Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/u70xKVerV7yKhHpm_zfr1JU0wPw.roa
File:                     u70xKVerV7yKhHpm_zfr1JU0wPw.roa (raw, json)
Hash identifier:          ayuZpCHPgqsFrVrhWsw/fb0ZlGxiQRNiLd+IkoxZwo4=
Subject key identifier:   BB:BD:31:29:57:AB:57:BC:8A:84:7A:66:FF:37:EB:D4:95:34:C0:FC
Certificate issuer:       /CN=e88293ac1670cf2e3a4b3da6c7771f8b1e84cfea
Certificate serial:       018CC5011B115667662BE94AAC1E3D76ED16
Authority key identifier: E8:82:93:AC:16:70:CF:2E:3A:4B:3D:A6:C7:77:1F:8B:1E:84:CF:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6IKTrBZwzy46Sz2mx3cfix6Ez-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/u70xKVerV7yKhHpm_zfr1JU0wPw.roa
Signing time:             Mon 01 Jan 2024 12:30:33 +0000
ROA not before:           Mon 01 Jan 2024 12:30:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21063
IP address blocks:        193.100.124.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/6IKTrBZwzy46Sz2mx3cfix6Ez-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/6IKTrBZwzy46Sz2mx3cfix6Ez-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6IKTrBZwzy46Sz2mx3cfix6Ez-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:1b:11:56:67:66:2b:e9:4a:ac:1e:3d:76:ed:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e88293ac1670cf2e3a4b3da6c7771f8b1e84cfea
        Validity
            Not Before: Jan  1 12:30:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bbbd312957ab57bc8a847a66ff37ebd49534c0fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:73:ce:89:ba:c6:77:8b:6f:1e:ee:f9:07:ae:
                    56:9c:ca:1d:a5:87:a0:2a:cb:3f:a1:16:f3:1a:f7:
                    a3:53:d6:17:bf:ab:f1:5b:1b:72:99:6b:f1:91:dc:
                    60:e1:36:bf:d0:4d:fc:c1:d6:c7:4a:55:1d:63:a1:
                    92:68:25:11:a7:ff:b0:d9:86:88:4d:52:82:83:6f:
                    50:47:fc:b3:6d:a1:96:dd:7c:27:ba:dd:0b:a1:83:
                    03:46:1e:44:f3:af:dd:d4:2f:e3:f0:28:40:e8:c8:
                    aa:2d:ef:b2:eb:d1:34:5d:3f:ab:f3:f0:e3:9f:3a:
                    4b:70:da:6a:b3:1f:28:41:44:c4:0c:b3:a1:d7:34:
                    e1:88:60:66:09:71:19:75:d2:04:a2:b5:de:49:87:
                    da:20:b9:40:91:99:14:04:5d:04:35:96:7b:e7:ed:
                    55:b0:6c:31:ff:29:80:1b:20:b5:18:f9:b4:26:1d:
                    8b:97:ce:fe:d5:e6:5f:35:e8:22:46:d3:90:dd:a6:
                    0d:2d:a7:12:03:bf:27:3e:8d:2f:1a:65:ca:98:bf:
                    70:64:56:ce:0d:71:5a:e9:b7:93:10:ba:e4:53:8a:
                    db:94:54:ed:2c:85:da:4e:e4:3c:b1:0c:ef:e9:da:
                    80:07:7e:25:40:48:b5:80:20:d5:95:77:cd:2d:cf:
                    6c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:BD:31:29:57:AB:57:BC:8A:84:7A:66:FF:37:EB:D4:95:34:C0:FC
            X509v3 Authority Key Identifier:
                keyid:E8:82:93:AC:16:70:CF:2E:3A:4B:3D:A6:C7:77:1F:8B:1E:84:CF:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IKTrBZwzy46Sz2mx3cfix6Ez-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/u70xKVerV7yKhHpm_zfr1JU0wPw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fb6e07-bbc1-447e-b3fa-5110f6b579bf/1/6IKTrBZwzy46Sz2mx3cfix6Ez-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.100.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:84:02:63:a9:6c:c5:7d:43:d0:09:5f:ec:7c:df:04:0a:9d:
         92:1a:d4:6e:17:c0:b3:d2:9e:59:67:dd:80:f3:3f:87:6e:5e:
         01:8c:d1:2c:05:92:a5:68:d9:bb:15:b1:93:45:43:e7:8a:e9:
         ca:9c:be:42:f4:60:a3:2a:e4:37:d4:d0:8d:b4:5a:fc:87:d4:
         cd:ac:98:81:52:31:64:d9:82:bf:cc:87:ae:27:3e:43:16:be:
         d7:a3:4d:19:82:40:cc:78:e6:85:82:b3:ac:4e:ae:61:d8:aa:
         d6:21:6a:ef:86:e2:b9:6e:55:dc:64:b5:14:63:31:eb:b9:6d:
         3e:12:5c:61:ac:1d:0c:9e:10:dd:1e:58:82:e4:d9:98:90:9f:
         cd:75:83:cb:99:28:67:c2:47:1d:43:15:50:9b:83:71:f4:9a:
         e9:94:00:08:47:82:ea:98:21:f2:f9:ab:fe:93:90:be:27:c8:
         ef:d8:44:b6:38:56:26:ed:a6:35:05:61:fa:6c:56:e0:17:18:
         92:0f:19:b4:0c:b8:6f:57:f8:3d:7c:18:c9:1a:ff:1c:46:c0:
         59:6f:36:07:6a:2a:c6:db:59:91:51:fc:bc:65:57:e9:ec:79:
         98:47:1e:d1:95:9f:06:6d:c6:aa:20:b3:fe:a0:25:e3:78:46:
         de:a2:da:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARsRVmdmK+lKrB49du0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ODI5M2FjMTY3MGNmMmUzYTRiM2RhNmM3NzcxZjhiMWU4
NGNmZWEwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJkMzEyOTU3YWI1N2JjOGE4NDdhNjZmZjM3ZWJkNDk1MzRjMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHPOibrGd4tvHu75B65WnModpYeg
Kss/oRbzGvejU9YXv6vxWxtymWvxkdxg4Ta/0E38wdbHSlUdY6GSaCURp/+w2YaI
TVKCg29QR/yzbaGW3Xwnut0LoYMDRh5E86/d1C/j8ChA6MiqLe+y69E0XT+r8/Dj
nzpLcNpqsx8oQUTEDLOh1zThiGBmCXEZddIEorXeSYfaILlAkZkUBF0ENZZ75+1V
sGwx/ymAGyC1GPm0Jh2Ll87+1eZfNegiRtOQ3aYNLacSA78nPo0vGmXKmL9wZFbO
DXFa6beTELrkU4rblFTtLIXaTuQ8sQzv6dqAB34lQEi1gCDVlXfNLc9sSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLu9MSlXq1e8ioR6Zv8369SVNMD8MB8GA1UdIwQY
MBaAFOiCk6wWcM8uOks9psd3H4sehM/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNklLVHJCWnd6eTQ2U3oybXgzY2ZpeDZFei1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mYjZlMDctYmJjMS00NDdlLWIzZmEt
NTExMGY2YjU3OWJmLzEvdTcweEtWZXJWN3lLaEhwbV96ZnIxSlUwd1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mYjZlMDctYmJjMS00NDdlLWIzZmEtNTExMGY2YjU3OWJm
LzEvNklLVHJCWnd6eTQ2U3oybXgzY2ZpeDZFei1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWR8MA0G
CSqGSIb3DQEBCwUAA4IBAQBShAJjqWzFfUPQCV/sfN8ECp2SGtRuF8Cz0p5ZZ92A
8z+Hbl4BjNEsBZKlaNm7FbGTRUPniunKnL5C9GCjKuQ31NCNtFr8h9TNrJiBUjFk
2YK/zIeuJz5DFr7Xo00ZgkDMeOaFgrOsTq5h2KrWIWrvhuK5blXcZLUUYzHruW0+
ElxhrB0MnhDdHliC5NmYkJ/NdYPLmShnwkcdQxVQm4Nx9JrplAAIR4LqmCHy+av+
k5C+J8jv2ES2OFYm7aY1BWH6bFbgFxiSDxm0DLhvV/g9fBjJGv8cRsBZbzYHairG
21mRUfy8ZVfp7HmYRx7RlZ8GbcaqILP+oCXjeEbeotok
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:01:58 2024 by rpki-client on console-fra.rpki-client.org