Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/N7uAbt4ZjvrIomwZmr5CpKiaM4c.roa
File:                     N7uAbt4ZjvrIomwZmr5CpKiaM4c.roa (raw, json)
Hash identifier:          VNw7jbBFTUkw3gs00g1//SaDmV1xzR9Z2dGGwG/rQ3k=
Subject key identifier:   37:BB:80:6E:DE:19:8E:FA:C8:A2:6C:19:9A:BE:42:A4:A8:9A:33:87
Certificate issuer:       /CN=f7ed6e066436e0a0b617474955a8a758e6e35d76
Certificate serial:       01856CC15E5DF0C8EE44FC8CBE166A9FF1C0
Authority key identifier: F7:ED:6E:06:64:36:E0:A0:B6:17:47:49:55:A8:A7:58:E6:E3:5D:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9-1uBmQ24KC2F0dJVainWObjXXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/N7uAbt4ZjvrIomwZmr5CpKiaM4c.roa
Signing time:             Sun 01 Jan 2023 09:54:49 +0000
ROA not before:           Sun 01 Jan 2023 09:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        146.19.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/9-1uBmQ24KC2F0dJVainWObjXXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/9-1uBmQ24KC2F0dJVainWObjXXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9-1uBmQ24KC2F0dJVainWObjXXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Mar 2023 04:28:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:c1:5e:5d:f0:c8:ee:44:fc:8c:be:16:6a:9f:f1:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7ed6e066436e0a0b617474955a8a758e6e35d76
        Validity
            Not Before: Jan  1 09:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37bb806ede198efac8a26c199abe42a4a89a3387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:cd:44:40:f1:45:f7:7f:99:b3:4b:de:9c:38:
                    35:ab:3a:74:78:df:f0:65:af:88:c3:7d:cb:5b:dc:
                    fc:13:1c:5d:ca:f9:1c:fa:a2:c9:2d:e4:86:bc:dd:
                    9c:a8:97:74:df:37:69:17:25:c7:90:56:77:cf:23:
                    ae:3d:1c:c4:85:d7:36:30:9b:b5:62:ce:6a:73:4e:
                    5d:62:21:25:7c:d0:05:81:91:ea:32:51:be:7d:ae:
                    02:24:20:33:e0:26:04:82:52:9b:79:a8:33:ff:c8:
                    6e:a8:32:20:bb:cb:de:11:a2:60:4e:7f:b6:df:63:
                    4f:63:6d:7f:6e:98:e3:11:12:52:b2:57:50:e3:4d:
                    ed:8e:72:9c:40:e1:d1:12:aa:df:a4:b6:6e:be:26:
                    20:8c:98:31:5d:3c:85:1c:88:d9:b2:9b:ae:e9:ca:
                    eb:57:79:98:c8:d3:e0:ee:01:56:21:9f:f9:f3:08:
                    cd:fd:ab:70:cd:24:e1:d9:61:38:da:04:4c:b3:63:
                    9d:e8:99:33:a8:67:04:1c:72:0e:e0:d6:69:0b:0e:
                    ee:4e:0c:7f:a3:79:01:23:8b:18:e1:81:1e:d8:6f:
                    8c:49:10:b9:c3:b9:22:e6:1f:f5:e4:78:30:eb:00:
                    74:e2:aa:85:c5:ff:dc:05:38:5f:8a:c8:89:ff:83:
                    36:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                37:BB:80:6E:DE:19:8E:FA:C8:A2:6C:19:9A:BE:42:A4:A8:9A:33:87
            X509v3 Authority Key Identifier: 
