Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/RMCegWbK44mDkBYwVAYKpKopYEs.roa
File:                     RMCegWbK44mDkBYwVAYKpKopYEs.roa (raw, json)
Hash identifier:          zbZ4GAnGgdz4pVtHPNevbp6HO/aEDiIInWfMYePeoZ8=
Subject key identifier:   44:C0:9E:81:66:CA:E3:89:83:90:16:30:54:06:0A:A4:AA:29:60:4B
Certificate issuer:       /CN=e466483396afb377e5e379d1615bde0fd4d9ed47
Certificate serial:       018CC2DB342F0B3CC1D088FFC40BF83F3A2E
Authority key identifier: E4:66:48:33:96:AF:B3:77:E5:E3:79:D1:61:5B:DE:0F:D4:D9:ED:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5GZIM5avs3fl43nRYVveD9TZ7Uc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/RMCegWbK44mDkBYwVAYKpKopYEs.roa
Signing time:             Mon 01 Jan 2024 02:29:54 +0000
ROA not before:           Mon 01 Jan 2024 02:29:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210974
IP address blocks:        5.44.254.0/24 maxlen: 24
                          2a12:cf40::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/5GZIM5avs3fl43nRYVveD9TZ7Uc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/5GZIM5avs3fl43nRYVveD9TZ7Uc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5GZIM5avs3fl43nRYVveD9TZ7Uc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Dec 2024 07:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:34:2f:0b:3c:c1:d0:88:ff:c4:0b:f8:3f:3a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e466483396afb377e5e379d1615bde0fd4d9ed47
        Validity
            Not Before: Jan  1 02:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44c09e8166cae3898390163054060aa4aa29604b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:55:1e:1e:5c:0a:a9:aa:da:02:6b:a9:67:d7:
                    e1:f5:0f:c3:8f:7f:20:ae:30:5e:25:9b:00:6f:70:
                    db:9b:98:0a:d4:80:91:52:af:4b:12:13:bc:af:a3:
                    c3:a7:6d:a2:c0:d8:60:39:35:dc:af:ef:16:e3:b6:
                    10:88:e9:08:58:cb:f6:cf:8d:3a:23:2f:80:cd:cf:
                    29:69:2f:b5:3a:42:12:fd:80:c4:df:d9:bb:9d:f0:
                    28:e9:2b:8d:65:4a:fe:86:be:96:6b:0e:2e:40:b1:
                    12:6e:de:45:51:57:08:e5:ff:04:9a:d4:08:3b:9e:
                    db:77:88:8c:1d:1a:18:e1:0b:40:26:64:6f:13:bb:
                    6a:e6:7d:e0:7f:ef:56:13:3e:ac:7e:85:95:36:a1:
                    46:e2:ec:5b:b4:58:a0:80:46:39:b3:a6:89:78:b1:
                    00:7f:34:6d:f8:a4:80:01:81:e0:b3:ab:37:21:50:
                    90:7b:53:b4:ae:6b:b0:e4:19:b5:69:7e:e1:83:78:
                    c2:72:56:0a:3b:68:56:a7:ac:87:8a:97:7a:da:9f:
                    0c:77:19:89:b8:51:ff:eb:c7:ba:a2:74:b1:ff:f1:
                    e6:68:cc:07:cb:83:25:b9:08:b6:19:3e:f8:0c:e8:
                    bd:46:f6:92:11:da:75:f3:1f:81:4f:eb:bb:c4:c6:
                    37:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:C0:9E:81:66:CA:E3:89:83:90:16:30:54:06:0A:A4:AA:29:60:4B
            X509v3 Authority Key Identifier:
