Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa
File:                     1_9gCWyZaT__v0V9EoKL2qzdaIA.roa (raw, json)
Hash identifier:          V1+5M+YzYkcLo4ebcRFLSAXB6U1ANRVPL65QJvwv9vM=
Subject key identifier:   D7:FF:60:09:6C:99:69:3F:FF:BF:45:7D:12:82:8B:DA:AC:DD:68:80
Certificate issuer:       /CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Certificate serial:       018CCB8A2810707A5ECE724EF9627D244C23
Authority key identifier: 1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa
Signing time:             Tue 02 Jan 2024 18:57:58 +0000
ROA not before:           Tue 02 Jan 2024 18:57:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201579
IP address blocks:        193.138.195.0/24 maxlen: 24
                          62.169.151.0/24 maxlen: 24
                          185.91.69.0/24 maxlen: 24
                          91.237.124.0/24 maxlen: 24
                          2a13:2480::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:cb:8a:28:10:70:7a:5e:ce:72:4e:f9:62:7d:24:4c:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
        Validity
            Not Before: Jan  2 18:57:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d7ff60096c99693fffbf457d12828bdaacdd6880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4a:89:bc:ac:06:e5:a7:ec:bd:99:57:59:b3:
                    54:ee:88:18:df:c1:37:27:b5:7c:3f:d4:db:a0:1b:
                    55:79:1c:4b:64:ca:85:13:fa:12:6b:2f:f3:1c:a4:
                    4d:90:c0:e4:d1:51:ab:83:87:c9:c9:b4:a5:e1:06:
                    01:e0:68:8c:04:fe:dc:92:17:a1:15:43:61:30:34:
                    89:b3:6e:39:2b:89:23:24:98:8f:9d:75:9f:41:be:
                    0a:c5:00:de:c8:d7:6a:09:a6:2e:9a:39:26:72:c1:
                    e6:65:26:f1:5f:66:fc:6a:c6:29:fd:6f:3d:18:5a:
                    df:03:9f:e4:09:b3:f8:1f:1c:40:cd:a3:11:c1:bf:
                    34:ba:fb:a6:2a:4f:6b:1a:26:bd:45:ea:e4:ba:7c:
                    64:a5:a4:2c:42:aa:d6:01:8b:e4:2d:0c:f0:60:d2:
                    1a:d3:37:64:0d:04:9a:ac:08:c9:55:73:26:e3:35:
                    4e:af:ff:a5:db:ba:c1:7f:7b:2a:3b:08:69:9c:0a:
                    67:8f:e3:2c:85:f6:2d:33:40:7e:1f:fe:af:c4:ce:
                    b8:42:ce:d6:e1:db:76:64:96:5f:66:65:9f:94:c6:
                    3b:b3:98:ed:cf:fa:49:6b:43:2c:78:f4:b4:52:de:
                    0c:7b:14:0d:bb:b4:58:ed:0a:b3:32:c0:37:9b:d7:
                    86:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FF:60:09:6C:99:69:3F:FF:BF:45:7D:12:82:8B:DA:AC:DD:68:80
            X509v3 Authority Key Identifier:
                keyid:1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/1_9gCWyZaT__v0V9EoKL2qzdaIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.169.151.0/24
