Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa
File:                     1-nG4edNh2e_Ue1pFvswWJApuohA.roa (raw, json)
Hash identifier:          h8Bsp/6YTU3r7eCtZroHCqv4X+Gi1ghuLIGNnenzTTk=
Subject key identifier:   FA:71:B8:79:D3:61:D9:EF:D4:7B:5A:45:BE:CC:16:24:0A:6E:A2:10
Certificate issuer:       /CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Certificate serial:       018E886292021B6B6594FD3E0C0435BC0C02
Authority key identifier: 4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa
Signing time:             Fri 29 Mar 2024 04:05:44 +0000
ROA not before:           Fri 29 Mar 2024 04:05:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     38972
IP address blocks:        46.254.24.0/22 maxlen: 22
                          46.254.24.0/24 maxlen: 24
                          46.254.25.0/24 maxlen: 24
                          46.254.26.0/24 maxlen: 24
                          46.254.27.0/24 maxlen: 24
                          80.251.144.0/21 maxlen: 21
                          80.251.147.0/24 maxlen: 24
                          80.251.150.0/24 maxlen: 24
                          80.251.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:88:62:92:02:1b:6b:65:94:fd:3e:0c:04:35:bc:0c:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
        Validity
            Not Before: Mar 29 04:05:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa71b879d361d9efd47b5a45becc16240a6ea210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a2:4f:f6:c6:1a:d6:e0:dc:09:a5:1a:2c:b0:
                    f8:7b:19:44:a0:02:1d:3a:aa:28:bd:e3:34:fe:3c:
                    7e:17:de:c9:bf:dc:3e:79:3b:a1:09:cb:42:34:66:
                    3c:b9:02:10:65:d8:4d:59:cf:69:47:3f:8d:5f:64:
                    97:6f:6b:96:0e:57:8f:a2:c3:59:1b:01:6c:ae:35:
                    a2:a4:23:d2:e6:6a:bb:3d:84:f4:a4:3a:bf:1f:8f:
                    08:b9:24:9c:b5:96:0d:e3:b0:40:14:1b:5a:03:53:
                    53:a5:9f:d7:c1:76:09:25:de:41:5a:54:85:da:49:
                    d6:a6:4f:2b:de:d3:c6:ce:6f:2c:16:c0:24:76:98:
                    8f:13:7f:1d:79:ec:89:f1:fa:ac:56:0a:64:93:dc:
                    6d:74:ef:80:36:94:67:1f:e1:ec:54:75:d1:34:21:
                    7d:92:5c:6d:bf:e3:06:7e:16:f0:1d:c9:7a:4a:26:
                    13:4b:bb:ea:da:b3:ff:05:48:c5:92:fb:45:89:a5:
                    78:18:c1:f7:25:50:2c:28:4f:0e:f1:d4:36:e8:3b:
                    03:e4:54:b8:e0:86:ea:e8:90:cd:23:c1:03:48:28:
                    d1:13:78:6e:51:55:6e:32:36:ab:b2:31:df:3d:09:
                    48:a0:c0:3e:4a:ce:fd:5e:25:f3:c0:08:d9:2b:16:
                    fe:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:71:B8:79:D3:61:D9:EF:D4:7B:5A:45:BE:CC:16:24:0A:6E:A2:10
            X509v3 Authority Key Identifier:
                keyid:4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.254.24.0/22