                keyid:E4:66:48:33:96:AF:B3:77:E5:E3:79:D1:61:5B:DE:0F:D4:D9:ED:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GZIM5avs3fl43nRYVveD9TZ7Uc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/RMCegWbK44mDkBYwVAYKpKopYEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/18b5bb-8e41-4e88-bdbe-341c63614280/1/5GZIM5avs3fl43nRYVveD9TZ7Uc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.44.254.0/24
                IPv6:
                  2a12:cf40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c7:28:60:9a:3c:51:d2:27:cb:7d:62:67:58:41:98:01:8c:44:
         1e:e3:46:c9:8d:dd:94:d1:d0:b8:db:32:47:ca:15:8f:24:8a:
         84:85:21:e6:0a:2e:9b:31:fb:03:58:ef:c9:74:a7:25:37:6c:
         ec:82:4b:d8:37:a1:98:a3:b4:9f:75:25:39:85:fb:c1:57:5b:
         b0:fa:e5:70:6a:18:87:e5:3e:0b:01:86:8c:af:31:b4:a4:d0:
         c9:6c:09:a1:69:6e:4f:a5:68:76:44:6b:7c:bf:71:c1:22:29:
         04:79:ab:c3:6c:ea:93:76:24:0e:68:1e:8f:0a:9b:12:53:eb:
         89:a5:84:e8:9d:7e:23:06:6e:27:9c:8a:21:cb:35:33:d7:e2:
         b9:73:1a:38:4f:b7:1a:e7:5d:5d:a1:1e:ec:4d:ab:a2:c9:7b:
         73:08:34:59:33:e7:72:d1:9e:64:65:ae:38:63:c8:8a:d8:c1:
         ff:a8:be:11:fd:74:e0:5d:aa:a6:4d:72:8c:82:36:ae:af:01:
         8f:94:92:7d:91:f8:c4:e6:99:57:6f:a0:50:6a:91:ca:d3:77:
         11:bb:63:54:8e:a0:6a:d3:11:7d:bf:f9:cb:a1:62:b7:6f:40:
         d4:f8:9e:46:8d:61:74:9c:e6:47:38:be:9a:60:dc:de:03:cf:
         e2:3f:74:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2zQvCzzB0Ij/xAv4PzouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjY0ODMzOTZhZmIzNzdlNWUzNzlkMTYxNWJkZTBmZDRk
OWVkNDcwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGMwOWU4MTY2Y2FlMzg5ODM5MDE2MzA1NDA2MGFhNGFhMjk2MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFUeHlwKqaraAmupZ9fh9Q/Dj38g
rjBeJZsAb3Dbm5gK1ICRUq9LEhO8r6PDp22iwNhgOTXcr+8W47YQiOkIWMv2z406
Iy+Azc8paS+1OkIS/YDE39m7nfAo6SuNZUr+hr6Waw4uQLESbt5FUVcI5f8EmtQI
O57bd4iMHRoY4QtAJmRvE7tq5n3gf+9WEz6sfoWVNqFG4uxbtFiggEY5s6aJeLEA
fzRt+KSAAYHgs6s3IVCQe1O0rmuw5Bm1aX7hg3jCclYKO2hWp6yHipd62p8MdxmJ
uFH/68e6onSx//HmaMwHy4MluQi2GT74DOi9RvaSEdp18x+BT+u7xMY3ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFETAnoFmyuOJg5AWMFQGCqSqKWBLMB8GA1UdIwQY
MBaAFORmSDOWr7N35eN50WFb3g/U2e1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdaSU01YXZzM2ZsNDNuUllWdmVEOVRaN1VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8xOGI1YmItOGU0MS00ZTg4LWJkYmUt
MzQxYzYzNjE0MjgwLzEvUk1DZWdXYks0NG1Ea0JZd1ZBWUtwS29wWUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8xOGI1YmItOGU0MS00ZTg4LWJkYmUtMzQxYzYzNjE0Mjgw
LzEvNUdaSU01YXZzM2ZsNDNuUllWdmVEOVRaN1VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABSz+MA0E
AgACMAcDBQAqEs9AMA0GCSqGSIb3DQEBCwUAA4IBAQDHKGCaPFHSJ8t9YmdYQZgB
jEQe40bJjd2U0dC42zJHyhWPJIqEhSHmCi6bMfsDWO/JdKclN2zsgkvYN6GYo7Sf
dSU5hfvBV1uw+uVwahiH5T4LAYaMrzG0pNDJbAmhaW5PpWh2RGt8v3HBIikEeavD
bOqTdiQOaB6PCpsSU+uJpYTonX4jBm4nnIohyzUz1+K5cxo4T7ca511doR7sTaui
yXtzCDRZM+dy0Z5kZa44Y8iK2MH/qL4R/XTgXaqmTXKMgjaurwGPlJJ9kfjE5plX
b6BQapHK03cRu2NUjqBq0xF9v/nLoWK3b0DU+J5GjWF0nOZHOL6aYNzeA8/iP3Q1
-----END CERTIFICATE-----
Generated at Wed Dec 11 17:17:39 2024 by rpki-client on console-ams.rpki-client.org