Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/9_oXzXkvk6JM4XAyyc15CXyefw8.roa
File:                     9_oXzXkvk6JM4XAyyc15CXyefw8.roa (raw, json)
Hash identifier:          h8/llCu6axcElkIH+lBi/iTIE3nU0MthB+9nyy2Gp1g=
Subject key identifier:   F7:FA:17:CD:79:2F:93:A2:4C:E1:70:32:C9:CD:79:09:7C:9E:7F:0F
Certificate issuer:       /CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
Certificate serial:       018E13AC94F6E4527B562E4156B8B09B66E5
Authority key identifier: 7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/9_oXzXkvk6JM4XAyyc15CXyefw8.roa
Signing time:             Wed 06 Mar 2024 12:11:01 +0000
ROA not before:           Wed 06 Mar 2024 12:11:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34545
IP address blocks:        37.130.192.0/24 maxlen: 24
                          37.130.193.0/24 maxlen: 24
                          37.130.194.0/24 maxlen: 24
                          37.130.195.0/24 maxlen: 24
                          185.45.80.0/24 maxlen: 24
                          185.45.81.0/24 maxlen: 24
                          185.45.82.0/24 maxlen: 24
                          185.45.83.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:13:ac:94:f6:e4:52:7b:56:2e:41:56:b8:b0:9b:66:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d43b0ec79951d5d5580133e5329a90f2fee1c5b
        Validity
            Not Before: Mar  6 12:11:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f7fa17cd792f93a24ce17032c9cd79097c9e7f0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ba:88:9d:7e:39:f9:16:12:91:b9:0c:55:43:
                    41:9e:d0:29:81:2f:27:2b:73:28:53:8e:d7:d6:0d:
                    0b:d9:d8:4a:52:88:23:31:cc:df:49:a3:ff:76:e5:
                    7a:d4:e4:60:93:8f:50:7e:ed:e8:40:21:5e:27:81:
                    9a:95:53:02:87:75:99:8e:88:e5:9e:2c:cd:0f:55:
                    81:ef:7a:e8:64:80:f4:ca:9e:91:a9:47:6a:f0:52:
                    c7:fc:85:d3:dc:66:a3:39:7d:d1:fc:e5:b0:c0:3d:
                    72:0c:1d:f5:48:da:e1:ec:99:b6:aa:a7:31:c9:9c:
                    82:36:73:a5:cb:1b:0e:48:fc:3c:92:fb:f4:37:f6:
                    41:0b:88:5c:c6:33:a6:bc:c6:ba:30:1a:f9:52:33:
                    e4:65:77:82:73:ac:5c:08:d8:12:4a:e4:af:15:db:
                    ae:06:f7:26:77:24:95:76:ee:17:10:c4:9f:8a:ec:
                    8d:96:29:dc:d7:fd:c3:b7:a6:d7:c7:c7:50:07:41:
                    94:38:20:ac:37:9d:5e:b6:fb:50:4f:f9:97:c2:ae:
                    93:f3:ff:b9:e8:59:38:e5:81:8b:70:18:e1:5a:99:
                    94:3e:6a:30:0c:5c:95:06:4b:3f:d8:ae:47:a3:6d:
                    71:9e:43:a2:16:7d:34:2d:33:55:5c:86:dd:c1:aa:
                    69:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:FA:17:CD:79:2F:93:A2:4C:E1:70:32:C9:CD:79:09:7C:9E:7F:0F
            X509v3 Authority Key Identifier:
                keyid:7D:43:B0:EC:79:95:1D:5D:55:80:13:3E:53:29:A9:0F:2F:EE:1C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUOw7HmVHV1VgBM-UympDy_uHFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/9_oXzXkvk6JM4XAyyc15CXyefw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2604e0-91fa-4fe9-bb28-93a6192b1785/1/fUOw7HmVHV1VgBM-UympDy_uHFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.130.192.0/22
                  185.45.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:9c:22:34:5c:6e:06:ef:be:8a:6e:5e:05:e9:d0:27:e0:83:
         5c:11:30:5c:9d:68:3f:d6:95:c5:8a:b1:f9:59:4d:9a:af:94:
         a7:30:02:55:be:24:ca:dc:ca:9b:aa:47:b1:0b:11:f6:3c:e9:
         00:ca:0b:fc:c7:5e:58:ef:0d:41:db:2e:66:1d:43:12:6d:e2:
         c5:66:9e:5f:8e:6a:8f:f7:88:01:c9:45:49:bd:57:28:51:13:
         37:25:c8:91:58:58:48:48:51:52:7f:e8:b5:74:82:04:cd:78:
         34:83:5a:61:37:aa:48:c9:c2:c2:26:8b:1b:9a:18:17:1f:a0:
         53:63:a0:c2:6d:1a:d1:ef:e0:c8:a7:ff:47:23:74:67:36:bb:
         0a:0e:6e:f9:05:d2:32:b4:0c:1e:db:bc:a2:35:4b:3a:18:a5:
         e0:1e:31:0c:57:4f:7f:b9:6f:44:57:0d:02:1b:a3:13:91:20:
         04:ec:7f:c8:5e:dd:c0:4d:8c:3e:55:67:5b:f8:59:a9:00:c1:
         0d:07:92:0c:5f:32:ca:8e:7c:09:d2:cb:55:f3:68:d4:f0:ec:
         64:ef:1b:0f:8b:f2:34:b5:48:8a:dd:03:e1:a5:d8:b5:21:24:
         08:02:c4:3b:99:ab:c0:45:b9:17:6d:23:05:3b:00:b8:d0:7b:
         03:7f:05:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4TrJT25FJ7Vi5BVriwm2blMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDNiMGVjNzk5NTFkNWQ1NTgwMTMzZTUzMjlhOTBmMmZl
ZTFjNWIwHhcNMjQwMzA2MTIxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2ZhMTdjZDc5MmY5M2EyNGNlMTcwMzJjOWNkNzkwOTdjOWU3ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprqInX45+RYSkbkMVUNBntApgS8n
K3MoU47X1g0L2dhKUogjMczfSaP/duV61ORgk49Qfu3oQCFeJ4GalVMCh3WZjojl
nizND1WB73roZID0yp6RqUdq8FLH/IXT3GajOX3R/OWwwD1yDB31SNrh7Jm2qqcx
yZyCNnOlyxsOSPw8kvv0N/ZBC4hcxjOmvMa6MBr5UjPkZXeCc6xcCNgSSuSvFduu
BvcmdySVdu4XEMSfiuyNlinc1/3Dt6bXx8dQB0GUOCCsN51etvtQT/mXwq6T8/+5
6Fk45YGLcBjhWpmUPmowDFyVBks/2K5Ho21xnkOiFn00LTNVXIbdwappzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPf6F815L5OiTOFwMsnNeQl8nn8PMB8GA1UdIwQY
MBaAFH1DsOx5lR1dVYATPlMpqQ8v7hxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgt
OTNhNjE5MmIxNzg1LzEvOV9vWHpYa3ZrNkpNNFhBeXljMTVDWHllZnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNjA0ZTAtOTFmYS00ZmU5LWJiMjgtOTNhNjE5MmIxNzg1
LzEvZlVPdzdIbVZIVjFWZ0JNLVV5bXBEeV91SEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYLAAwQC
uS1QMA0GCSqGSIb3DQEBCwUAA4IBAQCFnCI0XG4G776Kbl4F6dAn4INcETBcnWg/
1pXFirH5WU2ar5SnMAJVviTK3MqbqkexCxH2POkAygv8x15Y7w1B2y5mHUMSbeLF
Zp5fjmqP94gByUVJvVcoURM3JciRWFhISFFSf+i1dIIEzXg0g1phN6pIycLCJosb
mhgXH6BTY6DCbRrR7+DIp/9HI3RnNrsKDm75BdIytAwe27yiNUs6GKXgHjEMV09/
uW9EVw0CG6MTkSAE7H/IXt3ATYw+VWdb+FmpAMENB5IMXzLKjnwJ0stV82jU8Oxk
7xsPi/I0tUiK3QPhpdi1ISQIAsQ7mavARbkXbSMFOwC40HsDfwXA
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:43:44 2024 by rpki-client on console-fra.rpki-client.org