Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/WMMI3tbCPHwcJUozpnhkLJo8L5o.roa
File:                     WMMI3tbCPHwcJUozpnhkLJo8L5o.roa (raw, json)
Hash identifier:          fH/qfJ5xUWtqTFOOB/JrmaJZbRozVfA0gGQsGrQYAqc=
Subject key identifier:   58:C3:08:DE:D6:C2:3C:7C:1C:25:4A:33:A6:78:64:2C:9A:3C:2F:9A
Certificate issuer:       /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial:       018CC3B6AEEE203DEBC0763FCA0AE66A3E98
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/WMMI3tbCPHwcJUozpnhkLJo8L5o.roa
Signing time:             Mon 01 Jan 2024 06:29:38 +0000
ROA not before:           Mon 01 Jan 2024 06:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34663
IP address blocks:        2a04:9a01:1000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:ae:ee:20:3d:eb:c0:76:3f:ca:0a:e6:6a:3e:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
        Validity
            Not Before: Jan  1 06:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=58c308ded6c23c7c1c254a33a678642c9a3c2f9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:73:c2:20:50:56:0d:38:9c:20:66:43:d0:ce:
                    39:2d:00:cf:e7:42:e4:db:aa:3c:53:17:4b:3d:0b:
                    49:bd:1d:a9:b1:07:b7:1a:0b:88:97:42:53:72:5c:
                    ea:ce:5a:1d:b6:68:d7:66:72:4f:3f:2e:01:f1:43:
                    4f:36:e8:7f:df:2c:8b:ae:4a:91:5c:30:f8:cc:ca:
                    27:bd:49:29:80:a2:fe:35:de:46:ea:16:71:c6:c7:
                    c6:06:56:c2:ca:19:d3:93:6e:32:bf:73:3e:fd:e1:
                    6e:bc:13:48:eb:e1:c1:74:9b:8d:b6:5c:25:a4:08:
                    fd:37:dc:df:ca:ef:52:e6:63:d8:f2:c5:fd:eb:0d:
                    ec:36:7d:fd:2f:7f:49:21:84:f7:4b:77:af:1f:64:
                    df:d9:06:b0:9c:46:b6:53:2a:dc:97:62:4e:8c:df:
                    76:7d:b0:c4:90:df:7a:cf:a4:4d:be:9c:4a:06:08:
                    c1:45:fd:f5:1d:4d:25:d3:d6:ea:9a:c1:3a:a7:bd:
                    18:6d:c6:dd:cb:e6:01:f2:1c:35:e6:da:c0:98:79:
                    0f:08:25:6d:2e:50:91:ec:00:42:98:30:19:38:d5:
                    86:13:56:e4:4e:8e:7f:11:6e:48:5d:f3:22:b8:fc:
                    1e:19:f7:28:ca:cc:65:1f:2b:36:48:1f:02:3c:d3:
                    27:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:C3:08:DE:D6:C2:3C:7C:1C:25:4A:33:A6:78:64:2C:9A:3C:2F:9A
            X509v3 Authority Key Identifier:
                keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/WMMI3tbCPHwcJUozpnhkLJo8L5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:9a01:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         08:88:eb:d5:1a:1d:39:9a:db:75:3e:75:49:3d:95:9f:58:3d:
         d9:fe:01:a1:15:de:fc:fe:a8:23:75:5f:59:9e:ad:bb:bf:e7:
         1f:dd:09:37:1a:7c:77:4c:fe:a5:d2:8d:bc:05:d3:f8:1a:c4:
         1a:81:10:5b:27:6c:87:f9:bf:cd:ad:5f:e2:ec:4c:88:06:d5:
         f6:5a:3b:b4:96:04:d7:4a:2d:01:77:36:13:25:6d:78:20:e2:
         86:37:93:c5:a5:d2:75:eb:f5:7b:ca:25:3b:f3:41:56:9a:c3:
         15:ba:b9:2c:23:ee:7f:27:24:8a:27:13:21:d4:e5:52:4b:95:
         1f:23:2d:95:0f:4c:f1:a1:f8:0e:75:bd:23:95:18:31:f3:16:
         df:42:b3:2e:ac:f1:ca:b3:97:28:5e:62:7c:c3:07:ef:79:0e:
         14:9d:bb:28:9c:9f:fb:99:57:5b:f7:43:1d:f0:9f:39:c9:ac:
         1d:dd:19:ef:76:bd:8c:87:24:4f:ec:19:b6:3b:24:07:b9:b2:
         ea:4c:8f:74:fa:0a:76:da:bd:17:ef:6b:25:61:b3:93:df:57:
         a5:73:d9:5d:2e:35:62:07:e9:44:85:f5:97:57:7c:7d:f2:04:
         aa:6c:6c:f6:d5:9e:6a:01:58:37:69:01:5c:11:cc:6d:0d:19:
         a6:47:2d:72
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDtq7uID3rwHY/ygrmaj6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGMzMDhkZWQ2YzIzYzdjMWMyNTRhMzNhNjc4NjQyYzlhM2MyZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHPCIFBWDTicIGZD0M45LQDP50Lk
26o8UxdLPQtJvR2psQe3GguIl0JTclzqzlodtmjXZnJPPy4B8UNPNuh/3yyLrkqR
XDD4zMonvUkpgKL+Nd5G6hZxxsfGBlbCyhnTk24yv3M+/eFuvBNI6+HBdJuNtlwl
pAj9N9zfyu9S5mPY8sX96w3sNn39L39JIYT3S3evH2Tf2QawnEa2Uyrcl2JOjN92
fbDEkN96z6RNvpxKBgjBRf31HU0l09bqmsE6p70Ybcbdy+YB8hw15trAmHkPCCVt
LlCR7ABCmDAZONWGE1bkTo5/EW5IXfMiuPweGfcoysxlHys2SB8CPNMnYQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFjDCN7Wwjx8HCVKM6Z4ZCyaPC+aMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvV01NSTN0YkNQSHdjSlVvenBuaGtMSm84TDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgSaARAw
DQYJKoZIhvcNAQELBQADggEBAAiI69UaHTma23U+dUk9lZ9YPdn+AaEV3vz+qCN1
X1merbu/5x/dCTcafHdM/qXSjbwF0/gaxBqBEFsnbIf5v82tX+LsTIgG1fZaO7SW
BNdKLQF3NhMlbXgg4oY3k8Wl0nXr9XvKJTvzQVaawxW6uSwj7n8nJIonEyHU5VJL
lR8jLZUPTPGh+A51vSOVGDHzFt9Csy6s8cqzlyheYnzDB+95DhSduyicn/uZV1v3
Qx3wnznJrB3dGe92vYyHJE/sGbY7JAe5supMj3T6CnbavRfvayVhs5PfV6Vz2V0u
NWIH6USF9ZdXfH3yBKpsbPbVnmoBWDdpAVwRzG0NGaZHLXI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:15:40 2024 by rpki-client on console-ams.rpki-client.org