Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/uOFToCo6bc_NO5N6EDp27tpugBo.roa
File:                     uOFToCo6bc_NO5N6EDp27tpugBo.roa (raw, json)
Hash identifier:          Q3xTxsFvSogQS/Z7CevLT0HkCIU0/F4eRMEWqmfdCpE=
Subject key identifier:   B8:E1:53:A0:2A:3A:6D:CF:CD:3B:93:7A:10:3A:76:EE:DA:6E:80:1A
Certificate issuer:       /CN=b17ebf441ee1085631eeb7719a8982dfd8057be1
Certificate serial:       01907C72857E900CBBA4EF8877CABDCFD467
Authority key identifier: B1:7E:BF:44:1E:E1:08:56:31:EE:B7:71:9A:89:82:DF:D8:05:7B:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sX6_RB7hCFYx7rdxmomC39gFe-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/uOFToCo6bc_NO5N6EDp27tpugBo.roa
Signing time:             Thu 04 Jul 2024 06:33:18 +0000
ROA not before:           Thu 04 Jul 2024 06:33:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199444
IP address blocks:        188.213.212.0/24 maxlen: 24
                          194.39.241.0/24 maxlen: 24
                          2a13:a080::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/sX6_RB7hCFYx7rdxmomC39gFe-E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/sX6_RB7hCFYx7rdxmomC39gFe-E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sX6_RB7hCFYx7rdxmomC39gFe-E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:7c:72:85:7e:90:0c:bb:a4:ef:88:77:ca:bd:cf:d4:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b17ebf441ee1085631eeb7719a8982dfd8057be1
        Validity
            Not Before: Jul  4 06:33:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b8e153a02a3a6dcfcd3b937a103a76eeda6e801a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ad:61:c0:e7:b4:fa:86:a9:11:41:65:7e:c1:
                    af:88:98:3e:2d:44:9c:e7:0c:1a:8b:8d:b7:d3:3d:
                    40:e2:44:69:bd:91:32:f2:12:cb:91:f5:8e:71:2c:
                    71:77:35:86:c6:d7:5e:ef:3c:7d:f8:95:1f:99:fc:
                    d6:b8:f3:3f:25:16:03:df:0a:46:ae:4b:c9:01:71:
                    a5:9e:68:03:13:bd:a2:1b:cc:28:1e:9e:e0:84:5b:
                    70:67:a7:41:97:d3:db:c2:2a:12:72:5d:01:8e:87:
                    79:a2:4b:4b:63:a2:12:00:c2:ef:0c:00:91:b3:84:
                    70:07:fe:90:e9:8e:82:29:3f:ac:28:01:1f:11:98:
                    ee:60:53:2f:d8:d8:77:a7:0e:55:1d:99:ed:6e:ec:
                    3e:12:e9:90:ec:4e:36:8d:22:18:c5:61:c8:7e:89:
                    8e:9a:84:59:0d:29:ac:79:78:9b:4c:57:fa:c6:00:
                    bb:94:50:70:c9:5e:7d:74:d7:ad:1a:25:e8:c0:d2:
                    a4:6e:3f:a6:a7:4d:1e:e5:bf:6f:56:0a:01:0a:b6:
                    ab:df:d4:d9:f8:2c:73:28:bf:01:77:e2:d9:40:70:
                    eb:2c:97:c5:70:46:21:6b:7c:5c:3b:30:e0:b9:c2:
                    0e:e9:4d:9c:a0:41:86:5d:d9:32:b6:d2:d0:01:a6:
                    66:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:E1:53:A0:2A:3A:6D:CF:CD:3B:93:7A:10:3A:76:EE:DA:6E:80:1A
            X509v3 Authority Key Identifier:
                keyid:B1:7E:BF:44:1E:E1:08:56:31:EE:B7:71:9A:89:82:DF:D8:05:7B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sX6_RB7hCFYx7rdxmomC39gFe-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/uOFToCo6bc_NO5N6EDp27tpugBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/19ae05-2fb3-424e-ae26-2230dbd5edbb/1/sX6_RB7hCFYx7rdxmomC39gFe-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.213.212.0/24
                  194.39.241.0/24
                IPv6:
                  2a13:a080::/29

    Signature Algorithm: sha256WithRSAEncryption
         7a:a7:1e:9c:40:75:e3:19:e3:05:5a:38:c2:3d:25:4a:ad:0f:
         cf:cc:2d:6c:2c:50:6d:bf:ba:75:a0:76:22:55:d8:ed:4a:df:
         ca:9a:ce:be:50:d9:58:b5:29:33:db:67:c4:28:28:59:1d:ea:
         f9:f6:8b:96:8d:82:5f:ff:65:4e:7c:72:9c:5e:57:02:62:3f:
         bf:c7:12:fe:de:d8:3c:5a:ba:84:81:fb:e6:12:4c:d3:a7:22:
         4c:07:c1:6c:a5:23:39:e1:5d:0a:b7:72:da:5f:46:18:50:4a:
         af:d8:b9:a9:6e:50:f1:7e:53:67:90:d1:f7:47:bc:0f:fa:47:
         fe:06:68:a6:f3:22:ab:fb:75:2c:90:b2:55:7c:67:59:31:1f:
         84:36:04:2e:3b:c5:28:56:f4:d1:ff:bb:0a:ef:d7:2e:82:4f:
         5d:91:06:2c:48:35:06:ce:e8:3c:dc:21:97:cc:4b:d0:ae:75:
         a6:e6:48:3c:e0:69:4c:e9:ea:84:6d:c8:aa:b1:23:c3:de:8a:
         e9:d7:e3:77:97:f1:a5:fb:5a:16:45:87:d2:b4:0f:74:a5:82:
         a1:c3:1b:16:3b:8f:85:b0:cc:13:68:c5:16:dc:71:60:4c:fa:
         48:ff:2a:44:df:8f:6b:cb:06:a9:b8:69:b4:33:86:8b:8c:22:
         54:ed:32:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZB8coV+kAy7pO+Id8q9z9RnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxN2ViZjQ0MWVlMTA4NTYzMWVlYjc3MTlhODk4MmRmZDgw
NTdiZTEwHhcNMjQwNzA0MDYzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGUxNTNhMDJhM2E2ZGNmY2QzYjkzN2ExMDNhNzZlZWRhNmU4MDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK1hwOe0+oapEUFlfsGviJg+LUSc
5wwai4230z1A4kRpvZEy8hLLkfWOcSxxdzWGxtde7zx9+JUfmfzWuPM/JRYD3wpG
rkvJAXGlnmgDE72iG8woHp7ghFtwZ6dBl9PbwioScl0Bjod5oktLY6ISAMLvDACR
s4RwB/6Q6Y6CKT+sKAEfEZjuYFMv2Nh3pw5VHZntbuw+EumQ7E42jSIYxWHIfomO
moRZDSmseXibTFf6xgC7lFBwyV59dNetGiXowNKkbj+mp00e5b9vVgoBCrar39TZ
+CxzKL8Bd+LZQHDrLJfFcEYha3xcOzDgucIO6U2coEGGXdkyttLQAaZmmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLjhU6AqOm3PzTuTehA6du7aboAaMB8GA1UdIwQY
MBaAFLF+v0Qe4QhWMe63cZqJgt/YBXvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1g2X1JCN2hDRll4N3JkeG1vbUMzOWdGZS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xOWFlMDUtMmZiMy00MjRlLWFlMjYt
MjIzMGRiZDVlZGJiLzEvdU9GVG9DbzZiY19OTzVONkVEcDI3dHB1Z0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xOWFlMDUtMmZiMy00MjRlLWFlMjYtMjIzMGRiZDVlZGJi
LzEvc1g2X1JCN2hDRll4N3JkeG1vbUMzOWdGZS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvNXUAwQA
wifxMA0EAgACMAcDBQMqE6CAMA0GCSqGSIb3DQEBCwUAA4IBAQB6px6cQHXjGeMF
WjjCPSVKrQ/PzC1sLFBtv7p1oHYiVdjtSt/Kms6+UNlYtSkz22fEKChZHer59ouW
jYJf/2VOfHKcXlcCYj+/xxL+3tg8WrqEgfvmEkzTpyJMB8FspSM54V0Kt3LaX0YY
UEqv2LmpblDxflNnkNH3R7wP+kf+Bmim8yKr+3UskLJVfGdZMR+ENgQuO8UoVvTR
/7sK79cugk9dkQYsSDUGzug83CGXzEvQrnWm5kg84GlM6eqEbciqsSPD3orp1+N3
l/Gl+1oWRYfStA90pYKhwxsWO4+FsMwTaMUW3HFgTPpI/ypE349rywapuGm0M4aL
jCJU7TLU
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:27 2024 by rpki-client on console-ams.rpki-client.org