Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/S2EoA7eTxSnk7elCJ8iGM32nxeE.roa
File:                     S2EoA7eTxSnk7elCJ8iGM32nxeE.roa (raw, json)
Hash identifier:          VpS+WpGWK4lhbsrcqZs7x6V71tLpw8OObjpX9lVpXVk=
Subject key identifier:   4B:61:28:03:B7:93:C5:29:E4:ED:E9:42:27:C8:86:33:7D:A7:C5:E1
Certificate issuer:       /CN=26bd5ffbce6bf8707fa3e5967e0d38b455d9d4e1
Certificate serial:       018CC9BC0F07413DBADF374B1F833C02CC7B
Authority key identifier: 26:BD:5F:FB:CE:6B:F8:70:7F:A3:E5:96:7E:0D:38:B4:55:D9:D4:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jr1f-85r-HB_o-WWfg04tFXZ1OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/S2EoA7eTxSnk7elCJ8iGM32nxeE.roa
Signing time:             Tue 02 Jan 2024 10:33:14 +0000
ROA not before:           Tue 02 Jan 2024 10:33:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30848
IP address blocks:        185.169.176.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/Jr1f-85r-HB_o-WWfg04tFXZ1OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/Jr1f-85r-HB_o-WWfg04tFXZ1OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Jr1f-85r-HB_o-WWfg04tFXZ1OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:0f:07:41:3d:ba:df:37:4b:1f:83:3c:02:cc:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26bd5ffbce6bf8707fa3e5967e0d38b455d9d4e1
        Validity
            Not Before: Jan  2 10:33:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b612803b793c529e4ede94227c886337da7c5e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c3:c4:e2:ec:dd:40:ae:5c:dd:50:82:18:6e:
                    50:e2:5d:43:37:49:9a:e9:1e:c1:3d:30:9d:dd:cb:
                    a9:5b:ef:16:0f:fc:3d:aa:fb:6e:a1:d2:05:5c:1d:
                    c4:0b:81:ba:cc:91:8e:6d:83:90:ee:9d:6f:23:cb:
                    7a:f7:f5:99:1b:77:dc:2b:3f:ec:68:7a:37:be:db:
                    e9:c2:cc:9a:b1:10:63:3c:11:c9:9a:20:0b:d3:57:
                    db:a2:ea:ee:78:48:7a:a7:82:39:8f:1a:69:c5:c5:
                    7e:03:fe:9a:f6:7a:fc:40:3d:8b:b2:8a:7b:3b:c7:
                    69:53:4f:1b:bf:c5:c3:2e:96:80:cd:04:83:b0:61:
                    d3:22:01:5e:94:b2:fe:db:af:ed:ec:4b:19:f8:de:
                    b6:94:ee:d6:b3:a5:a7:d4:1b:89:29:8f:55:9b:17:
                    8a:ca:b6:e1:f7:50:7a:78:00:f0:31:3a:ab:2f:33:
                    4b:60:4a:b6:a3:3f:5a:79:3d:7c:77:14:5d:ac:f3:
                    90:07:da:99:32:c1:ea:22:95:3d:59:cf:aa:63:ba:
                    c6:c9:a0:b8:9a:03:53:58:fb:c8:2a:04:32:67:67:
                    49:5e:e6:db:4c:af:d5:46:fb:cf:fd:2f:a9:ef:6a:
                    f7:02:d7:b4:97:16:12:b2:dc:6f:79:31:99:e4:c8:
                    b4:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:61:28:03:B7:93:C5:29:E4:ED:E9:42:27:C8:86:33:7D:A7:C5:E1
            X509v3 Authority Key Identifier:
