Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kM5DlOe4m1q7bzLfn_zIw--6y28.roa
File:                     kM5DlOe4m1q7bzLfn_zIw--6y28.roa (raw, json)
Hash identifier:          4dxgx2PdNglYmdQACqdoto1fZ94kGtFPTxtVmiAdItk=
Subject key identifier:   90:CE:43:94:E7:B8:9B:5A:BB:6F:32:DF:9F:FC:C8:C3:EF:BA:CB:6F
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       018FCA788817E62C2688DEE0A108D49E39C4
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kM5DlOe4m1q7bzLfn_zIw--6y28.roa
Signing time:             Thu 30 May 2024 17:07:27 +0000
ROA not before:           Thu 30 May 2024 17:07:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        45.80.221.0/24 maxlen: 24
                          45.80.222.0/24 maxlen: 24
                          45.80.223.0/24 maxlen: 24
                          178.23.185.0/24 maxlen: 24
                          194.62.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ca:78:88:17:e6:2c:26:88:de:e0:a1:08:d4:9e:39:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: May 30 17:07:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90ce4394e7b89b5abb6f32df9ffcc8c3efbacb6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cb:30:ca:93:fb:26:e9:0e:e5:3e:14:2b:ec:
                    48:c4:dd:fb:93:ad:66:da:3c:42:fc:86:30:41:96:
                    9e:bb:26:a9:9f:21:5f:57:1b:b7:bc:70:c0:44:c9:
                    54:85:46:f3:a2:d1:f4:0f:c6:c1:80:2b:e2:45:b9:
                    21:5c:72:d6:a7:61:02:03:8e:e2:0c:34:06:66:5f:
                    17:0b:61:28:de:7a:fd:4b:a3:5d:2c:29:c7:ae:79:
                    37:6c:3b:bb:20:bc:73:c7:6b:a7:64:2e:21:88:c1:
                    a0:96:78:ec:31:89:54:d1:02:f4:2b:07:fc:25:2e:
                    5a:f1:4a:22:99:6c:a4:7d:fc:71:35:2e:3f:d2:25:
                    0f:57:df:18:9b:67:d7:f9:a3:ea:24:6f:75:22:c6:
                    a8:d1:d6:26:ea:fe:f0:4c:49:24:4f:98:bf:59:f5:
                    d6:22:00:a4:4c:47:3d:43:9c:12:9d:0d:db:54:a0:
                    66:c8:d4:99:14:72:91:27:29:cb:0c:dc:5a:f4:4f:
                    e6:96:e0:8c:ae:4b:2d:9a:a5:a2:9f:ca:46:d5:38:
                    51:f8:de:e3:7d:6c:b4:45:dc:4b:ed:80:1c:61:1c:
                    d5:c6:e3:13:eb:3d:e8:a1:35:c2:d9:00:ae:aa:d6:
                    2b:1a:e6:db:ad:30:5d:4c:60:6e:27:8d:ef:a6:e1:
                    58:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:CE:43:94:E7:B8:9B:5A:BB:6F:32:DF:9F:FC:C8:C3:EF:BA:CB:6F
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/kM5DlOe4m1q7bzLfn_zIw--6y28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.221.0-45.80.223.255
                  178.23.185.0/24
                  194.62.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:c3:53:e1:47:f1:12:b8:65:b3:b1:4c:8d:e1:8b:42:e3:26:
         67:64:ee:cf:18:28:15:7e:01:23:9c:a8:a5:27:e2:02:43:f8:
         c5:b2:3b:4b:ea:cc:24:1c:f1:ac:6d:a1:e7:24:64:1c:b8:16:
         35:a1:b8:56:a1:70:22:7d:73:1f:c6:ee:43:3b:13:29:9c:ac:
         c4:bd:1a:67:3e:7d:6f:fd:e9:51:e6:eb:00:22:bd:4c:1e:32:
         b4:57:c7:25:c0:ad:ef:72:1b:4f:f4:86:0d:88:e0:10:4d:0f:
         7e:85:29:44:3d:85:75:53:05:fd:c6:b4:19:1a:76:f4:81:8d:
         7f:52:34:50:91:68:78:4c:91:dd:41:fd:04:f2:c0:f9:06:d2:
         b8:32:94:81:2e:f0:53:99:b9:87:ca:00:39:f9:50:c5:d1:d1:
         b7:78:4f:eb:17:a6:cf:44:f9:90:5e:28:43:39:7e:56:67:92:
         40:62:03:6a:15:73:30:b7:b8:ae:5a:3a:74:37:54:a7:4a:21:
         20:72:89:07:8f:7f:a3:a4:4d:7a:3f:54:b1:1b:8d:b7:8f:ef:
         49:50:aa:a8:47:71:d7:26:66:c6:1c:92:0f:82:a6:27:3f:ec:
         ee:8e:66:92:e4:ec:c1:b5:92:b1:d8:53:9c:57:ca:a7:f4:57:
         72:f6:39:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/KeIgX5iwmiN7goQjUnjnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwNTMwMTcwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNlNDM5NGU3Yjg5YjVhYmI2ZjMyZGY5ZmZjYzhjM2VmYmFjYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcswypP7JukO5T4UK+xIxN37k61m
2jxC/IYwQZaeuyapnyFfVxu3vHDARMlUhUbzotH0D8bBgCviRbkhXHLWp2ECA47i
DDQGZl8XC2Eo3nr9S6NdLCnHrnk3bDu7ILxzx2unZC4hiMGglnjsMYlU0QL0Kwf8
JS5a8UoimWykffxxNS4/0iUPV98Ym2fX+aPqJG91Isao0dYm6v7wTEkkT5i/WfXW
IgCkTEc9Q5wSnQ3bVKBmyNSZFHKRJynLDNxa9E/mluCMrkstmqWin8pG1ThR+N7j
fWy0RdxL7YAcYRzVxuMT6z3ooTXC2QCuqtYrGubbrTBdTGBuJ43vpuFYRQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJDOQ5TnuJtau28y35/8yMPvustvMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEva001RGxPZTRtMXE3YnpMZm5fekl3LS02eTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtUN0D
BAUtUMADBACyF7kDBADCPhIwDQYJKoZIhvcNAQELBQADggEBAF7DU+FH8RK4ZbOx
TI3hi0LjJmdk7s8YKBV+ASOcqKUn4gJD+MWyO0vqzCQc8axtoeckZBy4FjWhuFah
cCJ9cx/G7kM7EymcrMS9Gmc+fW/96VHm6wAivUweMrRXxyXAre9yG0/0hg2I4BBN
D36FKUQ9hXVTBf3GtBkadvSBjX9SNFCRaHhMkd1B/QTywPkG0rgylIEu8FOZuYfK
ADn5UMXR0bd4T+sXps9E+ZBeKEM5flZnkkBiA2oVczC3uK5aOnQ3VKdKISByiQeP
f6OkTXo/VLEbjbeP70lQqqhHcdcmZsYckg+Cpic/7O6OZpLk7MG1krHYU5xXyqf0
V3L2Of8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:29:35 2024 by rpki-client on console-ams.rpki-client.org