Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/bXyIFuGcKRwgt4KRM9PIbgZ83wc.roa
File:                     bXyIFuGcKRwgt4KRM9PIbgZ83wc.roa (raw, json)
Hash identifier:          uBkotGmIibYMPTL2h/f9XOGv8QLb9mnsXpUuNDU2Fd0=
Subject key identifier:   6D:7C:88:16:E1:9C:29:1C:20:B7:82:91:33:D3:C8:6E:06:7C:DF:07
Certificate issuer:       /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial:       018CC5014C7AE2982D7E867AB709463E1470
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/bXyIFuGcKRwgt4KRM9PIbgZ83wc.roa
Signing time:             Mon 01 Jan 2024 12:30:45 +0000
ROA not before:           Mon 01 Jan 2024 12:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     134963
IP address blocks:        212.31.96.0/24 maxlen: 24
                          31.153.230.0/23 maxlen: 23
                          195.14.154.0/24 maxlen: 24
                          195.14.157.0/24 maxlen: 24
                          212.31.123.0/24 maxlen: 24
                          212.31.124.0/24 maxlen: 24
                          212.31.125.0/24 maxlen: 24
                          212.31.127.0/24 maxlen: 24
                          128.0.107.0/24 maxlen: 24
                          81.4.190.0/23 maxlen: 24
                          195.14.130.0/24 maxlen: 24
                          46.199.88.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:4c:7a:e2:98:2d:7e:86:7a:b7:09:46:3e:14:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
        Validity
            Not Before: Jan  1 12:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d7c8816e19c291c20b7829133d3c86e067cdf07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:66:98:02:d7:bc:ac:87:06:77:13:62:06:5a:
                    81:1b:0e:cd:19:44:8f:7a:7d:31:19:f3:45:ac:1e:
                    c8:56:60:c9:b2:12:d6:55:75:fc:f9:36:e0:d2:66:
                    17:7f:c0:b5:08:ab:8f:4e:c8:9d:db:ff:60:22:f5:
                    a0:90:27:9f:db:e6:ec:7a:38:40:4c:c6:d4:87:8a:
                    e9:56:7c:f4:5b:40:0c:cd:cd:2b:52:23:dd:0b:17:
                    35:eb:68:0a:bf:eb:a2:34:7d:73:e8:30:61:6f:de:
                    2f:ae:e1:45:d2:bb:23:09:ce:99:cb:b8:53:cc:b6:
                    7a:e8:9d:ca:89:69:92:f0:1b:dd:0d:2c:ee:3c:f2:
                    ef:c4:86:ec:a9:ec:57:a0:22:03:25:7e:5b:22:7c:
                    f9:43:f3:65:e8:01:4e:76:04:ae:f7:d9:2f:c6:ea:
                    5e:9d:da:d7:72:56:21:fe:eb:4e:63:91:ca:c9:cd:
                    30:cc:80:0c:64:b3:5f:0a:5c:0d:a1:ef:0b:13:b5:
                    f2:00:a6:26:a6:d1:13:b2:1b:c3:ce:b5:b7:23:3f:
                    c3:a9:3b:e1:30:1b:4a:94:1b:aa:ad:69:70:ee:de:
                    c0:28:fb:c8:2c:1c:19:d3:62:0f:25:30:16:57:c8:
                    42:49:47:ee:a0:ec:28:cd:8b:f8:21:ab:e5:3e:f2:
                    a2:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:7C:88:16:E1:9C:29:1C:20:B7:82:91:33:D3:C8:6E:06:7C:DF:07
