Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/V8CbhGB8P8kaIm8JL9UFUju_61c.roa
File:                     V8CbhGB8P8kaIm8JL9UFUju_61c.roa (raw, json)
Hash identifier:          Ifr6rnnvwMHS/YuLLiffP4XCD6ckhzutV7TwWHyIkDo=
Subject key identifier:   57:C0:9B:84:60:7C:3F:C9:1A:22:6F:09:2F:D5:05:52:3B:BF:EB:57
Certificate issuer:       /CN=cdee5d90061fa2a724c36742586c629d471e7a4d
Certificate serial:       018CC26D5704E5E7AE23BFB9BCA47E947025
Authority key identifier: CD:EE:5D:90:06:1F:A2:A7:24:C3:67:42:58:6C:62:9D:47:1E:7A:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ze5dkAYfoqckw2dCWGxinUceek0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/V8CbhGB8P8kaIm8JL9UFUju_61c.roa
Signing time:             Mon 01 Jan 2024 00:29:54 +0000
ROA not before:           Mon 01 Jan 2024 00:29:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205620
IP address blocks:        185.211.64.0/24 maxlen: 24
                          185.211.66.0/24 maxlen: 24
                          185.211.67.0/24 maxlen: 24
                          185.211.65.0/24 maxlen: 24
                          193.27.24.0/24 maxlen: 24
                          193.27.25.0/24 maxlen: 24
                          193.27.26.0/24 maxlen: 24
                          193.27.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/ze5dkAYfoqckw2dCWGxinUceek0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/ze5dkAYfoqckw2dCWGxinUceek0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ze5dkAYfoqckw2dCWGxinUceek0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:57:04:e5:e7:ae:23:bf:b9:bc:a4:7e:94:70:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdee5d90061fa2a724c36742586c629d471e7a4d
        Validity
            Not Before: Jan  1 00:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=57c09b84607c3fc91a226f092fd505523bbfeb57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7e:e6:37:69:fc:fe:26:da:13:d2:77:18:93:
                    2a:2c:d2:75:1f:5d:25:1e:e8:41:89:6d:46:c7:aa:
                    0d:fb:15:db:dc:f6:b3:44:51:7b:08:d3:6f:5c:6b:
                    22:7f:27:d3:0f:87:77:ac:95:66:8d:21:98:06:49:
                    61:da:48:b8:ba:2e:d2:a1:6e:ca:d3:cf:9c:e0:89:
                    1b:18:c0:0c:05:82:d4:65:7e:eb:6a:25:7f:e6:d5:
                    e0:70:03:1c:de:17:66:f9:27:c2:c0:2f:67:53:1c:
                    be:6b:92:df:8d:8d:40:da:52:cf:2b:b5:df:19:65:
                    97:09:c9:03:7f:e7:49:2b:a8:73:3a:f4:ff:57:9e:
                    5c:c2:aa:e1:34:4f:52:77:f4:83:7a:e1:e6:83:cf:
                    3a:7a:e3:63:a6:66:6c:f3:d9:3b:47:24:92:f2:b3:
                    33:fb:90:c0:ce:3e:ce:14:ca:81:30:04:e3:90:0c:
                    e5:3f:15:5e:b3:6b:32:a4:3d:07:9b:4c:9f:d3:f6:
                    16:5c:67:58:33:b6:73:e7:f6:b3:64:9f:77:29:3e:
                    e8:df:20:c3:16:75:04:94:b7:e2:99:8d:63:1f:12:
                    9a:10:40:3b:75:d3:32:26:89:f5:15:af:2e:9f:0b:
                    92:1e:e3:73:29:99:bf:e6:8d:00:ce:51:8d:40:22:
                    52:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:C0:9B:84:60:7C:3F:C9:1A:22:6F:09:2F:D5:05:52:3B:BF:EB:57
