Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sl57x3rsVMaFXuI_wgZri-sk2-Y.roa
File:                     sl57x3rsVMaFXuI_wgZri-sk2-Y.roa (raw, json)
Hash identifier:          TMohR+B7Xv860yH4b+/C4fLp7l3iq1Xn/oYYBa84rVU=
Subject key identifier:   B2:5E:7B:C7:7A:EC:54:C6:85:5E:E2:3F:C2:06:6B:8B:EB:24:DB:E6
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018CCA2B49F2E1250FBD56335D09FDC6C3F7
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sl57x3rsVMaFXuI_wgZri-sk2-Y.roa
Signing time:             Tue 02 Jan 2024 12:34:43 +0000
ROA not before:           Tue 02 Jan 2024 12:34:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8075
IP address blocks:        194.34.228.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:49:f2:e1:25:0f:bd:56:33:5d:09:fd:c6:c3:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  2 12:34:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b25e7bc77aec54c6855ee23fc2066b8beb24dbe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3f:d5:43:92:b6:d3:9b:7d:a1:6c:2e:a9:72:
                    9b:8b:82:01:72:b5:92:10:06:c1:19:41:be:f4:e4:
                    2e:fb:fe:87:8d:a5:a5:33:9a:96:c7:0d:33:2e:e0:
                    f3:98:a0:80:60:ad:c7:f5:9c:bd:79:46:32:da:60:
                    13:77:21:8b:95:62:12:6b:66:51:e6:44:0a:a8:11:
                    ed:a2:12:62:02:f3:0a:09:d4:6e:f0:35:12:dd:84:
                    58:79:b2:cf:47:de:78:4d:3b:53:af:a7:f8:b1:b2:
                    a5:de:65:5a:c4:27:0c:90:89:f9:f0:50:87:97:19:
                    8d:6a:67:56:31:9c:f1:9c:71:01:b3:3a:23:6d:41:
                    e5:15:22:16:be:ce:a8:a0:53:c1:c2:73:b2:82:d0:
                    ba:e7:df:98:18:97:66:15:ea:71:4f:58:a9:66:b9:
                    57:c5:3b:ae:66:fb:a4:a9:24:85:f3:2b:74:d8:ab:
                    36:24:78:f8:b3:d3:ca:1a:1f:3d:b8:b0:e0:07:2d:
                    45:3d:e2:50:08:84:a9:1c:57:31:e7:39:ae:c6:b0:
                    fe:3c:66:44:ea:a8:76:57:51:75:23:f2:a7:e2:b0:
                    ac:6a:0a:7a:49:bb:c2:a8:69:8c:4b:26:6d:d7:0f:
                    06:0c:8c:97:dd:76:2a:5f:85:25:a5:0c:36:e8:36:
                    09:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:5E:7B:C7:7A:EC:54:C6:85:5E:E2:3F:C2:06:6B:8B:EB:24:DB:E6
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sl57x3rsVMaFXuI_wgZri-sk2-Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:08:80:5d:69:20:85:55:9b:b4:36:fa:55:d7:b1:b1:43:ae:
         a9:f7:bf:15:39:96:1f:e7:df:30:02:18:7f:c6:6e:b4:53:ca:
         c1:3c:45:43:9f:a6:21:fd:71:83:93:09:d0:ea:c5:a0:e9:76:
         84:2c:ad:9f:57:d2:20:1a:b7:5f:54:5e:ad:81:a2:0e:26:b9:
         20:af:1a:a4:d2:68:f5:be:49:66:81:f8:31:20:3d:b5:c1:0e:
         40:19:06:d6:f7:1f:4b:04:59:60:0b:a7:75:9c:ae:77:06:4b:
         32:79:a7:7e:8f:06:b6:20:ff:b8:3e:00:5d:ea:7d:3c:53:0b:
         fb:02:e6:5f:61:26:b8:f6:99:9d:e0:26:6e:99:8d:70:54:a2:
         56:ff:d6:1a:e7:80:f7:1f:2a:a6:2e:b7:54:e0:8c:a8:6c:8c:
         6a:af:ed:de:b9:33:ed:3b:23:c0:8f:1a:d8:40:08:1a:69:17:
         2f:b9:81:21:f6:b3:4d:77:0b:f5:58:cf:e1:7f:76:ac:1d:b9:
         aa:56:99:76:39:1d:8a:d1:13:2b:f7:da:04:fd:eb:4b:f6:33:
         eb:db:47:54:ef:75:e9:e6:41:2e:c2:66:74:10:b9:04:9d:e1:
         8a:1a:4a:5a:ef:f8:bc:fc:f3:3e:b0:3f:95:e8:b4:fa:34:9c:
         08:b6:37:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK0ny4SUPvVYzXQn9xsP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVlN2JjNzdhZWM1NGM2ODU1ZWUyM2ZjMjA2NmI4YmViMjRkYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD/VQ5K205t9oWwuqXKbi4IBcrWS
EAbBGUG+9OQu+/6HjaWlM5qWxw0zLuDzmKCAYK3H9Zy9eUYy2mATdyGLlWISa2ZR
5kQKqBHtohJiAvMKCdRu8DUS3YRYebLPR954TTtTr6f4sbKl3mVaxCcMkIn58FCH
lxmNamdWMZzxnHEBszojbUHlFSIWvs6ooFPBwnOygtC659+YGJdmFepxT1ipZrlX
xTuuZvukqSSF8yt02Ks2JHj4s9PKGh89uLDgBy1FPeJQCISpHFcx5zmuxrD+PGZE
6qh2V1F1I/Kn4rCsagp6SbvCqGmMSyZt1w8GDIyX3XYqX4UlpQw26DYJfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJee8d67FTGhV7iP8IGa4vrJNvmMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvc2w1N3gzcnNWTWFGWHVJX3dnWnJpLXNrMi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiLkMA0G
CSqGSIb3DQEBCwUAA4IBAQB3CIBdaSCFVZu0NvpV17GxQ66p978VOZYf598wAhh/
xm60U8rBPEVDn6Yh/XGDkwnQ6sWg6XaELK2fV9IgGrdfVF6tgaIOJrkgrxqk0mj1
vklmgfgxID21wQ5AGQbW9x9LBFlgC6d1nK53Bksyead+jwa2IP+4PgBd6n08Uwv7
AuZfYSa49pmd4CZumY1wVKJW/9Ya54D3HyqmLrdU4IyobIxqr+3euTPtOyPAjxrY
QAgaaRcvuYEh9rNNdwv1WM/hf3asHbmqVpl2OR2K0RMr99oE/etL9jPr20dU73Xp
5kEuwmZ0ELkEneGKGkpa7/i8/PM+sD+V6LT6NJwItjeu
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:19 2024 by rpki-client on console-ams.rpki-client.org