Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/m6xUz8haD8RdRu6sWVOxN1BV5EQ.roa
File:                     m6xUz8haD8RdRu6sWVOxN1BV5EQ.roa (raw, json)
Hash identifier:          mzFaSH2ctXmmwRlItH+Mqsf2g/CsGFtVErwm61CU7Hw=
Subject key identifier:   9B:AC:54:CF:C8:5A:0F:C4:5D:46:EE:AC:59:53:B1:37:50:55:E4:44
Certificate issuer:       /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial:       018CC6B936FE06117502EE3CD4A7AC8C9F85
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/m6xUz8haD8RdRu6sWVOxN1BV5EQ.roa
Signing time:             Mon 01 Jan 2024 20:31:16 +0000
ROA not before:           Mon 01 Jan 2024 20:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47374
IP address blocks:        46.254.129.0/24 maxlen: 24
                          46.254.128.0/24 maxlen: 24
                          46.254.131.0/24 maxlen: 24
                          46.254.130.0/24 maxlen: 24
                          46.254.128.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:36:fe:06:11:75:02:ee:3c:d4:a7:ac:8c:9f:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
        Validity
            Not Before: Jan  1 20:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9bac54cfc85a0fc45d46eeac5953b1375055e444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4f:ea:51:99:64:26:0e:52:54:ee:ab:dc:65:
                    72:01:5b:68:31:78:d5:af:63:73:e0:e3:4d:b4:d7:
                    d1:51:b4:f6:9c:54:51:18:28:c3:82:85:90:95:aa:
                    32:c3:60:ff:b9:68:98:6b:ad:85:06:59:a8:e8:bc:
                    9c:4e:f4:a1:84:25:b6:3b:ce:bc:4e:79:13:5c:55:
                    46:09:5b:dd:c4:fa:1f:c1:a4:aa:03:4b:be:e1:94:
                    19:f1:46:4c:33:82:ed:bf:d0:50:e8:53:da:3b:ff:
                    93:51:1d:a2:74:52:3b:cb:a1:ed:21:4d:ff:a2:7c:
                    77:2f:ec:29:f2:25:84:2b:02:b8:b3:2a:1f:97:48:
                    6b:fb:ee:df:c0:cc:cc:28:f3:a7:87:25:bf:c7:e1:
                    f5:44:25:a3:49:18:9c:68:b7:b3:ef:bb:3e:71:03:
                    14:43:86:e7:d6:d8:60:41:31:30:4e:3d:a1:84:38:
                    e7:c2:aa:99:87:0a:28:b6:ad:37:99:4a:b0:04:39:
                    63:68:94:36:be:c4:9e:6a:30:ac:08:8c:6d:b1:27:
                    36:a2:2c:12:24:75:ad:9b:28:f9:d8:6d:42:8c:79:
                    2e:d2:8d:5b:e4:81:31:21:c6:5d:b7:bd:7b:4f:eb:
                    a5:6d:c2:44:cc:0e:7d:9b:20:ae:62:98:51:22:fd:
                    21:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:AC:54:CF:C8:5A:0F:C4:5D:46:EE:AC:59:53:B1:37:50:55:E4:44
            X509v3 Authority Key Identifier:
                keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/m6xUz8haD8RdRu6sWVOxN1BV5EQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.254.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:03:1a:cc:0f:96:58:01:d4:4a:62:37:cc:ba:f8:b8:e6:26:
         b4:98:bd:0e:a4:a3:71:6a:fb:17:ac:9c:71:5b:04:3e:4a:e6:
         6c:44:b0:d8:ec:9d:21:1e:be:4f:47:0e:e9:d5:dd:70:60:80:
         92:dc:7f:3d:d1:42:b6:9b:3f:01:ea:96:19:6c:27:af:43:65:
         b2:f8:81:9b:e3:43:08:6c:83:90:1a:4a:4c:ab:b6:90:e7:9d:
         e7:91:60:8e:3b:f0:5a:ba:b2:a4:4f:ac:57:2c:36:a7:fe:66:
         ce:98:d2:9e:ca:74:85:fc:99:9a:46:eb:62:a2:f9:93:9b:96:
         e2:db:b4:d7:84:5b:cb:2f:f7:b2:d5:c0:2d:5b:de:63:4c:f3:
         d3:de:04:b8:f2:6a:b6:e5:87:ad:32:20:a4:49:c5:8a:b4:4a:
         24:9d:dd:d7:28:e7:01:4c:5c:b8:32:93:7b:42:a6:05:96:ea:
         03:0e:00:cb:87:aa:05:74:d5:f8:47:9c:9b:ac:45:e2:52:94:
         2a:50:f1:79:f2:5d:f1:c1:e5:69:d2:1e:77:f0:e6:3e:b7:5a:
         b9:f0:00:f2:a7:86:c7:7b:f0:4a:78:ab:55:1e:2f:d1:e0:cc:
         d4:68:e9:61:96:c7:e9:cb:b1:4f:1d:3a:f0:f1:f0:db:3f:e5:
         6a:37:90:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuTb+BhF1Au481KesjJ+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmFjNTRjZmM4NWEwZmM0NWQ0NmVlYWM1OTUzYjEzNzUwNTVlNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0/qUZlkJg5SVO6r3GVyAVtoMXjV
r2Nz4ONNtNfRUbT2nFRRGCjDgoWQlaoyw2D/uWiYa62FBlmo6LycTvShhCW2O868
TnkTXFVGCVvdxPofwaSqA0u+4ZQZ8UZMM4Ltv9BQ6FPaO/+TUR2idFI7y6HtIU3/
onx3L+wp8iWEKwK4syofl0hr++7fwMzMKPOnhyW/x+H1RCWjSRicaLez77s+cQMU
Q4bn1thgQTEwTj2hhDjnwqqZhwootq03mUqwBDljaJQ2vsSeajCsCIxtsSc2oiwS
JHWtmyj52G1CjHku0o1b5IExIcZdt717T+ulbcJEzA59myCuYphRIv0hcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJusVM/IWg/EXUburFlTsTdQVeREMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvbTZ4VXo4aGFEOFJkUnU2c1dWT3hOMUJWNUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLv6AMA0G
CSqGSIb3DQEBCwUAA4IBAQCDAxrMD5ZYAdRKYjfMuvi45ia0mL0OpKNxavsXrJxx
WwQ+SuZsRLDY7J0hHr5PRw7p1d1wYICS3H890UK2mz8B6pYZbCevQ2Wy+IGb40MI
bIOQGkpMq7aQ553nkWCOO/BaurKkT6xXLDan/mbOmNKeynSF/JmaRutiovmTm5bi
27TXhFvLL/ey1cAtW95jTPPT3gS48mq25YetMiCkScWKtEoknd3XKOcBTFy4MpN7
QqYFluoDDgDLh6oFdNX4R5ybrEXiUpQqUPF58l3xweVp0h538OY+t1q58ADyp4bH
e/BKeKtVHi/R4MzUaOlhlsfpy7FPHTrw8fDbP+VqN5Ad
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:50 2024 by rpki-client on console-ams.rpki-client.org