Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa
File:                     wToPZdoXJWHlnb1OKiu-CqfEPbw.roa (raw, json)
Hash identifier:          5MdqQwCOvFiQ4m5jniXB6QEWkAi2G7KL/9y/28JbRRQ=
Subject key identifier:   C1:3A:0F:65:DA:17:25:61:E5:9D:BD:4E:2A:2B:BE:0A:A7:C4:3D:BC
Certificate issuer:       /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial:       018CCA2B52E9929BAD27789DE799DF3665BD
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa
Signing time:             Tue 02 Jan 2024 12:34:46 +0000
ROA not before:           Tue 02 Jan 2024 12:34:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203000
IP address blocks:        185.79.96.0/22 maxlen: 32
                          185.79.96.0/24 maxlen: 32
                          185.79.98.0/24 maxlen: 32
                          185.79.97.0/24 maxlen: 32
                          185.129.119.0/24 maxlen: 32
                          185.79.99.0/24 maxlen: 32
                          185.129.116.0/24 maxlen: 32
                          185.129.116.0/22 maxlen: 32
                          185.129.118.0/24 maxlen: 32
                          185.129.117.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:52:e9:92:9b:ad:27:78:9d:e7:99:df:36:65:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
        Validity
            Not Before: Jan  2 12:34:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c13a0f65da172561e59dbd4e2a2bbe0aa7c43dbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:df:d5:57:ac:24:23:4a:80:50:f0:54:93:8e:
                    ab:80:05:ce:09:47:6a:ec:af:7e:25:d0:b0:52:2b:
                    52:ed:a7:dd:ed:1d:2c:fa:3a:d5:a9:f2:25:59:e4:
                    09:35:06:44:0b:20:d5:dd:90:d2:6d:0a:a0:68:19:
                    ba:3e:fc:2f:37:95:20:7f:82:12:31:e0:e4:1c:45:
                    46:d1:bf:eb:27:b4:b8:98:b2:81:1a:22:2c:b9:23:
                    c9:f5:94:24:97:e0:50:6b:14:2f:47:4b:12:b2:06:
                    fe:ba:95:47:74:ae:c7:82:7e:08:c1:7c:e3:0a:43:
                    a4:bd:1e:7f:9a:60:4f:6f:be:cd:92:3f:01:00:54:
                    f6:6d:a5:23:10:29:49:62:26:06:09:a1:29:df:24:
                    b0:2f:0f:8f:30:34:36:0c:9d:d2:99:e5:ee:ff:2c:
                    bd:ca:b6:44:9c:21:cd:f0:0c:7b:09:ed:00:fb:5f:
                    d5:e4:d3:be:46:a1:41:34:7c:14:be:c0:42:de:94:
                    05:5c:57:92:27:d1:4d:51:d5:61:76:da:b9:83:40:
                    ec:36:7b:59:02:0b:7a:c7:75:05:8b:51:d7:9c:87:
                    7b:cb:35:12:9d:9f:7a:79:2c:32:ec:dd:18:0e:51:
                    54:63:15:df:96:a6:95:e2:31:c4:bd:6a:ae:0d:d7:
                    5d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:3A:0F:65:DA:17:25:61:E5:9D:BD:4E:2A:2B:BE:0A:A7:C4:3D:BC
            X509v3 Authority Key Identifier:
                keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.96.0/22
                  185.129.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c3:de:61:a0:8e:65:23:38:12:1f:2d:0a:96:e2:7a:88:04:1d:
         11:00:af:3c:31:e9:ed:c3:5b:09:8d:d1:04:7c:74:e7:a6:65:
         5c:fd:81:b8:54:4f:8f:a7:30:28:46:27:f3:8f:3e:3b:95:68:
         fc:f4:2b:11:02:89:0f:2c:c4:33:6a:b4:38:a3:30:28:41:e2:
         49:d7:ca:e0:f7:c8:9a:82:10:d0:9a:7b:e8:e3:1a:ba:7e:06:
         8c:29:37:ff:02:da:d8:42:58:b4:0e:0c:d3:c5:15:d5:b4:6e:
         0d:85:ee:6d:bd:7e:70:69:ec:2a:61:67:c4:7c:9e:d4:af:52:
         c5:5d:c9:23:55:06:ae:0a:9d:fc:3d:67:10:81:78:04:a2:fa:
         83:b1:3d:17:2c:10:72:ae:47:31:c9:1a:16:45:0b:d9:ff:b6:
         e7:9f:16:8d:5c:bd:73:43:d6:9a:03:43:aa:c4:9d:1c:29:a1:
         9a:a5:89:f1:e6:b6:91:80:2b:eb:82:75:a5:b3:46:7e:76:12:
         0a:ac:36:0e:a3:ea:96:e1:59:f4:ff:23:66:a6:e7:0a:de:d7:
         2e:d9:e7:4a:01:aa:8f:9d:40:bd:15:60:e6:d1:c8:ae:48:75:
         2f:6d:c0:23:37:fd:04:45:93:48:9a:71:79:20:2e:79:f7:28:
         02:8c:4b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK1LpkputJ3id55nfNmW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTNhMGY2NWRhMTcyNTYxZTU5ZGJkNGUyYTJiYmUwYWE3YzQzZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid/VV6wkI0qAUPBUk46rgAXOCUdq
7K9+JdCwUitS7afd7R0s+jrVqfIlWeQJNQZECyDV3ZDSbQqgaBm6PvwvN5Ugf4IS
MeDkHEVG0b/rJ7S4mLKBGiIsuSPJ9ZQkl+BQaxQvR0sSsgb+upVHdK7Hgn4IwXzj
CkOkvR5/mmBPb77Nkj8BAFT2baUjEClJYiYGCaEp3ySwLw+PMDQ2DJ3SmeXu/yy9
yrZEnCHN8Ax7Ce0A+1/V5NO+RqFBNHwUvsBC3pQFXFeSJ9FNUdVhdtq5g0DsNntZ
Agt6x3UFi1HXnId7yzUSnZ96eSwy7N0YDlFUYxXflqaV4jHEvWquDdddowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFME6D2XaFyVh5Z29TiorvgqnxD28MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvd1RvUFpkb1hKV0hsbmIxT0tpdS1DcWZFUGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU9gAwQC
uYF0MA0GCSqGSIb3DQEBCwUAA4IBAQDD3mGgjmUjOBIfLQqW4nqIBB0RAK88Ment
w1sJjdEEfHTnpmVc/YG4VE+PpzAoRifzjz47lWj89CsRAokPLMQzarQ4ozAoQeJJ
18rg98iaghDQmnvo4xq6fgaMKTf/AtrYQli0DgzTxRXVtG4Nhe5tvX5waewqYWfE
fJ7Ur1LFXckjVQauCp38PWcQgXgEovqDsT0XLBByrkcxyRoWRQvZ/7bnnxaNXL1z
Q9aaA0OqxJ0cKaGapYnx5raRgCvrgnWls0Z+dhIKrDYOo+qW4Vn0/yNmpucK3tcu
2edKAaqPnUC9FWDm0ciuSHUvbcAjN/0ERZNImnF5IC559ygCjEur
-----END CERTIFICATE-----
Generated at Sun Jun 16 14:48:19 2024 by rpki-client on console-ams.rpki-client.org