Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa
File:                     Wxn92WoBVGgluyYm4i3oKhsk9rk.roa (raw, json)
Hash identifier:          mBut43UPPE06f1b6GhkTyn2MKcEWgqTitgLfXGQ7qts=
Subject key identifier:   5B:19:FD:D9:6A:01:54:68:25:BB:26:26:E2:2D:E8:2A:1B:24:F6:B9
Certificate issuer:       /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial:       018F94ACD1AA084943096D85783BE41C9AD4
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa
Signing time:             Mon 20 May 2024 06:25:04 +0000
ROA not before:           Mon 20 May 2024 06:25:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197537
IP address blocks:        178.255.246.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 16:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:94:ac:d1:aa:08:49:43:09:6d:85:78:3b:e4:1c:9a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
        Validity
            Not Before: May 20 06:25:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5b19fdd96a01546825bb2626e22de82a1b24f6b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ea:c3:a8:5f:8d:47:87:0f:36:47:5d:b2:20:
                    5a:64:f6:d6:e0:1d:54:78:8b:d9:66:14:15:5c:86:
                    03:6e:2e:44:5b:19:9e:9a:c4:37:78:f9:24:2a:1c:
                    f2:97:da:61:11:0d:de:89:b1:f0:cf:b7:8c:51:c0:
                    8f:87:48:38:47:05:95:a3:57:e9:68:3f:54:fa:5c:
                    bf:7b:3d:27:73:ce:7e:9c:19:e4:2a:94:61:0f:ef:
                    46:3f:8f:b0:1e:cb:bb:92:20:5e:70:37:c2:0d:14:
                    01:a8:a2:0a:21:93:fb:87:19:b6:22:d9:f7:e7:ee:
                    e9:e9:37:11:7d:fa:3d:2f:84:d9:f8:ed:df:19:65:
                    d4:9f:88:78:e4:04:0e:ce:23:86:31:b5:d9:00:88:
                    26:93:d3:b3:32:6f:b9:d9:d4:0a:13:e3:11:28:61:
                    e6:9d:0f:82:a8:94:84:f1:c8:1f:d8:40:77:2b:4f:
                    b4:03:59:e1:16:3a:29:d7:f6:65:49:32:ee:93:e5:
                    8c:20:20:4a:ad:cb:e6:1d:0c:8e:39:97:dc:3a:89:
                    64:a6:55:c5:fa:df:d9:8f:4d:2f:d0:47:88:27:0a:
                    1d:a0:ae:4b:6e:5c:e9:d8:b8:2c:7d:bb:6c:4f:87:
                    dc:e7:16:f1:e0:50:6b:a9:8b:5e:aa:55:fe:a1:78:
                    34:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:19:FD:D9:6A:01:54:68:25:BB:26:26:E2:2D:E8:2A:1B:24:F6:B9
            X509v3 Authority Key Identifier:
                keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:71:7f:19:07:7e:f1:a4:18:77:3a:8c:a3:fc:9c:85:77:55:
         39:31:e4:23:30:61:31:4c:f4:a6:71:0f:08:ec:31:f9:f0:08:
         0a:eb:f3:dc:47:3a:56:e3:fe:04:18:09:86:5d:7f:5e:de:da:
         25:03:7b:8c:f6:d4:d2:ea:65:b4:ff:95:2b:0e:e6:19:5e:b9:
         31:fe:0a:bc:66:d8:fa:78:54:29:a6:aa:8c:31:ce:09:58:df:
         c1:70:aa:ed:82:4d:6f:a7:04:76:31:ef:ac:22:e2:e2:8f:c5:
         9a:ae:cd:0e:65:14:45:f6:80:4c:2a:07:7c:bf:de:c4:90:9b:
         4b:ee:e6:23:30:93:f5:88:e1:ae:4b:3b:c2:01:8a:33:24:b5:
         9d:97:b3:10:de:de:51:49:38:a3:8a:4b:4b:14:48:f5:9c:03:
         e6:45:15:92:48:fc:0d:6d:fd:a8:e4:76:59:f2:e1:d7:1d:40:
         55:b7:fb:b3:58:81:c9:66:f0:11:46:c7:ba:c0:32:29:cc:c3:
         31:5c:04:38:f1:c1:90:a2:f1:11:97:a0:57:44:60:66:67:17:
         1b:37:58:e2:71:c9:95:f0:71:70:05:5b:d6:45:75:ae:39:57:
         c8:6c:ec:84:ea:bd:a0:0a:a5:39:5e:78:47:01:9d:25:83:0e:
         94:1a:0d:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+UrNGqCElDCW2FeDvkHJrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNTIwMDYyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE5ZmRkOTZhMDE1NDY4MjViYjI2MjZlMjJkZTgyYTFiMjRmNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsurDqF+NR4cPNkddsiBaZPbW4B1U
eIvZZhQVXIYDbi5EWxmemsQ3ePkkKhzyl9phEQ3eibHwz7eMUcCPh0g4RwWVo1fp
aD9U+ly/ez0nc85+nBnkKpRhD+9GP4+wHsu7kiBecDfCDRQBqKIKIZP7hxm2Itn3
5+7p6TcRffo9L4TZ+O3fGWXUn4h45AQOziOGMbXZAIgmk9OzMm+52dQKE+MRKGHm
nQ+CqJSE8cgf2EB3K0+0A1nhFjop1/ZlSTLuk+WMICBKrcvmHQyOOZfcOolkplXF
+t/Zj00v0EeIJwodoK5Lblzp2LgsfbtsT4fc5xbx4FBrqYteqlX+oXg0VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsZ/dlqAVRoJbsmJuIt6CobJPa5MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvV3huOTJXb0JWR2dsdXlZbTRpM29LaHNrOXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv/2MA0G
CSqGSIb3DQEBCwUAA4IBAQBZcX8ZB37xpBh3Ooyj/JyFd1U5MeQjMGExTPSmcQ8I
7DH58AgK6/PcRzpW4/4EGAmGXX9e3tolA3uM9tTS6mW0/5UrDuYZXrkx/gq8Ztj6
eFQppqqMMc4JWN/BcKrtgk1vpwR2Me+sIuLij8Wars0OZRRF9oBMKgd8v97EkJtL
7uYjMJP1iOGuSzvCAYozJLWdl7MQ3t5RSTijiktLFEj1nAPmRRWSSPwNbf2o5HZZ
8uHXHUBVt/uzWIHJZvARRse6wDIpzMMxXAQ48cGQovERl6BXRGBmZxcbN1jiccmV
8HFwBVvWRXWuOVfIbOyE6r2gCqU5XnhHAZ0lgw6UGg2d
-----END CERTIFICATE-----
Generated at Sun Jun 16 22:28:47 2024 by rpki-client on console-fra.rpki-client.org