                  91.237.124.0/24
                  185.91.69.0/24
                  193.138.195.0/24
                IPv6:
                  2a13:2480::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:8a:e5:cb:a5:fd:b5:16:1d:a5:39:49:57:89:74:cf:20:2d:
         e3:6c:c9:01:4d:0e:55:e9:91:46:e4:f6:d8:cb:85:57:30:5a:
         9d:6f:5f:28:a5:5a:fc:e1:cc:65:be:02:86:3b:27:b9:17:d3:
         a2:2a:04:44:1f:1c:21:26:59:6d:ce:ea:55:ba:ac:09:aa:52:
         6c:00:c5:42:46:0e:d5:a5:27:e4:a7:0c:2c:d7:8c:bf:e8:00:
         1e:70:ed:47:bb:7b:48:63:60:32:5f:85:5e:66:2f:7b:b1:4d:
         a0:1e:08:dc:95:43:b1:cb:74:ce:d1:1b:c7:ac:e2:70:96:0c:
         8e:65:e4:ed:14:06:ab:ef:40:c4:c2:37:4a:01:fd:72:ce:a2:
         cc:09:b3:e7:58:2c:3a:4d:4f:76:60:9e:c2:2d:cd:8c:e2:04:
         dd:86:b0:2d:8d:d7:fa:f3:13:ed:53:af:51:0c:8b:2a:64:7b:
         2f:1b:2f:8c:c0:8e:a8:a9:48:6d:50:b0:5c:7b:1e:cd:31:5c:
         7f:17:5e:3f:82:32:f6:65:ee:e9:2a:af:17:12:04:ec:89:02:
         16:ba:2c:fd:2b:8c:27:02:e8:5f:6d:de:da:cc:39:f0:9e:2f:
         4f:f6:8a:6c:0c:c5:3d:ce:d0:3a:4c:32:dc:a6:bc:d5:4e:55:
         7c:7d:7a:f9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzLiigQcHpeznJO+WJ9JEwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZTM2ZmNmYjA0N2I4YzY1M2ZmYTMyN2ZjMmNhNTExNjll
OTQ3YTQwHhcNMjQwMTAyMTg1NzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZmNjAwOTZjOTk2OTNmZmZiZjQ1N2QxMjgyOGJkYWFjZGQ2ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UqJvKwG5afsvZlXWbNU7ogY38E3
J7V8P9TboBtVeRxLZMqFE/oSay/zHKRNkMDk0VGrg4fJybSl4QYB4GiMBP7ckheh
FUNhMDSJs245K4kjJJiPnXWfQb4KxQDeyNdqCaYumjkmcsHmZSbxX2b8asYp/W89
GFrfA5/kCbP4HxxAzaMRwb80uvumKk9rGia9RerkunxkpaQsQqrWAYvkLQzwYNIa
0zdkDQSarAjJVXMm4zVOr/+l27rBf3sqOwhpnApnj+MshfYtM0B+H/6vxM64Qs7W
4dt2ZJZfZmWflMY7s5jtz/pJa0MsePS0Ut4MexQNu7RY7QqzMsA3m9eGuQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNf/YAlsmWk//79FfRKCi9qs3WiAMB8GA1UdIwQY
MBaAFBvjb8+wR7jGU/+jJ/wspRFp6UekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMt
ZTBjOTY2YzE1ZDVmLzEvMV85Z0NXeVphVF9fdjBWOUVvS0wycXpkYUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMtZTBjOTY2YzE1ZDVm
LzEvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPqmXAwQA
W+18AwQAuVtFAwQAwYrDMA0EAgACMAcDBQMqEySAMA0GCSqGSIb3DQEBCwUAA4IB
AQBUiuXLpf21Fh2lOUlXiXTPIC3jbMkBTQ5V6ZFG5PbYy4VXMFqdb18opVr84cxl
vgKGOye5F9OiKgREHxwhJlltzupVuqwJqlJsAMVCRg7VpSfkpwws14y/6AAecO1H
u3tIY2AyX4VeZi97sU2gHgjclUOxy3TO0RvHrOJwlgyOZeTtFAar70DEwjdKAf1y
zqLMCbPnWCw6TU92YJ7CLc2M4gTdhrAtjdf68xPtU69RDIsqZHsvGy+MwI6oqUht
ULBcex7NMVx/F14/gjL2Ze7pKq8XEgTsiQIWuiz9K4wnAuhfbd7azDnwni9P9ops
DMU9ztA6TDLcprzVTlV8fXr5
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:35 2024 by rpki-client on console-ams.rpki-client.org