Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/GcskV0PS1-DCwH2Eq4CIas8cGgY.roa
File:                     GcskV0PS1-DCwH2Eq4CIas8cGgY.roa (raw, json)
Hash identifier:          4PYo/Qai9yj68dNZr4VurOGtnyLi13L5uzB/pLIyPUM=
Subject key identifier:   19:CB:24:57:43:D2:D7:E0:C2:C0:7D:84:AB:80:88:6A:CF:1C:1A:06
Certificate issuer:       /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial:       018CC6B946F9C1C384316A9CC3E6FA84C13B
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/GcskV0PS1-DCwH2Eq4CIas8cGgY.roa
Signing time:             Mon 01 Jan 2024 20:31:20 +0000
ROA not before:           Mon 01 Jan 2024 20:31:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209142
IP address blocks:        185.72.57.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:46:f9:c1:c3:84:31:6a:9c:c3:e6:fa:84:c1:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
        Validity
            Not Before: Jan  1 20:31:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19cb245743d2d7e0c2c07d84ab80886acf1c1a06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:45:1b:67:c9:6a:1a:98:9d:84:72:a4:e0:de:
                    66:8e:9b:31:f1:49:00:e6:78:d4:b5:96:51:4b:44:
                    be:a0:dc:f2:57:3c:3e:18:a1:41:28:fb:5e:eb:6a:
                    cc:bf:14:19:df:09:36:2d:fb:6c:5a:99:40:30:c2:
                    dd:9c:7c:13:dd:44:2a:71:69:ea:bd:25:a3:66:92:
                    dd:f8:1f:5f:18:7d:e5:9e:a6:ba:9f:c9:ce:49:97:
                    74:31:f1:29:b0:34:f4:41:bd:85:2b:e3:5c:47:0a:
                    29:fb:18:19:95:16:16:8e:a1:fc:42:d6:18:24:80:
                    e0:bd:bf:23:4a:e2:1b:b2:21:3b:c3:83:65:55:17:
                    30:14:f1:00:33:0e:d4:de:ff:c8:80:f9:58:87:b9:
                    9c:fc:1c:cc:6f:c8:c3:b9:d5:fb:8b:88:8e:95:b8:
                    7e:89:f7:0e:f5:58:34:78:c5:bd:70:e1:71:48:a4:
                    87:85:4d:0d:97:5c:2e:32:07:94:73:a2:d2:40:98:
                    ff:f6:ad:dc:ba:aa:11:c9:12:bd:ab:1a:45:74:9d:
                    a5:68:ad:6a:fb:75:e4:b6:4c:f1:cf:ae:0f:cc:d2:
                    f0:ad:47:d0:53:5e:b5:88:01:ef:d7:5c:f9:15:76:
                    11:98:26:95:b5:28:fc:2e:4f:7b:c7:aa:ec:a4:09:
                    a4:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:CB:24:57:43:D2:D7:E0:C2:C0:7D:84:AB:80:88:6A:CF:1C:1A:06
            X509v3 Authority Key Identifier:
                keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/GcskV0PS1-DCwH2Eq4CIas8cGgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:38:e1:2b:ec:4c:76:0a:c6:45:ad:2f:08:8a:00:56:49:fe:
         c6:71:be:9a:f8:de:56:5a:e1:cd:60:18:68:31:5b:e2:4e:01:
         7b:2a:09:a7:dc:4c:cd:32:f9:90:9c:4a:c3:4b:b9:8f:f7:a1:
         64:1a:29:a0:51:b8:24:01:fc:5d:5b:25:41:38:91:f8:c2:cb:
         86:ba:41:ea:91:6e:bc:fc:1e:dd:a1:fa:18:ca:f9:29:1c:0e:
         31:a3:c7:26:df:78:31:f6:fd:a1:6d:f9:88:b3:04:0b:23:ca:
         eb:e3:73:31:7d:cc:bc:b7:1a:8a:1c:76:8a:ca:c0:29:f0:5a:
         5d:76:64:21:10:b7:89:4f:e9:ad:f0:42:65:02:02:0a:ae:80:
         b6:e0:91:15:5e:48:4f:42:b6:20:da:63:80:a3:0d:39:32:63:
         30:58:53:e2:4b:b0:cb:17:85:0e:dc:0d:67:b3:e0:ad:af:b2:
         de:42:17:40:76:30:86:12:3c:e1:0f:65:52:4a:e7:3a:1c:25:
         0e:eb:32:57:b9:c6:fc:6d:49:e2:0a:34:71:73:8e:da:31:2e:
         b4:3d:30:be:74:9b:5b:e8:07:0c:ec:3f:14:0a:a2:f7:c9:fe:
         34:76:60:ab:3e:3f:d0:db:d4:0f:bc:cd:a9:4f:9a:c1:c1:00:
         7b:7a:30:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUb5wcOEMWqcw+b6hME7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNiMjQ1NzQzZDJkN2UwYzJjMDdkODRhYjgwODg2YWNmMWMxYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEUbZ8lqGpidhHKk4N5mjpsx8UkA
5njUtZZRS0S+oNzyVzw+GKFBKPte62rMvxQZ3wk2LftsWplAMMLdnHwT3UQqcWnq
vSWjZpLd+B9fGH3lnqa6n8nOSZd0MfEpsDT0Qb2FK+NcRwop+xgZlRYWjqH8QtYY
JIDgvb8jSuIbsiE7w4NlVRcwFPEAMw7U3v/IgPlYh7mc/BzMb8jDudX7i4iOlbh+
ifcO9Vg0eMW9cOFxSKSHhU0Nl1wuMgeUc6LSQJj/9q3cuqoRyRK9qxpFdJ2laK1q
+3Xktkzxz64PzNLwrUfQU161iAHv11z5FXYRmCaVtSj8Lk97x6rspAmknwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnLJFdD0tfgwsB9hKuAiGrPHBoGMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvR2Nza1YwUFMxLURDd0gyRXE0Q0lhczhjR2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUg5MA0G
CSqGSIb3DQEBCwUAA4IBAQCWOOEr7Ex2CsZFrS8IigBWSf7Gcb6a+N5WWuHNYBho
MVviTgF7Kgmn3EzNMvmQnErDS7mP96FkGimgUbgkAfxdWyVBOJH4wsuGukHqkW68
/B7dofoYyvkpHA4xo8cm33gx9v2hbfmIswQLI8rr43Mxfcy8txqKHHaKysAp8Fpd
dmQhELeJT+mt8EJlAgIKroC24JEVXkhPQrYg2mOAow05MmMwWFPiS7DLF4UO3A1n
s+Ctr7LeQhdAdjCGEjzhD2VSSuc6HCUO6zJXucb8bUniCjRxc47aMS60PTC+dJtb
6AcM7D8UCqL3yf40dmCrPj/Q29QPvM2pT5rBwQB7ejDR
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:30:33 2024 by rpki-client on console-fra.rpki-client.org