Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Tnmwf58ZqiaSDbieiWisiJYOhdY.roa
File:                     Tnmwf58ZqiaSDbieiWisiJYOhdY.roa (raw, json)
Hash identifier:          LsqUvWFvTKzgt4fEhCi44TOqnGXOLJAnWVNFSVMbUmo=
Subject key identifier:   4E:79:B0:7F:9F:19:AA:26:92:0D:B8:9E:89:68:AC:88:96:0E:85:D6
Certificate issuer:       /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial:       018CF249A14BA2E8B6081A406BD2E7E98795
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Tnmwf58ZqiaSDbieiWisiJYOhdY.roa
Signing time:             Wed 10 Jan 2024 07:32:40 +0000
ROA not before:           Wed 10 Jan 2024 07:32:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62419
IP address blocks:        62.201.237.0/24 maxlen: 24
                          185.90.104.0/22 maxlen: 24
                          185.90.104.0/24 maxlen: 24
                          185.90.105.0/24 maxlen: 24
                          62.201.248.0/24 maxlen: 24
                          185.90.106.0/24 maxlen: 24
                          185.90.107.0/24 maxlen: 24
                          62.201.192.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f2:49:a1:4b:a2:e8:b6:08:1a:40:6b:d2:e7:e9:87:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
        Validity
            Not Before: Jan 10 07:32:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4e79b07f9f19aa26920db89e8968ac88960e85d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1c:2b:09:f1:b5:8c:4a:0a:43:0a:b7:86:99:
                    b4:dd:83:7d:f9:f6:5c:1d:a6:af:56:c0:97:3a:53:
                    f7:ce:ec:ff:25:3b:b5:55:2b:aa:be:fc:51:85:64:
                    fc:1a:c4:1f:43:2e:5a:d4:67:5a:90:36:eb:ea:8c:
                    96:db:c5:c0:af:e1:ff:d4:24:13:ef:67:0a:a6:38:
                    b4:76:d6:b1:fd:08:46:bb:ef:e4:45:6a:4e:f7:00:
                    11:5a:cf:d8:ff:f1:e4:27:1a:28:cf:0c:b2:f3:eb:
                    37:28:0f:da:f9:19:4e:41:20:25:21:90:74:87:9f:
                    52:81:81:69:31:e3:44:ae:b2:9c:aa:ac:a3:2b:6c:
                    d5:89:fb:3f:2a:07:f6:7f:b3:86:ef:ae:0d:40:8c:
                    ec:c0:d7:b4:3e:36:53:6d:79:e7:41:33:cc:05:7e:
                    b3:1d:21:3a:74:ab:4c:a5:2c:c9:b8:54:67:03:08:
                    5f:40:9c:6a:79:76:5a:dc:35:0f:0d:9d:d7:d0:27:
                    ea:57:d1:2e:7e:5a:54:d1:ca:e4:86:70:d8:b2:fe:
                    dc:e8:81:79:09:3e:43:4e:4c:df:b0:68:70:81:64:
                    d6:21:8c:5b:de:64:23:bf:44:7d:3a:7c:a9:b8:27:
                    72:75:2b:5a:5a:12:15:ad:fc:5f:46:67:0e:25:a6:
                    c2:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:79:B0:7F:9F:19:AA:26:92:0D:B8:9E:89:68:AC:88:96:0E:85:D6
            X509v3 Authority Key Identifier:
                keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Tnmwf58ZqiaSDbieiWisiJYOhdY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.201.192.0/24
                  62.201.237.0/24
                  62.201.248.0/24
                  185.90.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:e5:96:19:6c:1c:3a:95:0b:d4:a6:cd:50:61:a8:ae:95:2f:
         98:9f:00:f0:9e:e9:90:b5:b9:82:f4:7b:a3:37:da:c4:72:97:
         d1:cc:2e:5e:19:d6:6f:04:67:f2:73:77:3b:a4:16:6a:64:36:
         55:7c:cf:83:65:18:28:7e:cd:5d:3e:12:c8:b8:1e:73:5a:e2:
         e6:2b:30:fb:de:b0:11:05:60:39:b5:72:42:79:fe:0c:74:1d:
         bd:f3:e9:6c:77:6f:4c:19:3c:e4:47:ee:83:54:cf:35:47:72:
         4e:51:c4:95:71:df:4d:67:c5:44:b8:91:ab:50:11:d3:f1:db:
         c5:e0:4b:fb:e6:82:da:c0:19:6a:84:8a:09:2c:c6:25:e6:1b:
         6a:82:dd:77:10:0f:60:ac:de:3c:fb:f0:32:4a:f3:45:a9:28:
         33:bc:22:34:75:67:8a:06:97:2f:aa:b2:97:54:8c:d4:45:e9:
         8a:56:9c:48:e8:95:50:24:3d:13:be:54:58:0c:e0:05:6c:05:
         32:75:e1:d2:1d:52:f4:3c:6f:3c:b6:59:d1:d3:38:49:6f:ae:
         9f:d8:e2:a8:78:01:00:73:c5:51:05:5b:37:40:7d:05:d9:bf:
         63:9f:57:5c:bc:95:28:4a:b5:17:bf:e9:fe:e4:24:f2:78:81:
         07:16:c6:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzySaFLoui2CBpAa9Ln6YeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjQwMTEwMDczMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc5YjA3ZjlmMTlhYTI2OTIwZGI4OWU4OTY4YWM4ODk2MGU4NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxwrCfG1jEoKQwq3hpm03YN9+fZc
HaavVsCXOlP3zuz/JTu1VSuqvvxRhWT8GsQfQy5a1GdakDbr6oyW28XAr+H/1CQT
72cKpji0dtax/QhGu+/kRWpO9wARWs/Y//HkJxoozwyy8+s3KA/a+RlOQSAlIZB0
h59SgYFpMeNErrKcqqyjK2zVifs/Kgf2f7OG764NQIzswNe0PjZTbXnnQTPMBX6z
HSE6dKtMpSzJuFRnAwhfQJxqeXZa3DUPDZ3X0CfqV9EuflpU0crkhnDYsv7c6IF5
CT5DTkzfsGhwgWTWIYxb3mQjv0R9OnypuCdydStaWhIVrfxfRmcOJabCUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE55sH+fGaomkg24nolorIiWDoXWMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvVG5td2Y1OFpxaWFTRGJpZWlXaXNpSllPaGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPsnAAwQA
PsntAwQAPsn4AwQCuVpoMA0GCSqGSIb3DQEBCwUAA4IBAQAn5ZYZbBw6lQvUps1Q
YaiulS+YnwDwnumQtbmC9HujN9rEcpfRzC5eGdZvBGfyc3c7pBZqZDZVfM+DZRgo
fs1dPhLIuB5zWuLmKzD73rARBWA5tXJCef4MdB298+lsd29MGTzkR+6DVM81R3JO
UcSVcd9NZ8VEuJGrUBHT8dvF4Ev75oLawBlqhIoJLMYl5htqgt13EA9grN48+/Ay
SvNFqSgzvCI0dWeKBpcvqrKXVIzURemKVpxI6JVQJD0TvlRYDOAFbAUydeHSHVL0
PG88tlnR0zhJb66f2OKoeAEAc8VRBVs3QH0F2b9jn1dcvJUoSrUXv+n+5CTyeIEH
FsYD
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:51:57 2024 by rpki-client on console-ams.rpki-client.org