Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Dc_BQ7aeiWscTMNJfQAJkXsGC4U.roa
File:                     Dc_BQ7aeiWscTMNJfQAJkXsGC4U.roa (raw, json)
Hash identifier:          PCQrE53BM44WFQy86ZLdbOn5ruLIXa6tZvAVxJHZTe0=
Subject key identifier:   0D:CF:C1:43:B6:9E:89:6B:1C:4C:C3:49:7D:00:09:91:7B:06:0B:85
Certificate issuer:       /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial:       018CC795893FC17E830DF950E84A7FAEA721
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Dc_BQ7aeiWscTMNJfQAJkXsGC4U.roa
Signing time:             Tue 02 Jan 2024 00:31:55 +0000
ROA not before:           Tue 02 Jan 2024 00:31:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47441
IP address blocks:        93.174.72.0/24 maxlen: 24
                          93.174.73.0/24 maxlen: 24
                          93.174.74.0/24 maxlen: 24
                          93.174.75.0/24 maxlen: 24
                          93.174.76.0/24 maxlen: 24
                          93.174.77.0/24 maxlen: 24
                          93.174.78.0/24 maxlen: 24
                          93.174.79.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:89:3f:c1:7e:83:0d:f9:50:e8:4a:7f:ae:a7:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
        Validity
            Not Before: Jan  2 00:31:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0dcfc143b69e896b1c4cc3497d0009917b060b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:96:b2:33:d4:c0:64:5a:ef:3e:28:7d:d9:54:
                    f4:58:c2:1a:48:5e:ef:7a:35:05:c1:d5:f2:fb:8e:
                    84:93:11:ac:1f:86:62:79:a4:7c:de:72:89:ab:d3:
                    b4:0f:89:2d:45:90:09:30:4e:ea:9e:81:23:40:a1:
                    d9:1c:a0:f5:e8:25:36:16:a9:55:26:a4:35:a0:28:
                    c4:ba:b5:d1:c4:6e:36:2d:bf:02:ca:14:6f:d8:38:
                    b7:a9:98:36:a1:63:c6:2d:d1:e3:d2:d6:71:7d:9c:
                    c4:e2:5c:1a:fb:84:7e:6b:21:63:11:d9:2b:27:79:
                    11:0a:06:10:20:0d:14:86:6a:c9:f6:d0:51:5a:8b:
                    a6:a6:92:14:d8:16:f6:16:b3:28:3a:ea:ad:c5:30:
                    96:e9:d0:c1:fc:88:43:9c:c7:4c:f7:c0:ef:fa:f9:
                    f2:3a:03:bb:4f:d7:85:96:51:8d:fe:ea:77:24:8b:
                    f4:26:45:87:96:b7:97:13:a9:74:56:d2:26:bb:3f:
                    dc:8e:75:5e:c8:89:c6:14:10:cb:a6:88:3a:33:d2:
                    7c:d1:8d:49:e0:42:a5:bc:3d:83:51:64:12:ac:05:
                    09:ca:2c:f9:cf:83:92:73:cf:06:fb:5d:c6:1a:a5:
                    f0:6f:0d:d7:f8:ee:00:b8:80:36:9f:a8:12:45:9a:
                    b5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:CF:C1:43:B6:9E:89:6B:1C:4C:C3:49:7D:00:09:91:7B:06:0B:85
            X509v3 Authority Key Identifier:
                keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/Dc_BQ7aeiWscTMNJfQAJkXsGC4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.174.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         77:43:80:27:81:79:2e:cf:14:64:36:1e:69:18:d3:b1:cb:8a:
         1a:c9:6c:e4:4f:95:db:c3:e8:28:17:a0:bb:16:86:9d:b6:2e:
         3a:fd:8d:59:d2:e3:26:0e:8f:a7:38:5a:69:ea:97:63:7a:7a:
         0f:99:41:6b:89:fd:66:ac:80:fb:be:9b:f8:b8:64:42:9f:c5:
         02:c8:6c:2d:2f:47:2a:a3:81:cc:cd:05:9c:9d:1a:82:97:ee:
         92:36:69:dc:e5:4c:46:96:d1:e6:c2:b7:85:5b:10:38:af:35:
         9d:3e:1a:f2:10:e3:78:cf:72:4f:d7:ee:ea:1c:59:ba:ab:22:
         57:39:4b:e4:95:84:f1:83:e3:cc:a1:a4:7a:89:69:50:e1:2f:
         19:1f:5d:50:b4:0f:0c:ab:a3:c1:b8:b4:c0:28:88:05:5c:f7:
         f0:ba:8b:2c:a3:23:26:8d:54:68:2f:70:d0:80:71:74:47:5a:
         07:0f:b7:22:52:e7:5c:56:94:cc:57:46:8d:66:a9:c5:17:e9:
         22:5b:bf:ca:bc:f1:e1:d6:7a:35:bc:7f:6e:da:7b:d9:01:95:
         c1:aa:bd:a2:75:bc:42:3a:e6:30:b9:fa:d9:d5:32:24:78:cc:
         02:10:ee:56:7c:af:ef:5e:8b:ab:da:2e:e5:c3:7a:7b:e5:06:
         bd:88:1b:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlYk/wX6DDflQ6Ep/rqchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNmYzE0M2I2OWU4OTZiMWM0Y2MzNDk3ZDAwMDk5MTdiMDYwYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpayM9TAZFrvPih92VT0WMIaSF7v
ejUFwdXy+46EkxGsH4ZieaR83nKJq9O0D4ktRZAJME7qnoEjQKHZHKD16CU2FqlV
JqQ1oCjEurXRxG42Lb8CyhRv2Di3qZg2oWPGLdHj0tZxfZzE4lwa+4R+ayFjEdkr
J3kRCgYQIA0UhmrJ9tBRWoumppIU2Bb2FrMoOuqtxTCW6dDB/IhDnMdM98Dv+vny
OgO7T9eFllGN/up3JIv0JkWHlreXE6l0VtImuz/cjnVeyInGFBDLpog6M9J80Y1J
4EKlvD2DUWQSrAUJyiz5z4OSc88G+13GGqXwbw3X+O4AuIA2n6gSRZq1CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3PwUO2nolrHEzDSX0ACZF7BguFMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvRGNfQlE3YWVpV3NjVE1OSmZRQUprWHNHQzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXa5IMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Q4AngXkuzxRkNh5pGNOxy4oayWzkT5Xbw+goF6C7
Foadti46/Y1Z0uMmDo+nOFpp6pdjenoPmUFrif1mrID7vpv4uGRCn8UCyGwtL0cq
o4HMzQWcnRqCl+6SNmnc5UxGltHmwreFWxA4rzWdPhryEON4z3JP1+7qHFm6qyJX
OUvklYTxg+PMoaR6iWlQ4S8ZH11QtA8Mq6PBuLTAKIgFXPfwuossoyMmjVRoL3DQ
gHF0R1oHD7ciUudcVpTMV0aNZqnFF+kiW7/KvPHh1no1vH9u2nvZAZXBqr2idbxC
OuYwufrZ1TIkeMwCEO5WfK/vXour2i7lw3p75Qa9iBuH
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:17 2024 by rpki-client on console-fra.rpki-client.org