                  80.251.144.0/21
                  80.251.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:2e:52:2e:95:20:3c:5a:5d:8a:26:e9:08:9e:a8:db:c5:43:
         5c:ce:b6:43:c5:0e:be:6d:0b:1c:6e:f3:20:3b:33:38:42:ce:
         cc:d4:0b:c4:bc:d5:f2:e4:21:f5:cd:69:c6:0f:6a:8a:ee:47:
         0e:b2:0d:29:54:9a:18:ef:23:13:54:59:04:ef:11:a1:4c:f4:
         aa:da:50:3c:12:98:c8:9a:9a:ac:b9:f3:fc:f1:ce:0f:31:15:
         1f:52:0c:ce:32:5e:02:da:bc:95:3d:f8:dd:cc:c2:75:94:88:
         88:94:c2:4d:2e:af:60:a1:20:21:b3:cf:84:a5:c1:63:58:8a:
         8e:d6:74:65:eb:cf:ae:11:cf:c2:28:3c:28:43:fa:67:c2:cd:
         90:c6:58:02:18:24:bd:76:af:7d:ba:63:30:b7:cf:22:05:19:
         c6:4f:c6:a1:0b:d6:66:f2:87:a4:10:50:8a:ff:f0:8a:f4:6c:
         52:64:1e:f8:87:dc:31:2a:e5:71:11:a0:c5:b9:b6:2a:6b:4c:
         51:2f:a6:d0:69:14:d0:99:89:d1:27:89:f0:14:49:12:23:7d:
         73:e0:be:04:47:01:db:2e:4b:49:e3:36:60:26:b6:24:94:aa:
         0f:50:4f:f2:4f:3b:22:59:b6:c8:07:c9:60:31:7a:ce:24:6d:
         6f:00:09:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY6IYpICG2tllP0+DAQ1vAwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWViYjliMDUxYWQ1ZWM3YTM2OTg5ZmMzZmNjOTRjMWNh
YmNjNzQwHhcNMjQwMzI5MDQwNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcxYjg3OWQzNjFkOWVmZDQ3YjVhNDViZWNjMTYyNDBhNmVhMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKJP9sYa1uDcCaUaLLD4exlEoAId
OqooveM0/jx+F97Jv9w+eTuhCctCNGY8uQIQZdhNWc9pRz+NX2SXb2uWDlePosNZ
GwFsrjWipCPS5mq7PYT0pDq/H48IuSSctZYN47BAFBtaA1NTpZ/XwXYJJd5BWlSF
2knWpk8r3tPGzm8sFsAkdpiPE38deeyJ8fqsVgpkk9xtdO+ANpRnH+HsVHXRNCF9
klxtv+MGfhbwHcl6SiYTS7vq2rP/BUjFkvtFiaV4GMH3JVAsKE8O8dQ26DsD5FS4
4Ibq6JDNI8EDSCjRE3huUVVuMjarsjHfPQlIoMA+Ss79XiXzwAjZKxb+WQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpxuHnTYdnv1HtaRb7MFiQKbqIQMB8GA1UdIwQY
MBaAFE5eu5sFGtXsejaYn8P8yUwcq8x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGw2N213VWExZXg2TnBpZndfekpUQnlyekhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lYzE3MjEtNzVjNS00MGY1LTkzNDUt
YzJmZDBmOTU4ZDRiLzEvMS1uRzRlZE5oMmVfVWUxcEZ2c3dXSkFwdW9oQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDIvZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0
Yi8xL1RsNjdtd1VhMWV4Nk5waWZ3X3pKVEJ5cnpIUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi7+GAME
A1D7kAMEAFD7mjANBgkqhkiG9w0BAQsFAAOCAQEAei5SLpUgPFpdiibpCJ6o28VD
XM62Q8UOvm0LHG7zIDszOELOzNQLxLzV8uQh9c1pxg9qiu5HDrINKVSaGO8jE1RZ
BO8RoUz0qtpQPBKYyJqarLnz/PHODzEVH1IMzjJeAtq8lT343czCdZSIiJTCTS6v
YKEgIbPPhKXBY1iKjtZ0ZevPrhHPwig8KEP6Z8LNkMZYAhgkvXavfbpjMLfPIgUZ
xk/GoQvWZvKHpBBQiv/wivRsUmQe+IfcMSrlcRGgxbm2KmtMUS+m0GkU0JmJ0SeJ
8BRJEiN9c+C+BEcB2y5LSeM2YCa2JJSqD1BP8k87Ilm2yAfJYDF6ziRtbwAJug==
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:37:16 2024 by rpki-client on console-ams.rpki-client.org