Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/SgnbJBHVBEdicvK3Ck3PfwmHPXo.roa
File:                     SgnbJBHVBEdicvK3Ck3PfwmHPXo.roa (raw, json)
Hash identifier:          8onPhXc3/nvhXkUcTcgwCH1n4KuC3aDA1coaibuiu7M=
Subject key identifier:   4A:09:DB:24:11:D5:04:47:62:72:F2:B7:0A:4D:CF:7F:09:87:3D:7A
Certificate issuer:       /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial:       018CEE475632D329B7758FA4CEC53B0E5567
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/SgnbJBHVBEdicvK3Ck3PfwmHPXo.roa
Signing time:             Tue 09 Jan 2024 12:51:41 +0000
ROA not before:           Tue 09 Jan 2024 12:51:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198769
IP address blocks:        109.107.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ee:47:56:32:d3:29:b7:75:8f:a4:ce:c5:3b:0e:55:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
        Validity
            Not Before: Jan  9 12:51:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a09db2411d504476272f2b70a4dcf7f09873d7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d7:f5:bb:aa:ca:b9:05:8b:79:a7:63:35:29:
                    1d:38:f3:b5:10:17:17:64:97:80:93:b4:67:2f:0b:
                    d5:d2:44:fb:7e:c4:22:2f:05:0c:cd:7c:49:3a:99:
                    28:28:ca:5c:1d:22:de:1a:e9:35:f6:64:cb:2e:4b:
                    3f:d3:94:e4:56:43:69:64:1d:e7:50:8d:9c:9b:77:
                    b3:4e:03:84:c4:dd:16:c1:77:00:10:1f:97:29:54:
                    da:26:3f:8c:6d:81:ca:71:4a:ef:1a:75:a4:5b:cc:
                    f4:66:50:ff:5f:a6:80:bf:d0:85:82:2f:46:97:72:
                    fa:d9:2b:4d:5f:d5:e4:ad:cb:17:c1:11:f9:35:23:
                    9f:8e:af:1b:e1:9b:9e:d0:94:5e:50:3c:7d:16:dd:
                    69:f0:a2:c3:7a:b3:05:f2:c4:2a:75:c7:74:30:c3:
                    cf:02:00:df:8b:cd:3f:a0:4c:36:44:da:5c:06:14:
                    7b:11:32:7f:20:d9:1f:bd:0b:4c:be:c5:fa:18:5a:
                    ca:71:dd:2a:59:e9:a4:57:77:99:a0:c3:77:08:2f:
                    aa:8f:44:81:3e:da:b4:16:bc:9f:94:5f:0f:57:85:
                    ee:a3:9d:cc:fc:7f:09:a8:7a:30:72:bd:26:19:61:
                    69:62:c9:6b:b5:b9:1e:6f:d3:8f:ed:32:65:79:3a:
                    cf:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:09:DB:24:11:D5:04:47:62:72:F2:B7:0A:4D:CF:7F:09:87:3D:7A
            X509v3 Authority Key Identifier:
                keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/SgnbJBHVBEdicvK3Ck3PfwmHPXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.107.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:c7:90:be:0d:00:6a:b5:59:bf:a2:5e:97:47:5e:cd:47:b6:
         de:92:e0:5c:a8:f8:04:71:7b:25:11:1b:83:52:dd:af:3c:c3:
         fe:5c:9f:4a:d0:b8:f5:b5:a1:a1:69:d9:cb:93:62:f2:47:00:
         64:14:3e:1a:c3:e0:42:e4:ee:21:76:04:e9:ac:90:65:92:df:
         43:0c:78:d6:d2:ef:a1:ec:92:cd:5b:00:4e:91:d8:0c:fc:ad:
         34:89:21:90:1c:bd:c8:d0:64:86:09:c0:be:1a:ee:40:14:84:
         01:cf:5a:68:a2:f9:4c:4b:41:8d:5b:95:4c:f8:81:ab:48:74:
         6e:0b:a7:e0:47:3e:d4:4f:b2:9f:02:c8:62:97:bd:da:51:a2:
         08:3c:fd:f2:01:4b:31:34:73:df:d7:28:37:f8:61:60:3d:d4:
         3e:c3:d4:c0:f0:ee:d7:df:ec:d6:60:ac:de:60:0b:6e:55:40:
         82:d1:3d:50:05:d8:f6:56:70:f9:64:89:93:cf:ed:09:a0:04:
         22:7f:6f:c2:81:cd:5d:90:bc:fe:12:fa:99:a1:f2:fb:2c:9b:
         dc:b5:f2:29:48:77:1e:30:10:b9:41:28:d6:56:0e:7c:17:86:
         97:56:51:f2:46:ff:83:69:ab:9b:5a:5f:38:ab:88:f3:e5:4c:
         41:c8:59:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzuR1Yy0ym3dY+kzsU7DlVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwMTA5MTI1MTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA5ZGIyNDExZDUwNDQ3NjI3MmYyYjcwYTRkY2Y3ZjA5ODczZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktf1u6rKuQWLeadjNSkdOPO1EBcX
ZJeAk7RnLwvV0kT7fsQiLwUMzXxJOpkoKMpcHSLeGuk19mTLLks/05TkVkNpZB3n
UI2cm3ezTgOExN0WwXcAEB+XKVTaJj+MbYHKcUrvGnWkW8z0ZlD/X6aAv9CFgi9G
l3L62StNX9XkrcsXwRH5NSOfjq8b4Zue0JReUDx9Ft1p8KLDerMF8sQqdcd0MMPP
AgDfi80/oEw2RNpcBhR7ETJ/INkfvQtMvsX6GFrKcd0qWemkV3eZoMN3CC+qj0SB
Ptq0FryflF8PV4Xuo53M/H8JqHowcr0mGWFpYslrtbkeb9OP7TJleTrPTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoJ2yQR1QRHYnLytwpNz38Jhz16MB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvU2duYkpCSFZCRWRpY3ZLM0NrM1Bmd21IUFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWupMA0G
CSqGSIb3DQEBCwUAA4IBAQC8x5C+DQBqtVm/ol6XR17NR7bekuBcqPgEcXslERuD
Ut2vPMP+XJ9K0Lj1taGhadnLk2LyRwBkFD4aw+BC5O4hdgTprJBlkt9DDHjW0u+h
7JLNWwBOkdgM/K00iSGQHL3I0GSGCcC+Gu5AFIQBz1poovlMS0GNW5VM+IGrSHRu
C6fgRz7UT7KfAshil73aUaIIPP3yAUsxNHPf1yg3+GFgPdQ+w9TA8O7X3+zWYKze
YAtuVUCC0T1QBdj2VnD5ZImTz+0JoAQif2/Cgc1dkLz+EvqZofL7LJvctfIpSHce
MBC5QSjWVg58F4aXVlHyRv+DaaubWl84q4jz5UxByFmX
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:51 2024 by rpki-client on console-fra.rpki-client.org