Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa
File:                     yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa (raw, json)
Hash identifier:          O2ieMMZevfPhkfWCSTykHJMCow8pbjHUGymKsm0tLgk=
Subject key identifier:   C8:64:26:2B:51:8D:C4:F6:7C:49:18:25:F3:3B:7A:0F:EA:36:57:7D
Certificate issuer:       /CN=6f98d1f99e3833ef401d46348eec8b752088c55d
Certificate serial:       018CC79526F3782F477EBF357F0DCBA3CDEB
Authority key identifier: 6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa
Signing time:             Tue 02 Jan 2024 00:31:29 +0000
ROA not before:           Tue 02 Jan 2024 00:31:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56600
IP address blocks:        192.162.152.0/22 maxlen: 22
                          192.162.152.0/24 maxlen: 24
                          192.162.153.0/24 maxlen: 24
                          192.162.155.0/24 maxlen: 24
                          192.162.154.0/24 maxlen: 24
                          176.126.134.0/24 maxlen: 24
                          176.126.133.0/24 maxlen: 24
                          176.126.136.0/24 maxlen: 24
                          176.126.135.0/24 maxlen: 24
                          176.126.137.0/24 maxlen: 24
                          176.126.136.0/21 maxlen: 24
                          176.126.139.0/24 maxlen: 24
                          176.126.138.0/24 maxlen: 24
                          176.126.143.0/24 maxlen: 24
                          176.126.142.0/24 maxlen: 24
                          176.126.144.0/21 maxlen: 24
                          176.126.145.0/24 maxlen: 24
                          176.126.141.0/24 maxlen: 24
                          176.126.146.0/24 maxlen: 24
                          176.126.148.0/24 maxlen: 24
                          176.126.147.0/24 maxlen: 24
                          176.126.149.0/24 maxlen: 24
                          176.126.152.0/22 maxlen: 22
                          176.126.157.0/24 maxlen: 24
                          176.126.156.0/24 maxlen: 24
                          176.126.156.0/23 maxlen: 23
                          176.126.129.0/24 maxlen: 24
                          176.126.128.0/24 maxlen: 24
                          176.126.128.0/21 maxlen: 21
                          176.126.130.0/24 maxlen: 24
                          176.126.132.0/24 maxlen: 24
                          176.126.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:26:f3:78:2f:47:7e:bf:35:7f:0d:cb:a3:cd:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f98d1f99e3833ef401d46348eec8b752088c55d
        Validity
            Not Before: Jan  2 00:31:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c864262b518dc4f67c491825f33b7a0fea36577d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:56:dc:de:57:3a:65:73:d3:ac:90:1d:7f:a9:
                    ad:71:01:d7:18:b8:ec:3a:4d:11:94:87:38:52:b7:
                    f5:f8:4e:a7:b2:9f:bd:03:13:28:24:de:9b:9f:b2:
                    35:44:5e:b8:c2:26:aa:75:85:8d:92:9a:6c:c7:dd:
                    d6:30:00:b6:87:9f:7a:29:82:3a:bd:26:94:60:0e:
                    85:59:ca:78:f5:0a:22:2e:ef:d0:55:91:80:af:6d:
                    e0:32:c6:ec:a7:d6:26:20:b5:aa:76:d3:df:4f:e6:
                    c1:24:27:1c:4c:9a:ef:e4:b1:ea:ee:e3:00:46:7f:
                    6f:02:e3:6b:65:48:46:45:f1:2b:42:6a:d6:2d:b2:
                    c8:02:86:7f:a1:73:a6:46:bc:82:4a:62:ba:74:df:
                    27:4d:e9:99:05:79:f3:94:13:46:6b:86:15:d2:8e:
                    fa:ab:6e:91:16:0e:d1:f3:bb:8e:52:e4:9b:9a:6e:
                    b9:d3:48:2b:13:4b:07:bf:0d:f0:9f:06:21:ea:9d:
                    d8:88:48:aa:fa:6c:fa:0d:ad:70:7d:e6:f4:db:44:
                    dc:e4:df:cf:8c:49:da:63:12:7f:48:7d:b8:34:bf:
                    d9:c7:40:e1:69:3f:df:1c:75:48:be:8c:3b:cf:4b:
                    33:38:ef:8e:27:f5:d4:7c:7f:d2:48:7a:2d:bf:fe:
                    0a:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:64:26:2B:51:8D:C4:F6:7C:49:18:25:F3:3B:7A:0F:EA:36:57:7D
            X509v3 Authority Key Identifier:
                keyid:6F:98:D1:F9:9E:38:33:EF:40:1D:46:34:8E:EC:8B:75:20:88:C5:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5jR-Z44M-9AHUY0juyLdSCIxV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/yGQmK1GNxPZ8SRgl8zt6D-o2V30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3c08f1-96e0-4c54-a466-07d4b115cc82/1/b5jR-Z44M-9AHUY0juyLdSCIxV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.126.128.0-176.126.157.255
                  192.162.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3e:3a:9e:4d:e0:16:38:4a:ac:86:d9:c0:07:4b:00:97:f7:2e:
         7b:61:ba:2a:bd:6d:ab:2d:30:00:08:13:d0:cd:90:a1:b2:57:
         f1:9b:d5:cf:e7:33:cf:e7:b5:c1:75:63:37:d3:27:1b:5e:28:
         d5:a6:96:e9:6d:5f:a9:1c:08:ac:92:4f:e3:c9:0d:e9:ed:d8:
         1d:36:e8:88:03:3c:d6:b1:ec:38:ea:98:84:d7:36:98:36:37:
         67:eb:25:a7:05:74:30:8a:5a:32:e7:ee:b7:85:f7:fa:29:8b:
         1f:e9:66:17:8c:a6:52:f0:42:96:79:1f:a4:ad:df:81:08:4d:
         08:85:87:e7:96:f4:82:01:6e:68:4e:49:a6:99:a3:28:6e:1f:
         1f:91:1b:d1:45:f8:f9:0a:b4:40:54:af:3e:36:81:42:72:f7:
         ec:51:fc:f1:e7:2b:52:f0:71:fb:3a:6a:15:70:5f:5c:d0:1a:
         92:57:ab:b3:b3:1a:54:00:43:8d:bf:ca:0f:17:84:6a:e4:4c:
         eb:69:10:4a:73:ca:e8:d2:4f:93:b4:4f:72:a9:d5:d4:e3:99:
         cb:45:34:0a:61:d5:86:c2:09:87:2b:57:15:ea:99:6b:86:de:
         5a:f4:10:39:b9:9c:8d:9d:9c:d3:b9:7e:ee:51:df:7a:09:7f:
         b6:a3:80:74
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHlSbzeC9Hfr81fw3Lo83rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOThkMWY5OWUzODMzZWY0MDFkNDYzNDhlZWM4Yjc1MjA4
OGM1NWQwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY0MjYyYjUxOGRjNGY2N2M0OTE4MjVmMzNiN2EwZmVhMzY1NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVbc3lc6ZXPTrJAdf6mtcQHXGLjs
Ok0RlIc4Urf1+E6nsp+9AxMoJN6bn7I1RF64wiaqdYWNkppsx93WMAC2h596KYI6
vSaUYA6FWcp49QoiLu/QVZGAr23gMsbsp9YmILWqdtPfT+bBJCccTJrv5LHq7uMA
Rn9vAuNrZUhGRfErQmrWLbLIAoZ/oXOmRryCSmK6dN8nTemZBXnzlBNGa4YV0o76
q26RFg7R87uOUuSbmm6500grE0sHvw3wnwYh6p3YiEiq+mz6Da1wfeb020Tc5N/P
jEnaYxJ/SH24NL/Zx0DhaT/fHHVIvow7z0szOO+OJ/XUfH/SSHotv/4KuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMhkJitRjcT2fEkYJfM7eg/qNld9MB8GA1UdIwQY
MBaAFG+Y0fmeODPvQB1GNI7si3UgiMVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYt
MDdkNGIxMTVjYzgyLzEveUdRbUsxR054UFo4U1JnbDh6dDZELW8yVjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYzA4ZjEtOTZlMC00YzU0LWE0NjYtMDdkNGIxMTVjYzgy
LzEvYjVqUi1aNDRNLTlBSFVZMGp1eUxkU0NJeFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAewfoAD
BAGwfpwDBALAopgwDQYJKoZIhvcNAQELBQADggEBAD46nk3gFjhKrIbZwAdLAJf3
Lnthuiq9bastMAAIE9DNkKGyV/Gb1c/nM8/ntcF1YzfTJxteKNWmlultX6kcCKyS
T+PJDent2B026IgDPNax7DjqmITXNpg2N2frJacFdDCKWjLn7reF9/opix/pZheM
plLwQpZ5H6St34EITQiFh+eW9IIBbmhOSaaZoyhuHx+RG9FF+PkKtEBUrz42gUJy
9+xR/PHnK1Lwcfs6ahVwX1zQGpJXq7OzGlQAQ42/yg8XhGrkTOtpEEpzyujST5O0
T3Kp1dTjmctFNAph1YbCCYcrVxXqmWuG3lr0EDm5nI2dnNO5fu5R33oJf7ajgHQ=
-----END CERTIFICATE-----
Generated at Sat Jun 15 12:02:06 2024 by rpki-client on console-ams.rpki-client.org