Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/00Ma0-_LO7REqz_Vbtrs_1HFk6Q.roa
File:                     00Ma0-_LO7REqz_Vbtrs_1HFk6Q.roa (raw, json)
Hash identifier:          +WBS6DtNYV1Q6Yc3PsF6BfmGtYd7zyXdYSS71mGEPh4=
Subject key identifier:   D3:43:1A:D3:EF:CB:3B:B4:44:AB:3F:D5:6E:DA:EC:FF:51:C5:93:A4
Certificate issuer:       /CN=a126de23c6d7ef87b0fdff8098f05c7b7bc347ae
Certificate serial:       018D997850B630E1133E083345CC4EA97415
Authority key identifier: A1:26:DE:23:C6:D7:EF:87:B0:FD:FF:80:98:F0:5C:7B:7B:C3:47:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oSbeI8bX74ew_f-AmPBce3vDR64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/00Ma0-_LO7REqz_Vbtrs_1HFk6Q.roa
Signing time:             Sun 11 Feb 2024 18:40:15 +0000
ROA not before:           Sun 11 Feb 2024 18:40:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8075
IP address blocks:        45.146.100.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/oSbeI8bX74ew_f-AmPBce3vDR64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/oSbeI8bX74ew_f-AmPBce3vDR64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oSbeI8bX74ew_f-AmPBce3vDR64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:99:78:50:b6:30:e1:13:3e:08:33:45:cc:4e:a9:74:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a126de23c6d7ef87b0fdff8098f05c7b7bc347ae
        Validity
            Not Before: Feb 11 18:40:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d3431ad3efcb3bb444ab3fd56edaecff51c593a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:14:66:a3:b6:2e:34:51:f4:5b:cb:fb:3f:2a:
                    41:19:fd:2b:df:b2:15:f1:77:b8:8a:62:d9:03:9c:
                    30:75:b2:94:78:00:36:ed:05:d5:8b:1a:72:c6:c9:
                    46:9e:60:5e:85:99:e9:3f:ff:3b:87:68:40:ad:71:
                    cb:9f:e2:fe:06:9f:60:1c:03:00:01:1a:25:47:fe:
                    68:fc:dd:f1:08:76:3e:1d:2e:24:3a:e2:6a:9e:4d:
                    b5:ea:cd:ed:df:6b:73:0f:3a:55:65:96:4c:02:74:
                    2f:eb:22:2f:54:9d:4f:d5:75:60:6f:17:0f:17:0b:
                    12:13:6d:03:6b:de:bd:3b:cc:da:0c:84:f6:77:f4:
                    9c:86:ed:20:0a:ae:f7:f4:0f:58:b9:5c:fd:b0:21:
                    74:a7:79:64:ca:d8:cf:5b:4e:41:89:9b:bc:34:a4:
                    d0:e3:5d:da:e3:cb:d4:b4:f0:66:12:48:63:23:a6:
                    8b:2c:d6:74:d9:d9:5e:2d:3d:85:ae:b5:23:21:8a:
                    15:87:06:c9:cc:68:16:b6:a7:42:54:62:d0:4a:96:
                    ff:04:8b:7b:f5:00:0c:e1:3e:8f:11:15:7f:cb:d7:
                    2b:54:2e:28:76:e4:56:a3:75:95:7c:e4:6d:32:aa:
                    85:ba:c1:16:66:e5:53:76:67:97:18:84:d2:00:fa:
                    0b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:43:1A:D3:EF:CB:3B:B4:44:AB:3F:D5:6E:DA:EC:FF:51:C5:93:A4
            X509v3 Authority Key Identifier:
                keyid:A1:26:DE:23:C6:D7:EF:87:B0:FD:FF:80:98:F0:5C:7B:7B:C3:47:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSbeI8bX74ew_f-AmPBce3vDR64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/00Ma0-_LO7REqz_Vbtrs_1HFk6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/c459c2-028c-4776-a3bc-81e3c9e7a06e/1/oSbeI8bX74ew_f-AmPBce3vDR64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:0d:62:c2:a5:bf:24:7a:0d:f1:d0:07:45:0a:57:d8:97:40:
         74:61:2d:04:09:fd:c1:a6:7d:8c:99:71:c8:d6:68:bd:07:38:
         7f:c3:95:10:fa:b1:88:63:e2:62:00:09:e5:b2:cf:a5:ce:2c:
         b5:3c:32:b5:a2:6a:91:e1:19:6c:f9:b1:90:08:1f:04:3d:00:
         fc:8d:5d:34:5d:7e:07:c8:f8:13:4d:dc:39:9a:e8:39:db:f7:
         73:8a:c4:8c:4c:ec:5f:24:a8:ea:7b:f9:11:8e:cb:97:31:ad:
         a0:cc:1b:72:fc:72:d2:6b:cd:d9:56:2a:30:90:c1:74:89:06:
         d7:d9:52:a9:e2:34:87:00:00:7b:5c:ec:b7:5e:2c:f7:47:2d:
         06:21:7b:75:f6:49:c8:cc:28:cd:83:31:a5:6a:bf:5b:06:33:
         25:90:fe:1f:46:25:cd:44:0f:5d:67:f3:a2:82:7b:79:46:60:
         ab:9f:f5:37:0a:b9:03:fb:8a:74:60:df:6e:8e:89:0e:9c:91:
         24:0c:32:89:b4:7b:a4:56:5f:e4:cd:42:1c:32:b7:52:56:d8:
         15:96:a3:b2:59:79:8a:85:e3:22:66:fb:f5:a5:5c:04:cf:58:
         73:7d:52:1a:98:0e:bd:a5:9a:8c:2b:91:e9:a7:55:a9:42:d3:
         90:2b:5a:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ZeFC2MOETPggzRcxOqXQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjZkZTIzYzZkN2VmODdiMGZkZmY4MDk4ZjA1YzdiN2Jj
MzQ3YWUwHhcNMjQwMjExMTg0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQzMWFkM2VmY2IzYmI0NDRhYjNmZDU2ZWRhZWNmZjUxYzU5M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RRmo7YuNFH0W8v7PypBGf0r37IV
8Xe4imLZA5wwdbKUeAA27QXVixpyxslGnmBehZnpP/87h2hArXHLn+L+Bp9gHAMA
ARolR/5o/N3xCHY+HS4kOuJqnk216s3t32tzDzpVZZZMAnQv6yIvVJ1P1XVgbxcP
FwsSE20Da969O8zaDIT2d/Schu0gCq739A9YuVz9sCF0p3lkytjPW05BiZu8NKTQ
413a48vUtPBmEkhjI6aLLNZ02dleLT2FrrUjIYoVhwbJzGgWtqdCVGLQSpb/BIt7
9QAM4T6PERV/y9crVC4oduRWo3WVfORtMqqFusEWZuVTdmeXGITSAPoLnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNDGtPvyzu0RKs/1W7a7P9RxZOkMB8GA1UdIwQY
MBaAFKEm3iPG1++HsP3/gJjwXHt7w0euMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NiZUk4Ylg3NGV3X2YtQW1QQmNlM3ZEUjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9jNDU5YzItMDI4Yy00Nzc2LWEzYmMt
ODFlM2M5ZTdhMDZlLzEvMDBNYTAtX0xPN1JFcXpfVmJ0cnNfMUhGazZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9jNDU5YzItMDI4Yy00Nzc2LWEzYmMtODFlM2M5ZTdhMDZl
LzEvb1NiZUk4Ylg3NGV3X2YtQW1QQmNlM3ZEUjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZJkMA0G
CSqGSIb3DQEBCwUAA4IBAQBpDWLCpb8keg3x0AdFClfYl0B0YS0ECf3Bpn2MmXHI
1mi9Bzh/w5UQ+rGIY+JiAAnlss+lziy1PDK1omqR4Rls+bGQCB8EPQD8jV00XX4H
yPgTTdw5mug52/dzisSMTOxfJKjqe/kRjsuXMa2gzBty/HLSa83ZViowkMF0iQbX
2VKp4jSHAAB7XOy3Xiz3Ry0GIXt19knIzCjNgzGlar9bBjMlkP4fRiXNRA9dZ/Oi
gnt5RmCrn/U3CrkD+4p0YN9ujokOnJEkDDKJtHukVl/kzUIcMrdSVtgVlqOyWXmK
heMiZvv1pVwEz1hzfVIamA69pZqMK5Hpp1WpQtOQK1p1
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:54 2024 by rpki-client on console-ams.rpki-client.org