Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/revbXlg6asnm5oRAOxizXw2H7lg.roa
File:                     revbXlg6asnm5oRAOxizXw2H7lg.roa (raw, json)
Hash identifier:          MOEz0OC7yhLwNMxSsaL9qBCRoBTnwJc55hKZ1Dv7MuU=
Subject key identifier:   AD:EB:DB:5E:58:3A:6A:C9:E6:E6:84:40:3B:18:B3:5F:0D:87:EE:58
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018D8785A1D7FA9EA0F8FF57688BE702A9BB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/revbXlg6asnm5oRAOxizXw2H7lg.roa
Signing time:             Thu 08 Feb 2024 07:01:38 +0000
ROA not before:           Thu 08 Feb 2024 07:01:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     996
IP address blocks:        89.34.224.0/23 maxlen: 24
                          89.34.224.0/24 maxlen: 24
                          89.34.225.0/24 maxlen: 24
                          89.34.231.0/24 maxlen: 24
                          89.40.82.0/24 maxlen: 24
                          89.47.99.0/24 maxlen: 24
                          89.47.117.0/24 maxlen: 24
                          89.47.125.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:87:85:a1:d7:fa:9e:a0:f8:ff:57:68:8b:e7:02:a9:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Feb  8 07:01:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=adebdb5e583a6ac9e6e684403b18b35f0d87ee58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:02:44:29:27:2a:b3:2d:a5:2e:ed:a6:8f:d4:
                    93:c2:21:05:00:4f:d1:d8:c9:0f:a7:75:82:39:a4:
                    cb:48:64:be:bc:7f:ba:27:6f:ef:22:58:ea:1b:9c:
                    65:c8:aa:0b:29:8e:7d:ab:b0:89:b4:b4:a5:b0:a5:
                    47:d1:a8:6a:f1:13:fa:1b:5a:d9:90:70:52:f0:bb:
                    26:28:de:bf:22:57:4b:00:9d:65:30:4e:69:ec:36:
                    fb:53:5d:47:dd:fb:a7:da:76:2e:91:09:e4:ee:ef:
                    0c:4b:9a:a0:c6:cd:6e:59:04:84:fe:ae:04:75:a5:
                    46:0e:8a:21:be:27:60:f7:d7:79:a5:8b:7f:02:2e:
                    83:4d:89:67:98:e4:3a:b8:97:ef:dd:df:0b:47:6c:
                    de:34:00:c7:ec:ef:98:1b:b7:6e:a7:28:cc:17:28:
                    06:e0:fe:50:b8:83:a2:d1:e7:b6:06:8b:36:6a:88:
                    0e:78:e4:9d:78:99:61:1c:5e:19:d2:df:39:7b:44:
                    28:e5:5d:97:ca:a9:78:b0:20:28:18:21:eb:a7:42:
                    90:c6:55:7b:2f:19:62:5d:9e:bb:03:b9:22:44:db:
                    4b:b6:74:f0:3b:bd:75:97:11:5e:8b:3e:36:fe:3a:
                    19:55:69:59:f1:d4:e1:de:d5:ea:c8:de:c7:44:d3:
                    ce:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:EB:DB:5E:58:3A:6A:C9:E6:E6:84:40:3B:18:B3:5F:0D:87:EE:58
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/revbXlg6asnm5oRAOxizXw2H7lg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.34.224.0/23
                  89.34.231.0/24
                  89.40.82.0/24
                  89.47.99.0/24
                  89.47.117.0/24
                  89.47.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:da:03:e1:47:1c:5a:98:09:af:08:19:6b:31:49:0c:ae:7d:
         e0:53:c4:77:3e:fe:08:98:1f:8c:bc:8d:bd:c6:01:3b:46:a6:
         04:2d:f3:f7:be:7c:ae:9e:64:73:f4:3f:b1:fd:b5:c7:c9:98:
         f3:c1:77:67:30:64:bb:95:12:62:25:98:91:d1:c3:f2:a4:7b:
         26:b9:21:3f:35:c4:ad:a9:e5:1c:67:e0:d3:e8:fc:cf:88:5d:
         ba:10:e2:22:07:49:47:9a:a3:58:24:e4:ae:41:0f:d4:ad:2a:
         0b:b5:16:c7:83:5c:7e:61:ec:e7:41:be:bf:7a:ac:c3:7b:35:
         fe:86:5c:c2:0e:43:d9:5b:a7:56:c0:fc:74:d8:6e:c1:31:e0:
         de:dc:35:35:cb:8f:4c:61:76:3d:f0:53:49:eb:97:a6:7a:95:
         2a:85:6f:bd:55:c7:f2:a3:2e:91:a7:82:43:3e:28:89:dc:d7:
         38:c7:47:aa:67:56:58:b7:fc:ff:b1:4f:33:f1:e2:d1:95:c8:
         4f:28:6c:c5:d5:f3:7a:c9:db:c6:fd:8f:3c:45:69:67:8b:d2:
         9e:96:22:a4:28:2a:01:24:ee:ee:8d:20:10:ec:5a:67:5e:6e:
         3b:ae:dc:47:d9:24:4f:92:48:4a:83:05:23:2a:3a:1c:fb:8a:
         ef:3f:2d:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2HhaHX+p6g+P9XaIvnAqm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjA4MDcwMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGViZGI1ZTU4M2E2YWM5ZTZlNjg0NDAzYjE4YjM1ZjBkODdlZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgJEKScqsy2lLu2mj9STwiEFAE/R
2MkPp3WCOaTLSGS+vH+6J2/vIljqG5xlyKoLKY59q7CJtLSlsKVH0ahq8RP6G1rZ
kHBS8LsmKN6/IldLAJ1lME5p7Db7U11H3fun2nYukQnk7u8MS5qgxs1uWQSE/q4E
daVGDoohvidg99d5pYt/Ai6DTYlnmOQ6uJfv3d8LR2zeNADH7O+YG7dupyjMFygG
4P5QuIOi0ee2Bos2aogOeOSdeJlhHF4Z0t85e0Qo5V2Xyql4sCAoGCHrp0KQxlV7
LxliXZ67A7kiRNtLtnTwO711lxFeiz42/joZVWlZ8dTh3tXqyN7HRNPO5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK3r215YOmrJ5uaEQDsYs18Nh+5YMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcmV2YlhsZzZhc25tNW9SQU94aXpYdzJIN2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBWSLgAwQA
WSLnAwQAWShSAwQAWS9jAwQAWS91AwQAWS99MA0GCSqGSIb3DQEBCwUAA4IBAQBe
2gPhRxxamAmvCBlrMUkMrn3gU8R3Pv4ImB+MvI29xgE7RqYELfP3vnyunmRz9D+x
/bXHyZjzwXdnMGS7lRJiJZiR0cPypHsmuSE/NcStqeUcZ+DT6PzPiF26EOIiB0lH
mqNYJOSuQQ/UrSoLtRbHg1x+YeznQb6/eqzDezX+hlzCDkPZW6dWwPx02G7BMeDe
3DU1y49MYXY98FNJ65emepUqhW+9Vcfyoy6Rp4JDPiiJ3Nc4x0eqZ1ZYt/z/sU8z
8eLRlchPKGzF1fN6ydvG/Y88RWlni9KeliKkKCoBJO7ujSAQ7FpnXm47rtxH2SRP
kkhKgwUjKjoc+4rvPy2H
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:35 2024 by rpki-client on console-fra.rpki-client.org