            X509v3 Authority Key Identifier:
                keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/bXyIFuGcKRwgt4KRM9PIbgZ83wc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.153.230.0/23
                  46.199.88.0/24
                  81.4.190.0/23
                  128.0.107.0/24
                  195.14.130.0/24
                  195.14.154.0/24
                  195.14.157.0/24
                  212.31.96.0/24
                  212.31.123.0-212.31.125.255
                  212.31.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:a5:c8:c0:fa:a3:7b:d7:b9:3d:5d:81:ff:64:f9:70:23:48:
         b0:e0:f0:f3:b1:d1:7e:8b:b0:5b:b5:65:30:76:85:14:f2:52:
         7d:4a:a6:4d:7f:c1:64:7c:ac:01:a5:5f:58:3a:32:82:20:00:
         7e:27:ff:c4:ac:d4:ee:89:c6:f5:dc:29:d2:13:13:7c:ad:52:
         cb:6b:11:93:54:7d:32:40:e4:d7:e1:9c:ad:c1:fd:51:8c:83:
         11:be:96:3c:54:49:01:44:fa:ca:af:68:00:32:7b:d9:f8:e5:
         d6:21:e1:15:ba:27:03:a1:25:52:0e:f6:e1:12:42:11:7d:ad:
         73:ef:8e:10:ba:2e:88:4c:5b:a6:d2:ff:d6:49:b2:ce:98:fc:
         a6:d7:50:55:4f:38:fc:49:cd:5d:b4:a7:0a:4a:15:85:1a:77:
         6c:60:61:df:36:b1:aa:67:c9:19:0e:d6:fd:5d:f6:5e:2d:d2:
         4a:ae:48:c5:58:cb:14:24:e0:08:35:aa:61:d0:26:14:9b:d2:
         72:fe:d0:e6:34:7e:61:96:bc:e1:a2:f3:b5:31:6c:28:63:f6:
         76:d0:7f:78:b5:c9:b1:bd:29:5c:94:c7:9c:70:79:60:4e:f7:
         8b:17:25:58:89:76:12:ed:82:79:93:65:6c:31:68:41:0a:b2:
         ad:20:bf:9f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzFAUx64pgtfoZ6twlGPhRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdjODgxNmUxOWMyOTFjMjBiNzgyOTEzM2QzYzg2ZTA2N2NkZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWaYAte8rIcGdxNiBlqBGw7NGUSP
en0xGfNFrB7IVmDJshLWVXX8+Tbg0mYXf8C1CKuPTsid2/9gIvWgkCef2+bsejhA
TMbUh4rpVnz0W0AMzc0rUiPdCxc162gKv+uiNH1z6DBhb94vruFF0rsjCc6Zy7hT
zLZ66J3KiWmS8BvdDSzuPPLvxIbsqexXoCIDJX5bInz5Q/Nl6AFOdgSu99kvxupe
ndrXclYh/utOY5HKyc0wzIAMZLNfClwNoe8LE7XyAKYmptETshvDzrW3Iz/DqTvh
MBtKlBuqrWlw7t7AKPvILBwZ02IPJTAWV8hCSUfuoOwozYv4IavlPvKi0QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFG18iBbhnCkcILeCkTPTyG4GfN8HMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvYlh5SUZ1R2NLUndndDRLUk05UEliZ1o4M3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBH5nmAwQA
LsdYAwQBUQS+AwQAgABrAwQAww6CAwQAww6aAwQAww6dAwQA1B9gMAwDBADUH3sD
BAHUH3wDBADUH38wDQYJKoZIhvcNAQELBQADggEBAKSlyMD6o3vXuT1dgf9k+XAj
SLDg8POx0X6LsFu1ZTB2hRTyUn1Kpk1/wWR8rAGlX1g6MoIgAH4n/8Ss1O6JxvXc
KdITE3ytUstrEZNUfTJA5NfhnK3B/VGMgxG+ljxUSQFE+sqvaAAye9n45dYh4RW6
JwOhJVIO9uESQhF9rXPvjhC6LohMW6bS/9ZJss6Y/KbXUFVPOPxJzV20pwpKFYUa
d2xgYd82sapnyRkO1v1d9l4t0kquSMVYyxQk4Ag1qmHQJhSb0nL+0OY0fmGWvOGi
87UxbChj9nbQf3i1ybG9KVyUx5xweWBO94sXJViJdhLtgnmTZWwxaEEKsq0gv58=
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:15:33 2024 by rpki-client on console-ams.rpki-client.org