Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa
File:                     bR7N8t6FkReSkGztFMPOWbiknwM.roa (raw, json)
Hash identifier:          VvNjKhpxxyOpSEGayXD9KpT4PEe8JxQTzOUgoLVJKrk=
Subject key identifier:   6D:1E:CD:F2:DE:85:91:17:92:90:6C:ED:14:C3:CE:59:B8:A4:9F:03
Certificate issuer:       /CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
Certificate serial:       018CC6B9045A7DDC0484D3AECC91684FE794
Authority key identifier: 6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa
Signing time:             Mon 01 Jan 2024 20:31:03 +0000
ROA not before:           Mon 01 Jan 2024 20:31:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197792
IP address blocks:        185.37.184.0/22 maxlen: 22
                          31.209.96.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:03:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:04:5a:7d:dc:04:84:d3:ae:cc:91:68:4f:e7:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
        Validity
            Not Before: Jan  1 20:31:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d1ecdf2de85911792906ced14c3ce59b8a49f03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:72:8f:07:82:8b:2f:d2:c0:45:ef:84:64:c1:
                    d9:5b:e2:e6:9d:ed:4e:18:5d:dd:ec:66:7b:25:bc:
                    9a:f0:ad:8d:96:49:48:c2:1f:ed:f2:0d:8a:88:74:
                    3a:f4:17:6f:3c:36:10:9f:3e:69:83:60:1a:0a:b7:
                    84:11:30:38:eb:92:16:30:f8:2a:96:83:5d:cc:9a:
                    83:52:3b:8c:3e:b3:e1:be:31:9a:d0:90:21:f0:6b:
                    fb:68:f7:44:ad:98:80:48:32:d4:e7:c9:c4:a3:ba:
                    ec:09:84:70:38:50:e9:18:7e:5a:fe:92:9f:11:d9:
                    ac:48:b0:41:b0:13:89:57:77:26:04:c1:02:ac:ce:
                    50:bd:76:0b:5d:86:00:c2:1f:8b:96:27:65:7c:f0:
                    97:60:40:c2:b1:01:a5:13:81:4f:5f:9a:dd:13:27:
                    0a:08:a6:54:0e:18:4f:63:6e:7d:6e:36:e6:2b:a2:
                    cc:27:1f:e2:dd:b5:cb:f9:be:8c:dd:18:34:35:ee:
                    80:df:7e:fb:2f:c3:24:8a:cd:84:dd:6b:2a:4c:bc:
                    6a:bd:ac:09:ac:f2:8f:f0:c6:8b:4d:ea:ed:90:c6:
                    0f:3e:6b:12:cf:75:03:8e:62:51:cc:9d:5c:e0:6c:
                    17:b6:f7:ac:5d:41:c1:fc:c7:0e:fc:01:0e:d8:0e:
                    ab:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:1E:CD:F2:DE:85:91:17:92:90:6C:ED:14:C3:CE:59:B8:A4:9F:03
            X509v3 Authority Key Identifier:
                keyid:6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.209.96.0/20
                  185.37.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:7d:c4:e4:44:33:41:13:0f:03:6f:33:9a:c4:aa:dc:23:c5:
         bd:bb:3d:e9:b5:cc:c8:15:fe:7a:5c:e1:ff:08:5c:24:83:9f:
         e3:c1:3a:3f:66:f8:10:14:bf:45:4d:cb:af:6d:a6:b3:39:b6:
         fb:b8:19:5d:03:cf:ee:a8:70:4a:ad:b2:84:36:72:4e:99:a3:
         17:be:ef:c1:57:4a:65:25:5f:7b:2c:25:ea:d5:8d:62:27:1e:
         3e:a3:0d:b1:a2:34:19:75:85:67:ac:45:d7:4d:ea:59:b5:0c:
         2a:f3:a2:7b:43:ce:66:e1:67:9f:dc:6d:12:7c:33:95:a3:9e:
         e2:ed:b0:e8:ca:79:49:14:83:01:af:a5:75:00:36:f9:81:ad:
         0f:e3:67:2a:d5:38:46:ad:a5:47:8c:e0:85:88:e3:8c:d7:99:
         d4:cd:34:73:fa:72:0f:60:ea:0f:34:57:c6:af:07:ec:25:14:
         04:b6:dd:c1:83:f6:1c:8b:8e:dc:4c:90:e4:a4:fa:18:9e:4d:
         fe:ff:1a:41:e8:c6:57:dd:ab:29:8c:a8:cb:14:ff:12:b9:8c:
         77:ad:bf:1d:53:b6:23:8b:21:0e:c2:2c:9b:ff:0c:f8:12:4b:
         9e:8d:29:7d:6f:3b:a5:1b:c3:60:1d:2c:5a:b3:44:4d:6a:7c:
         0c:b0:77:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQRafdwEhNOuzJFoT+eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkN2I3OTYwNGFmMWYzOTA4ZjQ4MTc5NTY2MjYzNTNlZTZm
ZmMxZjQwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFlY2RmMmRlODU5MTE3OTI5MDZjZWQxNGMzY2U1OWI4YTQ5ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnKPB4KLL9LARe+EZMHZW+Lmne1O
GF3d7GZ7Jbya8K2NlklIwh/t8g2KiHQ69BdvPDYQnz5pg2AaCreEETA465IWMPgq
loNdzJqDUjuMPrPhvjGa0JAh8Gv7aPdErZiASDLU58nEo7rsCYRwOFDpGH5a/pKf
EdmsSLBBsBOJV3cmBMECrM5QvXYLXYYAwh+LlidlfPCXYEDCsQGlE4FPX5rdEycK
CKZUDhhPY259bjbmK6LMJx/i3bXL+b6M3Rg0Ne6A3377L8Mkis2E3WsqTLxqvawJ
rPKP8MaLTertkMYPPmsSz3UDjmJRzJ1c4GwXtvesXUHB/McO/AEO2A6riQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0ezfLehZEXkpBs7RTDzlm4pJ8DMB8GA1UdIwQY
MBaAFG17eWBK8fOQj0gXlWYmNT7m/8H0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlh0NVlFcng4NUNQU0JlVlppWTFQdWJfd2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85M2E3MzQtM2NiNy00MTJjLWI0NWYt
Mjc1YjZlOWZiYzYzLzEvYlI3Tjh0NkZrUmVTa0d6dEZNUE9XYmlrbndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85M2E3MzQtM2NiNy00MTJjLWI0NWYtMjc1YjZlOWZiYzYz
LzEvYlh0NVlFcng4NUNQU0JlVlppWTFQdWJfd2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9FgAwQC
uSW4MA0GCSqGSIb3DQEBCwUAA4IBAQCBfcTkRDNBEw8DbzOaxKrcI8W9uz3ptczI
Ff56XOH/CFwkg5/jwTo/ZvgQFL9FTcuvbaazObb7uBldA8/uqHBKrbKENnJOmaMX
vu/BV0plJV97LCXq1Y1iJx4+ow2xojQZdYVnrEXXTepZtQwq86J7Q85m4Wef3G0S
fDOVo57i7bDoynlJFIMBr6V1ADb5ga0P42cq1ThGraVHjOCFiOOM15nUzTRz+nIP
YOoPNFfGrwfsJRQEtt3Bg/Yci47cTJDkpPoYnk3+/xpB6MZX3aspjKjLFP8SuYx3
rb8dU7YjiyEOwiyb/wz4EkuejSl9bzulG8NgHSxas0RNanwMsHeD
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:48:11 2024 by rpki-client on console-ams.rpki-client.org