Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/uJw4HViC1v4hPK4ZJ0eZmoMJU0c.roa
File:                     uJw4HViC1v4hPK4ZJ0eZmoMJU0c.roa (raw, json)
Hash identifier:          d0CvKNOZk8C4iHRUzW0uVsGPOIgeMC0SPaRNf1kE+WE=
Subject key identifier:   B8:9C:38:1D:58:82:D6:FE:21:3C:AE:19:27:47:99:9A:83:09:53:47
Certificate issuer:       /CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8
Certificate serial:       018CC9BBC382D3D3636982C241BBDA2B652D
Authority key identifier: 4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/uJw4HViC1v4hPK4ZJ0eZmoMJU0c.roa
Signing time:             Tue 02 Jan 2024 10:32:54 +0000
ROA not before:           Tue 02 Jan 2024 10:32:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51392
IP address blocks:        185.157.208.0/24 maxlen: 24
                          185.157.211.0/24 maxlen: 24
                          185.157.210.0/24 maxlen: 24
                          185.157.209.0/24 maxlen: 24
                          2a03:afe2::/32 maxlen: 32
                          2a03:afe1::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:c3:82:d3:d3:63:69:82:c2:41:bb:da:2b:65:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8
        Validity
            Not Before: Jan  2 10:32:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b89c381d5882d6fe213cae192747999a83095347
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:88:42:cb:25:22:1f:aa:de:6e:f9:f6:9a:7e:
                    3f:0a:ea:e9:c8:fc:ac:d8:32:33:fb:54:fb:46:69:
                    26:bf:70:e6:e7:95:ef:21:22:90:48:ba:0e:31:65:
                    03:54:cb:f8:dc:13:c3:23:8d:64:e6:45:ef:d0:50:
                    15:d8:f3:38:a9:e3:f4:dd:01:5c:6d:09:fa:76:de:
                    65:48:61:c9:9c:af:42:eb:c7:d9:53:86:c0:e6:ba:
                    2e:48:5a:86:27:35:21:b7:b4:7a:16:cb:6b:02:fc:
                    eb:40:bb:29:79:fc:e8:8c:32:e6:e5:87:77:88:81:
                    17:37:4c:f6:25:b5:24:85:d1:71:99:97:c1:6c:fd:
                    a7:2a:8b:c0:0b:92:bc:3f:d6:e5:e5:a0:ef:e8:34:
                    80:e9:33:41:f4:80:a0:56:99:08:b1:b7:8d:ac:d1:
                    f0:8c:9d:85:4e:fa:fe:7a:3c:c7:59:51:47:4b:d8:
                    96:49:e3:fb:7b:0f:01:46:a0:d7:a6:1f:f8:de:de:
                    ed:40:6e:27:e6:f6:b3:5d:48:a0:29:7c:32:09:ff:
                    8d:47:e3:32:fd:8f:40:b3:f2:36:34:d8:b7:bb:f7:
                    13:50:6d:9e:da:4f:55:6b:22:2e:b3:f3:81:24:c0:
                    5e:fc:cc:a2:54:73:e0:10:18:8a:52:1a:50:0f:f4:
                    40:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:9C:38:1D:58:82:D6:FE:21:3C:AE:19:27:47:99:9A:83:09:53:47
            X509v3 Authority Key Identifier:
