Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa
File:                     GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa (raw, json)
Hash identifier:          rqFeFt3X2pMNHHXGYTgFQemqBRvU6CtKe5D41J9g/GQ=
Subject key identifier:   18:71:3F:10:8F:5D:62:67:03:43:94:C1:37:B5:BE:91:61:81:D4:1A
Certificate issuer:       /CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
Certificate serial:       018D5F4738CCF6D3F98E9D24C39B57B5F11D
Authority key identifier: 0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa
Signing time:             Wed 31 Jan 2024 11:28:39 +0000
ROA not before:           Wed 31 Jan 2024 11:28:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202921
IP address blocks:        147.161.24.0/22 maxlen: 22
                          147.161.24.0/24 maxlen: 24
                          147.161.25.0/24 maxlen: 24
                          147.161.26.0/24 maxlen: 24
                          147.161.27.0/24 maxlen: 24
                          185.148.212.0/22 maxlen: 22
                          185.148.212.0/24 maxlen: 24
                          185.148.213.0/24 maxlen: 24
                          185.148.214.0/24 maxlen: 24
                          185.148.215.0/24 maxlen: 24
                          212.69.128.0/22 maxlen: 22
                          212.69.128.0/24 maxlen: 24
                          212.69.129.0/24 maxlen: 24
                          212.69.130.0/24 maxlen: 24
                          212.69.131.0/24 maxlen: 24
                          2a0d:f780::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5f:47:38:cc:f6:d3:f9:8e:9d:24:c3:9b:57:b5:f1:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b2ce7fd2f5b1b79757c8973ae3f7b0be686385b
        Validity
            Not Before: Jan 31 11:28:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=18713f108f5d6267034394c137b5be916181d41a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:7b:d2:d2:43:04:31:0b:15:fd:81:38:47:88:
                    37:7e:6e:82:a2:fe:da:78:79:d3:2c:7f:29:c5:1b:
                    57:4a:55:25:26:5e:3f:ac:99:81:d5:5d:7e:ef:77:
                    65:eb:68:e9:39:fd:bd:2e:46:2e:ae:86:17:b2:d7:
                    bc:45:b3:15:70:df:6f:3e:2d:ac:fd:5a:c6:7c:f3:
                    0c:76:e3:14:61:ba:ae:16:ef:33:55:ef:1e:09:32:
                    b2:d1:54:2f:93:52:31:7e:5f:b1:fc:a7:f8:7a:97:
                    58:75:cf:05:bf:96:99:7d:54:0c:d8:da:b6:d4:bb:
                    ad:86:36:ec:88:e2:b4:01:e4:78:1f:0e:55:7f:6e:
                    0a:86:d6:58:7b:17:8a:be:cb:d7:6e:77:f9:cc:6b:
                    f0:bd:a4:e5:ae:42:67:90:4e:fc:7d:a0:a6:0e:4d:
                    c1:db:83:a7:c9:46:0b:a3:8a:7a:a5:b7:fb:e8:e1:
                    c2:4d:46:c2:de:ef:63:26:61:a2:ce:39:90:eb:65:
                    6c:51:c3:d3:43:9b:d1:8c:0e:54:2c:4b:ae:a6:14:
                    a0:8d:e0:ec:28:6d:ec:b1:07:03:10:ab:a5:e5:25:
                    b5:88:74:92:9d:05:aa:36:64:e1:a4:12:11:35:34:
                    11:25:d5:fd:63:ea:01:c7:e3:95:4e:9b:1c:63:7e:
                    c2:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:71:3F:10:8F:5D:62:67:03:43:94:C1:37:B5:BE:91:61:81:D4:1A
