Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/bzpW3NKqCwxG2JtCB3ZXaIgzL6s.roa
File:                     bzpW3NKqCwxG2JtCB3ZXaIgzL6s.roa (raw, json)
Hash identifier:          UDvdTjKFJQaAwPzE9bUOriKiSieW3C2HMGYMB3K1WPw=
Subject key identifier:   6F:3A:56:DC:D2:AA:0B:0C:46:D8:9B:42:07:76:57:68:88:33:2F:AB
Certificate issuer:       /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial:       019064E97015A895EC3031078B31D6127836
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/bzpW3NKqCwxG2JtCB3ZXaIgzL6s.roa
Signing time:             Sat 29 Jun 2024 16:52:18 +0000
ROA not before:           Sat 29 Jun 2024 16:52:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8708
IP address blocks:        93.113.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:64:e9:70:15:a8:95:ec:30:31:07:8b:31:d6:12:78:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
        Validity
            Not Before: Jun 29 16:52:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f3a56dcd2aa0b0c46d89b420776576888332fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e8:81:6f:e1:26:cd:9f:eb:87:64:ad:df:fa:
                    53:14:b1:f1:9d:8d:f5:62:1d:a5:e3:e9:6b:34:89:
                    13:f1:30:45:9a:c8:b1:1e:42:7d:cb:52:0b:1f:4e:
                    3b:b1:45:20:c4:65:e4:d6:5e:67:e6:85:00:a2:79:
                    97:ed:3b:40:33:89:10:7f:38:ad:49:f0:0d:e7:c6:
                    65:fd:86:aa:aa:21:b4:0b:7c:15:d0:7f:c7:58:18:
                    f6:ea:75:f2:90:96:53:e8:f4:eb:1a:0c:11:9c:4a:
                    d4:8d:79:a4:98:f3:48:97:ce:da:0a:5a:71:43:1e:
                    0a:01:78:8f:2d:11:95:b5:86:d4:58:0a:9c:2f:63:
                    80:37:24:f4:6b:d8:a7:59:a8:f4:d1:c7:c3:1c:93:
                    63:8b:72:b4:d0:92:74:3a:30:d0:af:f4:f1:0f:09:
                    08:34:12:6e:fe:68:7f:b8:f7:a9:ae:5d:b6:8d:e2:
                    c7:b5:26:6d:d3:65:9e:13:04:43:f9:83:ee:d0:61:
                    f7:ca:50:30:2f:4c:56:0d:eb:a9:13:41:90:37:b8:
                    63:fc:64:8b:9b:e1:5e:cb:f5:ef:30:ca:dc:ac:17:
                    be:fb:77:63:dd:ab:f8:d7:4d:19:68:68:3e:c9:a5:
                    d3:70:31:1c:eb:45:64:5d:75:f8:3a:fc:39:64:27:
                    56:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:3A:56:DC:D2:AA:0B:0C:46:D8:9B:42:07:76:57:68:88:33:2F:AB
            X509v3 Authority Key Identifier:
                keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/bzpW3NKqCwxG2JtCB3ZXaIgzL6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.113.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:12:26:e2:d7:f3:10:a3:cd:c9:29:65:08:51:13:ad:9b:9b:
         9c:55:01:52:7f:4f:4f:e4:59:b3:2d:a0:12:c0:03:d2:8b:6b:
         1c:f6:d7:36:09:ab:28:76:73:cf:e5:a0:47:19:7b:bd:aa:fc:
         e2:bb:eb:c9:e5:74:32:8f:f9:0e:33:c5:b0:f7:4c:33:d9:87:
         f9:ea:ba:56:9b:a9:de:18:70:6b:b0:f3:6b:18:ba:b2:5a:b5:
         04:3c:f0:ca:62:6a:61:ad:69:75:da:17:33:c8:0c:74:7e:48:
         1e:f8:fa:4e:9d:13:6b:c0:fb:02:0d:de:b6:84:bd:8e:0c:c6:
         fe:50:ff:7a:53:e5:8a:da:28:20:55:0f:8c:9c:f0:32:27:33:
         5f:b7:c7:83:e0:f1:99:16:b3:c0:57:0c:8d:3e:dc:4e:93:8d:
         2a:04:de:c5:45:76:dc:4c:b4:25:d8:e8:ff:63:85:ad:4f:0f:
         a7:fb:65:93:f2:78:5f:78:c1:75:99:2b:e5:32:01:a0:9a:59:
         61:b9:ff:92:42:05:8e:31:38:c8:f1:03:0d:7e:7e:19:5c:09:
         f9:d0:1a:86:cf:d7:8e:13:1e:13:ec:5a:9f:cb:08:e6:2d:61:
         8c:0d:1a:6c:cf:be:0b:e1:70:d2:2d:24:85:2b:a5:53:f5:7a:
         bf:64:92:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBk6XAVqJXsMDEHizHWEng2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwNjI5MTY1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNhNTZkY2QyYWEwYjBjNDZkODliNDIwNzc2NTc2ODg4MzMyZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreiBb+EmzZ/rh2St3/pTFLHxnY31
Yh2l4+lrNIkT8TBFmsixHkJ9y1ILH047sUUgxGXk1l5n5oUAonmX7TtAM4kQfzit
SfAN58Zl/YaqqiG0C3wV0H/HWBj26nXykJZT6PTrGgwRnErUjXmkmPNIl87aClpx
Qx4KAXiPLRGVtYbUWAqcL2OANyT0a9inWaj00cfDHJNji3K00JJ0OjDQr/TxDwkI
NBJu/mh/uPeprl22jeLHtSZt02WeEwRD+YPu0GH3ylAwL0xWDeupE0GQN7hj/GSL
m+Fey/XvMMrcrBe++3dj3av4100ZaGg+yaXTcDEc60VkXXX4Ovw5ZCdWLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG86VtzSqgsMRtibQgd2V2iIMy+rMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvYnpwVzNOS3FDd3hHMkp0Q0IzWlhhSWd6TDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAGEibi1/MQo83JKWUIUROtm5ucVQFSf09P5FmzLaAS
wAPSi2sc9tc2CasodnPP5aBHGXu9qvziu+vJ5XQyj/kOM8Ww90wz2Yf56rpWm6ne
GHBrsPNrGLqyWrUEPPDKYmphrWl12hczyAx0fkge+PpOnRNrwPsCDd62hL2ODMb+
UP96U+WK2iggVQ+MnPAyJzNft8eD4PGZFrPAVwyNPtxOk40qBN7FRXbcTLQl2Oj/
Y4WtTw+n+2WT8nhfeMF1mSvlMgGgmllhuf+SQgWOMTjI8QMNfn4ZXAn50BqGz9eO
Ex4T7FqfywjmLWGMDRpsz74L4XDSLSSFK6VT9Xq/ZJKZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:32:03 2024 by rpki-client on console-fra.rpki-client.org