Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/xWcjuzk362FF4ZfaxmITykEuKLY.roa
File:                     xWcjuzk362FF4ZfaxmITykEuKLY.roa (raw, json)
Hash identifier:          2V8g/XjbBN5Vey/1BiqQ86lXVv4j5HjBqjJsxeGkmtM=
Subject key identifier:   C5:67:23:BB:39:37:EB:61:45:E1:97:DA:C6:62:13:CA:41:2E:28:B6
Certificate issuer:       /CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
Certificate serial:       018CC501533DDDD9822929EB85F4A7E1D8DC
Authority key identifier: E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/xWcjuzk362FF4ZfaxmITykEuKLY.roa
Signing time:             Mon 01 Jan 2024 12:30:47 +0000
ROA not before:           Mon 01 Jan 2024 12:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204615
IP address blocks:        185.225.113.0/24 maxlen: 24
                          185.225.114.0/23 maxlen: 23
                          2a13:2a00:2::/48 maxlen: 48
                          2a13:2a00::/48 maxlen: 48
                          2a13:2a00:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/4jRLpjQJYdpe60riOemgYmd5Pi4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/4jRLpjQJYdpe60riOemgYmd5Pi4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:53:3d:dd:d9:82:29:29:eb:85:f4:a7:e1:d8:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2344ba6340961da5eeb4ae239e9a06267793e2e
        Validity
            Not Before: Jan  1 12:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c56723bb3937eb6145e197dac66213ca412e28b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ed:2e:fa:a5:d7:a6:39:e6:8a:71:4a:82:97:
                    d7:5c:78:45:67:22:31:c1:a3:16:c0:91:4a:ea:49:
                    12:81:b5:e6:12:41:37:fc:f2:15:ea:fd:10:d2:50:
                    e4:80:d5:f7:26:43:b1:3c:b3:33:07:78:8f:58:08:
                    28:ea:4e:f4:86:7c:0f:b2:ee:5f:ed:c5:2d:7a:11:
                    12:0c:9e:7a:cf:67:ab:ef:64:63:af:7d:0f:71:f2:
                    68:25:ff:62:fa:e9:67:d2:05:33:27:ab:3b:30:67:
                    cd:b2:69:b4:20:51:f5:e9:0b:6f:0e:10:dd:90:f6:
                    28:49:b6:5c:de:ed:31:4f:99:76:70:6e:ea:fc:da:
                    83:af:85:50:d1:fd:f3:b8:b1:91:18:84:eb:52:60:
                    84:47:16:c2:18:6c:57:bf:f4:c4:76:d8:9d:0f:d7:
                    27:dd:e3:2e:be:89:80:0b:32:2d:03:b9:16:c6:b8:
                    da:e8:0d:f0:7e:17:56:f9:03:8b:ac:fe:82:20:88:
                    3f:ca:f5:66:ad:55:33:41:0c:aa:e3:46:a0:f3:7e:
                    af:6d:71:0e:a1:37:4b:cc:77:d4:ea:3b:c7:a2:fd:
                    ec:fa:45:8e:50:da:65:a1:0f:7c:86:25:3f:d9:be:
                    0a:3e:17:9b:ac:62:c2:8e:7f:df:a1:f3:eb:e5:99:
                    e6:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:67:23:BB:39:37:EB:61:45:E1:97:DA:C6:62:13:CA:41:2E:28:B6
            X509v3 Authority Key Identifier:
                keyid:E2:34:4B:A6:34:09:61:DA:5E:EB:4A:E2:39:E9:A0:62:67:79:3E:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jRLpjQJYdpe60riOemgYmd5Pi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/xWcjuzk362FF4ZfaxmITykEuKLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/44ec43-5935-4ab2-b13d-02eb9a412637/1/4jRLpjQJYdpe60riOemgYmd5Pi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.113.0-185.225.115.255
                IPv6:
                  2a13:2a00::-2a13:2a00:2:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         2a:46:c5:5d:a9:1a:c1:37:c9:e5:0e:19:72:a4:df:f4:4b:97:
         03:13:c9:45:56:b1:9d:94:85:ff:9e:42:29:8a:cf:33:b0:a7:
         17:01:62:19:e5:a7:f8:10:7b:6b:e3:6d:94:00:12:51:0b:ad:
         42:33:ea:6c:da:50:52:28:b3:a6:5d:da:b5:8d:c5:a7:2c:12:
         a3:20:75:83:1b:06:1d:71:07:28:4b:e1:b7:d4:2e:9c:5b:8f:
         52:d1:8c:a5:2b:06:c6:8f:ee:b0:76:ec:7c:c6:16:fe:ab:1c:
         45:ba:43:54:ab:fc:77:7d:af:ae:e9:91:45:92:18:33:43:f9:
         46:47:6a:5f:57:b2:7b:f1:78:26:f1:c1:d5:fb:5e:dc:93:6e:
         50:71:fa:ed:72:86:10:67:7d:98:2b:89:f7:cf:93:7c:04:99:
         ea:5a:0c:22:de:3a:22:48:9d:4a:82:d2:96:8e:ef:68:b4:b5:
         c5:90:c0:28:11:e0:0b:78:a0:c9:98:5f:e5:b0:04:e9:01:0e:
         53:8e:10:33:3b:52:a4:72:81:75:b4:04:7a:31:92:28:fe:c8:
         7d:66:b2:99:ae:e6:db:9b:81:9c:e8:ae:b8:24:d7:c3:cf:06:
         60:9a:48:c3:cf:9b:0d:4b:0f:08:c3:9f:3d:8f:09:4d:f9:e3:
         9e:4c:0f:8f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAVM93dmCKSnrhfSn4djcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ0YmE2MzQwOTYxZGE1ZWViNGFlMjM5ZTlhMDYyNjc3
OTNlMmUwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY3MjNiYjM5MzdlYjYxNDVlMTk3ZGFjNjYyMTNjYTQxMmUyOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu0u+qXXpjnminFKgpfXXHhFZyIx
waMWwJFK6kkSgbXmEkE3/PIV6v0Q0lDkgNX3JkOxPLMzB3iPWAgo6k70hnwPsu5f
7cUtehESDJ56z2er72Rjr30PcfJoJf9i+uln0gUzJ6s7MGfNsmm0IFH16QtvDhDd
kPYoSbZc3u0xT5l2cG7q/NqDr4VQ0f3zuLGRGITrUmCERxbCGGxXv/TEdtidD9cn
3eMuvomACzItA7kWxrja6A3wfhdW+QOLrP6CIIg/yvVmrVUzQQyq40ag836vbXEO
oTdLzHfU6jvHov3s+kWOUNploQ98hiU/2b4KPhebrGLCjn/fofPr5Znm+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMVnI7s5N+thReGX2sZiE8pBLii2MB8GA1UdIwQY
MBaAFOI0S6Y0CWHaXutK4jnpoGJneT4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2Qt
MDJlYjlhNDEyNjM3LzEveFdjanV6azM2MkZGNFpmYXhtSVR5a0V1S0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NGVjNDMtNTkzNS00YWIyLWIxM2QtMDJlYjlhNDEyNjM3
LzEvNGpSTHBqUUpZZHBlNjByaU9lbWdZbWQ1UGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAC54XED
BAK54XAwFwQCAAIwETAPAwQBKhMqAwcAKhMqAAACMA0GCSqGSIb3DQEBCwUAA4IB
AQAqRsVdqRrBN8nlDhlypN/0S5cDE8lFVrGdlIX/nkIpis8zsKcXAWIZ5af4EHtr
422UABJRC61CM+ps2lBSKLOmXdq1jcWnLBKjIHWDGwYdcQcoS+G31C6cW49S0Yyl
KwbGj+6wdux8xhb+qxxFukNUq/x3fa+u6ZFFkhgzQ/lGR2pfV7J78Xgm8cHV+17c
k25QcfrtcoYQZ32YK4n3z5N8BJnqWgwi3joiSJ1KgtKWju9otLXFkMAoEeALeKDJ
mF/lsATpAQ5TjhAzO1KkcoF1tAR6MZIo/sh9ZrKZrubbm4Gc6K64JNfDzwZgmkjD
z5sNSw8Iw589jwlN+eOeTA+P
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:52 2024 by rpki-client on console-ams.rpki-client.org