Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/J3oPOoJNoTnwQ8JPLzUUYrYoaBk.roa
File:                     J3oPOoJNoTnwQ8JPLzUUYrYoaBk.roa (raw, json)
Hash identifier:          dnXAy4h14gi6aoApkaHY9G+78BNmofrlfgJN2q/EGlQ=
Subject key identifier:   27:7A:0F:3A:82:4D:A1:39:F0:43:C2:4F:2F:35:14:62:B6:28:68:19
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       018CC9BC2A5C123D1C6CC9EB80E9288FFC7F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/J3oPOoJNoTnwQ8JPLzUUYrYoaBk.roa
Signing time:             Tue 02 Jan 2024 10:33:21 +0000
ROA not before:           Tue 02 Jan 2024 10:33:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211593
IP address blocks:        45.87.251.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 09:40:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:2a:5c:12:3d:1c:6c:c9:eb:80:e9:28:8f:fc:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Jan  2 10:33:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=277a0f3a824da139f043c24f2f351462b6286819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:63:d0:27:c2:17:20:b3:66:2c:e2:0a:05:5d:
                    bc:a9:b2:d0:2b:48:34:c2:e7:fa:13:f1:b4:d2:42:
                    ca:d3:0d:62:0a:64:67:0e:b2:87:4c:95:78:7c:fd:
                    57:69:2e:00:37:65:86:18:37:a5:2a:9b:e9:62:b1:
                    e7:6f:67:c2:69:4b:8b:7d:8d:ec:7b:98:d4:17:ad:
                    0c:ac:ae:41:6e:a8:d4:13:86:de:34:8c:d3:e5:9d:
                    92:67:82:6b:bf:5a:a4:ef:a4:63:9f:1b:29:eb:aa:
                    5e:92:da:33:0c:6c:96:1b:01:a8:dd:ba:4c:aa:59:
                    75:5d:1a:60:32:cb:e6:8e:f8:a3:4c:f6:92:75:ba:
                    fd:b7:a1:28:d1:23:10:80:e7:85:b0:3e:c1:82:97:
                    2e:ea:55:29:59:b5:92:08:85:28:7e:a4:4f:76:be:
                    cb:9f:ea:cc:ce:da:14:29:b7:be:40:d3:52:10:de:
                    e2:67:8c:46:47:72:75:6d:ba:d7:24:f9:50:5f:09:
                    63:ef:c6:f1:16:1f:aa:5e:e8:5d:7d:8d:b3:f3:05:
                    64:52:c3:83:a5:86:c6:88:75:7a:80:57:60:74:37:
                    cc:da:23:db:e5:f6:7e:8a:e0:c1:cd:0c:ea:82:45:
                    d4:4a:00:4a:22:4b:14:06:64:b8:32:ad:97:f0:e3:
                    46:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7A:0F:3A:82:4D:A1:39:F0:43:C2:4F:2F:35:14:62:B6:28:68:19
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/J3oPOoJNoTnwQ8JPLzUUYrYoaBk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:d2:2e:31:4d:45:5d:a0:59:77:25:09:f5:3e:45:3a:a1:be:
         8f:2a:fb:ba:3a:aa:ec:4a:2b:d1:5e:96:6a:99:b2:c1:45:73:
         41:fc:98:cb:0f:a5:62:18:5a:3a:53:f5:9b:3a:ac:5e:54:26:
         96:29:b6:b8:a6:95:9b:a2:b3:77:07:0e:b9:74:84:c7:df:6e:
         9f:fc:d1:0f:6d:da:c5:b1:b8:a9:48:aa:0b:53:63:40:0b:89:
         db:c9:97:5a:07:dc:a0:b9:c6:9d:f9:d5:54:e8:9b:6f:e0:59:
         da:93:95:ce:db:ca:c7:aa:0d:e9:ca:78:eb:67:8f:51:67:63:
         9c:b9:8d:99:2e:f1:88:95:5e:f8:e3:5c:91:99:2e:9b:85:91:
         df:08:a4:4a:3a:98:a8:24:14:4d:13:6e:56:f1:ee:7c:d8:ce:
         15:f3:d1:15:ab:16:27:42:d8:60:06:b0:59:d7:be:6e:c9:1a:
         22:de:1b:1c:15:13:01:85:4e:8f:78:5e:99:68:09:6c:f5:fc:
         17:72:6b:b7:fa:8e:43:67:38:ee:a9:6f:ff:d6:f7:d5:8f:0f:
         a0:ca:c2:e5:93:cc:b3:20:6c:11:21:26:74:9a:98:d3:9d:55:
         a9:77:47:ae:e7:4b:8b:81:5d:13:0c:a7:b2:75:1e:8a:c3:f2:
         d6:2a:0f:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvCpcEj0cbMnrgOkoj/x/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdhMGYzYTgyNGRhMTM5ZjA0M2MyNGYyZjM1MTQ2MmI2Mjg2ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82PQJ8IXILNmLOIKBV28qbLQK0g0
wuf6E/G00kLK0w1iCmRnDrKHTJV4fP1XaS4AN2WGGDelKpvpYrHnb2fCaUuLfY3s
e5jUF60MrK5BbqjUE4beNIzT5Z2SZ4Jrv1qk76Rjnxsp66pektozDGyWGwGo3bpM
qll1XRpgMsvmjvijTPaSdbr9t6Eo0SMQgOeFsD7Bgpcu6lUpWbWSCIUofqRPdr7L
n+rMztoUKbe+QNNSEN7iZ4xGR3J1bbrXJPlQXwlj78bxFh+qXuhdfY2z8wVkUsOD
pYbGiHV6gFdgdDfM2iPb5fZ+iuDBzQzqgkXUSgBKIksUBmS4Mq2X8ONGAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCd6DzqCTaE58EPCTy81FGK2KGgZMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSjNvUE9vSk5vVG53UThKUEx6VVVZcllvYUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVf7MA0G
CSqGSIb3DQEBCwUAA4IBAQBt0i4xTUVdoFl3JQn1PkU6ob6PKvu6OqrsSivRXpZq
mbLBRXNB/JjLD6ViGFo6U/WbOqxeVCaWKba4ppWborN3Bw65dITH326f/NEPbdrF
sbipSKoLU2NAC4nbyZdaB9ygucad+dVU6Jtv4Fnak5XO28rHqg3pynjrZ49RZ2Oc
uY2ZLvGIlV7441yRmS6bhZHfCKRKOpioJBRNE25W8e582M4V89EVqxYnQthgBrBZ
175uyRoi3hscFRMBhU6PeF6ZaAls9fwXcmu3+o5DZzjuqW//1vfVjw+gysLlk8yz
IGwRISZ0mpjTnVWpd0eu50uLgV0TDKeydR6Kw/LWKg8L
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:28 2024 by rpki-client on console-ams.rpki-client.org