Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NuINNyOMJAd4Qo0Fa-I5pj2rJMM.roa
File:                     NuINNyOMJAd4Qo0Fa-I5pj2rJMM.roa (raw, json)
Hash identifier:          nTyOt1sfuYHOjosjNAir45rPTvL/U1zSXf5RveLRVL8=
Subject key identifier:   36:E2:0D:37:23:8C:24:07:78:42:8D:05:6B:E2:39:A6:3D:AB:24:C3
Certificate issuer:       /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial:       018CC871391621AF1A3985133BFA365DBF6D
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NuINNyOMJAd4Qo0Fa-I5pj2rJMM.roa
Signing time:             Tue 02 Jan 2024 04:31:52 +0000
ROA not before:           Tue 02 Jan 2024 04:31:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39593
IP address blocks:        46.191.180.0/23 maxlen: 23
                          46.191.180.0/24 maxlen: 24
                          136.169.210.0/24 maxlen: 24
                          136.169.210.0/23 maxlen: 23
                          46.191.182.0/23 maxlen: 23
                          46.191.183.0/24 maxlen: 24
                          46.191.182.0/24 maxlen: 24
                          136.169.208.0/24 maxlen: 24
                          136.169.209.0/24 maxlen: 24
                          46.191.180.0/22 maxlen: 22
                          136.169.208.0/23 maxlen: 23
                          136.169.211.0/24 maxlen: 24
                          136.169.208.0/22 maxlen: 22
                          46.191.181.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:39:16:21:af:1a:39:85:13:3b:fa:36:5d:bf:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
        Validity
            Not Before: Jan  2 04:31:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=36e20d37238c240778428d056be239a63dab24c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0b:e1:13:bb:a1:c9:8b:dc:f8:3c:5d:51:73:
                    65:14:75:b2:13:07:24:60:ab:99:1c:7b:ea:eb:cc:
                    89:21:e6:56:e3:2a:ca:39:0c:47:fc:3d:16:2d:50:
                    ea:fb:33:f4:51:3d:c8:62:cd:89:1c:30:e7:c1:d8:
                    ba:42:53:5c:6c:57:21:cc:ab:c4:fb:5a:6c:95:f0:
                    af:de:b5:1c:42:99:b6:11:67:96:6c:94:bc:af:73:
                    80:de:73:9e:5f:42:8d:30:d7:31:f4:75:5b:12:7a:
                    2c:c4:27:76:47:9e:6f:b1:4b:fa:d5:52:a6:30:1f:
                    d6:dd:6a:6a:2f:5d:18:ba:94:12:11:ad:6c:75:41:
                    ef:e7:d2:fd:12:fc:79:e2:6a:99:c6:92:46:2b:bf:
                    26:07:7d:b8:90:72:36:d8:4d:20:86:5a:32:31:ec:
                    f9:6d:e0:b3:91:e4:c1:9f:ea:79:c0:83:d4:66:a8:
                    b1:6d:02:25:16:6c:45:33:b1:c8:fb:01:ab:1c:e0:
                    40:be:ed:22:4d:d7:b4:ae:1c:e5:af:5d:47:af:5c:
                    2b:9d:75:e4:d1:bd:d1:a2:78:26:16:86:b6:11:19:
                    90:30:17:23:49:d0:16:67:62:69:10:93:21:39:23:
                    26:06:4d:b3:1e:d9:db:ea:68:b6:f8:cc:20:6c:13:
                    a4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E2:0D:37:23:8C:24:07:78:42:8D:05:6B:E2:39:A6:3D:AB:24:C3
            X509v3 Authority Key Identifier:
                keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/NuINNyOMJAd4Qo0Fa-I5pj2rJMM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.191.180.0/22
                  136.169.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:42:75:dc:b0:dd:3d:02:ea:2d:bd:78:db:c9:13:8b:23:ff:
         77:d2:27:98:6c:06:b9:80:97:3b:d7:4b:53:56:0c:d5:2e:a7:
         1b:bd:cd:f7:28:94:0d:18:ef:35:44:5c:2b:70:cf:e5:ab:cb:
         31:d4:40:6a:81:04:b0:75:bd:7c:94:95:9b:14:aa:ab:94:5e:
         4b:c0:98:e5:3c:25:36:cd:4f:09:84:d3:98:38:ab:d6:7e:2b:
         96:c9:77:13:bb:44:b2:8f:a2:59:58:90:ee:d5:4e:69:22:22:
         b4:4a:d8:46:38:32:e4:07:a9:eb:8f:f2:61:5d:e0:e3:71:fa:
         0d:f0:a1:47:2c:e0:6d:d1:64:55:49:af:54:30:fa:ac:67:5e:
         dd:55:5a:e1:13:9b:ab:4c:c7:13:9b:17:fd:78:0b:66:ca:1d:
         f1:e9:89:d8:a7:9b:0d:0b:c0:7a:64:75:cb:7b:0b:a8:ad:c2:
         f6:83:95:ca:dd:f6:76:43:fd:16:11:c9:b1:24:f0:71:9b:f3:
         22:f3:44:76:58:23:54:9b:a1:df:fc:e4:d1:fa:17:d4:99:e7:
         3b:16:6d:47:84:24:6c:8e:6c:33:61:df:96:ed:16:3e:aa:6d:
         97:aa:1e:8a:c9:bf:12:66:e1:ed:b5:75:de:c4:93:f2:b5:d8:
         28:34:fb:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcTkWIa8aOYUTO/o2Xb9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmUyMGQzNzIzOGMyNDA3Nzg0MjhkMDU2YmUyMzlhNjNkYWIyNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQvhE7uhyYvc+DxdUXNlFHWyEwck
YKuZHHvq68yJIeZW4yrKOQxH/D0WLVDq+zP0UT3IYs2JHDDnwdi6QlNcbFchzKvE
+1pslfCv3rUcQpm2EWeWbJS8r3OA3nOeX0KNMNcx9HVbEnosxCd2R55vsUv61VKm
MB/W3WpqL10YupQSEa1sdUHv59L9Evx54mqZxpJGK78mB324kHI22E0ghloyMez5
beCzkeTBn+p5wIPUZqixbQIlFmxFM7HI+wGrHOBAvu0iTde0rhzlr11Hr1wrnXXk
0b3RongmFoa2ERmQMBcjSdAWZ2JpEJMhOSMmBk2zHtnb6mi2+MwgbBOk1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbiDTcjjCQHeEKNBWviOaY9qyTDMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvTnVJTk55T01KQWQ0UW8wRmEtSTVwajJySk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLr+0AwQC
iKnQMA0GCSqGSIb3DQEBCwUAA4IBAQBUQnXcsN09AuotvXjbyROLI/930ieYbAa5
gJc710tTVgzVLqcbvc33KJQNGO81RFwrcM/lq8sx1EBqgQSwdb18lJWbFKqrlF5L
wJjlPCU2zU8JhNOYOKvWfiuWyXcTu0Syj6JZWJDu1U5pIiK0SthGODLkB6nrj/Jh
XeDjcfoN8KFHLOBt0WRVSa9UMPqsZ17dVVrhE5urTMcTmxf9eAtmyh3x6YnYp5sN
C8B6ZHXLewuorcL2g5XK3fZ2Q/0WEcmxJPBxm/Mi80R2WCNUm6Hf/OTR+hfUmec7
Fm1HhCRsjmwzYd+W7RY+qm2Xqh6Kyb8SZuHttXXexJPytdgoNPtF
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:51 2024 by rpki-client on console-ams.rpki-client.org