Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/LGCvLogDJREBijrhjEoqGxVrbgw.roa
File:                     LGCvLogDJREBijrhjEoqGxVrbgw.roa (raw, json)
Hash identifier:          w455qMW9bNqPvvPcOy4Ry0eWu4o3tL/QL9LzTHcNkq4=
Subject key identifier:   2C:60:AF:2E:88:03:25:11:01:8A:3A:E1:8C:4A:2A:1B:15:6B:6E:0C
Certificate issuer:       /CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Certificate serial:       018CC94E61FFFC2D847B7D21022002808E3A
Authority key identifier: CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/LGCvLogDJREBijrhjEoqGxVrbgw.roa
Signing time:             Tue 02 Jan 2024 08:33:26 +0000
ROA not before:           Tue 02 Jan 2024 08:33:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47872
IP address blocks:        212.5.49.0/24 maxlen: 24
                          212.5.48.0/24 maxlen: 24
                          212.5.50.0/24 maxlen: 24
                          185.44.117.0/24 maxlen: 24
                          185.44.116.0/24 maxlen: 24
                          185.44.119.0/24 maxlen: 24
                          2a01:73e0::/32 maxlen: 64
                          2a01:73e0::/36 maxlen: 36
                          2a01:73e0:e000::/36 maxlen: 36
                          2a01:73e0:d000::/36 maxlen: 36
                          2a01:73e0:c000::/36 maxlen: 36
                          2a01:73e0:b000::/36 maxlen: 36
                          2a01:73e0:a000::/36 maxlen: 36
                          2a01:73e0:f000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:61:ff:fc:2d:84:7b:7d:21:02:20:02:80:8e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
        Validity
            Not Before: Jan  2 08:33:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2c60af2e88032511018a3ae18c4a2a1b156b6e0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:28:1f:7d:ee:f0:db:78:30:12:e7:b9:06:6c:
                    04:4d:9c:78:2a:f5:72:3c:25:60:6e:a6:7b:12:a1:
                    0a:65:bd:57:e6:46:e5:ab:36:e6:e9:e0:4d:b3:aa:
                    0f:ac:48:fc:f3:13:29:98:c1:a9:b5:c6:83:12:59:
                    a4:06:ab:6c:50:ad:92:32:09:d2:2d:f3:fa:92:3f:
                    1d:3c:58:be:78:02:90:3e:2c:64:e1:19:4c:91:4f:
                    fa:22:cf:be:83:1f:0d:06:b3:5e:1f:87:8d:96:5b:
                    b1:a8:ba:2e:1c:27:67:de:78:68:ce:9e:bb:90:0f:
                    59:e4:c0:59:80:40:7a:b8:4b:8d:90:1f:e5:7b:58:
                    c6:19:73:89:10:d0:eb:cc:67:ac:af:9f:12:b6:0e:
                    d3:6e:49:48:66:e3:f9:8b:e2:75:28:64:5d:24:59:
                    b0:83:ff:3f:87:45:56:7b:d6:27:f3:ff:42:ca:5f:
                    e1:ed:ed:ca:1c:2e:e3:36:8d:2c:40:1d:1e:46:b3:
                    f7:5c:a4:5d:4b:e2:85:2f:62:0a:94:12:ab:19:18:
                    d3:42:32:66:eb:94:0e:67:37:9f:05:fc:a6:c5:ea:
                    29:eb:32:38:8c:92:64:70:9f:4d:ec:80:02:5e:15:
                    1d:66:d0:36:d7:e5:53:5b:a2:dd:87:b0:ca:3b:ea:
                    26:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:60:AF:2E:88:03:25:11:01:8A:3A:E1:8C:4A:2A:1B:15:6B:6E:0C
            X509v3 Authority Key Identifier:
                keyid:CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/LGCvLogDJREBijrhjEoqGxVrbgw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.44.116.0/23
                  185.44.119.0/24
                  212.5.48.0-212.5.50.255
                IPv6:
                  2a01:73e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b9:f1:c7:3b:2f:ea:d7:bb:42:94:f8:60:4d:59:d3:50:b4:7a:
         67:e3:40:57:95:de:4a:90:e3:28:6a:4b:fd:55:9c:a0:da:63:
         bc:88:c3:e4:60:51:18:bd:b7:0e:fb:19:0c:bc:cc:9b:96:b6:
         74:35:3f:07:63:56:a3:ee:e0:8c:65:51:cd:96:c8:32:12:cb:
         22:01:57:b7:ab:05:4b:c6:2d:35:0e:6d:14:40:f7:22:20:1f:
         89:39:17:99:1c:1e:bc:77:e6:54:83:c8:94:39:21:fd:7d:b4:
         d8:36:4d:56:d6:69:c1:92:15:6e:75:21:21:fc:76:ef:ad:22:
         f0:40:c0:07:99:37:c8:01:f1:44:ff:f5:06:38:b8:2b:4d:bc:
         71:8b:f7:62:41:26:ca:fb:36:ef:90:3b:cf:7a:2e:bf:c3:40:
         13:90:66:ef:e5:e7:27:4a:67:b8:5e:de:9c:8c:7c:72:70:15:
         35:00:d7:64:d3:ef:d0:e3:84:ca:37:64:88:7e:44:e0:7c:74:
         b4:15:76:cf:1f:9a:2c:f4:ce:c9:85:04:c1:58:03:da:e5:64:
         13:69:4a:0c:f7:f2:8f:2b:f5:6d:7b:7b:4e:52:14:e7:2d:6d:
         18:5a:71:00:b6:e1:74:7e:be:fa:5d:3f:94:93:1e:9c:b2:61:
         07:63:37:a6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzJTmH//C2Ee30hAiACgI46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOTUyZjljMzM5Y2FiZDE0MjM0ZDAwYzg0YTI1MmQ3ZWM3
MWEyYTIwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzYwYWYyZTg4MDMyNTExMDE4YTNhZTE4YzRhMmExYjE1NmI2ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvigffe7w23gwEue5BmwETZx4KvVy
PCVgbqZ7EqEKZb1X5kblqzbm6eBNs6oPrEj88xMpmMGptcaDElmkBqtsUK2SMgnS
LfP6kj8dPFi+eAKQPixk4RlMkU/6Is++gx8NBrNeH4eNlluxqLouHCdn3nhozp67
kA9Z5MBZgEB6uEuNkB/le1jGGXOJENDrzGesr58Stg7TbklIZuP5i+J1KGRdJFmw
g/8/h0VWe9Yn8/9Cyl/h7e3KHC7jNo0sQB0eRrP3XKRdS+KFL2IKlBKrGRjTQjJm
65QOZzefBfymxeop6zI4jJJkcJ9N7IACXhUdZtA21+VTW6Ldh7DKO+omtQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCxgry6IAyURAYo64YxKKhsVa24MMB8GA1UdIwQY
MBaAFMuVL5wznKvRQjTQDISiUtfscaKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMt
ZmQyMmRmM2I1N2Y2LzEvTEdDdkxvZ0RKUkVCaWpyaGpFb3FHeFZyYmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMtZmQyMmRmM2I1N2Y2
LzEveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBuSx0AwQA
uSx3MAwDBATUBTADBADUBTIwDQQCAAIwBwMFACoBc+AwDQYJKoZIhvcNAQELBQAD
ggEBALnxxzsv6te7QpT4YE1Z01C0emfjQFeV3kqQ4yhqS/1VnKDaY7yIw+RgURi9
tw77GQy8zJuWtnQ1PwdjVqPu4IxlUc2WyDISyyIBV7erBUvGLTUObRRA9yIgH4k5
F5kcHrx35lSDyJQ5If19tNg2TVbWacGSFW51ISH8du+tIvBAwAeZN8gB8UT/9QY4
uCtNvHGL92JBJsr7Nu+QO896Lr/DQBOQZu/l5ydKZ7he3pyMfHJwFTUA12TT79Dj
hMo3ZIh+ROB8dLQVds8fmiz0zsmFBMFYA9rlZBNpSgz38o8r9W17e05SFOctbRha
cQC24XR+vvpdP5STHpyyYQdjN6Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:43 2024 by rpki-client on console-ams.rpki-client.org