Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa
File:                     HImsFaKV08TLV6wVdauWms4-JOc.roa (raw, json)
Hash identifier:          2mYX6YTb9x1BYUgkuBVc0N5W+dRm0Q7gByu7LotyHkw=
Subject key identifier:   1C:89:AC:15:A2:95:D3:C4:CB:57:AC:15:75:AB:96:9A:CE:3E:24:E7
Certificate issuer:       /CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Certificate serial:       018CC727468EA47ACB3359F9F350BD58861C
Authority key identifier: 26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa
Signing time:             Mon 01 Jan 2024 22:31:29 +0000
ROA not before:           Mon 01 Jan 2024 22:31:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16074
IP address blocks:        62.112.160.0/19 maxlen: 20
                          62.145.32.0/19 maxlen: 24
                          62.145.63.0/24 maxlen: 24
                          62.145.62.0/24 maxlen: 24
                          217.115.224.0/20 maxlen: 21
                          192.113.0.0/16 maxlen: 24
                          2a01:67c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 19:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:46:8e:a4:7a:cb:33:59:f9:f3:50:bd:58:86:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
        Validity
            Not Before: Jan  1 22:31:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1c89ac15a295d3c4cb57ac1575ab969ace3e24e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ee:12:0e:6d:e6:09:29:8a:29:05:91:3d:80:
                    ad:f9:f8:b3:17:df:50:90:67:45:50:01:40:66:ed:
                    45:fe:fd:87:c2:a4:08:31:af:bd:a6:21:1f:e7:45:
                    f7:dc:a0:21:08:dc:b5:e0:4f:31:00:5f:62:21:c7:
                    f0:3d:a2:c2:0d:57:7a:b5:5c:79:a5:3f:36:7d:83:
                    3c:d5:da:67:46:4d:e3:ba:56:5b:50:5f:cc:30:df:
                    49:9f:96:67:40:0f:b3:f6:6f:21:2d:4d:65:9b:51:
                    2e:37:58:50:0b:77:4f:bc:b2:1e:df:5b:d0:f8:07:
                    9d:09:c5:53:2b:4d:d0:1c:02:ee:5a:75:d1:d1:4f:
                    b4:9d:9d:50:1f:e0:27:3f:d6:81:48:c8:65:ec:dd:
                    8b:4d:6c:36:51:81:64:95:c2:90:b1:f1:fd:e7:b2:
                    4f:0e:40:d2:30:a7:63:4c:dd:aa:6a:e1:48:02:31:
                    7c:a3:6d:a1:59:87:17:b6:4b:6a:6c:50:d8:98:3d:
                    ac:99:d0:d5:c1:10:db:22:fd:51:56:5c:2b:78:8e:
                    78:67:39:df:0f:b5:99:10:b0:b6:2e:90:50:02:02:
                    b8:87:3b:0a:c1:43:63:76:81:4b:b1:2d:3a:11:51:
                    c7:61:e7:f9:23:8f:4b:5f:dd:dd:01:14:75:de:6b:
                    78:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:89:AC:15:A2:95:D3:C4:CB:57:AC:15:75:AB:96:9A:CE:3E:24:E7
            X509v3 Authority Key Identifier:
                keyid:26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.112.160.0/19
                  62.145.32.0/19
                  192.113.0.0/16
                  217.115.224.0/20
                IPv6:
                  2a01:67c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         af:38:80:1a:0c:76:2a:eb:30:9a:5b:7d:a1:c7:db:86:33:f4:
         4c:63:d9:ce:ca:36:7e:c0:23:f5:c3:52:39:d2:69:7b:00:73:
         d4:ca:d3:b0:c7:f1:d3:0f:82:2d:17:af:e8:83:96:16:5b:b9:
         84:7e:87:af:e6:2b:c1:cf:69:7c:ad:93:74:1c:3d:75:a7:3f:
         86:74:7f:51:63:93:24:6b:59:84:0b:51:b1:7f:e7:8f:7e:bd:
         f6:92:51:1b:dc:59:4f:e7:ed:fd:61:91:83:5b:5c:1e:02:62:
         90:90:b1:b5:ae:08:0c:ae:03:f0:52:0a:84:84:7b:30:26:3c:
         f8:71:b2:31:8d:25:da:55:df:bb:2c:a5:f4:93:51:0f:fa:a2:
         5e:9c:06:d1:33:96:86:34:d7:de:b6:ac:4d:91:08:3d:63:32:
         8f:f0:d7:10:ab:3c:da:38:1b:aa:82:fb:9c:f8:6f:4c:79:54:
         7f:46:db:90:5c:3e:03:93:f9:6e:62:ba:c8:d5:a3:f5:d5:26:
         a3:5c:fd:da:97:fc:61:04:d3:fe:7c:ec:72:96:8d:7b:99:8a:
         b3:5d:37:c3:44:52:cd:04:3f:56:82:e0:4a:f1:b9:60:cb:78:
         08:27:05:29:8e:c1:10:29:7d:44:5a:82:e6:5b:27:b4:2a:b9:
         45:50:36:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJ0aOpHrLM1n581C9WIYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRlYzk5ZDg5NTY1YTYzNGE3YjJjNTQwMWZlZDdhYzQ3
YmYyMzIwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5YWMxNWEyOTVkM2M0Y2I1N2FjMTU3NWFiOTY5YWNlM2UyNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O4SDm3mCSmKKQWRPYCt+fizF99Q
kGdFUAFAZu1F/v2HwqQIMa+9piEf50X33KAhCNy14E8xAF9iIcfwPaLCDVd6tVx5
pT82fYM81dpnRk3julZbUF/MMN9Jn5ZnQA+z9m8hLU1lm1EuN1hQC3dPvLIe31vQ
+AedCcVTK03QHALuWnXR0U+0nZ1QH+AnP9aBSMhl7N2LTWw2UYFklcKQsfH957JP
DkDSMKdjTN2qauFIAjF8o22hWYcXtktqbFDYmD2smdDVwRDbIv1RVlwreI54Zznf
D7WZELC2LpBQAgK4hzsKwUNjdoFLsS06EVHHYef5I49LX93dARR13mt4UQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFByJrBWildPEy1esFXWrlprOPiTnMB8GA1UdIwQY
MBaAFCa97JnYlWWmNKeyxUAf7XrEe/IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5Yzct
N2YyMDEyMTJkODgzLzEvSEltc0ZhS1YwOFRMVjZ3VmRhdVdtczQtSk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5YzctN2YyMDEyMTJkODgz
LzEvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFPnCgAwQF
PpEgAwMAwHEDBATZc+AwDQQCAAIwBwMFACoBZ8AwDQYJKoZIhvcNAQELBQADggEB
AK84gBoMdirrMJpbfaHH24Yz9Exj2c7KNn7AI/XDUjnSaXsAc9TK07DH8dMPgi0X
r+iDlhZbuYR+h6/mK8HPaXytk3QcPXWnP4Z0f1FjkyRrWYQLUbF/549+vfaSURvc
WU/n7f1hkYNbXB4CYpCQsbWuCAyuA/BSCoSEezAmPPhxsjGNJdpV37sspfSTUQ/6
ol6cBtEzloY01962rE2RCD1jMo/w1xCrPNo4G6qC+5z4b0x5VH9G25BcPgOT+W5i
usjVo/XVJqNc/dqX/GEE0/587HKWjXuZirNdN8NEUs0EP1aC4ErxuWDLeAgnBSmO
wRApfURaguZbJ7QquUVQNqU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:03 2024 by rpki-client on console-ams.rpki-client.org