Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GR11Z-j-Jf2GVRIUTeL5axMDU3U.roa
File:                     GR11Z-j-Jf2GVRIUTeL5axMDU3U.roa (raw, json)
Hash identifier:          0q7GrY30T/YQbkOcwpq3SPYlqvKm0n7h5rf9mUWmmaU=
Subject key identifier:   19:1D:75:67:E8:FE:25:FD:86:55:12:14:4D:E2:F9:6B:13:03:53:75
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018CCA2B6A8030A2C94C57A37D288E954B7C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GR11Z-j-Jf2GVRIUTeL5axMDU3U.roa
Signing time:             Tue 02 Jan 2024 12:34:52 +0000
ROA not before:           Tue 02 Jan 2024 12:34:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     397268
IP address blocks:        185.207.179.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 00:09:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:6a:80:30:a2:c9:4c:57:a3:7d:28:8e:95:4b:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  2 12:34:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=191d7567e8fe25fd865512144de2f96b13035375
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:53:e9:75:dc:59:de:ea:bc:f0:df:ed:8e:d9:
                    5f:5f:ec:c0:44:8f:b2:2a:10:27:a3:a1:d2:a1:ab:
                    f9:ed:af:89:42:8a:44:2d:1b:33:21:da:8c:60:50:
                    94:6c:7f:16:96:52:7a:10:68:17:2f:82:5e:c3:1d:
                    ee:02:b7:75:16:01:ad:cc:c1:88:75:2e:85:6a:2b:
                    00:a6:ce:cb:7b:82:3f:2f:54:79:b9:8e:1d:9b:48:
                    0d:10:70:9d:f2:3e:ae:e5:51:ca:83:30:50:be:e3:
                    97:5c:7d:db:f1:73:08:50:d9:85:d5:06:f6:03:31:
                    61:a9:49:9b:0f:9b:2e:b5:c2:5f:3c:ff:0b:a8:ce:
                    59:1b:d0:47:2d:c1:bb:96:1b:f3:a4:77:35:1b:53:
                    98:e0:1e:31:e1:8b:be:52:0f:36:eb:62:f9:7e:61:
                    f2:95:61:1e:df:75:2c:f1:c2:9c:b0:5d:f1:ae:e7:
                    0a:7e:8b:71:61:2d:b3:be:22:8b:bc:54:c4:de:9a:
                    8b:00:54:f1:f0:08:42:2e:0a:3a:a3:20:2e:a3:68:
                    05:54:3c:69:bc:a9:22:37:22:03:e8:7d:7c:eb:14:
                    54:45:1d:51:04:fd:73:30:a1:92:e7:97:06:ee:72:
                    c2:6a:e7:ef:48:1b:3f:f0:4f:78:e5:da:e4:59:dd:
                    13:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:1D:75:67:E8:FE:25:FD:86:55:12:14:4D:E2:F9:6B:13:03:53:75
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GR11Z-j-Jf2GVRIUTeL5axMDU3U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:e3:22:3e:12:62:34:fe:15:9a:5b:e0:c8:34:44:e8:0c:4f:
         9e:0c:47:b9:ae:78:d4:c3:f1:84:2d:34:8c:3c:f5:9e:8b:a1:
         49:d3:c8:a4:83:38:51:ff:6e:a9:6a:a8:a0:e4:93:af:5a:15:
         38:3e:23:3c:ea:17:bb:ec:8a:93:a8:ec:23:a7:18:06:cf:14:
         94:b3:fb:60:8f:80:70:dc:3c:7f:da:53:67:0e:9b:c0:b6:1f:
         25:02:22:5d:15:c4:0e:da:75:2f:a8:68:a1:2c:54:d0:09:02:
         37:28:0e:f4:ed:99:8c:80:83:7e:15:b9:bd:65:43:ed:bf:a3:
         c3:99:36:81:6e:7b:a1:f9:ac:c8:60:4d:c7:c7:21:66:e8:4b:
         9d:b2:d2:24:9b:71:35:19:89:be:4e:c1:05:10:9d:00:e4:3b:
         d0:2a:aa:e4:66:76:64:89:ac:81:3d:8d:f5:ee:8b:d5:66:4e:
         6b:39:89:17:b7:24:9a:38:22:05:22:18:7f:a5:dd:df:b4:a1:
         dc:12:ce:ee:3d:eb:cc:c9:05:27:f5:5b:3b:57:62:b9:d7:2e:
         0b:32:69:2a:19:df:88:e6:af:0b:b7:2e:ae:f1:c4:18:7f:80:
         fc:bd:22:68:ae:08:63:be:fc:89:7a:b9:e4:71:ad:21:21:bd:
         29:5c:16:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2qAMKLJTFejfSiOlUt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFkNzU2N2U4ZmUyNWZkODY1NTEyMTQ0ZGUyZjk2YjEzMDM1Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFPpddxZ3uq88N/tjtlfX+zARI+y
KhAno6HSoav57a+JQopELRszIdqMYFCUbH8WllJ6EGgXL4Jewx3uArd1FgGtzMGI
dS6FaisAps7Le4I/L1R5uY4dm0gNEHCd8j6u5VHKgzBQvuOXXH3b8XMIUNmF1Qb2
AzFhqUmbD5sutcJfPP8LqM5ZG9BHLcG7lhvzpHc1G1OY4B4x4Yu+Ug8262L5fmHy
lWEe33Us8cKcsF3xrucKfotxYS2zviKLvFTE3pqLAFTx8AhCLgo6oyAuo2gFVDxp
vKkiNyID6H186xRURR1RBP1zMKGS55cG7nLCaufvSBs/8E945drkWd0T/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkddWfo/iX9hlUSFE3i+WsTA1N1MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvR1IxMVotai1KZjJHVlJJVVRlTDVheE1EVTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc+zMA0G
CSqGSIb3DQEBCwUAA4IBAQBV4yI+EmI0/hWaW+DINEToDE+eDEe5rnjUw/GELTSM
PPWei6FJ08ikgzhR/26paqig5JOvWhU4PiM86he77IqTqOwjpxgGzxSUs/tgj4Bw
3Dx/2lNnDpvAth8lAiJdFcQO2nUvqGihLFTQCQI3KA707ZmMgIN+Fbm9ZUPtv6PD
mTaBbnuh+azIYE3HxyFm6EudstIkm3E1GYm+TsEFEJ0A5DvQKqrkZnZkiayBPY31
7ovVZk5rOYkXtySaOCIFIhh/pd3ftKHcEs7uPevMyQUn9Vs7V2K51y4LMmkqGd+I
5q8Lty6u8cQYf4D8vSJorghjvvyJernkca0hIb0pXBak
-----END CERTIFICATE-----