                keyid:F7:ED:6E:06:64:36:E0:A0:B6:17:47:49:55:A8:A7:58:E6:E3:5D:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-1uBmQ24KC2F0dJVainWObjXXY.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/N7uAbt4ZjvrIomwZmr5CpKiaM4c.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/7c1131-966f-43af-8f4c-c3fbc8d8f966/1/9-1uBmQ24KC2F0dJVainWObjXXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:e9:a0:c0:77:44:e5:a8:2e:fb:29:bd:e8:b5:34:42:80:cd:
         d1:db:22:0b:1c:08:4a:cb:63:34:de:bd:fd:c5:01:2b:a5:c9:
         6e:08:b9:21:8c:2c:ac:e9:d6:24:4a:de:83:f1:a9:a9:13:76:
         77:15:f1:51:2e:c1:9d:c0:ab:e1:3d:b0:ec:f4:31:c2:7e:52:
         45:52:56:ee:63:8a:e5:16:53:e4:49:bf:8f:04:7d:a2:b6:61:
         38:e3:0b:e2:fb:76:7f:bb:00:d1:e5:c4:e2:c2:19:5f:66:a7:
         57:61:75:2a:dc:e5:fa:ff:33:36:8d:6a:47:97:62:d2:2c:b8:
         6b:5f:e1:d4:58:c8:c5:ba:45:13:bc:24:0e:96:89:4a:18:80:
         1b:1c:9e:50:8e:4b:52:b9:0f:41:39:ae:97:9c:54:a4:f8:0a:
         c9:1b:15:03:f8:90:75:e9:0c:33:6b:5a:d0:0a:7b:30:a2:b8:
         ea:96:05:32:05:d6:77:6c:ff:59:57:95:4e:a7:d4:d4:a8:5c:
         60:90:a3:d8:fc:75:4e:56:ad:b9:59:9c:b9:22:54:f0:f2:07:
         f1:48:eb:a1:e5:e3:5b:53:df:a4:36:2b:4b:31:71:87:60:b0:
         0e:5f:33:0e:6a:65:d1:6e:82:78:68:7e:95:20:2d:94:0b:69:
         29:b8:ca:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswV5d8MjuRPyMvhZqn/HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZWQ2ZTA2NjQzNmUwYTBiNjE3NDc0OTU1YThhNzU4ZTZl
MzVkNzYwHhcNMjMwMTAxMDk1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JiODA2ZWRlMTk4ZWZhYzhhMjZjMTk5YWJlNDJhNGE4OWEzMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM1EQPFF93+Zs0venDg1qzp0eN/w
Za+Iw33LW9z8Exxdyvkc+qLJLeSGvN2cqJd03zdpFyXHkFZ3zyOuPRzEhdc2MJu1
Ys5qc05dYiElfNAFgZHqMlG+fa4CJCAz4CYEglKbeagz/8huqDIgu8veEaJgTn+2
32NPY21/bpjjERJSsldQ403tjnKcQOHREqrfpLZuviYgjJgxXTyFHIjZspuu6crr
V3mYyNPg7gFWIZ/58wjN/atwzSTh2WE42gRMs2Od6JkzqGcEHHIO4NZpCw7uTgx/
o3kBI4sY4YEe2G+MSRC5w7ki5h/15Hgw6wB04qqFxf/cBThfisiJ/4M2xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDe7gG7eGY76yKJsGZq+QqSomjOHMB8GA1UdIwQY
MBaAFPftbgZkNuCgthdHSVWop1jm4112MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOS0xdUJtUTI0S0MyRjBkSlZhaW5XT2JqWFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83YzExMzEtOTY2Zi00M2FmLThmNGMt
YzNmYmM4ZDhmOTY2LzEvTjd1QWJ0NFpqdnJJb213Wm1yNUNwS2lhTTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83YzExMzEtOTY2Zi00M2FmLThmNGMtYzNmYmM4ZDhmOTY2
LzEvOS0xdUJtUTI0S0MyRjBkSlZhaW5XT2JqWFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNcMA0G
CSqGSIb3DQEBCwUAA4IBAQA86aDAd0TlqC77Kb3otTRCgM3R2yILHAhKy2M03r39
xQErpcluCLkhjCys6dYkSt6D8ampE3Z3FfFRLsGdwKvhPbDs9DHCflJFUlbuY4rl
FlPkSb+PBH2itmE44wvi+3Z/uwDR5cTiwhlfZqdXYXUq3OX6/zM2jWpHl2LSLLhr
X+HUWMjFukUTvCQOlolKGIAbHJ5QjktSuQ9BOa6XnFSk+ArJGxUD+JB16Qwza1rQ
CnsworjqlgUyBdZ3bP9ZV5VOp9TUqFxgkKPY/HVOVq25WZy5IlTw8gfxSOuh5eNb
U9+kNitLMXGHYLAOXzMOamXRboJ4aH6VIC2UC2kpuMoI
-----END CERTIFICATE-----
Generated at Wed Mar 15 13:01:02 2023 by rpki-client on console-ams.rpki-client.org