Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/8IDeUf5cvxDZXhkhTrEnG5EpQKw.roa
File:                     8IDeUf5cvxDZXhkhTrEnG5EpQKw.roa (raw, json)
Hash identifier:          PgIN0wQonf+Enh0uuXF3vdlG7GrtbtKhN8z/gJ+kAEA=
Subject key identifier:   F0:80:DE:51:FE:5C:BF:10:D9:5E:19:21:4E:B1:27:1B:91:29:40:AC
Certificate issuer:       /CN=e6f1dedaf4dbda60da990d685650e68c888c6100
Certificate serial:       018CCA2A5244D89CFCF92C477E2188B3E725
Authority key identifier: E6:F1:DE:DA:F4:DB:DA:60:DA:99:0D:68:56:50:E6:8C:88:8C:61:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5vHe2vTb2mDamQ1oVlDmjIiMYQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/8IDeUf5cvxDZXhkhTrEnG5EpQKw.roa
Signing time:             Tue 02 Jan 2024 12:33:40 +0000
ROA not before:           Tue 02 Jan 2024 12:33:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209854
IP address blocks:        185.230.230.0/24 maxlen: 24
                          185.204.92.0/24 maxlen: 24
                          185.230.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/5vHe2vTb2mDamQ1oVlDmjIiMYQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/5vHe2vTb2mDamQ1oVlDmjIiMYQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5vHe2vTb2mDamQ1oVlDmjIiMYQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:52:44:d8:9c:fc:f9:2c:47:7e:21:88:b3:e7:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6f1dedaf4dbda60da990d685650e68c888c6100
        Validity
            Not Before: Jan  2 12:33:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f080de51fe5cbf10d95e19214eb1271b912940ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:df:23:54:be:0d:4e:c2:8b:b2:20:0d:5c:41:
                    72:f9:bf:37:58:52:2a:ad:c5:38:1c:5f:67:17:e0:
                    ee:ea:42:34:85:73:0f:ea:56:de:03:e3:be:01:5f:
                    5e:36:66:64:87:4b:d5:2a:16:11:3b:d9:73:ae:39:
                    b1:33:a5:cd:4d:5a:4b:37:76:94:ca:a1:98:30:97:
                    83:9e:0c:94:f6:a4:cf:ab:e7:b6:f4:02:c5:90:ce:
                    e8:2a:49:60:35:15:09:b8:48:e8:ec:dc:5d:f9:14:
                    b2:a6:4d:eb:18:68:82:18:04:a1:ae:ef:c5:2f:e4:
                    47:89:27:61:b9:21:5a:b6:8f:ce:b5:d0:e0:6e:60:
                    44:1c:fb:c5:a4:53:ab:e9:e6:be:e7:0e:77:0b:66:
                    3e:67:9d:4c:d3:de:64:47:67:af:6b:19:ca:47:b6:
                    b1:8d:1b:a6:97:cb:72:6d:1e:fd:aa:74:29:42:85:
                    ed:1b:86:67:90:25:5f:e9:17:03:cc:d0:e0:62:16:
                    16:ed:35:a6:49:68:51:a0:b5:20:5f:12:0f:4b:e4:
                    e7:bc:56:24:4a:6d:93:ad:32:39:32:06:fd:04:31:
                    d0:ae:50:51:d2:d2:b0:5b:b1:00:d4:0d:c9:d5:bc:
                    2c:d8:d4:95:59:74:ab:77:1c:2a:89:6a:8e:51:23:
                    9c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:80:DE:51:FE:5C:BF:10:D9:5E:19:21:4E:B1:27:1B:91:29:40:AC
            X509v3 Authority Key Identifier:
