Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BTWmjmgItYlDG4e_gN4ECsWDA_c.roa
File:                     BTWmjmgItYlDG4e_gN4ECsWDA_c.roa (raw, json)
Hash identifier:          CO8YrtORPHPAHshMIZkXHCPQcOdnpxDct1LPXWHbZto=
Subject key identifier:   05:35:A6:8E:68:08:B5:89:43:1B:87:BF:80:DE:04:0A:C5:83:03:F7
Certificate issuer:       /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial:       018CC26D42CFB6F19FEFEF3FD698E8678B37
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BTWmjmgItYlDG4e_gN4ECsWDA_c.roa
Signing time:             Mon 01 Jan 2024 00:29:49 +0000
ROA not before:           Mon 01 Jan 2024 00:29:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41195
IP address blocks:        176.118.186.0/23 maxlen: 24
                          2a0d:ca47::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 14:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:42:cf:b6:f1:9f:ef:ef:3f:d6:98:e8:67:8b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
        Validity
            Not Before: Jan  1 00:29:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0535a68e6808b589431b87bf80de040ac58303f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fa:10:67:85:c3:96:57:78:8f:ca:0d:4b:ad:
                    1b:d4:32:a6:f6:9a:bb:24:92:79:22:da:94:b3:d4:
                    a2:62:33:8d:0d:1d:b4:cb:78:38:7f:57:48:dc:9a:
                    33:84:2b:db:24:a6:0f:8b:f6:0c:3d:c0:fb:e3:42:
                    22:09:aa:64:6c:c1:d0:c9:9f:0a:80:2f:8d:7c:4d:
                    a9:ad:f1:ab:3d:2f:6d:c2:bb:4a:60:7c:02:23:5a:
                    86:30:dd:8b:68:cb:a8:02:fa:a3:d5:5f:a6:da:7a:
                    de:60:15:65:8c:44:99:05:9b:3f:6f:c9:91:4b:62:
                    37:c7:49:9d:3b:42:f7:ae:83:4a:24:61:76:65:df:
                    4f:26:22:19:bf:d0:e2:51:fc:ff:b5:86:cc:c7:44:
                    a7:63:fe:5c:54:f5:94:39:14:01:3d:2b:11:6e:c3:
                    4d:0c:1b:16:c8:7a:72:1c:5e:13:7a:b4:b1:2c:8d:
                    91:0d:17:2e:88:55:cb:87:ef:f4:78:cc:04:a7:82:
                    5f:0b:b1:ae:92:eb:11:54:d1:60:18:cf:33:cc:20:
                    27:55:6c:68:c9:45:b6:6e:ff:a2:e4:f4:05:bf:7e:
                    24:b8:43:f4:6e:b2:97:f0:ed:64:c1:0a:18:2f:36:
                    18:c3:00:13:a8:2b:64:da:55:eb:83:49:ec:13:56:
                    19:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:35:A6:8E:68:08:B5:89:43:1B:87:BF:80:DE:04:0A:C5:83:03:F7
            X509v3 Authority Key Identifier:
                keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/BTWmjmgItYlDG4e_gN4ECsWDA_c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.186.0/23
                IPv6:
                  2a0d:ca47::/47

    Signature Algorithm: sha256WithRSAEncryption
         24:e1:7a:18:c2:8c:0a:5a:de:3f:ec:36:da:98:d5:01:65:f0:
         1e:1f:53:6a:8e:33:3b:dd:4f:b1:7b:16:bc:80:78:cd:b0:30:
         b5:af:b0:e2:5f:2c:b8:30:96:be:4e:e0:58:a9:f1:20:99:f2:
         48:97:dd:fe:f4:b6:a6:0b:4a:8c:a5:5a:22:ef:d9:c1:c4:e7:
         32:91:ad:35:a3:6d:50:ad:09:89:b1:1d:63:ae:e4:2a:98:19:
         f1:9b:01:0b:dd:ce:62:6f:f5:4d:04:98:22:28:14:8b:20:de:
         32:0a:b1:d0:7c:01:e5:dd:2f:a4:8f:8a:de:6f:47:cd:7c:b9:
         d2:bd:24:7b:2b:0a:9d:4a:f5:cf:43:0e:a3:77:a6:07:29:b7:
         d7:63:b3:78:37:10:24:65:8e:fe:22:20:19:cc:27:80:d5:a8:
         60:f8:9e:40:f6:21:ab:b8:67:45:12:b0:ba:05:f8:d5:9e:08:
         bd:ac:07:51:c7:ea:da:76:8e:c7:1b:9f:2b:bf:a6:2d:7a:a4:
         98:14:80:d5:19:25:da:4c:e7:68:7e:2c:3c:40:06:9c:c7:b3:
         6f:51:e2:fb:fd:26:be:81:66:10:0b:5f:d1:27:ed:a3:c2:a4:
         84:4c:07:b6:f2:60:c3:0c:f4:29:c3:ad:1a:e3:17:33:6f:b9:
         f1:0f:ed:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbULPtvGf7+8/1pjoZ4s3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTM1YTY4ZTY4MDhiNTg5NDMxYjg3YmY4MGRlMDQwYWM1ODMwM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivoQZ4XDlld4j8oNS60b1DKm9pq7
JJJ5ItqUs9SiYjONDR20y3g4f1dI3JozhCvbJKYPi/YMPcD740IiCapkbMHQyZ8K
gC+NfE2prfGrPS9twrtKYHwCI1qGMN2LaMuoAvqj1V+m2nreYBVljESZBZs/b8mR
S2I3x0mdO0L3roNKJGF2Zd9PJiIZv9DiUfz/tYbMx0SnY/5cVPWUORQBPSsRbsNN
DBsWyHpyHF4TerSxLI2RDRcuiFXLh+/0eMwEp4JfC7GukusRVNFgGM8zzCAnVWxo
yUW2bv+i5PQFv34kuEP0brKX8O1kwQoYLzYYwwATqCtk2lXrg0nsE1YZxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAU1po5oCLWJQxuHv4DeBArFgwP3MB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvQlRXbWptZ0l0WWxERzRlX2dONEVDc1dEQV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHa6MA8E
AgACMAkDBwEqDcpHAAAwDQYJKoZIhvcNAQELBQADggEBACThehjCjApa3j/sNtqY
1QFl8B4fU2qOMzvdT7F7FryAeM2wMLWvsOJfLLgwlr5O4Fip8SCZ8kiX3f70tqYL
SoylWiLv2cHE5zKRrTWjbVCtCYmxHWOu5CqYGfGbAQvdzmJv9U0EmCIoFIsg3jIK
sdB8AeXdL6SPit5vR818udK9JHsrCp1K9c9DDqN3pgcpt9djs3g3ECRljv4iIBnM
J4DVqGD4nkD2Iau4Z0USsLoF+NWeCL2sB1HH6tp2jscbnyu/pi16pJgUgNUZJdpM
52h+LDxABpzHs29R4vv9Jr6BZhALX9En7aPCpIRMB7byYMMM9CnDrRrjFzNvufEP
7W0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:15:34 2024 by rpki-client on console-fra.rpki-client.org