Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MPPZKUHd2uduWeiSSYLcPpPWt4.roa
File:                     0MPPZKUHd2uduWeiSSYLcPpPWt4.roa (raw, json)
Hash identifier:          ObIYc9lBceDmmaucoYk3FbRTeK4x3zIVJfqjikoRgBA=
Subject key identifier:   D0:C3:CF:64:A5:07:77:6B:9D:B9:67:A2:49:26:0B:70:FA:4F:5A:DE
Certificate issuer:       /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial:       018CC802E7E22C3393EAA0EE7EE60E194503
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MPPZKUHd2uduWeiSSYLcPpPWt4.roa
Signing time:             Tue 02 Jan 2024 02:31:22 +0000
ROA not before:           Tue 02 Jan 2024 02:31:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34946
IP address blocks:        193.183.126.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 11:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:e7:e2:2c:33:93:ea:a0:ee:7e:e6:0e:19:45:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
        Validity
            Not Before: Jan  2 02:31:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d0c3cf64a507776b9db967a249260b70fa4f5ade
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:14:7f:e3:ba:b1:73:a8:66:65:87:c7:c2:f8:
                    82:4a:86:8f:89:9e:21:d6:72:8d:dc:0f:ff:f8:59:
                    3e:30:aa:37:a3:40:8a:4b:cd:9e:cc:c9:a0:43:d7:
                    d0:15:23:10:7d:1d:8d:3e:3b:5f:f7:9f:98:8a:9b:
                    80:85:6c:bb:24:84:54:5f:e2:2e:64:d5:0b:d5:66:
                    68:23:58:5d:5e:fa:9a:e6:d5:d5:5a:0a:90:07:66:
                    26:d5:0e:37:69:f1:b4:6f:51:60:1b:79:9a:0b:49:
                    b9:38:ab:bb:3e:44:8f:8e:5a:88:a2:e6:31:7f:4a:
                    cb:be:6f:a6:2f:81:7d:ba:fc:3c:42:08:8a:2e:7f:
                    34:70:42:e6:9e:ff:68:ae:56:c1:1d:f5:48:5e:6a:
                    04:ea:e9:02:c7:78:9a:0c:74:0f:ab:4b:4f:c2:cc:
                    af:53:d4:64:49:bd:f8:64:dc:0e:da:03:3e:a7:5f:
                    50:84:ad:0b:8c:e7:c9:b1:7b:ed:64:fb:9f:5c:a3:
                    76:5a:0c:2a:c0:28:17:c2:f6:ee:73:65:6d:37:d3:
                    49:c4:db:59:75:6a:4f:1c:ca:e1:7e:22:19:ed:f1:
                    09:9e:b3:3f:1e:ff:cc:71:16:2f:dc:1a:2f:33:88:
                    69:87:e0:52:25:b8:c2:dc:12:80:64:8b:35:1e:0f:
                    17:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:C3:CF:64:A5:07:77:6B:9D:B9:67:A2:49:26:0B:70:FA:4F:5A:DE
            X509v3 Authority Key Identifier:
                keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/0MPPZKUHd2uduWeiSSYLcPpPWt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.183.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:7e:11:da:23:c7:9a:d0:7d:cb:e3:5e:64:fb:10:85:fa:63:
         2d:7f:de:5a:62:ac:1f:c4:4e:1e:d1:4c:ca:dd:9a:13:9c:42:
         df:7a:77:82:d5:ec:82:2b:dc:96:18:02:1b:b2:01:f1:58:04:
         d3:9d:df:0c:16:4a:a9:79:70:70:0a:89:69:95:e6:df:01:9f:
         a8:83:61:d1:78:9c:76:6c:d1:30:8b:95:7c:df:76:1d:72:fd:
         88:3d:6e:31:5e:bf:20:ae:f0:f6:88:c9:4e:80:f9:af:4a:a9:
         d7:b6:dd:0f:5c:a7:3b:6e:83:92:53:1f:75:52:d1:15:ce:af:
         0e:5c:a5:4c:93:54:28:7a:2c:dd:f3:47:a6:fb:97:1b:2a:35:
         79:b4:cb:48:ea:b9:1c:fd:4f:97:eb:79:99:da:5c:ca:4d:5e:
         b4:d1:ef:6c:2f:3b:40:5a:d8:2a:5a:b2:0e:a7:91:32:2d:12:
         f6:f5:a7:c8:6c:73:70:2a:23:b0:82:f8:b3:43:b5:8c:00:f6:
         7c:49:e2:bb:bd:e9:06:2f:32:9d:e8:1a:13:74:60:84:50:6c:
         f7:19:f8:72:b7:53:9a:5e:c4:58:1a:dd:41:f0:7f:6b:d7:44:
         1c:c1:00:7c:76:20:d3:6d:2e:d8:8a:17:be:44:b6:68:35:47:
         0b:81:9f:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAufiLDOT6qDufuYOGUUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGMzY2Y2NGE1MDc3NzZiOWRiOTY3YTI0OTI2MGI3MGZhNGY1YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xR/47qxc6hmZYfHwviCSoaPiZ4h
1nKN3A//+Fk+MKo3o0CKS82ezMmgQ9fQFSMQfR2NPjtf95+YipuAhWy7JIRUX+Iu
ZNUL1WZoI1hdXvqa5tXVWgqQB2Ym1Q43afG0b1FgG3maC0m5OKu7PkSPjlqIouYx
f0rLvm+mL4F9uvw8QgiKLn80cELmnv9orlbBHfVIXmoE6ukCx3iaDHQPq0tPwsyv
U9RkSb34ZNwO2gM+p19QhK0LjOfJsXvtZPufXKN2WgwqwCgXwvbuc2VtN9NJxNtZ
dWpPHMrhfiIZ7fEJnrM/Hv/McRYv3BovM4hph+BSJbjC3BKAZIs1Hg8XOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDDz2SlB3drnblnokkmC3D6T1reMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvME1QUFpLVUhkMnVkdVdlaVNTWUxjUHBQV3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbd+MA0G
CSqGSIb3DQEBCwUAA4IBAQCsfhHaI8ea0H3L415k+xCF+mMtf95aYqwfxE4e0UzK
3ZoTnELfeneC1eyCK9yWGAIbsgHxWATTnd8MFkqpeXBwColplebfAZ+og2HReJx2
bNEwi5V833Ydcv2IPW4xXr8grvD2iMlOgPmvSqnXtt0PXKc7boOSUx91UtEVzq8O
XKVMk1Qoeizd80em+5cbKjV5tMtI6rkc/U+X63mZ2lzKTV600e9sLztAWtgqWrIO
p5EyLRL29afIbHNwKiOwgvizQ7WMAPZ8SeK7vekGLzKd6BoTdGCEUGz3Gfhyt1Oa
XsRYGt1B8H9r10QcwQB8diDTbS7Yihe+RLZoNUcLgZ94
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:18 2024 by rpki-client on console-fra.rpki-client.org