Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/GbSAbHb3Fx3eYq8xBhdeJRasCy0.roa
File:                     GbSAbHb3Fx3eYq8xBhdeJRasCy0.roa (raw, json)
Hash identifier:          dMV/nfX3NcemmfAF7uVasJF4OnoXDf3tPaNhcdZmNQQ=
Subject key identifier:   19:B4:80:6C:76:F7:17:1D:DE:62:AF:31:06:17:5E:25:16:AC:0B:2D
Certificate issuer:       /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial:       018CCA2B42BBE9C583B568B3E6EE7E46C987
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/GbSAbHb3Fx3eYq8xBhdeJRasCy0.roa
Signing time:             Tue 02 Jan 2024 12:34:41 +0000
ROA not before:           Tue 02 Jan 2024 12:34:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     55933
IP address blocks:        45.145.230.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 19 Jun 2024 13:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:42:bb:e9:c5:83:b5:68:b3:e6:ee:7e:46:c9:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
        Validity
            Not Before: Jan  2 12:34:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19b4806c76f7171dde62af3106175e2516ac0b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ca:06:5b:0d:7f:c8:09:af:3a:03:0b:cc:a4:
                    7b:3e:fa:c6:b6:7d:f3:18:56:3a:fe:57:62:30:98:
                    b8:9f:9b:1f:24:68:04:ac:72:91:73:1f:1c:b3:b6:
                    08:8c:13:c8:af:bf:e6:c5:a5:74:84:4a:dc:7c:d4:
                    0b:71:f0:d8:70:e4:15:1f:fa:bd:5e:c3:dc:8a:a2:
                    07:fd:51:f4:54:81:23:16:b7:70:e5:c4:a1:87:e8:
                    76:56:51:37:9c:8c:ca:e4:ad:05:44:e8:47:23:ab:
                    f0:5d:a2:03:d4:d9:3d:c3:0c:57:1d:8a:85:e8:2a:
                    bd:f3:56:28:57:9a:b0:a1:cd:fe:c6:4e:d6:24:20:
                    25:ff:9e:fe:f4:4c:c6:6c:e8:67:2a:8b:4e:43:be:
                    53:92:c7:3d:88:29:28:6a:1a:b7:88:df:7e:6e:1e:
                    66:47:3a:8f:4f:d1:c5:a2:ff:91:35:5e:d5:ef:f9:
                    b3:b1:27:f1:3f:e9:4a:65:0f:5e:f3:58:1b:e8:c6:
                    b8:ac:da:b8:28:b7:62:23:2a:97:69:2c:b6:fb:0e:
                    d6:88:c2:8b:99:b8:46:c7:89:41:d4:03:5d:d0:da:
                    c3:8b:a7:82:c6:a0:af:4c:d9:b7:0a:14:88:a2:57:
                    1d:3a:c1:a8:89:c4:33:a6:b6:50:78:2a:67:55:60:
                    6a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:B4:80:6C:76:F7:17:1D:DE:62:AF:31:06:17:5E:25:16:AC:0B:2D
            X509v3 Authority Key Identifier:
                keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/GbSAbHb3Fx3eYq8xBhdeJRasCy0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:f5:16:d7:04:98:2f:6d:43:b2:3b:1e:8e:ed:35:78:a9:c7:
         b0:d2:08:e6:54:6a:83:62:b5:06:09:59:67:b6:bb:d0:b6:23:
         27:7d:cd:f6:3f:b9:e9:1a:db:3f:bf:f8:d0:cc:e6:70:97:d6:
         39:08:34:9c:1c:a8:e5:2c:43:39:6a:f9:22:b8:8f:f0:64:51:
         f5:27:71:23:15:c6:5f:3e:80:15:62:54:7c:42:ec:96:db:bc:
         ce:7e:26:5d:7d:f7:63:a6:ab:7e:dd:d0:1f:6a:12:71:08:a0:
         11:ea:7e:09:49:df:2e:4c:46:cf:de:06:4e:0d:fb:bb:49:63:
         cb:df:c0:9f:a6:4c:9e:c7:bc:4b:77:45:0b:3e:29:26:6f:aa:
         cf:52:a5:44:68:6b:b3:e5:e5:df:5e:54:7c:cf:ff:da:40:45:
         3c:5c:cc:30:3a:86:45:21:30:20:40:c8:2d:36:b9:b6:37:d3:
         40:b8:e2:f2:f5:f7:93:d4:12:3c:31:02:53:6b:36:57:38:42:
         3d:82:c1:5e:30:08:2e:27:f4:66:85:69:92:8c:fb:fa:91:6b:
         56:1d:4b:24:ba:b2:50:b1:2e:91:52:6d:8c:8b:b5:22:a3:92:
         33:e4:be:e7:19:5f:cb:d1:6a:3f:2b:9f:a8:30:dd:0f:2b:0a:
         bf:d8:41:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK0K76cWDtWiz5u5+RsmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjQwMTAyMTIzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI0ODA2Yzc2ZjcxNzFkZGU2MmFmMzEwNjE3NWUyNTE2YWMwYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucoGWw1/yAmvOgMLzKR7PvrGtn3z
GFY6/ldiMJi4n5sfJGgErHKRcx8cs7YIjBPIr7/mxaV0hErcfNQLcfDYcOQVH/q9
XsPciqIH/VH0VIEjFrdw5cShh+h2VlE3nIzK5K0FROhHI6vwXaID1Nk9wwxXHYqF
6Cq981YoV5qwoc3+xk7WJCAl/57+9EzGbOhnKotOQ75Tksc9iCkoahq3iN9+bh5m
RzqPT9HFov+RNV7V7/mzsSfxP+lKZQ9e81gb6Ma4rNq4KLdiIyqXaSy2+w7WiMKL
mbhGx4lB1ANd0NrDi6eCxqCvTNm3ChSIolcdOsGoicQzprZQeCpnVWBq0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBm0gGx29xcd3mKvMQYXXiUWrAstMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvR2JTQWJIYjNGeDNlWXE4eEJoZGVKUmFzQ3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZHmMA0G
CSqGSIb3DQEBCwUAA4IBAQBi9RbXBJgvbUOyOx6O7TV4qcew0gjmVGqDYrUGCVln
trvQtiMnfc32P7npGts/v/jQzOZwl9Y5CDScHKjlLEM5avkiuI/wZFH1J3EjFcZf
PoAVYlR8QuyW27zOfiZdffdjpqt+3dAfahJxCKAR6n4JSd8uTEbP3gZODfu7SWPL
38Cfpkyex7xLd0ULPikmb6rPUqVEaGuz5eXfXlR8z//aQEU8XMwwOoZFITAgQMgt
Nrm2N9NAuOLy9feT1BI8MQJTazZXOEI9gsFeMAguJ/RmhWmSjPv6kWtWHUskurJQ
sS6RUm2Mi7Uio5Iz5L7nGV/L0Wo/K5+oMN0PKwq/2EFT
-----END CERTIFICATE-----
Generated at Tue Jun 18 19:46:22 2024 by rpki-client on console-fra.rpki-client.org