            X509v3 Authority Key Identifier:
                keyid:0B:2C:E7:FD:2F:5B:1B:79:75:7C:89:73:AE:3F:7B:0B:E6:86:38:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cyzn_S9bG3l1fIlzrj97C-aGOFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/GHE_EI9dYmcDQ5TBN7W-kWGB1Bo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9aaf24-5346-4480-bbf3-a6410919e898/1/Cyzn_S9bG3l1fIlzrj97C-aGOFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.161.24.0/22
                  185.148.212.0/22
                  212.69.128.0/22
                IPv6:
                  2a0d:f780::/29

    Signature Algorithm: sha256WithRSAEncryption
         0c:43:ce:5a:96:3e:05:58:a9:dd:ee:94:e8:1c:7f:ce:d8:51:
         21:fc:ae:e1:7b:d5:e0:3c:6c:9a:f2:60:05:cf:9a:11:a7:64:
         c1:d1:dd:58:7e:a9:d4:f6:b3:57:b5:3d:4a:38:ad:b6:a6:ec:
         c4:d7:4e:67:9d:ca:34:86:63:1d:45:5c:af:ae:62:15:a7:0c:
         65:f2:66:76:c9:7c:23:b1:6e:93:87:41:20:3b:5e:9e:f1:d7:
         51:ef:d5:21:cb:f8:20:7f:0e:78:c9:4d:09:d4:2b:79:6d:f3:
         dd:e2:8b:17:e7:bb:45:20:9d:a3:2a:27:6d:c1:00:6c:f8:6b:
         31:10:a6:ea:ba:9e:21:3a:8e:7c:f0:52:4a:58:a0:d4:06:92:
         e6:7d:8f:65:9f:7e:16:90:cc:af:14:03:a0:0b:f9:4c:6d:bb:
         c6:8f:aa:a5:f4:73:bb:2e:72:b9:53:87:fd:97:93:ab:85:18:
         26:4d:e0:46:42:e2:bc:bd:0c:a0:18:56:97:b1:97:1b:f1:ab:
         c4:8a:b2:73:ad:cd:56:19:9b:c7:a0:ca:97:67:e7:a0:90:29:
         27:7b:76:15:f2:60:98:ce:dc:77:aa:2c:d7:67:a8:30:63:81:
         66:cc:9e:a6:be:f6:97:e3:70:02:b5:ec:45:1b:fc:e4:a4:e0:
         4c:49:5c:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1fRzjM9tP5jp0kw5tXtfEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMmNlN2ZkMmY1YjFiNzk3NTdjODk3M2FlM2Y3YjBiZTY4
NjM4NWIwHhcNMjQwMTMxMTEyODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODcxM2YxMDhmNWQ2MjY3MDM0Mzk0YzEzN2I1YmU5MTYxODFkNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHvS0kMEMQsV/YE4R4g3fm6Cov7a
eHnTLH8pxRtXSlUlJl4/rJmB1V1+73dl62jpOf29LkYuroYXste8RbMVcN9vPi2s
/VrGfPMMduMUYbquFu8zVe8eCTKy0VQvk1Ixfl+x/Kf4epdYdc8Fv5aZfVQM2Nq2
1LuthjbsiOK0AeR4Hw5Vf24KhtZYexeKvsvXbnf5zGvwvaTlrkJnkE78faCmDk3B
24OnyUYLo4p6pbf76OHCTUbC3u9jJmGizjmQ62VsUcPTQ5vRjA5ULEuuphSgjeDs
KG3ssQcDEKul5SW1iHSSnQWqNmThpBIRNTQRJdX9Y+oBx+OVTpscY37C5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBhxPxCPXWJnA0OUwTe1vpFhgdQaMB8GA1UdIwQY
MBaAFAss5/0vWxt5dXyJc64/ewvmhjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMt
YTY0MTA5MTllODk4LzEvR0hFX0VJOWRZbWNEUTVUQk43Vy1rV0dCMUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YWFmMjQtNTM0Ni00NDgwLWJiZjMtYTY0MTA5MTllODk4
LzEvQ3l6bl9TOWJHM2wxZklsenJqOTdDLWFHT0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCk6EYAwQC
uZTUAwQC1EWAMA0EAgACMAcDBQMqDfeAMA0GCSqGSIb3DQEBCwUAA4IBAQAMQ85a
lj4FWKnd7pToHH/O2FEh/K7he9XgPGya8mAFz5oRp2TB0d1YfqnU9rNXtT1KOK22
puzE105nnco0hmMdRVyvrmIVpwxl8mZ2yXwjsW6Th0EgO16e8ddR79Uhy/ggfw54
yU0J1Ct5bfPd4osX57tFIJ2jKidtwQBs+GsxEKbqup4hOo588FJKWKDUBpLmfY9l
n34WkMyvFAOgC/lMbbvGj6ql9HO7LnK5U4f9l5OrhRgmTeBGQuK8vQygGFaXsZcb
8avEirJzrc1WGZvHoMqXZ+egkCkne3YV8mCYztx3qizXZ6gwY4FmzJ6mvvaX43AC
texFG/zkpOBMSVyv
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:31 2024 by rpki-client on console-fra.rpki-client.org