Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Q4aKzuKQcgX50MlBztxa6HU46jA.roa
File:                     Q4aKzuKQcgX50MlBztxa6HU46jA.roa (raw, json)
Hash identifier:          cbl/cso0tWlmSWlEs785PG36HyXKWDL4j4gIFNwLAGU=
Subject key identifier:   43:86:8A:CE:E2:90:72:05:F9:D0:C9:41:CE:DC:5A:E8:75:38:EA:30
Certificate issuer:       /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial:       018CC94CC572F406F05398BD51BC0ABD1ED8
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Q4aKzuKQcgX50MlBztxa6HU46jA.roa
Signing time:             Tue 02 Jan 2024 08:31:40 +0000
ROA not before:           Tue 02 Jan 2024 08:31:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25227
IP address blocks:        92.63.201.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:c5:72:f4:06:f0:53:98:bd:51:bc:0a:bd:1e:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
        Validity
            Not Before: Jan  2 08:31:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=43868acee2907205f9d0c941cedc5ae87538ea30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:09:a6:d5:f0:16:e2:ac:78:88:5d:42:39:01:
                    ff:9d:68:0a:c8:01:bf:41:37:17:35:08:e4:31:0d:
                    bf:8d:c1:55:89:d1:e7:1a:b4:f7:2d:c5:4a:82:38:
                    fe:e3:37:4c:e1:64:96:ec:5d:61:b3:35:e5:e3:40:
                    64:47:7a:06:9a:d9:a0:5c:ce:bf:55:c8:b7:46:b8:
                    72:4a:a8:e4:b2:2b:17:98:fe:e8:25:54:74:c4:4b:
                    a9:84:71:80:4f:9d:61:5e:9b:74:af:72:40:ee:a2:
                    c3:fc:1c:e7:be:7f:25:7b:f8:36:5d:65:32:a1:23:
                    f4:27:69:b1:47:ef:3e:0c:e8:60:6e:37:49:a8:b2:
                    1f:90:aa:6d:4d:eb:6e:82:d1:28:3e:42:1f:0c:eb:
                    ad:0c:f1:b5:fc:a8:b8:85:2a:19:03:91:1e:a6:a7:
                    84:01:ee:f8:62:77:5d:16:7c:22:bf:8e:ec:53:c4:
                    8c:cb:6d:d0:73:e1:d1:af:0a:96:36:3c:b2:e9:7b:
                    a1:d6:a6:ad:b0:16:f0:51:10:f7:96:f4:75:b5:c2:
                    d2:06:f7:06:21:99:36:b0:d6:57:b1:73:50:ab:69:
                    3a:64:73:3d:d2:04:4c:11:25:51:c7:0e:26:8b:8f:
                    a3:10:dd:e0:18:01:66:05:8d:f5:22:e6:b0:2a:86:
                    da:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:86:8A:CE:E2:90:72:05:F9:D0:C9:41:CE:DC:5A:E8:75:38:EA:30
            X509v3 Authority Key Identifier:
                keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/Q4aKzuKQcgX50MlBztxa6HU46jA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.63.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:7a:7f:00:dc:3a:b0:53:b4:74:cc:55:4e:ca:e1:51:a3:84:
         af:0b:96:5f:6d:88:b8:c4:51:4f:68:92:91:ff:7a:1b:bb:4f:
         2a:17:b5:f5:22:83:c6:d3:1c:f1:87:82:ed:06:c1:ef:92:2f:
         6b:44:47:3b:5b:6e:f1:3d:da:e7:fd:34:13:88:83:07:5b:a5:
         e8:8a:cb:b2:e3:fe:ec:fa:68:ef:a3:f6:43:b2:3d:e5:d9:ab:
         bd:6a:93:2f:b9:18:31:a6:aa:69:a8:f8:32:77:7e:39:53:c4:
         5e:db:92:65:50:93:9f:a0:47:a6:29:25:88:01:2a:e1:fc:83:
         17:60:05:3f:17:6a:64:21:cb:f6:26:3d:e0:c1:bf:ee:db:38:
         8a:6f:0a:7e:8f:9a:3c:eb:35:bc:0f:46:d1:99:db:df:ae:ad:
         98:af:5e:4c:aa:52:01:b9:7e:ba:73:52:4f:c0:d1:91:13:3d:
         f7:e7:81:45:45:b2:81:70:b8:19:2c:80:24:e6:31:46:3e:ed:
         8a:c4:2a:df:92:f9:03:7c:2a:a1:be:ec:80:b2:57:b9:81:6e:
         46:2f:34:4a:36:1b:34:af:bc:35:2c:34:ac:8d:70:16:21:cb:
         5f:be:46:11:1d:75:19:ee:11:7e:af:81:8e:b0:cc:7c:7e:bb:
         02:d4:40:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTMVy9AbwU5i9UbwKvR7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTAyMDgzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg2OGFjZWUyOTA3MjA1ZjlkMGM5NDFjZWRjNWFlODc1MzhlYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwmm1fAW4qx4iF1COQH/nWgKyAG/
QTcXNQjkMQ2/jcFVidHnGrT3LcVKgjj+4zdM4WSW7F1hszXl40BkR3oGmtmgXM6/
Vci3RrhySqjksisXmP7oJVR0xEuphHGAT51hXpt0r3JA7qLD/Bznvn8le/g2XWUy
oSP0J2mxR+8+DOhgbjdJqLIfkKptTetugtEoPkIfDOutDPG1/Ki4hSoZA5EepqeE
Ae74YnddFnwiv47sU8SMy23Qc+HRrwqWNjyy6Xuh1qatsBbwURD3lvR1tcLSBvcG
IZk2sNZXsXNQq2k6ZHM90gRMESVRxw4mi4+jEN3gGAFmBY31IuawKobawwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOGis7ikHIF+dDJQc7cWuh1OOowMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvUTRhS3p1S1FjZ1g1ME1sQnp0eGE2SFU0NmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD/JMA0G
CSqGSIb3DQEBCwUAA4IBAQBsen8A3DqwU7R0zFVOyuFRo4SvC5ZfbYi4xFFPaJKR
/3obu08qF7X1IoPG0xzxh4LtBsHvki9rREc7W27xPdrn/TQTiIMHW6Xoisuy4/7s
+mjvo/ZDsj3l2au9apMvuRgxpqppqPgyd345U8Re25JlUJOfoEemKSWIASrh/IMX
YAU/F2pkIcv2Jj3gwb/u2ziKbwp+j5o86zW8D0bRmdvfrq2Yr15MqlIBuX66c1JP
wNGREz3354FFRbKBcLgZLIAk5jFGPu2KxCrfkvkDfCqhvuyAsle5gW5GLzRKNhs0
r7w1LDSsjXAWIctfvkYRHXUZ7hF+r4GOsMx8frsC1EAv
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:16:56 2024 by rpki-client on console-fra.rpki-client.org