Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa
File:                     yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa (raw, json)
Hash identifier:          PLqraeBhB6rZMoferjTwmuCy6RnRl/BVYni4+KcbtnA=
Subject key identifier:   CA:38:83:BB:87:0D:E0:C8:F2:A0:EA:BA:2B:15:D1:B1:B2:1D:2D:53
Certificate issuer:       /CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Certificate serial:       018CC26CFBE167B00EFA38A0AEE0C01598B1
Authority key identifier: DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa
Signing time:             Mon 01 Jan 2024 00:29:31 +0000
ROA not before:           Mon 01 Jan 2024 00:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12502
IP address blocks:        194.55.100.0/23 maxlen: 23
                          193.96.243.0/24 maxlen: 24
                          212.71.192.0/19 maxlen: 24
                          2001:14f8::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6c:fb:e1:67:b0:0e:fa:38:a0:ae:e0:c0:15:98:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
        Validity
            Not Before: Jan  1 00:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca3883bb870de0c8f2a0eaba2b15d1b1b21d2d53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:22:55:be:c0:b0:8c:c7:62:be:88:0e:c5:bb:
                    10:dc:c0:67:b1:26:21:92:e9:8d:ac:30:e3:fc:e4:
                    30:c9:0c:57:d9:eb:3e:90:b6:a9:7e:b0:fd:e9:13:
                    96:63:38:00:6f:71:d7:e5:5f:ab:f1:1d:ba:73:fc:
                    19:3d:8f:9d:4b:d2:12:e6:15:c8:42:04:e2:21:ea:
                    1d:80:6d:8a:5a:59:1d:5f:b1:1a:a2:63:c2:df:9d:
                    4c:85:66:e4:82:84:3c:0c:55:e1:75:4d:92:68:bb:
                    36:a1:e5:22:2a:3b:66:41:c3:08:5b:ef:45:91:f8:
                    81:ce:9b:41:6f:03:ea:26:d2:0f:3f:9b:7c:ef:af:
                    09:8a:87:b0:24:78:69:d9:67:83:3a:99:ce:ef:30:
                    37:54:89:99:01:bc:ad:fa:36:fd:52:5c:c2:69:36:
                    56:68:ce:4d:3a:68:46:45:49:8c:e9:62:7f:e6:20:
                    6d:a3:39:bb:c2:bd:e7:6e:03:f8:ab:5a:af:08:cd:
                    a8:68:29:6c:75:ea:d5:a3:0f:67:e7:63:5f:76:cd:
                    af:4c:ab:b1:92:85:c4:c1:f4:43:ca:94:12:1b:ce:
                    e7:85:5d:b3:0d:1e:e8:35:d1:78:36:42:9e:31:d0:
                    5f:54:2c:89:52:f9:06:1e:53:74:92:cd:4b:ae:e6:
                    66:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:38:83:BB:87:0D:E0:C8:F2:A0:EA:BA:2B:15:D1:B1:B2:1D:2D:53
            X509v3 Authority Key Identifier:
                keyid:DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.96.243.0/24
                  194.55.100.0/23
                  212.71.192.0/19
                IPv6:
                  2001:14f8::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:76:b0:e8:e1:e4:76:9c:a7:00:02:6d:84:de:71:15:85:77:
         3f:8a:1a:74:39:e9:6c:45:e9:e8:84:81:1a:ff:35:07:e2:ad:
         b7:79:b0:84:2c:f0:c4:5c:08:16:00:04:84:b4:3a:77:ce:9a:
         99:99:ba:87:42:ff:80:5d:d8:8c:46:56:15:81:b6:d0:1a:a9:
         41:56:75:26:5c:98:09:4b:98:5c:a8:81:a9:d2:e3:ff:b2:9f:
         78:8d:37:52:85:d9:59:bd:a8:f7:78:f0:2b:ec:e1:95:85:1d:
         1a:fc:2c:0b:18:02:5a:3d:3c:86:ab:77:99:a0:e8:b0:c1:76:
         4e:5c:2d:3c:14:69:7b:03:62:f9:6a:94:97:b8:ab:fc:b9:ef:
         d0:75:4b:60:ee:23:24:b3:ce:b4:54:7b:01:62:05:44:98:dd:
         c6:e8:18:1d:3c:31:e4:74:e0:e8:3e:06:c3:e3:00:a2:0f:45:
         1d:6f:14:50:32:99:f2:34:aa:d2:38:1a:09:ce:b7:27:71:12:
         e9:ab:48:35:41:90:3f:40:e0:06:4a:54:ea:16:bc:a0:60:65:
         66:34:d8:59:16:45:3a:6b:b8:a6:60:fd:a1:c9:96:ce:76:ce:
         2f:fe:9c:1b:e0:2d:8b:ef:e1:37:94:85:f8:4a:08:4e:00:a4:
         45:c5:50:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbPvhZ7AO+jigruDAFZixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMWZkMDA3ZGZmYTUwOGYzMDA2M2ZiZTRkNTNhMmIyZTFl
OGM0ZGUwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM4ODNiYjg3MGRlMGM4ZjJhMGVhYmEyYjE1ZDFiMWIyMWQyZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCJVvsCwjMdivogOxbsQ3MBnsSYh
kumNrDDj/OQwyQxX2es+kLapfrD96ROWYzgAb3HX5V+r8R26c/wZPY+dS9IS5hXI
QgTiIeodgG2KWlkdX7EaomPC351MhWbkgoQ8DFXhdU2SaLs2oeUiKjtmQcMIW+9F
kfiBzptBbwPqJtIPP5t8768JioewJHhp2WeDOpnO7zA3VImZAbyt+jb9UlzCaTZW
aM5NOmhGRUmM6WJ/5iBtozm7wr3nbgP4q1qvCM2oaClsderVow9n52Nfds2vTKux
koXEwfRDypQSG87nhV2zDR7oNdF4NkKeMdBfVCyJUvkGHlN0ks1LruZmbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMo4g7uHDeDI8qDquisV0bGyHS1TMB8GA1UdIwQY
MBaAFNwf0Aff+lCPMAY/vk1TorLh6MTeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMt
YWU0Yzk1Yzk0MDA1LzEveWppRHU0Y040TWp5b09xNkt4WFJzYklkTFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMtYWU0Yzk1Yzk0MDA1
LzEvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwWDzAwQB
wjdkAwQF1EfAMA0EAgACMAcDBQAgART4MA0GCSqGSIb3DQEBCwUAA4IBAQA5drDo
4eR2nKcAAm2E3nEVhXc/ihp0OelsRenohIEa/zUH4q23ebCELPDEXAgWAASEtDp3
zpqZmbqHQv+AXdiMRlYVgbbQGqlBVnUmXJgJS5hcqIGp0uP/sp94jTdShdlZvaj3
ePAr7OGVhR0a/CwLGAJaPTyGq3eZoOiwwXZOXC08FGl7A2L5apSXuKv8ue/QdUtg
7iMks860VHsBYgVEmN3G6BgdPDHkdODoPgbD4wCiD0UdbxRQMpnyNKrSOBoJzrcn
cRLpq0g1QZA/QOAGSlTqFrygYGVmNNhZFkU6a7imYP2hyZbOds4v/pwb4C2L7+E3
lIX4SghOAKRFxVBX
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:59:04 2024 by rpki-client on console-fra.rpki-client.org