Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/j1SxRzXgarySvIEZqTpHQzuaQv8.roa
File:                     j1SxRzXgarySvIEZqTpHQzuaQv8.roa (raw, json)
Hash identifier:          RzLKvap/1voKz42bKx2GIna/AB8b6yu/cxw670uQj+0=
Subject key identifier:   8F:54:B1:47:35:E0:6A:BC:92:BC:81:19:A9:3A:47:43:3B:9A:42:FF
Certificate issuer:       /CN=06f766f1de13aec7fb050193f8329a6609e0095d
Certificate serial:       018CC3B69E60C85A0573BF75110A893B0C57
Authority key identifier: 06:F7:66:F1:DE:13:AE:C7:FB:05:01:93:F8:32:9A:66:09:E0:09:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bvdm8d4Trsf7BQGT-DKaZgngCV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/j1SxRzXgarySvIEZqTpHQzuaQv8.roa
Signing time:             Mon 01 Jan 2024 06:29:34 +0000
ROA not before:           Mon 01 Jan 2024 06:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202460
IP address blocks:        193.57.72.0/24 maxlen: 24
                          193.57.72.0/22 maxlen: 22
                          193.57.73.0/24 maxlen: 24
                          193.57.74.0/24 maxlen: 24
                          193.57.75.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/Bvdm8d4Trsf7BQGT-DKaZgngCV0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/Bvdm8d4Trsf7BQGT-DKaZgngCV0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bvdm8d4Trsf7BQGT-DKaZgngCV0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:9e:60:c8:5a:05:73:bf:75:11:0a:89:3b:0c:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06f766f1de13aec7fb050193f8329a6609e0095d
        Validity
            Not Before: Jan  1 06:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f54b14735e06abc92bc8119a93a47433b9a42ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:92:f3:2e:18:24:ca:5f:f2:e2:d5:9c:98:57:
                    76:3e:37:c3:0a:80:86:8e:a1:7f:3c:92:f8:d7:18:
                    d8:f5:df:bf:44:e6:fa:b7:39:75:73:da:08:f1:d1:
                    c3:f5:27:10:e7:3b:ff:bc:aa:4f:2f:b9:9d:f3:3d:
                    e9:17:5a:4a:9d:7a:63:96:4a:f5:3c:28:91:33:e8:
                    72:98:db:74:63:18:78:79:a6:ec:c1:36:ae:bd:cf:
                    2d:84:8f:d9:4c:04:dd:77:fa:a3:7e:6c:3e:68:8e:
                    57:26:2b:50:f6:6f:ed:a2:61:63:2f:bc:21:04:58:
                    71:10:06:ea:81:3b:f2:08:2c:19:a1:c4:d5:da:23:
                    8d:b2:ff:9c:08:c3:16:9e:16:43:7c:6d:81:17:e3:
                    93:e3:c7:95:98:9a:97:a5:34:c7:cc:a3:f0:65:31:
                    6b:49:95:6c:80:94:3e:14:81:53:86:84:ea:9d:0c:
                    2d:95:44:23:f0:0e:58:20:ba:3d:b9:e7:96:d5:c3:
                    86:3b:87:97:e3:1c:05:3e:65:5d:91:3e:ad:5e:73:
                    4b:18:3c:ba:d4:ac:e6:45:40:4d:d3:44:43:a1:82:
                    1a:5f:3d:eb:8e:fa:37:7a:83:d0:f9:f2:de:e0:07:
                    3f:83:1e:f7:e1:24:de:b4:7a:72:46:f0:af:7f:1b:
                    14:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:54:B1:47:35:E0:6A:BC:92:BC:81:19:A9:3A:47:43:3B:9A:42:FF
            X509v3 Authority Key Identifier:
                keyid:06:F7:66:F1:DE:13:AE:C7:FB:05:01:93:F8:32:9A:66:09:E0:09:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bvdm8d4Trsf7BQGT-DKaZgngCV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/j1SxRzXgarySvIEZqTpHQzuaQv8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/4910b2-b709-408f-a9e4-ed1408e71c1f/1/Bvdm8d4Trsf7BQGT-DKaZgngCV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:3d:8a:d7:df:4f:ac:5c:d5:c1:8c:9f:01:13:6e:5b:5f:74:
         29:1c:cf:b2:60:c3:6c:68:43:c2:f9:0c:0f:3b:7e:15:0c:ac:
         26:04:84:f5:f0:e2:f3:5c:c6:0a:b6:ec:c9:3e:9c:99:0f:5b:
         9f:9e:28:c5:a7:f3:7b:52:32:6c:db:cf:9c:2a:81:52:2d:58:
         95:6b:77:fe:11:b6:a5:54:a8:9a:e5:2b:7c:d7:bf:1f:f1:b5:
         bf:43:a0:58:75:b4:a5:a7:53:12:22:b4:50:86:69:22:64:48:
         f4:a0:95:bc:26:57:af:65:86:f7:7f:b3:b6:7c:88:4a:3c:1e:
         c7:a2:22:05:b7:8a:97:70:25:50:98:cb:da:b8:04:7c:72:b7:
         bf:dd:da:66:4c:94:86:de:e2:52:c1:99:8f:8d:c7:e9:e8:d9:
         6f:4e:a3:6f:82:37:05:d6:03:ef:7f:0e:20:c5:33:ae:3d:10:
         4f:b0:c4:8f:be:1a:4a:96:53:50:78:a7:be:71:0a:44:67:30:
         88:4e:0a:25:56:29:b4:4b:9e:68:3a:27:e9:e5:6c:87:29:13:
         8b:a1:9a:91:5b:76:c3:16:c9:91:db:ab:ec:65:9e:6a:6c:db:
         89:e0:af:a2:bf:64:2a:46:cb:d9:fa:5f:e4:50:05:60:9d:32:
         2f:d8:73:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtp5gyFoFc791EQqJOwxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Zjc2NmYxZGUxM2FlYzdmYjA1MDE5M2Y4MzI5YTY2MDll
MDA5NWQwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU0YjE0NzM1ZTA2YWJjOTJiYzgxMTlhOTNhNDc0MzNiOWE0MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJLzLhgkyl/y4tWcmFd2PjfDCoCG
jqF/PJL41xjY9d+/ROb6tzl1c9oI8dHD9ScQ5zv/vKpPL7md8z3pF1pKnXpjlkr1
PCiRM+hymNt0Yxh4eabswTauvc8thI/ZTATdd/qjfmw+aI5XJitQ9m/tomFjL7wh
BFhxEAbqgTvyCCwZocTV2iONsv+cCMMWnhZDfG2BF+OT48eVmJqXpTTHzKPwZTFr
SZVsgJQ+FIFThoTqnQwtlUQj8A5YILo9ueeW1cOGO4eX4xwFPmVdkT6tXnNLGDy6
1KzmRUBN00RDoYIaXz3rjvo3eoPQ+fLe4Ac/gx734STetHpyRvCvfxsUZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9UsUc14Gq8kryBGak6R0M7mkL/MB8GA1UdIwQY
MBaAFAb3ZvHeE67H+wUBk/gymmYJ4AldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnZkbThkNFRyc2Y3QlFHVC1ES2FaZ25nQ1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC80OTEwYjItYjcwOS00MDhmLWE5ZTQt
ZWQxNDA4ZTcxYzFmLzEvajFTeFJ6WGdhcnlTdklFWnFUcEhRenVhUXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC80OTEwYjItYjcwOS00MDhmLWE5ZTQtZWQxNDA4ZTcxYzFm
LzEvQnZkbThkNFRyc2Y3QlFHVC1ES2FaZ25nQ1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwTlIMA0G
CSqGSIb3DQEBCwUAA4IBAQADPYrX30+sXNXBjJ8BE25bX3QpHM+yYMNsaEPC+QwP
O34VDKwmBIT18OLzXMYKtuzJPpyZD1ufnijFp/N7UjJs28+cKoFSLViVa3f+Ebal
VKia5St8178f8bW/Q6BYdbSlp1MSIrRQhmkiZEj0oJW8JlevZYb3f7O2fIhKPB7H
oiIFt4qXcCVQmMvauAR8cre/3dpmTJSG3uJSwZmPjcfp6NlvTqNvgjcF1gPvfw4g
xTOuPRBPsMSPvhpKllNQeKe+cQpEZzCITgolVim0S55oOifp5WyHKROLoZqRW3bD
FsmR26vsZZ5qbNuJ4K+iv2QqRsvZ+l/kUAVgnTIv2HMt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:49 2024 by rpki-client on console-ams.rpki-client.org