Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/yhjkaTRYa2FmRFV3Wfj2CQMUGYo.roa
File:                     yhjkaTRYa2FmRFV3Wfj2CQMUGYo.roa (raw, json)
Hash identifier:          8dIRty2MAKrAsu8MIC/mYE30/XPQL8YdXpDSfZ71vro=
Subject key identifier:   CA:18:E4:69:34:58:6B:61:66:44:55:77:59:F8:F6:09:03:14:19:8A
Certificate issuer:       /CN=c9b59f41779e6f2435f59f1a171c080a5a7a44d2
Certificate serial:       018CC2DB4BC8FB0DAEACA9D6C96F89AF4E1A
Authority key identifier: C9:B5:9F:41:77:9E:6F:24:35:F5:9F:1A:17:1C:08:0A:5A:7A:44:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ybWfQXeebyQ19Z8aFxwIClp6RNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/yhjkaTRYa2FmRFV3Wfj2CQMUGYo.roa
Signing time:             Mon 01 Jan 2024 02:30:00 +0000
ROA not before:           Mon 01 Jan 2024 02:30:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61211
IP address blocks:        194.36.46.0/23 maxlen: 24
                          194.36.45.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/ybWfQXeebyQ19Z8aFxwIClp6RNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/ybWfQXeebyQ19Z8aFxwIClp6RNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ybWfQXeebyQ19Z8aFxwIClp6RNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:4b:c8:fb:0d:ae:ac:a9:d6:c9:6f:89:af:4e:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9b59f41779e6f2435f59f1a171c080a5a7a44d2
        Validity
            Not Before: Jan  1 02:30:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca18e46934586b616644557759f8f6090314198a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:58:bb:b7:41:76:a3:c9:1e:b1:9f:08:80:04:
                    a0:7a:9f:ab:04:4e:e9:5e:33:a2:7b:94:f9:21:e0:
                    8a:ef:b8:2f:a7:9d:f8:8f:40:eb:e8:76:c5:49:64:
                    3a:77:12:92:41:5d:e5:f8:a1:3b:6c:7b:79:b7:06:
                    57:6d:40:2b:52:d2:15:ba:8f:4b:5c:15:aa:02:bd:
                    20:2d:07:b2:3d:27:e2:12:de:b1:20:84:b0:4b:fd:
                    95:9b:b9:d0:c3:0e:80:94:9b:dd:45:9c:3e:71:06:
                    7d:63:3d:a5:74:b4:b5:df:6a:e7:52:46:1e:91:39:
                    3c:d8:3e:a9:f5:56:51:e5:75:d2:b0:c4:60:37:64:
                    25:8a:76:b4:78:26:88:26:7b:09:88:04:3d:e6:83:
                    12:8a:b0:d6:3a:77:1f:fb:c3:d7:08:60:b7:67:70:
                    31:ae:06:e8:f3:e8:61:e4:a2:24:e8:3e:4b:31:d9:
                    f2:15:fb:f7:6a:37:ff:a7:27:bf:a7:a5:30:f2:2b:
                    94:4f:da:4f:6d:52:6c:8e:87:f3:29:7d:a7:9e:2a:
                    66:d5:ae:02:31:1c:d8:2a:aa:c0:26:1c:3a:ec:b3:
                    3e:47:fc:de:c8:81:db:b0:f6:6a:48:ae:4a:2e:1e:
                    98:66:92:f9:24:e7:17:61:a2:5c:d8:76:45:6d:db:
                    3d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:18:E4:69:34:58:6B:61:66:44:55:77:59:F8:F6:09:03:14:19:8A
            X509v3 Authority Key Identifier:
                keyid:C9:B5:9F:41:77:9E:6F:24:35:F5:9F:1A:17:1C:08:0A:5A:7A:44:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybWfQXeebyQ19Z8aFxwIClp6RNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/yhjkaTRYa2FmRFV3Wfj2CQMUGYo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/027c8b-4009-4da6-ae97-72367cbb19ef/1/ybWfQXeebyQ19Z8aFxwIClp6RNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.36.45.0-194.36.47.255

    Signature Algorithm: sha256WithRSAEncryption
         3f:94:19:b2:98:e5:01:93:f6:7c:e4:4e:86:09:1d:0b:0b:7a:
         ed:41:4e:0c:0d:fa:82:99:dc:62:42:04:d5:cf:36:8c:b5:b3:
         e6:32:51:04:9a:b7:45:6a:a5:30:48:34:07:c4:d3:50:bf:4e:
         f5:57:b0:a6:72:ec:2b:41:19:22:68:c6:e6:1f:b9:03:15:5c:
         b9:01:36:27:1d:06:83:d5:5b:cc:af:b5:24:39:91:81:4b:c9:
         a2:03:d3:11:c7:82:0b:83:ca:b5:99:0b:b4:eb:cc:9f:91:b0:
         58:18:0e:cb:e5:77:7d:fc:32:11:bf:13:e0:74:67:5a:88:42:
         d1:dc:c2:61:d3:e7:01:5b:ce:6a:93:45:81:aa:9d:9f:f7:86:
         af:71:35:6e:95:4d:51:16:9f:98:c6:a3:a1:b8:87:91:d8:43:
         b6:ea:66:ab:07:4b:1e:ea:c3:70:58:32:ce:b1:50:4a:f3:67:
         15:81:89:43:37:25:3b:49:92:96:84:7b:5c:9a:72:72:50:97:
         2f:cd:a7:5c:28:34:a6:8e:37:bc:a7:49:e0:c8:25:a2:0d:c3:
         93:42:e8:e4:2d:d5:a1:0e:db:a9:b4:43:bd:e6:ef:0a:d0:6b:
         45:c6:67:6d:73:91:95:96:16:06:f3:51:0a:94:e2:36:f5:60:
         17:bd:4d:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzC20vI+w2urKnWyW+Jr04aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjU5ZjQxNzc5ZTZmMjQzNWY1OWYxYTE3MWMwODBhNWE3
YTQ0ZDIwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE4ZTQ2OTM0NTg2YjYxNjY0NDU1Nzc1OWY4ZjYwOTAzMTQxOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVi7t0F2o8kesZ8IgASgep+rBE7p
XjOie5T5IeCK77gvp534j0Dr6HbFSWQ6dxKSQV3l+KE7bHt5twZXbUArUtIVuo9L
XBWqAr0gLQeyPSfiEt6xIISwS/2Vm7nQww6AlJvdRZw+cQZ9Yz2ldLS132rnUkYe
kTk82D6p9VZR5XXSsMRgN2Qlina0eCaIJnsJiAQ95oMSirDWOncf+8PXCGC3Z3Ax
rgbo8+hh5KIk6D5LMdnyFfv3ajf/pye/p6Uw8iuUT9pPbVJsjofzKX2nnipm1a4C
MRzYKqrAJhw67LM+R/zeyIHbsPZqSK5KLh6YZpL5JOcXYaJc2HZFbds91QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMoY5Gk0WGthZkRVd1n49gkDFBmKMB8GA1UdIwQY
MBaAFMm1n0F3nm8kNfWfGhccCApaekTSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJXZlFYZWVieVExOVo4YUZ4d0lDbHA2Uk5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wMjdjOGItNDAwOS00ZGE2LWFlOTct
NzIzNjdjYmIxOWVmLzEveWhqa2FUUllhMkZtUkZWM1dmajJDUU1VR1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wMjdjOGItNDAwOS00ZGE2LWFlOTctNzIzNjdjYmIxOWVm
LzEveWJXZlFYZWVieVExOVo4YUZ4d0lDbHA2Uk5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADCJC0D
BATCJCAwDQYJKoZIhvcNAQELBQADggEBAD+UGbKY5QGT9nzkToYJHQsLeu1BTgwN
+oKZ3GJCBNXPNoy1s+YyUQSat0VqpTBINAfE01C/TvVXsKZy7CtBGSJoxuYfuQMV
XLkBNicdBoPVW8yvtSQ5kYFLyaID0xHHgguDyrWZC7TrzJ+RsFgYDsvld338MhG/
E+B0Z1qIQtHcwmHT5wFbzmqTRYGqnZ/3hq9xNW6VTVEWn5jGo6G4h5HYQ7bqZqsH
Sx7qw3BYMs6xUErzZxWBiUM3JTtJkpaEe1yacnJQly/Np1woNKaON7ynSeDIJaIN
w5NC6OQt1aEO26m0Q73m7wrQa0XGZ21zkZWWFgbzUQqU4jb1YBe9TQ4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:02 2024 by rpki-client on console-ams.rpki-client.org