                keyid:4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/uJw4HViC1v4hPK4ZJ0eZmoMJU0c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.157.208.0/22
                IPv6:
                  2a03:afe1::-2a03:afe2:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         86:71:5f:01:51:a4:20:05:da:d4:3c:81:73:0b:0f:88:9c:5a:
         39:dd:ba:8c:88:f5:5c:b7:68:db:9f:f3:e3:c2:e9:30:a9:28:
         85:2c:98:96:3f:bc:b2:1f:c3:fc:d8:fa:5b:2b:d0:24:92:06:
         fe:bd:eb:1e:32:28:23:d4:07:ea:e7:ed:50:de:07:42:32:ae:
         d9:f1:02:8e:8d:a5:f5:05:26:1b:37:18:87:50:e7:05:50:3b:
         54:40:7c:8b:c0:26:11:ea:4e:55:93:2c:b0:e6:94:48:93:d0:
         98:a8:a0:5b:54:a7:16:e2:e9:f8:fe:d4:01:7b:73:51:c5:1e:
         6b:99:e9:81:12:2b:e9:df:c2:f7:1f:1a:60:35:90:41:77:22:
         49:bc:f3:68:a5:55:2d:da:28:51:d4:d4:53:0f:12:20:3f:8c:
         3b:d7:60:74:28:14:02:b4:06:82:4b:b2:1d:00:c7:45:a6:e4:
         c1:30:11:39:fc:0b:ec:e3:6c:d8:f6:12:e5:7a:a5:a9:a1:41:
         0e:7b:51:f8:cd:29:92:fc:89:45:9f:14:5c:0c:81:8b:96:bd:
         4d:20:40:08:e3:bb:bb:84:17:c3:19:61:3f:03:92:2a:3a:86:
         c7:89:76:d6:cb:93:61:6a:79:06:e3:ed:1b:37:3d:06:6e:b4:
         6c:50:00:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJu8OC09NjaYLCQbvaK2UtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMGYzOWUyY2FhZThlMmNmMTRiY2M0MWIyM2YzYzg2ZTFh
NzIwZjgwHhcNMjQwMTAyMTAzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODljMzgxZDU4ODJkNmZlMjEzY2FlMTkyNzQ3OTk5YTgzMDk1MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYhCyyUiH6rebvn2mn4/CurpyPys
2DIz+1T7Rmkmv3Dm55XvISKQSLoOMWUDVMv43BPDI41k5kXv0FAV2PM4qeP03QFc
bQn6dt5lSGHJnK9C68fZU4bA5rouSFqGJzUht7R6FstrAvzrQLspefzojDLm5Yd3
iIEXN0z2JbUkhdFxmZfBbP2nKovAC5K8P9bl5aDv6DSA6TNB9ICgVpkIsbeNrNHw
jJ2FTvr+ejzHWVFHS9iWSeP7ew8BRqDXph/43t7tQG4n5vazXUigKXwyCf+NR+My
/Y9As/I2NNi3u/cTUG2e2k9VayIus/OBJMBe/MyiVHPgEBiKUhpQD/RA+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLicOB1Ygtb+ITyuGSdHmZqDCVNHMB8GA1UdIwQY
MBaAFE4POeLKro4s8UvMQbI/PIbhpyD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMt
MWIwOGY3ZjUwMTVkLzEvdUp3NEhWaUMxdjRoUEs0WkowZVptb01KVTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMtMWIwOGY3ZjUwMTVk
LzEvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuZ3QMBYE
AgACMBAwDgMFACoDr+EDBQAqA6/iMA0GCSqGSIb3DQEBCwUAA4IBAQCGcV8BUaQg
BdrUPIFzCw+InFo53bqMiPVct2jbn/PjwukwqSiFLJiWP7yyH8P82PpbK9Akkgb+
veseMigj1Afq5+1Q3gdCMq7Z8QKOjaX1BSYbNxiHUOcFUDtUQHyLwCYR6k5Vkyyw
5pRIk9CYqKBbVKcW4un4/tQBe3NRxR5rmemBEivp38L3HxpgNZBBdyJJvPNopVUt
2ihR1NRTDxIgP4w712B0KBQCtAaCS7IdAMdFpuTBMBE5/Avs42zY9hLleqWpoUEO
e1H4zSmS/IlFnxRcDIGLlr1NIEAI47u7hBfDGWE/A5IqOobHiXbWy5NhankG4+0b
Nz0GbrRsUAD1
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:50:35 2024 by rpki-client on console-ams.rpki-client.org