:1c:73:c8:3b:bf:
         56:20:7a:92:28:e9:54:0c:0a:1d:65:5f:7f:e1:e8:bd:81:61:
         53:9f:1e:a2:0a:2d:fc:25:7d:e6:f1:15:78:38:df:88:09:9e:
         16:e4:92:2e:c2:39:03:64:ba:c8:2b:ef:d4:9c:7c:8f:3e:80:
         7a:35:5c:15:fa:e0:61:f3:37:9f:85:11:bf:7c:67:00:c3:12:
         93:f2:91:46:f7:d5:72:ba:f3:3d:4c:30:0c:97:2f:0e:bf:82:
         a7:b8:55:8b:aa:43:a8:9d:f4:e6:b8:28:e2:a2:be:08:7e:20:
         2e:18:28:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZK9uuwuTdtvlAlkdj3bji+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmU5NjlmZThmYjdiMmE2YjZlNDY0NDI2YTRhNzAzZDM3
ZWI1NTQwHhcNMjQxMDI0MDg1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U4NzY3OTBhMDA0NGMxN2IzOTljYmUyM2I4Njk4YjBlMDhhNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q7T1a+pj7Pm+ZUdpjAoFuaFcTpu
q2iucXiiACoCdcb59BIZFWkfXXMSvBfIbJ6e8KtQ5TbHKsorBAFdoAV3kSmh7TSy
4ZB5d42V83SqZWdNZ0WudFJwqhclCmTGzY5bkm5dygBVr+scXDc9CT3+ubLn8Zoq
f2iV7S+loLCdhsIJkuavWJkbK71/oyFVApFDUwp1xV48Y9W33p+r0ZLGL8aGar2s
gVx0y9HgePTJDtTal5Wl67PF0dlLckJwYKYr7dKepdIxHq7x5v1jZaiWjGcrX6tn
ilFwTucmQsFI9L7zHYAGohwwMYkVP3esh2vafYZ+0uk/mGc9nSXgORHEkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHfodnkKAETBezmcviO4aYsOCKVZMB8GA1UdIwQY
MBaAFGtulp/o+3sqa25GRCakpwPTfrVUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTI2V24tajdleXByYmtaRUpxU25BOU4tdFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9hOTc5MjYtNDEwYy00NjZiLThiZjQt
YWIxNmI2OWU2YWQ1LzEvZC1oMmVRb0FSTUY3T1p5LUk3aHBpdzRJcFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9hOTc5MjYtNDEwYy00NjZiLThiZjQtYWIxNmI2OWU2YWQ1
LzEvYTI2V24tajdleXByYmtaRUpxU25BOU4tdFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwct0MA8E
AgACMAkDBwAgAQZ8CggwDQYJKoZIhvcNAQELBQADggEBAA1apkbZEfoTUoh7/yhk
Sx9fUvhMDHGsopFruFwpqubrWy8RqtH0o2p2B/oITeIyjsLoUkZDbw6JTOZbK6ay
NupTvJKMCZSuyfYB8tAWRTbR/evwb/iNkji2yZ9iyRZ2Vx6Ys0GgmxFLGzkuW4TA
D9pjIWPmu9vTzHqjSL2WByozFazlVYrHWKb3EnQcc8g7v1YgepIo6VQMCh1lX3/h
6L2BYVOfHqIKLfwlfebxFXg434gJnhbkki7COQNkusgr79ScfI8+gHo1XBX64GHz
N5+FEb98ZwDDEpPykUb31XK68z1MMAyXLw6/gqe4VYuqQ6id9Oa4KOKivgh+IC4Y
KJo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:33 2024 by rpki-client on console-ams.rpki-client.org