Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/4_NWUsyidVbz1_LISrkzixT64lw.roa
File:                     4_NWUsyidVbz1_LISrkzixT64lw.roa (raw, json)
Hash identifier:          Z1Y6E4fI9nwPdCO0FPVj08ElOwUp+5pzuj3qGOVt9vE=
Subject key identifier:   E3:F3:56:52:CC:A2:75:56:F3:D7:F2:C8:4A:B9:33:8B:14:FA:E2:5C
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       018CC5014B397189B6898FF257EE6EEF48B7
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/4_NWUsyidVbz1_LISrkzixT64lw.roa
Signing time:             Mon 01 Jan 2024 12:30:45 +0000
ROA not before:           Mon 01 Jan 2024 12:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49338
IP address blocks:        81.4.186.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:4b:39:71:89:b6:89:8f:f2:57:ee:6e:ef:48:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Jan  1 12:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e3f35652cca27556f3d7f2c84ab9338b14fae25c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ad:8c:a1:0d:ef:b5:34:af:81:45:9f:11:1b:
                    8c:c1:4b:20:1f:25:de:a8:7b:2e:47:35:36:54:a9:
                    25:b5:b3:e5:67:f8:cb:e3:97:58:43:a0:56:eb:65:
                    8e:24:a4:b8:ed:2c:e2:ec:10:49:cf:15:f3:db:67:
                    98:0c:8d:67:fb:df:6b:0c:e2:fa:f6:6d:36:ee:61:
                    3e:68:32:b8:25:32:9a:eb:94:8e:c1:dc:d4:c1:52:
                    d5:e4:47:d4:25:69:71:97:cb:2d:d8:0b:bd:42:28:
                    a4:70:1e:ef:04:5d:d9:79:6b:25:97:fd:67:ed:dc:
                    7d:68:05:31:73:74:8e:04:e7:ee:f5:4e:8e:df:7b:
                    74:ab:5b:f2:06:94:67:9c:8a:ca:3e:d3:12:3c:01:
                    1d:cc:2c:a1:8e:d0:4e:37:a5:93:4b:91:c3:d3:f3:
                    65:22:09:d3:b0:1d:92:66:01:f6:6c:14:89:47:02:
                    f9:41:23:5d:54:c1:5d:2e:17:ae:4d:95:90:1f:00:
                    a6:af:52:a2:6c:ae:88:76:43:78:25:75:c4:bc:ba:
                    d0:74:06:be:4c:3c:2e:24:77:52:4f:32:fa:3c:92:
                    f4:93:77:1e:0f:94:e6:dd:f7:92:b3:24:d1:07:c0:
                    dc:ea:9d:06:e9:3b:02:f0:0e:81:30:b5:08:8a:9e:
                    29:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:F3:56:52:CC:A2:75:56:F3:D7:F2:C8:4A:B9:33:8B:14:FA:E2:5C
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/4_NWUsyidVbz1_LISrkzixT64lw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.4.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:bf:aa:d0:ae:33:6c:4b:20:5f:dc:b4:70:e9:b3:f9:66:ad:
         c3:cc:65:48:a7:44:7f:1a:65:89:68:e5:4e:74:4d:9f:98:59:
         13:e4:43:25:5b:73:d7:5c:86:21:ea:e7:87:56:8f:b1:60:79:
         75:2b:b9:9c:b3:6a:43:18:54:fb:67:49:c2:46:f8:7e:b2:e8:
         c1:e7:a6:e4:45:03:1c:8d:6e:bd:22:67:ad:d5:bd:ff:cc:23:
         6f:3b:58:83:51:66:70:e3:cc:b9:bd:7a:e8:6a:9b:dc:74:a1:
         b9:5e:43:5a:06:a7:fc:ae:09:57:f4:13:37:ee:97:44:f5:0b:
         27:28:17:dc:96:d5:fc:28:35:9f:41:e8:77:56:dd:ab:f1:1a:
         e7:a5:9f:65:ec:c4:34:a0:96:8a:6d:57:55:96:31:53:a8:38:
         89:ef:69:e2:40:ed:9d:1c:1e:2f:c9:aa:f7:c1:59:f6:bc:9d:
         41:5c:1d:0a:25:f8:eb:cb:53:70:7e:7e:5a:5c:36:75:b1:42:
         d8:3a:14:73:5f:50:5e:b1:1e:90:53:ce:5d:d0:fd:4e:3f:ef:
         d3:42:73:84:a2:3a:e0:f1:bd:44:d6:95:74:f4:16:12:11:e2:
         43:d0:3c:60:50:7c:8f:64:2d:78:f2:ca:39:8a:98:f8:a3:3e:
         a2:0a:ef:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUs5cYm2iY/yV+5u70i3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YzNTY1MmNjYTI3NTU2ZjNkN2YyYzg0YWI5MzM4YjE0ZmFlMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt62MoQ3vtTSvgUWfERuMwUsgHyXe
qHsuRzU2VKkltbPlZ/jL45dYQ6BW62WOJKS47Szi7BBJzxXz22eYDI1n+99rDOL6
9m027mE+aDK4JTKa65SOwdzUwVLV5EfUJWlxl8st2Au9QiikcB7vBF3ZeWsll/1n
7dx9aAUxc3SOBOfu9U6O33t0q1vyBpRnnIrKPtMSPAEdzCyhjtBON6WTS5HD0/Nl
IgnTsB2SZgH2bBSJRwL5QSNdVMFdLheuTZWQHwCmr1KibK6IdkN4JXXEvLrQdAa+
TDwuJHdSTzL6PJL0k3ceD5Tm3feSsyTRB8Dc6p0G6TsC8A6BMLUIip4pmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPzVlLMonVW89fyyEq5M4sU+uJcMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvNF9OV1VzeWlkVmJ6MV9MSVNya3ppeFQ2NGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUQS6MA0G
CSqGSIb3DQEBCwUAA4IBAQAcv6rQrjNsSyBf3LRw6bP5Zq3DzGVIp0R/GmWJaOVO
dE2fmFkT5EMlW3PXXIYh6ueHVo+xYHl1K7mcs2pDGFT7Z0nCRvh+sujB56bkRQMc
jW69Imet1b3/zCNvO1iDUWZw48y5vXroapvcdKG5XkNaBqf8rglX9BM37pdE9Qsn
KBfcltX8KDWfQeh3Vt2r8RrnpZ9l7MQ0oJaKbVdVljFTqDiJ72niQO2dHB4vyar3
wVn2vJ1BXB0KJfjry1Nwfn5aXDZ1sULYOhRzX1BesR6QU85d0P1OP+/TQnOEojrg
8b1E1pV09BYSEeJD0DxgUHyPZC148so5ipj4oz6iCu/S
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:07 2024 by rpki-client on console-ams.rpki-client.org