Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/6Oir1QqhOzsGapzzK3NH8Gfc02c.roa
File:                     6Oir1QqhOzsGapzzK3NH8Gfc02c.roa (raw, json)
Hash identifier:          9zvRB9gegAvUoPHsNb72XjJ8fHELxVrrmZu0p/YeqGE=
Subject key identifier:   E8:E8:AB:D5:0A:A1:3B:3B:06:6A:9C:F3:2B:73:47:F0:67:DC:D3:67
Certificate issuer:       /CN=c7aef2ab3f2e9d9ac01f727f730af7df1d04180f
Certificate serial:       018CC94E30DC0B404241E231D1C5B519BCC4
Authority key identifier: C7:AE:F2:AB:3F:2E:9D:9A:C0:1F:72:7F:73:0A:F7:DF:1D:04:18:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x67yqz8unZrAH3J_cwr33x0EGA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/6Oir1QqhOzsGapzzK3NH8Gfc02c.roa
Signing time:             Tue 02 Jan 2024 08:33:13 +0000
ROA not before:           Tue 02 Jan 2024 08:33:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49106
IP address blocks:        62.122.192.0/24 maxlen: 24
                          62.122.192.0/21 maxlen: 21
                          62.122.192.0/22 maxlen: 22
                          62.122.198.0/24 maxlen: 24
                          46.150.160.0/20 maxlen: 20
                          46.150.160.0/21 maxlen: 21
                          46.150.160.0/24 maxlen: 24
                          46.150.160.0/22 maxlen: 22
                          46.150.160.0/19 maxlen: 19
                          46.150.160.0/23 maxlen: 23
                          46.150.176.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/x67yqz8unZrAH3J_cwr33x0EGA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/x67yqz8unZrAH3J_cwr33x0EGA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x67yqz8unZrAH3J_cwr33x0EGA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:30:dc:0b:40:42:41:e2:31:d1:c5:b5:19:bc:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7aef2ab3f2e9d9ac01f727f730af7df1d04180f
        Validity
            Not Before: Jan  2 08:33:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e8e8abd50aa13b3b066a9cf32b7347f067dcd367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9d:34:f7:61:e9:a5:4e:8e:ac:a9:b5:84:cf:
                    87:c9:b1:80:93:f6:b4:b7:bd:6c:61:ff:c3:bb:85:
                    9a:fb:82:98:e3:65:fe:6b:13:51:96:4c:2b:41:5a:
                    a7:42:57:2f:37:51:f6:b4:86:6c:b6:b6:46:e5:2d:
                    39:36:88:55:35:8c:e7:bb:ed:8a:5d:cc:e2:6a:4d:
                    1c:1d:9e:2c:ec:68:e4:d0:00:e3:dd:f8:8d:ce:51:
                    90:5c:6d:6e:22:cc:e8:31:23:3d:26:67:b5:4c:15:
                    e1:d9:a3:59:72:b0:da:78:d0:88:ed:4c:51:71:be:
                    2a:49:be:5c:7e:61:17:06:cb:96:a8:76:e7:6c:e6:
                    1c:34:09:25:6d:62:a4:e7:6b:ce:df:b9:ae:5a:fb:
                    8d:5c:ea:93:76:e2:5b:db:4c:7d:90:70:b3:a9:30:
                    cc:5d:4e:85:fc:fb:72:6e:76:43:9b:f6:e7:0e:fc:
                    d3:61:75:88:4d:69:6b:58:e1:a0:84:3f:b2:6f:ec:
                    60:c6:23:af:0d:59:b1:00:d1:51:76:33:a0:96:89:
                    16:ef:63:73:55:b2:20:f3:de:fb:20:05:19:f3:cb:
                    23:16:83:5e:73:75:a8:1b:eb:ef:c4:45:42:40:34:
                    e6:a9:36:e1:cd:f1:c1:4b:5c:0c:e7:d9:9b:6a:31:
                    f7:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E8:AB:D5:0A:A1:3B:3B:06:6A:9C:F3:2B:73:47:F0:67:DC:D3:67