                keyid:26:BD:5F:FB:CE:6B:F8:70:7F:A3:E5:96:7E:0D:38:B4:55:D9:D4:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr1f-85r-HB_o-WWfg04tFXZ1OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/S2EoA7eTxSnk7elCJ8iGM32nxeE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/f498a2-d86d-4c75-bfd3-e8c559c71d66/1/Jr1f-85r-HB_o-WWfg04tFXZ1OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:f4:26:56:51:21:7d:b6:8f:14:21:32:ba:47:b6:ae:38:d7:
         48:4a:e4:42:40:57:0e:ec:60:d0:09:c4:cd:c1:c4:26:83:0e:
         86:7f:ab:85:bb:8b:e0:aa:b2:37:81:cc:21:fc:4e:9d:2f:d9:
         7c:46:19:4c:04:ef:ef:c7:86:c6:37:2a:3c:a7:a6:c6:0a:ad:
         c6:2d:d7:dc:bf:30:9b:d9:ab:7a:bb:ad:a6:5b:89:92:45:ef:
         f9:bb:1c:3b:e5:85:9b:04:bc:e5:41:a4:17:ba:58:b6:9b:3a:
         64:1f:ac:4c:74:ab:cd:17:9e:cd:1c:cb:36:ad:07:9e:2d:06:
         48:be:cc:5d:20:9c:a4:b0:86:b2:b7:2b:bd:f4:62:d6:0c:53:
         74:55:ad:5a:64:94:81:7b:2c:13:19:a2:8a:d3:92:4c:34:94:
         1a:78:0b:4f:a9:a3:7c:4d:95:83:17:82:9a:c3:a1:a7:82:b2:
         3c:4a:ba:1f:83:3f:58:bd:18:d5:a9:87:d2:2b:5e:14:28:0c:
         c5:0c:85:c2:08:33:2d:c7:63:58:2b:f1:a9:16:f9:ce:c2:a3:
         56:1d:23:2a:23:14:10:79:c4:d8:66:78:dd:98:61:11:e0:9a:
         28:0f:bc:31:42:54:30:1f:76:65:1c:a6:ce:46:18:dc:10:18:
         e1:0b:cd:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvA8HQT263zdLH4M8Asx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmQ1ZmZiY2U2YmY4NzA3ZmEzZTU5NjdlMGQzOGI0NTVk
OWQ0ZTEwHhcNMjQwMTAyMTAzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYxMjgwM2I3OTNjNTI5ZTRlZGU5NDIyN2M4ODYzMzdkYTdjNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcPE4uzdQK5c3VCCGG5Q4l1DN0ma
6R7BPTCd3cupW+8WD/w9qvtuodIFXB3EC4G6zJGObYOQ7p1vI8t69/WZG3fcKz/s
aHo3vtvpwsyasRBjPBHJmiAL01fbourueEh6p4I5jxppxcV+A/6a9nr8QD2Lsop7
O8dpU08bv8XDLpaAzQSDsGHTIgFelLL+26/t7EsZ+N62lO7Ws6Wn1BuJKY9VmxeK
yrbh91B6eADwMTqrLzNLYEq2oz9aeT18dxRdrPOQB9qZMsHqIpU9Wc+qY7rGyaC4
mgNTWPvIKgQyZ2dJXubbTK/VRvvP/S+p72r3Ate0lxYSstxveTGZ5Mi03wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEthKAO3k8Up5O3pQifIhjN9p8XhMB8GA1UdIwQY
MBaAFCa9X/vOa/hwf6Plln4NOLRV2dThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIxZi04NXItSEJfby1XV2ZnMDR0RlhaMU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9mNDk4YTItZDg2ZC00Yzc1LWJmZDMt
ZThjNTU5YzcxZDY2LzEvUzJFb0E3ZVR4U25rN2VsQ0o4aUdNMzJueGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9mNDk4YTItZDg2ZC00Yzc1LWJmZDMtZThjNTU5YzcxZDY2
LzEvSnIxZi04NXItSEJfby1XV2ZnMDR0RlhaMU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuamwMA0G
CSqGSIb3DQEBCwUAA4IBAQAH9CZWUSF9to8UITK6R7auONdISuRCQFcO7GDQCcTN
wcQmgw6Gf6uFu4vgqrI3gcwh/E6dL9l8RhlMBO/vx4bGNyo8p6bGCq3GLdfcvzCb
2at6u62mW4mSRe/5uxw75YWbBLzlQaQXuli2mzpkH6xMdKvNF57NHMs2rQeeLQZI
vsxdIJyksIaytyu99GLWDFN0Va1aZJSBeywTGaKK05JMNJQaeAtPqaN8TZWDF4Ka
w6GngrI8Srofgz9YvRjVqYfSK14UKAzFDIXCCDMtx2NYK/GpFvnOwqNWHSMqIxQQ
ecTYZnjdmGER4JooD7wxQlQwH3ZlHKbORhjcEBjhC80K
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:28 2024 by rpki-client on console-fra.rpki-client.org