Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1-0oqVkXpDHhaUn0ZYhWeewLz7tM.roa
File:                     1-0oqVkXpDHhaUn0ZYhWeewLz7tM.roa (raw, json)
Hash identifier:          iygJaNr3TOCZvgp1M77G9NIpc4P+7zd2vrn1FGh2QXM=
Subject key identifier:   FB:4A:2A:56:45:E9:0C:78:5A:52:7D:19:62:15:9E:7B:02:F3:EE:D3
Certificate issuer:       /CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
Certificate serial:       018CC493761836B3483FD4BBCEC914959DDE
Authority key identifier: D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1-0oqVkXpDHhaUn0ZYhWeewLz7tM.roa
Signing time:             Mon 01 Jan 2024 10:30:47 +0000
ROA not before:           Mon 01 Jan 2024 10:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        193.178.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1fBlyL23j_KU98VFSXHb-r-2wYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1fBlyL23j_KU98VFSXHb-r-2wYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:76:18:36:b3:48:3f:d4:bb:ce:c9:14:95:9d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f065c8bdb78ff294f7c5454971dbfabfb6c184
        Validity
            Not Before: Jan  1 10:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fb4a2a5645e90c785a527d1962159e7b02f3eed3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:17:29:cc:0b:4d:ba:5e:d9:9c:6d:9a:9e:8f:
                    a9:fa:82:ff:08:3f:a5:3f:5b:88:4d:cf:c7:99:0b:
                    9d:6f:6d:38:5d:63:c5:fb:06:7b:ad:cd:e4:18:53:
                    3e:d8:42:59:31:54:f7:3c:5a:27:de:8b:69:1e:4e:
                    5c:90:ee:c2:c3:ba:17:02:d7:0e:5a:5c:04:4e:ce:
                    82:9f:49:cc:09:47:78:c5:3d:ff:52:19:d3:bc:13:
                    e6:a7:66:06:fa:c3:68:a3:82:99:37:86:44:73:1e:
                    37:c9:bc:5b:a3:e5:9d:b7:bd:70:95:ae:47:f2:49:
                    d2:72:ed:91:b0:59:54:e7:30:99:30:c6:f6:83:03:
                    35:d1:51:f5:a9:fe:b5:a3:54:39:7e:00:df:c4:b9:
                    67:52:43:2a:5d:cb:39:66:83:7e:7f:9b:d8:1b:b1:
                    77:3b:59:93:5d:d4:1c:43:22:28:e1:bf:34:87:ce:
                    8c:18:ea:48:b8:8f:fe:b4:08:d0:59:d1:58:b3:2f:
                    22:3a:af:29:41:36:86:7c:4c:3c:95:15:16:48:45:
                    5d:37:89:f9:a8:72:64:8f:1d:26:a5:76:be:f5:41:
                    bd:49:26:c4:96:f7:41:06:62:68:6d:8d:55:e6:34:
                    01:97:d4:b2:d8:34:f6:43:e8:9f:41:9e:83:99:a2:
                    05:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:4A:2A:56:45:E9:0C:78:5A:52:7D:19:62:15:9E:7B:02:F3:EE:D3
            X509v3 Authority Key Identifier:
                keyid:D5:F0:65:C8:BD:B7:8F:F2:94:F7:C5:45:49:71:DB:FA:BF:B6:C1:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fBlyL23j_KU98VFSXHb-r-2wYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1-0oqVkXpDHhaUn0ZYhWeewLz7tM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f277ea-726a-4052-8e5b-35a5dc2c792c/1/1fBlyL23j_KU98VFSXHb-r-2wYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:ea:28:b9:86:14:77:cc:dd:cc:8c:6d:dc:44:59:66:71:b5:
         d4:0c:76:fd:26:37:41:5d:b6:38:86:2b:77:df:4e:4c:8e:46:
         11:57:2e:f6:cc:01:27:22:b8:35:3c:43:63:84:52:c2:b5:cd:
         4e:19:87:c6:40:55:1c:46:ee:78:fe:71:d9:86:e2:b8:f4:92:
         02:b7:f7:a8:fc:44:ac:1b:27:e0:f3:c2:7e:a4:e0:8d:d9:98:
         24:02:63:ad:9d:ff:aa:6b:bd:c7:ae:83:c0:c7:e9:de:28:43:
         98:7c:f1:78:c8:9e:81:61:6b:9c:18:c1:6f:7c:15:47:b2:ed:
         06:d5:d8:82:20:5f:38:35:a4:c1:d1:70:c0:cd:e7:3a:06:d4:
         78:3b:65:f9:e5:4f:09:fe:3f:d0:23:66:66:ff:70:b0:b5:14:
         88:76:db:10:ba:4e:27:44:38:5a:f0:0a:3c:e1:7d:6b:b8:5d:
         e7:03:8a:ac:89:80:97:2b:56:8f:18:22:32:aa:8a:cd:a6:0a:
         a1:63:09:aa:b7:7f:09:07:27:f0:cc:65:4a:c2:c4:1a:53:7c:
         f0:1a:cc:0a:2b:08:70:07:e0:37:b5:41:c8:70:65:46:0d:d8:
         e0:db:88:f6:4f:ed:13:c1:98:ba:0d:bf:fb:37:0e:4c:c8:16:
         a6:b3:e4:93
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEk3YYNrNIP9S7zskUlZ3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjA2NWM4YmRiNzhmZjI5NGY3YzU0NTQ5NzFkYmZhYmZi
NmMxODQwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRhMmE1NjQ1ZTkwYzc4NWE1MjdkMTk2MjE1OWU3YjAyZjNlZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRcpzAtNul7ZnG2ano+p+oL/CD+l
P1uITc/HmQudb204XWPF+wZ7rc3kGFM+2EJZMVT3PFon3otpHk5ckO7Cw7oXAtcO
WlwETs6Cn0nMCUd4xT3/UhnTvBPmp2YG+sNoo4KZN4ZEcx43ybxbo+Wdt71wla5H
8knScu2RsFlU5zCZMMb2gwM10VH1qf61o1Q5fgDfxLlnUkMqXcs5ZoN+f5vYG7F3
O1mTXdQcQyIo4b80h86MGOpIuI/+tAjQWdFYsy8iOq8pQTaGfEw8lRUWSEVdN4n5
qHJkjx0mpXa+9UG9SSbElvdBBmJobY1V5jQBl9Sy2DT2Q+ifQZ6DmaIFwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtKKlZF6Qx4WlJ9GWIVnnsC8+7TMB8GA1UdIwQY
MBaAFNXwZci9t4/ylPfFRUlx2/q/tsGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZCbHlMMjNqX0tVOThWRlNYSGItci0yd1lRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mMjc3ZWEtNzI2YS00MDUyLThlNWIt
MzVhNWRjMmM3OTJjLzEvMS0wb3FWa1hwREhoYVVuMFpZaFdlZXdMejd0TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTQvZjI3N2VhLTcyNmEtNDA1Mi04ZTViLTM1YTVkYzJjNzky
Yy8xLzFmQmx5TDIzal9LVTk4VkZTWEhiLXItMndZUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGyHzAN
BgkqhkiG9w0BAQsFAAOCAQEAhOoouYYUd8zdzIxt3ERZZnG11Ax2/SY3QV22OIYr
d99OTI5GEVcu9swBJyK4NTxDY4RSwrXNThmHxkBVHEbueP5x2YbiuPSSArf3qPxE
rBsn4PPCfqTgjdmYJAJjrZ3/qmu9x66DwMfp3ihDmHzxeMiegWFrnBjBb3wVR7Lt
BtXYgiBfODWkwdFwwM3nOgbUeDtl+eVPCf4/0CNmZv9wsLUUiHbbELpOJ0Q4WvAK
POF9a7hd5wOKrImAlytWjxgiMqqKzaYKoWMJqrd/CQcn8MxlSsLEGlN88BrMCisI
cAfgN7VByHBlRg3Y4NuI9k/tE8GYug2/+zcOTMgWprPkkw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:46:27 2024 by rpki-client on console-fra.rpki-client.org