Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/jzXWWbqdHkFOleKSrj-uvOyLCus.roa
File:                     jzXWWbqdHkFOleKSrj-uvOyLCus.roa (raw, json)
Hash identifier:          CXmZa0xsGkQun8Jl/V5Ilg5GsmRT0oKFnH2rh4Tvii0=
Subject key identifier:   8F:35:D6:59:BA:9D:1E:41:4E:95:E2:92:AE:3F:AE:BC:EC:8B:0A:EB
Certificate issuer:       /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial:       018E3D697471E6A6CCA3D87DCC1263D69AEB
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/jzXWWbqdHkFOleKSrj-uvOyLCus.roa
Signing time:             Thu 14 Mar 2024 14:41:44 +0000
ROA not before:           Thu 14 Mar 2024 14:41:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     33915
IP address blocks:        2a07:3500:1170::/48 maxlen: 48
                          2a07:3500:1240::/46 maxlen: 46
                          2a07:3500:12d0::/48 maxlen: 48
                          2a07:3500:12f8::/48 maxlen: 48
                          2a07:3500:15a0::/48 maxlen: 48
                          2a07:3500:15c0::/48 maxlen: 48
                          2a07:3500:17f8::/48 maxlen: 48
                          2a07:3500:1890::/48 maxlen: 48
                          2a07:3500:1b90::/48 maxlen: 48
                          2a07:3501:1340::/48 maxlen: 48
                          2a07:3502:1050::/48 maxlen: 48
                          2a07:3502:1060::/48 maxlen: 48
                          2a07:3502:10a1::/48 maxlen: 48
                          2a07:3502:10c0::/48 maxlen: 48
                          2a07:3502:11a0::/46 maxlen: 46

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3d:69:74:71:e6:a6:cc:a3:d8:7d:cc:12:63:d6:9a:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
        Validity
            Not Before: Mar 14 14:41:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f35d659ba9d1e414e95e292ae3faebcec8b0aeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8f:c3:d9:34:80:72:e6:85:b6:7e:36:6c:02:
                    46:37:a0:51:47:ff:9e:14:1a:73:f8:1c:8f:89:47:
                    28:2c:57:ee:60:b3:7e:0d:9d:be:00:c5:2a:83:77:
                    d1:b4:1e:83:b8:e7:c3:0f:57:da:ef:20:c3:dd:75:
                    1b:61:73:92:29:2c:15:d7:4c:f1:ac:81:88:db:ef:
                    9b:07:2e:16:8b:7f:cd:19:20:a1:c6:67:56:a4:f8:
                    12:16:88:47:83:59:3a:03:6e:65:81:58:ec:d6:fa:
                    c9:ea:28:5b:fd:b5:8f:06:25:b8:95:71:46:2f:8a:
                    be:9b:15:49:55:ca:94:28:e7:82:e3:f4:28:ed:ac:
                    1d:63:ac:49:71:6a:87:6a:8f:0b:7f:6f:14:03:6b:
                    26:c2:e3:36:57:e7:d1:d1:d9:24:1d:8b:3f:ca:f5:
                    e3:c6:9e:2e:43:8b:39:44:67:64:df:70:1e:c0:89:
                    a4:31:92:e3:71:b7:ea:02:3e:7c:5e:88:8f:80:92:
                    0c:09:9d:fd:76:33:c1:8c:c8:4e:d5:c1:53:a6:e7:
                    38:c6:00:75:f0:c2:07:1c:2d:9a:7c:02:44:d9:39:
                    01:fb:1d:a7:df:00:da:f2:be:5d:6c:62:72:ef:ff:
                    3b:2a:f4:69:b9:a6:15:12:37:74:98:d6:78:01:0e:
                    b8:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:35:D6:59:BA:9D:1E:41:4E:95:E2:92:AE:3F:AE:BC:EC:8B:0A:EB
            X509v3 Authority Key Identifier:
                keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/jzXWWbqdHkFOleKSrj-uvOyLCus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:3500:1170::/48
                  2a07:3500:1240::/46
                  2a07:3500:12d0::/48
                  2a07:3500:12f8::/48
                  2a07:3500:15a0::/48
                  2a07:3500:15c0::/48
                  2a07:3500:17f8::/48
                  2a07:3500:1890::/48
                  2a07:3500:1b90::/48
                  2a07:3501:1340::/48
                  2a07:3502:1050::/48
                  2a07:3502:1060::/48
                  2a07:3502:10a1::/48
                  2a07:3502:10c0::/48
                  2a07:3502:11a0::/46

    Signature Algorithm: sha256WithRSAEncryption
         59:e5:3d:4f:63:98:f7:0e:ef:9e:a9:a2:10:2c:0f:af:af:88:
         d8:e1:db:10:ce:ab:25:5d:8b:12:de:41:d7:78:ca:87:7e:6c:
         1b:64:05:37:10:e9:f0:ab:18:b4:fb:c7:10:fb:e7:24:44:9a:
         fc:d1:26:5c:a9:a6:d9:48:3d:1b:00:39:7e:d9:7f:e9:af:85:
         a9:4a:e0:ea:e3:77:ad:41:2f:f3:7f:1e:50:54:b0:1d:5c:be:
         97:6a:f4:79:52:35:e6:60:6a:21:0e:f8:a5:c0:17:4d:76:ab:
         0d:ab:63:ed:4a:29:4c:d9:2f:15:75:ff:0e:f3:31:11:44:82:
         31:2e:34:0a:26:11:ea:26:c3:6b:61:47:ea:5a:e1:71:22:ea:
         6a:bf:0f:59:9a:3c:94:9f:d4:a9:1f:3d:1b:91:9a:35:ee:e0:
         0f:af:26:31:af:c2:1a:7d:22:0b:0a:29:96:ad:70:46:b1:b6:
         cf:22:30:b3:33:e0:76:97:ea:95:c6:53:54:81:3c:98:46:7c:
         a1:50:ba:35:54:9b:85:8d:21:11:df:29:60:de:14:47:bd:f7:
         0e:a0:46:1c:88:50:30:98:34:ec:57:40:65:6f:ee:24:af:70:
         0d:94:be:d4:6c:1d:d0:b6:7c:c7:1c:73:cc:9f:45:f3:09:86:
         c8:56:3b:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAY49aXRx5qbMo9h9zBJj1prrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMzE0MTQ0MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM1ZDY1OWJhOWQxZTQxNGU5NWUyOTJhZTNmYWViY2VjOGIwYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY/D2TSAcuaFtn42bAJGN6BRR/+e
FBpz+ByPiUcoLFfuYLN+DZ2+AMUqg3fRtB6DuOfDD1fa7yDD3XUbYXOSKSwV10zx
rIGI2++bBy4Wi3/NGSChxmdWpPgSFohHg1k6A25lgVjs1vrJ6ihb/bWPBiW4lXFG
L4q+mxVJVcqUKOeC4/Qo7awdY6xJcWqHao8Lf28UA2smwuM2V+fR0dkkHYs/yvXj
xp4uQ4s5RGdk33AewImkMZLjcbfqAj58XoiPgJIMCZ39djPBjMhO1cFTpuc4xgB1
8MIHHC2afAJE2TkB+x2n3wDa8r5dbGJy7/87KvRpuaYVEjd0mNZ4AQ64YQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFI811lm6nR5BTpXikq4/rrzsiwrrMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvanpYV1dicWRIa0ZPbGVLU3JqLXV2T3lMQ3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAIwgYcDBwAq
BzUAEXADBwIqBzUAEkADBwAqBzUAEtADBwAqBzUAEvgDBwAqBzUAFaADBwAqBzUA
FcADBwAqBzUAF/gDBwAqBzUAGJADBwAqBzUAG5ADBwAqBzUBE0ADBwAqBzUCEFAD
BwAqBzUCEGADBwAqBzUCEKEDBwAqBzUCEMADBwIqBzUCEaAwDQYJKoZIhvcNAQEL
BQADggEBAFnlPU9jmPcO756pohAsD6+viNjh2xDOqyVdixLeQdd4yod+bBtkBTcQ
6fCrGLT7xxD75yREmvzRJlypptlIPRsAOX7Zf+mvhalK4Orjd61BL/N/HlBUsB1c
vpdq9HlSNeZgaiEO+KXAF012qw2rY+1KKUzZLxV1/w7zMRFEgjEuNAomEeomw2th
R+pa4XEi6mq/D1maPJSf1KkfPRuRmjXu4A+vJjGvwhp9IgsKKZatcEaxts8iMLMz
4HaX6pXGU1SBPJhGfKFQujVUm4WNIRHfKWDeFEe99w6gRhyIUDCYNOxXQGVv7iSv
cA2UvtRsHdC2fMccc8yfRfMJhshWOwc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:15:40 2024 by rpki-client on console-ams.rpki-client.org