Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa
File:                     ulJn4VKnfkW4x6ZBjilHc8i16TA.roa (raw, json)
Hash identifier:          zvpYmEi1o2X2WHW5VGQoJfrhKyZPU5KIXfH1x/jKiFA=
Subject key identifier:   BA:52:67:E1:52:A7:7E:45:B8:C7:A6:41:8E:29:47:73:C8:B5:E9:30
Certificate issuer:       /CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Certificate serial:       018F46BF5A159C5336F01804A4B3893521DD
Authority key identifier: 71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa
Signing time:             Sun 05 May 2024 03:14:56 +0000
ROA not before:           Sun 05 May 2024 03:14:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212616
IP address blocks:        91.230.48.0/24 maxlen: 24
                          93.175.32.0/19 maxlen: 24
                          176.97.214.0/24 maxlen: 24
                          2a0e:5b00::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:46:bf:5a:15:9c:53:36:f0:18:04:a4:b3:89:35:21:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
        Validity
            Not Before: May  5 03:14:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ba5267e152a77e45b8c7a6418e294773c8b5e930
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e6:54:ac:f1:76:bc:42:b2:b6:58:85:4f:0c:
                    9a:73:ac:02:95:3a:dc:1b:db:17:bf:21:95:a5:a5:
                    f0:a9:28:54:71:1d:cb:1a:80:b5:45:73:df:2a:7c:
                    ff:b0:5f:13:27:b1:ff:1e:ac:cc:0f:ba:99:32:58:
                    38:04:c3:a0:c8:aa:d6:8c:fc:ca:d5:5e:d3:99:f0:
                    99:1c:dc:38:2f:07:d4:28:a7:97:8b:14:74:63:1e:
                    c3:46:31:1b:8b:4f:3b:6d:ae:c9:de:34:ab:82:8d:
                    0a:15:9d:6a:6e:63:30:86:10:f9:a0:41:13:4a:29:
                    bc:a6:26:75:8a:8b:5b:1a:00:75:99:e7:38:e0:52:
                    a4:f9:dd:ab:17:1a:0f:e6:60:3c:7b:f5:94:fc:00:
                    85:b1:a2:98:a9:f8:eb:6e:d7:39:41:b2:00:6a:a0:
                    9d:91:b0:7b:ab:10:93:94:36:81:91:af:b4:e3:b2:
                    0b:54:10:6b:4d:36:6c:b8:4c:1c:25:7f:99:7d:a6:
                    d8:0d:ae:92:00:df:24:c6:bf:5e:fa:5f:e7:8f:4e:
                    09:11:c2:b6:b1:85:c4:5c:05:e4:b8:ca:50:ac:9c:
                    d8:5c:bb:75:b5:76:45:05:c8:48:4a:12:1e:80:e8:
                    8a:4a:79:c3:39:d1:26:f5:86:64:a4:fc:e3:a8:b3:
                    69:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:52:67:E1:52:A7:7E:45:B8:C7:A6:41:8E:29:47:73:C8:B5:E9:30
            X509v3 Authority Key Identifier:
                keyid:71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/ulJn4VKnfkW4x6ZBjilHc8i16TA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.48.0/24
                  93.175.32.0/19
                  176.97.214.0/24
                IPv6:
                  2a0e:5b00::/29

    Signature Algorithm: sha256WithRSAEncryption
         8c:e3:dc:c6:d8:0a:36:92:2e:8f:e0:42:49:04:0a:df:5a:dd:
         95:a3:0f:38:c9:4e:16:66:7b:aa:22:14:cf:6d:57:79:fc:04:
         2f:28:4a:7a:da:a1:f6:66:2a:df:27:a9:fb:00:bd:00:29:76:
         a4:0e:c9:2c:13:15:82:5e:95:d8:5b:7e:6e:96:56:d5:98:d2:
         7e:99:90:35:c1:53:11:96:e9:42:f3:ff:b4:1f:15:73:ae:bf:
         e0:3a:16:cc:af:81:67:a2:ba:a2:41:d9:eb:f4:49:30:a9:93:
         c4:e2:17:59:b0:f9:6f:7c:31:fe:32:c2:8f:b4:c6:ef:2b:e6:
         aa:db:09:89:b2:e3:5f:38:c2:22:4c:a6:de:07:5b:b6:49:0c:
         7a:c4:91:21:7c:c3:81:5e:6b:55:ed:00:41:ad:ae:a0:0b:c4:
         c7:8d:80:de:79:19:4e:36:36:23:56:95:31:b0:c5:24:75:43:
         85:d7:7c:fa:17:ca:10:be:48:ca:65:35:a1:27:5a:46:60:ae:
         86:1e:bd:9d:55:fa:b1:12:43:c7:96:da:b4:b9:46:b7:cc:c7:
         c2:16:39:46:c9:fa:7b:68:ba:6e:06:fd:43:a0:3a:68:8e:a0:
         9f:91:d0:3e:8e:5b:e4:ee:80:5c:ed:0f:6c:fc:14:e3:a3:57:
         a5:7e:8f:26
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9Gv1oVnFM28BgEpLOJNSHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmYyMjY5ZDE1NjMzYmRiYzcxZDhjZDNmNDU4Y2JkMDNm
ZTAzMWYwHhcNMjQwNTA1MDMxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTUyNjdlMTUyYTc3ZTQ1YjhjN2E2NDE4ZTI5NDc3M2M4YjVlOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uZUrPF2vEKytliFTwyac6wClTrc
G9sXvyGVpaXwqShUcR3LGoC1RXPfKnz/sF8TJ7H/HqzMD7qZMlg4BMOgyKrWjPzK
1V7TmfCZHNw4LwfUKKeXixR0Yx7DRjEbi087ba7J3jSrgo0KFZ1qbmMwhhD5oEET
Sim8piZ1iotbGgB1mec44FKk+d2rFxoP5mA8e/WU/ACFsaKYqfjrbtc5QbIAaqCd
kbB7qxCTlDaBka+047ILVBBrTTZsuEwcJX+ZfabYDa6SAN8kxr9e+l/nj04JEcK2
sYXEXAXkuMpQrJzYXLt1tXZFBchIShIegOiKSnnDOdEm9YZkpPzjqLNpxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLpSZ+FSp35FuMemQY4pR3PItekwMB8GA1UdIwQY
MBaAFHEvImnRVjO9vHHYzT9FjL0D/gMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUt
ZDE4YmFiOTUxNWJmLzEvdWxKbjRWS25ma1c0eDZaQmppbEhjOGkxNlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUtZDE4YmFiOTUxNWJm
LzEvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+YwAwQF
Xa8gAwQAsGHWMA0EAgACMAcDBQMqDlsAMA0GCSqGSIb3DQEBCwUAA4IBAQCM49zG
2Ao2ki6P4EJJBArfWt2Vow84yU4WZnuqIhTPbVd5/AQvKEp62qH2ZirfJ6n7AL0A
KXakDsksExWCXpXYW35ullbVmNJ+mZA1wVMRlulC8/+0HxVzrr/gOhbMr4Fnorqi
Qdnr9EkwqZPE4hdZsPlvfDH+MsKPtMbvK+aq2wmJsuNfOMIiTKbeB1u2SQx6xJEh
fMOBXmtV7QBBra6gC8THjYDeeRlONjYjVpUxsMUkdUOF13z6F8oQvkjKZTWhJ1pG
YK6GHr2dVfqxEkPHltq0uUa3zMfCFjlGyfp7aLpuBv1DoDpojqCfkdA+jlvk7oBc
7Q9s/BTjo1elfo8m
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:13 2024 by rpki-client on console-ams.rpki-client.org