            X509v3 Authority Key Identifier:
                keyid:CD:EE:5D:90:06:1F:A2:A7:24:C3:67:42:58:6C:62:9D:47:1E:7A:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ze5dkAYfoqckw2dCWGxinUceek0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/V8CbhGB8P8kaIm8JL9UFUju_61c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/6b1ea5-3f79-49ca-b985-57a5f3289992/1/ze5dkAYfoqckw2dCWGxinUceek0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.64.0/22
                  193.27.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:eb:1a:2d:47:3e:b4:5b:fb:bc:d1:fb:03:dc:6c:50:27:48:
         3a:f2:f8:8b:fd:53:d0:2f:39:6d:ff:dc:d9:19:6f:00:3a:46:
         63:87:39:85:c6:d5:19:26:ff:a6:b5:36:0e:fd:e9:ed:b0:7b:
         38:bd:97:7a:65:a1:3a:3c:a8:b1:69:b2:7d:fd:f4:e5:fc:35:
         0d:db:8a:85:5d:ec:ba:37:85:85:d2:f2:58:4d:80:09:8d:78:
         ef:42:0c:7f:a0:91:4e:5b:bb:5e:16:d1:ca:64:06:c3:ea:de:
         41:ee:b7:83:58:e9:ee:48:a4:87:50:8f:3f:41:8a:21:54:8f:
         72:e5:e0:15:9f:75:3a:88:77:60:45:95:57:b0:84:65:94:1c:
         59:73:02:5d:7e:a3:07:be:cf:08:62:a0:c3:56:e1:c5:96:66:
         fa:97:fd:b6:56:8e:59:46:05:59:e9:67:2e:cf:c3:8c:99:ff:
         ea:a3:17:a1:73:d9:1f:ac:ef:cf:e3:1a:e8:0b:c8:fe:a5:d1:
         06:77:86:51:d6:2e:37:5f:5b:9f:6c:b0:d8:67:b6:be:96:de:
         77:dd:e3:a0:e1:d0:4b:6c:5c:93:22:14:8e:fe:44:01:12:a9:
         1a:0f:aa:50:f8:70:c5:6e:9a:ce:f9:5a:c2:58:f4:42:01:65:
         b2:4e:bc:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbVcE5eeuI7+5vKR+lHAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWU1ZDkwMDYxZmEyYTcyNGMzNjc0MjU4NmM2MjlkNDcx
ZTdhNGQwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2MwOWI4NDYwN2MzZmM5MWEyMjZmMDkyZmQ1MDU1MjNiYmZlYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX7mN2n8/ibaE9J3GJMqLNJ1H10l
HuhBiW1Gx6oN+xXb3PazRFF7CNNvXGsifyfTD4d3rJVmjSGYBklh2ki4ui7SoW7K
08+c4IkbGMAMBYLUZX7raiV/5tXgcAMc3hdm+SfCwC9nUxy+a5LfjY1A2lLPK7Xf
GWWXCckDf+dJK6hzOvT/V55cwqrhNE9Sd/SDeuHmg886euNjpmZs89k7RySS8rMz
+5DAzj7OFMqBMATjkAzlPxVes2sypD0Hm0yf0/YWXGdYM7Zz5/azZJ93KT7o3yDD
FnUElLfimY1jHxKaEEA7ddMyJon1Fa8unwuSHuNzKZm/5o0AzlGNQCJS9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFfAm4RgfD/JGiJvCS/VBVI7v+tXMB8GA1UdIwQY
MBaAFM3uXZAGH6KnJMNnQlhsYp1HHnpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemU1ZGtBWWZvcWNrdzJkQ1dHeGluVWNlZWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS82YjFlYTUtM2Y3OS00OWNhLWI5ODUt
NTdhNWYzMjg5OTkyLzEvVjhDYmhHQjhQOGthSW04Skw5VUZVanVfNjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS82YjFlYTUtM2Y3OS00OWNhLWI5ODUtNTdhNWYzMjg5OTky
LzEvemU1ZGtBWWZvcWNrdzJkQ1dHeGluVWNlZWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudNAAwQC
wRsYMA0GCSqGSIb3DQEBCwUAA4IBAQBO6xotRz60W/u80fsD3GxQJ0g68viL/VPQ
Lzlt/9zZGW8AOkZjhzmFxtUZJv+mtTYO/entsHs4vZd6ZaE6PKixabJ9/fTl/DUN
24qFXey6N4WF0vJYTYAJjXjvQgx/oJFOW7teFtHKZAbD6t5B7reDWOnuSKSHUI8/
QYohVI9y5eAVn3U6iHdgRZVXsIRllBxZcwJdfqMHvs8IYqDDVuHFlmb6l/22Vo5Z
RgVZ6Wcuz8OMmf/qoxehc9kfrO/P4xroC8j+pdEGd4ZR1i43X1ufbLDYZ7a+lt53
3eOg4dBLbFyTIhSO/kQBEqkaD6pQ+HDFbprO+VrCWPRCAWWyTrwW
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:12:07 2024 by rpki-client on console-fra.rpki-client.org