Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/REm_8LcojeiOVRWmiGLAo0K1xWw.roa
File:                     REm_8LcojeiOVRWmiGLAo0K1xWw.roa (raw, json)
Hash identifier:          wGal+09F+hzkcH+dgMVAd3+zfxhrSmCtlD+YX9TwWC8=
Subject key identifier:   44:49:BF:F0:B7:28:8D:E8:8E:55:15:A6:88:62:C0:A3:42:B5:C5:6C
Certificate issuer:       /CN=6735a8295a30d7dfcac2a570b8decb25c4652140
Certificate serial:       018CC3493ABD2E8918D64EC2BFD1944E562E
Authority key identifier: 67:35:A8:29:5A:30:D7:DF:CA:C2:A5:70:B8:DE:CB:25:C4:65:21:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZzWoKVow19_KwqVwuN7LJcRlIUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/REm_8LcojeiOVRWmiGLAo0K1xWw.roa
Signing time:             Mon 01 Jan 2024 04:30:05 +0000
ROA not before:           Mon 01 Jan 2024 04:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59723
IP address blocks:        185.233.232.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/ZzWoKVow19_KwqVwuN7LJcRlIUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/ZzWoKVow19_KwqVwuN7LJcRlIUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZzWoKVow19_KwqVwuN7LJcRlIUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:3a:bd:2e:89:18:d6:4e:c2:bf:d1:94:4e:56:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6735a8295a30d7dfcac2a570b8decb25c4652140
        Validity
            Not Before: Jan  1 04:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4449bff0b7288de88e5515a68862c0a342b5c56c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:00:99:10:96:c2:20:8d:9b:aa:56:3a:80:8d:
                    c9:73:56:97:8a:d7:63:63:57:3f:a3:0e:3a:49:84:
                    18:0d:16:0b:73:72:26:f2:82:8f:aa:6d:c2:0f:c8:
                    84:a6:37:8e:9f:48:f1:72:f7:38:46:df:b9:80:5e:
                    6e:4b:c8:a9:02:18:57:56:83:04:b4:f4:b2:80:a0:
                    60:3f:5e:0f:28:51:06:3c:df:c0:3c:01:82:62:db:
                    da:57:1d:bb:89:18:66:0b:1e:b6:d0:6a:83:79:30:
                    b7:13:c7:e0:c1:40:e7:04:b6:de:8d:85:15:ab:9a:
                    a0:4e:c1:b3:dc:3b:fc:f2:7a:f9:d0:23:ff:8c:10:
                    ee:69:04:7c:fe:e3:14:ce:67:fd:a2:5e:94:8f:eb:
                    aa:61:b3:79:5a:40:ca:16:75:ae:35:89:14:79:08:
                    a7:75:1f:10:41:c3:fc:ef:14:17:f9:5f:86:8d:6d:
                    b3:f3:99:77:0a:5d:52:71:74:8e:d5:c8:cb:fa:93:
                    b7:aa:8c:5f:59:dd:a1:e6:c4:e0:cc:c2:dd:52:ce:
                    38:a3:3c:f7:b8:ac:a0:59:95:1f:3c:4c:2a:5f:e3:
                    9e:e7:08:36:2c:51:83:f1:c5:56:9b:b3:73:31:eb:
                    72:12:51:d2:a0:c6:e7:f8:ea:1d:df:37:09:06:69:
                    10:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:49:BF:F0:B7:28:8D:E8:8E:55:15:A6:88:62:C0:A3:42:B5:C5:6C
            X509v3 Authority Key Identifier:
                keyid:67:35:A8:29:5A:30:D7:DF:CA:C2:A5:70:B8:DE:CB:25:C4:65:21:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZzWoKVow19_KwqVwuN7LJcRlIUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/REm_8LcojeiOVRWmiGLAo0K1xWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/10b0ec-7055-4ebc-96fc-18e18d659d8f/1/ZzWoKVow19_KwqVwuN7LJcRlIUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.233.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:42:d8:46:4a:a4:c5:a7:83:0c:fa:7e:ec:ba:d3:99:97:6d:
         bf:d6:c5:32:08:c4:20:e8:25:f2:7f:01:9f:fc:f7:7f:3f:3e:
         64:c0:f5:03:0c:8b:c0:69:30:35:ec:82:0d:2f:5d:b1:9a:b1:
         01:eb:40:dd:d2:1d:d9:04:9f:50:fc:b1:52:c7:92:2c:d8:84:
         3e:87:86:24:35:53:2b:12:7d:54:b8:fd:10:b1:52:9e:79:7f:
         3e:8d:f6:f7:e6:a6:0d:e6:59:76:7b:b3:24:ae:c1:aa:ef:f6:
         7d:f8:26:23:f3:1e:8b:a9:fc:78:70:a1:c5:70:12:d1:ca:70:
         26:aa:5d:9e:ce:14:21:ef:b9:bc:75:cf:ab:a0:24:18:82:26:
         e0:6e:11:37:49:72:22:49:d2:c2:0b:a5:3d:51:fd:24:96:35:
         aa:02:de:ae:73:91:bf:5e:5e:bb:bd:f1:d3:e4:19:a7:df:08:
         d9:f6:38:58:59:3b:42:a5:35:21:e9:f8:a3:45:46:1a:88:a8:
         32:82:da:b8:40:5b:4f:59:54:56:a1:66:63:b1:d0:ee:7d:8a:
         1d:b4:0c:b6:1d:37:a7:99:d4:6d:f2:93:c2:8c:5e:06:64:f3:
         71:e4:23:a0:8a:e8:99:fb:63:de:d1:88:63:57:19:9d:bb:cd:
         45:35:f0:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSTq9LokY1k7Cv9GUTlYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MzVhODI5NWEzMGQ3ZGZjYWMyYTU3MGI4ZGVjYjI1YzQ2
NTIxNDAwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQ5YmZmMGI3Mjg4ZGU4OGU1NTE1YTY4ODYyYzBhMzQyYjVjNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiACZEJbCII2bqlY6gI3Jc1aXitdj
Y1c/ow46SYQYDRYLc3Im8oKPqm3CD8iEpjeOn0jxcvc4Rt+5gF5uS8ipAhhXVoME
tPSygKBgP14PKFEGPN/APAGCYtvaVx27iRhmCx620GqDeTC3E8fgwUDnBLbejYUV
q5qgTsGz3Dv88nr50CP/jBDuaQR8/uMUzmf9ol6Uj+uqYbN5WkDKFnWuNYkUeQin
dR8QQcP87xQX+V+GjW2z85l3Cl1ScXSO1cjL+pO3qoxfWd2h5sTgzMLdUs44ozz3
uKygWZUfPEwqX+Oe5wg2LFGD8cVWm7NzMetyElHSoMbn+Ood3zcJBmkQkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERJv/C3KI3ojlUVpohiwKNCtcVsMB8GA1UdIwQY
MBaAFGc1qClaMNffysKlcLjeyyXEZSFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnpXb0tWb3cxOV9Ld3FWd3VON0xKY1JsSVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMGIwZWMtNzA1NS00ZWJjLTk2ZmMt
MThlMThkNjU5ZDhmLzEvUkVtXzhMY29qZWlPVlJXbWlHTEFvMEsxeFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMGIwZWMtNzA1NS00ZWJjLTk2ZmMtMThlMThkNjU5ZDhm
LzEvWnpXb0tWb3cxOV9Ld3FWd3VON0xKY1JsSVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuenoMA0G
CSqGSIb3DQEBCwUAA4IBAQCmQthGSqTFp4MM+n7sutOZl22/1sUyCMQg6CXyfwGf
/Pd/Pz5kwPUDDIvAaTA17IINL12xmrEB60Dd0h3ZBJ9Q/LFSx5Is2IQ+h4YkNVMr
En1UuP0QsVKeeX8+jfb35qYN5ll2e7MkrsGq7/Z9+CYj8x6Lqfx4cKHFcBLRynAm
ql2ezhQh77m8dc+roCQYgibgbhE3SXIiSdLCC6U9Uf0kljWqAt6uc5G/Xl67vfHT
5Bmn3wjZ9jhYWTtCpTUh6fijRUYaiKgygtq4QFtPWVRWoWZjsdDufYodtAy2HTen
mdRt8pPCjF4GZPNx5COgiuiZ+2Pe0YhjVxmdu81FNfAL
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:57 2024 by rpki-client on console-ams.rpki-client.org