                keyid:E6:F1:DE:DA:F4:DB:DA:60:DA:99:0D:68:56:50:E6:8C:88:8C:61:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vHe2vTb2mDamQ1oVlDmjIiMYQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/8IDeUf5cvxDZXhkhTrEnG5EpQKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/23ba46-fc7a-4b97-8b4f-231657829ef5/1/5vHe2vTb2mDamQ1oVlDmjIiMYQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.204.92.0/24
                  185.230.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:37:34:49:7b:00:ca:90:15:af:f6:ed:32:ce:82:b5:c3:30:
         97:e6:59:b3:64:d4:e4:0f:1e:10:ed:92:36:93:0e:e8:45:2e:
         24:f6:69:cf:cf:25:81:fb:66:bb:a9:4f:ad:df:af:5d:e6:4d:
         66:7b:0e:64:19:6f:f7:8f:20:0f:11:d2:d1:1d:02:ac:be:ce:
         24:af:d8:82:43:97:e3:8b:2c:52:d2:8a:bf:71:7b:7b:23:3f:
         c0:e0:cd:11:69:74:5e:de:b5:0f:2e:1f:a1:10:1f:28:a0:68:
         ee:97:21:4c:5b:fc:15:44:8f:80:13:9e:46:c0:42:df:eb:7b:
         c3:8d:80:d6:b5:6a:21:b3:cb:32:9e:44:53:20:1f:47:39:b7:
         2e:de:d9:f4:de:3f:a5:fe:1e:dc:2e:7e:e6:72:64:dc:04:c1:
         36:be:81:2a:be:5b:97:11:93:0c:d1:6d:77:24:e8:72:57:5d:
         81:1f:51:bd:b9:0f:f5:ec:6a:4d:0a:f2:d7:2f:2b:1c:ba:c3:
         fe:cc:88:2a:e5:4b:44:60:4f:2d:e4:84:ce:0d:12:ae:72:6d:
         8f:f5:29:52:a9:08:40:7b:cb:47:f3:10:cf:76:44:06:df:db:
         ee:56:a5:26:b5:36:ca:53:9a:ff:60:4c:9b:6d:02:70:56:e3:
         48:e2:0d:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKlJE2Jz8+SxHfiGIs+clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZjFkZWRhZjRkYmRhNjBkYTk5MGQ2ODU2NTBlNjhjODg4
YzYxMDAwHhcNMjQwMTAyMTIzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDgwZGU1MWZlNWNiZjEwZDk1ZTE5MjE0ZWIxMjcxYjkxMjk0MGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst8jVL4NTsKLsiANXEFy+b83WFIq
rcU4HF9nF+Du6kI0hXMP6lbeA+O+AV9eNmZkh0vVKhYRO9lzrjmxM6XNTVpLN3aU
yqGYMJeDngyU9qTPq+e29ALFkM7oKklgNRUJuEjo7Nxd+RSypk3rGGiCGAShru/F
L+RHiSdhuSFato/OtdDgbmBEHPvFpFOr6ea+5w53C2Y+Z51M095kR2evaxnKR7ax
jRuml8tybR79qnQpQoXtG4ZnkCVf6RcDzNDgYhYW7TWmSWhRoLUgXxIPS+TnvFYk
Sm2TrTI5Mgb9BDHQrlBR0tKwW7EA1A3J1bws2NSVWXSrdxwqiWqOUSOc6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCA3lH+XL8Q2V4ZIU6xJxuRKUCsMB8GA1UdIwQY
MBaAFObx3tr029pg2pkNaFZQ5oyIjGEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZIZTJ2VGIybURhbVExb1ZsRG1qSWlNWVFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8yM2JhNDYtZmM3YS00Yjk3LThiNGYt
MjMxNjU3ODI5ZWY1LzEvOElEZVVmNWN2eERaWGhraFRyRW5HNUVwUUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8yM2JhNDYtZmM3YS00Yjk3LThiNGYtMjMxNjU3ODI5ZWY1
LzEvNXZIZTJ2VGIybURhbVExb1ZsRG1qSWlNWVFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucxcAwQB
uebmMA0GCSqGSIb3DQEBCwUAA4IBAQA2NzRJewDKkBWv9u0yzoK1wzCX5lmzZNTk
Dx4Q7ZI2kw7oRS4k9mnPzyWB+2a7qU+t369d5k1mew5kGW/3jyAPEdLRHQKsvs4k
r9iCQ5fjiyxS0oq/cXt7Iz/A4M0RaXRe3rUPLh+hEB8ooGjulyFMW/wVRI+AE55G
wELf63vDjYDWtWohs8synkRTIB9HObcu3tn03j+l/h7cLn7mcmTcBME2voEqvluX
EZMM0W13JOhyV12BH1G9uQ/17GpNCvLXLyscusP+zIgq5UtEYE8t5ITODRKucm2P
9SlSqQhAe8tH8xDPdkQG39vuVqUmtTbKU5r/YEybbQJwVuNI4g2Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:37 2024 by rpki-client on console-ams.rpki-client.org