Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa
File:                     m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa (raw, json)
Hash identifier:          MVJ2XBHnmFzrlTVtgm5DTz7pGxjB4E42nbm+VxABezM=
Subject key identifier:   9B:88:77:16:7A:A0:DC:97:7A:20:0E:51:6B:8A:00:16:E3:DF:92:0E
Certificate issuer:       /CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Certificate serial:       018CC64AEF721ABD62B02EC61E407E2A6B20
Authority key identifier: 0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa
Signing time:             Mon 01 Jan 2024 18:30:48 +0000
ROA not before:           Mon 01 Jan 2024 18:30:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15456
IP address blocks:        62.116.128.0/18 maxlen: 24
                          62.116.128.0/19 maxlen: 24
                          85.236.32.0/19 maxlen: 24
                          62.116.160.0/19 maxlen: 24
                          185.91.244.0/22 maxlen: 24
                          2001:4178::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:ef:72:1a:bd:62:b0:2e:c6:1e:40:7e:2a:6b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
        Validity
            Not Before: Jan  1 18:30:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b8877167aa0dc977a200e516b8a0016e3df920e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ae:52:4d:95:d7:ce:9e:10:3d:fd:60:ce:eb:
                    d6:eb:5c:ce:10:51:81:9b:05:d2:c0:e3:11:d3:99:
                    12:c8:6c:a2:aa:52:47:ce:d9:cf:00:02:f7:28:d1:
                    57:87:d9:4d:e0:74:af:37:b3:21:1c:07:fe:f8:4b:
                    2f:41:50:73:d2:6c:bb:26:85:79:dc:93:a3:63:61:
                    a6:f3:2d:bf:11:bf:83:72:a5:21:ef:2d:a1:dc:ae:
                    e3:df:d4:68:cf:c6:fb:7e:91:a4:5a:93:54:15:c2:
                    a3:34:09:a2:07:fa:c9:d0:cb:c2:cc:52:16:cc:99:
                    e7:40:78:99:af:05:f9:27:3b:f4:6c:2c:07:25:63:
                    67:e5:57:84:7e:4a:f4:e3:13:d1:49:ef:ed:3e:7c:
                    31:4a:4d:ab:7c:f1:1d:9b:24:27:67:92:73:73:bf:
                    5b:12:14:b7:62:f9:69:4b:ca:4b:bd:23:18:00:c1:
                    dd:d9:12:e4:bf:d8:a3:26:c0:4b:31:60:27:0a:c0:
                    56:b7:b3:d8:53:9e:57:7b:23:5a:bf:16:bf:9b:8c:
                    65:1c:1a:f3:0a:8c:bf:98:99:54:0b:fb:c8:43:04:
                    2f:df:82:56:e1:4f:f1:4b:1a:c1:68:c0:9c:ec:39:
                    a4:2c:12:6e:19:77:72:3c:c0:0e:30:bd:27:e2:a9:
                    46:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:88:77:16:7A:A0:DC:97:7A:20:0E:51:6B:8A:00:16:E3:DF:92:0E
            X509v3 Authority Key Identifier:
                keyid:0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/m4h3Fnqg3Jd6IA5Ra4oAFuPfkg4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.116.128.0/18
                  85.236.32.0/19
                  185.91.244.0/22
                IPv6:
                  2001:4178::/29

    Signature Algorithm: sha256WithRSAEncryption
         8f:0b:1c:96:b5:fe:92:d0:19:8e:2c:bf:5c:c9:56:39:ff:5e:
         02:fa:65:18:f4:a0:e6:72:b6:f9:8c:41:ff:63:27:92:db:38:
         1b:f8:b2:1a:60:a7:05:60:6a:89:6f:fe:a1:5c:ff:e4:ea:58:
         65:50:64:a6:fd:50:a7:ab:8e:18:62:7d:a6:74:3d:2b:e9:18:
         ae:2c:ca:66:97:d0:98:0a:c5:17:68:3c:4a:05:55:49:eb:89:
         c1:ce:27:be:b5:46:07:ee:3c:25:79:42:74:6e:86:35:a6:ba:
         2b:18:d1:14:0b:93:c4:5a:77:df:eb:d1:97:4c:89:f3:86:d3:
         de:a5:55:1a:6b:e9:0a:de:63:eb:da:28:ff:16:50:58:6a:f8:
         f7:94:93:10:8b:cb:b3:3a:89:75:b8:b4:49:bc:2b:be:90:cd:
         1f:31:96:d3:2f:95:3b:9a:82:c4:cf:8e:30:00:0b:b6:60:6e:
         d7:ed:02:51:76:11:86:a5:be:b4:2b:33:8c:ec:fd:82:c7:d6:
         8e:b2:1a:78:da:de:74:16:c7:3c:3f:44:ef:8d:db:ac:c1:bf:
         70:6d:ef:3c:5f:7b:a0:37:27:7d:3c:8b:80:20:26:af:2a:dc:
         c5:2a:89:88:80:54:59:bb:46:53:5c:98:cd:19:86:ee:f8:c9:
         1d:62:10:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSu9yGr1isC7GHkB+KmsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWJlNjA1NmViMGMzNjUwYjhmZTIxZTJkNzI2YzFiODNl
YzgyYjMwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg4NzcxNjdhYTBkYzk3N2EyMDBlNTE2YjhhMDAxNmUzZGY5MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq5STZXXzp4QPf1gzuvW61zOEFGB
mwXSwOMR05kSyGyiqlJHztnPAAL3KNFXh9lN4HSvN7MhHAf++EsvQVBz0my7JoV5
3JOjY2Gm8y2/Eb+DcqUh7y2h3K7j39Roz8b7fpGkWpNUFcKjNAmiB/rJ0MvCzFIW
zJnnQHiZrwX5Jzv0bCwHJWNn5VeEfkr04xPRSe/tPnwxSk2rfPEdmyQnZ5Jzc79b
EhS3YvlpS8pLvSMYAMHd2RLkv9ijJsBLMWAnCsBWt7PYU55XeyNavxa/m4xlHBrz
Coy/mJlUC/vIQwQv34JW4U/xSxrBaMCc7DmkLBJuGXdyPMAOML0n4qlG1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJuIdxZ6oNyXeiAOUWuKABbj35IOMB8GA1UdIwQY
MBaAFAxb5gVusMNlC4/iHi1ybBuD7IKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQt
ZmZjN2YyYTMxOThjLzEvbTRoM0ZucWczSmQ2SUE1UmE0b0FGdVBma2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQtZmZjN2YyYTMxOThj
LzEvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPnSAAwQF
VewgAwQCuVv0MA0EAgACMAcDBQMgAUF4MA0GCSqGSIb3DQEBCwUAA4IBAQCPCxyW
tf6S0BmOLL9cyVY5/14C+mUY9KDmcrb5jEH/YyeS2zgb+LIaYKcFYGqJb/6hXP/k
6lhlUGSm/VCnq44YYn2mdD0r6RiuLMpml9CYCsUXaDxKBVVJ64nBzie+tUYH7jwl
eUJ0boY1prorGNEUC5PEWnff69GXTInzhtPepVUaa+kK3mPr2ij/FlBYavj3lJMQ
i8uzOol1uLRJvCu+kM0fMZbTL5U7moLEz44wAAu2YG7X7QJRdhGGpb60KzOM7P2C
x9aOshp42t50Fsc8P0Tvjduswb9wbe88X3ugNyd9PIuAICavKtzFKomIgFRZu0ZT
XJjNGYbu+MkdYhCj
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:44 2024 by rpki-client on console-fra.rpki-client.org