Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa
File:                     ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa (raw, json)
Hash identifier:          NWdmF6+DmnNG+7CDsQXZXSNfbTyAb9HyNpTTFxCyRxo=
Subject key identifier:   79:CD:72:0C:FD:4E:69:CA:D8:59:B4:4F:04:F6:1D:07:42:0A:43:D5
Certificate issuer:       /CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Certificate serial:       018CC9BBD3499DD0B1197D435BBC674F626A
Authority key identifier: A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa
Signing time:             Tue 02 Jan 2024 10:32:58 +0000
ROA not before:           Tue 02 Jan 2024 10:32:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211664
IP address blocks:        185.226.242.0/24 maxlen: 24
                          185.226.241.0/24 maxlen: 24
                          91.232.23.0/24 maxlen: 24
                          91.232.22.0/24 maxlen: 24
                          2a12:84c0:2::/48 maxlen: 48
                          2a12:84c0:1::/48 maxlen: 48
                          2a0c:7680:1337::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:d3:49:9d:d0:b1:19:7d:43:5b:bc:67:4f:62:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0dae7678a396969e6340c9dcb65cde9e329554a
        Validity
            Not Before: Jan  2 10:32:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=79cd720cfd4e69cad859b44f04f61d07420a43d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:05:13:07:20:a0:61:3c:08:be:8f:f4:d9:96:
                    b0:1c:49:6c:04:16:ac:72:72:26:88:09:3f:35:dc:
                    33:96:94:bb:7c:48:26:9d:2e:37:97:91:a1:38:76:
                    42:aa:9e:ff:dc:70:bd:58:76:56:67:74:c1:d3:74:
                    8a:2b:ca:51:51:89:38:99:c4:76:4f:27:34:3a:fd:
                    3b:46:37:a9:01:03:01:97:52:6b:63:21:e3:f2:a9:
                    d5:cf:17:8c:0a:18:20:a1:a6:1f:52:93:c9:aa:af:
                    a1:8a:a6:3f:d1:47:01:67:a2:5f:0c:2f:35:4b:66:
                    aa:8d:01:d7:39:5f:d5:f4:a8:fe:cf:20:4f:39:3a:
                    1d:5e:83:ff:6f:3c:73:72:3e:20:2e:72:1d:a2:1c:
                    ed:42:8c:df:fe:b4:ec:59:29:21:55:f1:42:ff:73:
                    d1:19:d9:ab:7a:2b:66:29:3a:28:64:11:fd:1b:05:
                    e7:a2:71:45:e9:27:a7:cf:84:6b:45:e5:c7:1e:9f:
                    32:0a:8e:48:36:3b:05:28:0d:85:06:39:9d:6b:64:
                    ff:67:eb:d1:d9:94:ec:3b:8d:77:bb:91:20:11:fc:
                    8f:2c:a3:45:c3:5f:fa:0e:91:37:51:7f:28:2f:4b:
                    73:d6:bc:cf:79:f4:e0:cc:81:2b:51:88:14:c7:ea:
                    70:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:CD:72:0C:FD:4E:69:CA:D8:59:B4:4F:04:F6:1D:07:42:0A:43:D5
            X509v3 Authority Key Identifier:
                keyid:A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.22.0/23
                  185.226.241.0-185.226.242.255
                IPv6:
                  2a0c:7680:1337::/48
                  2a12:84c0:1::-2a12:84c0:2:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         45:99:37:ab:f5:81:9e:8f:ee:92:0c:98:95:96:68:a8:4e:79:
         9c:45:a2:23:6c:cb:fe:50:43:7a:d0:0d:6c:a8:f5:38:ee:3b:
         70:17:f0:06:42:4d:e7:e1:4d:15:f9:d6:88:43:11:63:4c:02:
         1d:a9:91:16:f1:d7:92:55:54:b1:94:f9:f7:19:74:cc:57:5c:
         7d:d2:ac:b0:93:38:a7:cb:ee:87:48:e1:75:8f:76:33:d4:77:
         c3:2e:af:fe:38:94:bb:2e:96:bd:10:43:95:c8:dc:8a:31:27:
         40:37:30:4c:c6:87:35:44:5b:25:37:7f:26:e4:1c:85:9e:37:
         08:fd:04:ad:55:22:10:e9:47:22:97:ba:95:23:ff:09:26:ed:
         46:a7:0c:cd:90:9e:bd:9d:06:06:fc:3a:62:b6:07:0e:91:ee:
         78:8b:d2:1a:14:40:b0:92:ca:8c:ff:7d:8c:46:c0:74:73:be:
         36:5d:e9:86:a9:e3:53:df:f5:b7:15:b4:77:54:85:b9:a3:5a:
         c4:86:43:39:df:52:99:10:31:7c:3e:0e:08:a4:ae:3c:61:2f:
         e2:4b:91:49:a6:aa:72:8c:60:34:c0:67:ae:cb:89:b1:04:75:
         06:9c:64:8a:e6:ab:22:63:26:db:3a:ff:00:04:df:bc:f3:fe:
         da:9d:2a:b3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJu9NJndCxGX1DW7xnT2JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGFlNzY3OGEzOTY5NjllNjM0MGM5ZGNiNjVjZGU5ZTMy
OTU1NGEwHhcNMjQwMTAyMTAzMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWNkNzIwY2ZkNGU2OWNhZDg1OWI0NGYwNGY2MWQwNzQyMGE0M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQUTByCgYTwIvo/02ZawHElsBBas
cnImiAk/NdwzlpS7fEgmnS43l5GhOHZCqp7/3HC9WHZWZ3TB03SKK8pRUYk4mcR2
Tyc0Ov07RjepAQMBl1JrYyHj8qnVzxeMChggoaYfUpPJqq+hiqY/0UcBZ6JfDC81
S2aqjQHXOV/V9Kj+zyBPOTodXoP/bzxzcj4gLnIdohztQozf/rTsWSkhVfFC/3PR
GdmreitmKTooZBH9GwXnonFF6Senz4RrReXHHp8yCo5INjsFKA2FBjmda2T/Z+vR
2ZTsO413u5EgEfyPLKNFw1/6DpE3UX8oL0tz1rzPefTgzIErUYgUx+pwcwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHnNcgz9TmnK2Fm0TwT2HQdCCkPVMB8GA1UdIwQY
MBaAFKDa52eKOWlp5jQMnctlzenjKVVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDct
ZjczNWUzZGFmZDUzLzEvZWMxeURQMU9hY3JZV2JSUEJQWWRCMElLUTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDctZjczNWUzZGFmZDUz
LzEvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAaBAIAATAUAwQBW+gWMAwD
BAC54vEDBAC54vIwIwQCAAIwHQMHACoMdoATNzASAwcAKhKEwAABAwcAKhKEwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBFmTer9YGej+6SDJiVlmioTnmcRaIjbMv+UEN6
0A1sqPU47jtwF/AGQk3n4U0V+daIQxFjTAIdqZEW8deSVVSxlPn3GXTMV1x90qyw
kziny+6HSOF1j3Yz1HfDLq/+OJS7Lpa9EEOVyNyKMSdANzBMxoc1RFslN38m5ByF
njcI/QStVSIQ6Ucil7qVI/8JJu1GpwzNkJ69nQYG/DpitgcOke54i9IaFECwksqM
/32MRsB0c742XemGqeNT3/W3FbR3VIW5o1rEhkM531KZEDF8Pg4IpK48YS/iS5FJ
pqpyjGA0wGeuy4mxBHUGnGSK5qsiYybbOv8ABN+88/7anSqz
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:30 2024 by rpki-client on console-fra.rpki-client.org