            X509v3 Authority Key Identifier:
                keyid:C7:AE:F2:AB:3F:2E:9D:9A:C0:1F:72:7F:73:0A:F7:DF:1D:04:18:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x67yqz8unZrAH3J_cwr33x0EGA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/6Oir1QqhOzsGapzzK3NH8Gfc02c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f34f2b-3662-41c4-8270-92ed2a000f1f/1/x67yqz8unZrAH3J_cwr33x0EGA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.150.160.0/19
                  62.122.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         78:5f:7b:01:0f:1e:bb:76:51:e4:9f:a8:4f:e5:08:6c:63:f1:
         52:da:4c:09:1a:b7:b0:97:b0:17:38:d9:5b:16:35:73:d1:93:
         d4:b3:f8:ba:22:26:57:0e:86:82:bd:a8:d7:dc:00:c4:46:f7:
         82:75:bd:c1:49:cc:bc:89:8d:49:df:01:40:5b:ce:a8:f5:8a:
         ad:d3:ba:8f:4b:91:dd:2e:ab:a6:7d:8e:42:2e:79:45:c7:da:
         d0:42:b7:89:31:12:52:ed:c2:ad:0d:da:d4:f1:07:e6:3c:7b:
         11:0f:f2:d6:5c:9b:16:ae:83:19:d4:52:0c:3f:21:ad:ed:96:
         51:dc:15:69:50:11:ad:32:4a:b1:db:68:64:b1:b2:07:39:c3:
         d2:74:8f:a2:92:b5:bf:7e:ed:8c:3c:2b:76:6d:83:c3:ac:85:
         82:ee:c4:3f:91:b0:7a:8c:17:38:52:4f:5b:ba:02:d8:59:a9:
         23:3b:41:3d:d1:0e:2b:79:86:fe:27:66:7d:16:38:c6:b6:9a:
         15:1f:0d:e7:fd:d7:67:c1:78:5c:7d:2c:f6:18:2a:48:59:9f:
         3b:a9:cd:f9:01:e4:a1:da:22:9b:53:c9:63:cf:33:47:e6:36:
         de:11:6e:89:30:47:0d:de:25:71:70:a9:0d:3b:de:65:45:55:
         70:58:62:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTjDcC0BCQeIx0cW1GbzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YWVmMmFiM2YyZTlkOWFjMDFmNzI3ZjczMGFmN2RmMWQw
NDE4MGYwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGU4YWJkNTBhYTEzYjNiMDY2YTljZjMyYjczNDdmMDY3ZGNkMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ0092HppU6OrKm1hM+HybGAk/a0
t71sYf/Du4Wa+4KY42X+axNRlkwrQVqnQlcvN1H2tIZstrZG5S05NohVNYznu+2K
Xcziak0cHZ4s7Gjk0ADj3fiNzlGQXG1uIszoMSM9Jme1TBXh2aNZcrDaeNCI7UxR
cb4qSb5cfmEXBsuWqHbnbOYcNAklbWKk52vO37muWvuNXOqTduJb20x9kHCzqTDM
XU6F/PtybnZDm/bnDvzTYXWITWlrWOGghD+yb+xgxiOvDVmxANFRdjOglokW72Nz
VbIg8977IAUZ88sjFoNec3WoG+vvxEVCQDTmqTbhzfHBS1wM59mbajH3cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOjoq9UKoTs7Bmqc8ytzR/Bn3NNnMB8GA1UdIwQY
MBaAFMeu8qs/Lp2awB9yf3MK998dBBgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDY3eXF6OHVuWnJBSDNKX2N3cjMzeDBFR0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mMzRmMmItMzY2Mi00MWM0LTgyNzAt
OTJlZDJhMDAwZjFmLzEvNk9pcjFRcWhPenNHYXB6ekszTkg4R2ZjMDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mMzRmMmItMzY2Mi00MWM0LTgyNzAtOTJlZDJhMDAwZjFm
LzEveDY3eXF6OHVuWnJBSDNKX2N3cjMzeDBFR0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFLpagAwQD
PnrAMA0GCSqGSIb3DQEBCwUAA4IBAQB4X3sBDx67dlHkn6hP5QhsY/FS2kwJGrew
l7AXONlbFjVz0ZPUs/i6IiZXDoaCvajX3ADERveCdb3BScy8iY1J3wFAW86o9Yqt
07qPS5HdLqumfY5CLnlFx9rQQreJMRJS7cKtDdrU8QfmPHsRD/LWXJsWroMZ1FIM
PyGt7ZZR3BVpUBGtMkqx22hksbIHOcPSdI+ikrW/fu2MPCt2bYPDrIWC7sQ/kbB6
jBc4Uk9bugLYWakjO0E90Q4reYb+J2Z9FjjGtpoVHw3n/ddnwXhcfSz2GCpIWZ87
qc35AeSh2iKbU8ljzzNH5jbeEW6JMEcN3iVxcKkNO95lRVVwWGJK
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:16 2024 by rpki-client on console-ams.rpki-client.org