Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/r1nqY3EZigQIZt0P80zc_Y93nbo.roa
File:                     r1nqY3EZigQIZt0P80zc_Y93nbo.roa (raw, json)
Hash identifier:          isruW1i+xLNMMeC3ziWsHs/X00+0mozr6xdnDWxvnWU=
Subject key identifier:   AF:59:EA:63:71:19:8A:04:08:66:DD:0F:F3:4C:DC:FD:8F:77:9D:BA
Certificate issuer:       /CN=ed6518c426cfc4082fb92ec740d7c3c78825563b
Certificate serial:       018CC64B613D5841CF108DDD458AA574822D
Authority key identifier: ED:65:18:C4:26:CF:C4:08:2F:B9:2E:C7:40:D7:C3:C7:88:25:56:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7WUYxCbPxAgvuS7HQNfDx4glVjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/r1nqY3EZigQIZt0P80zc_Y93nbo.roa
Signing time:             Mon 01 Jan 2024 18:31:18 +0000
ROA not before:           Mon 01 Jan 2024 18:31:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50090
IP address blocks:        217.74.24.0/24 maxlen: 24
                          217.74.27.0/24 maxlen: 24
                          217.74.28.0/24 maxlen: 24
                          217.74.25.0/24 maxlen: 24
                          217.74.26.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/7WUYxCbPxAgvuS7HQNfDx4glVjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/7WUYxCbPxAgvuS7HQNfDx4glVjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7WUYxCbPxAgvuS7HQNfDx4glVjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:61:3d:58:41:cf:10:8d:dd:45:8a:a5:74:82:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6518c426cfc4082fb92ec740d7c3c78825563b
        Validity
            Not Before: Jan  1 18:31:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af59ea6371198a040866dd0ff34cdcfd8f779dba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:2e:e6:73:2b:99:bb:cd:59:52:85:ee:7a:26:
                    a8:78:fc:ed:14:22:c6:34:ac:81:39:2d:aa:ac:ca:
                    ba:88:96:5f:28:57:11:ec:f6:77:bb:ef:15:8c:bf:
                    e2:28:78:e5:31:a0:ca:1a:1a:da:a3:11:2c:3c:27:
                    e9:13:3f:e4:82:c6:d3:1e:d3:0b:f0:e4:8a:1d:70:
                    5b:3a:c1:63:b3:35:98:3a:de:65:8e:3b:04:c3:4a:
                    21:78:71:e1:2d:91:05:8f:27:b0:16:55:35:9c:e9:
                    5e:de:38:31:bb:1d:47:89:8b:71:4a:67:29:d8:82:
                    08:8c:ba:b8:bb:fc:f2:79:61:37:c0:b4:ac:a8:00:
                    40:db:19:f0:a1:89:9f:9a:7c:91:c1:15:bf:35:c6:
                    7f:42:c4:88:0e:ea:83:57:c0:cc:47:22:52:de:f0:
                    0c:3c:60:50:b3:a6:87:ce:ee:f8:00:be:8d:0c:fd:
                    ff:a7:f2:8e:55:1c:04:de:f2:3f:04:f5:3e:d8:d7:
                    bc:b0:1d:49:8b:c7:e5:ba:51:2d:47:d5:e1:1f:7a:
                    65:06:24:ab:93:bf:50:ba:51:af:3e:fd:3e:06:28:
                    04:91:c2:fa:10:7d:73:54:da:b6:cf:99:fa:ea:24:
                    a4:e7:12:f6:00:b5:c9:a7:f1:a9:21:0b:58:61:49:
                    e0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:59:EA:63:71:19:8A:04:08:66:DD:0F:F3:4C:DC:FD:8F:77:9D:BA
            X509v3 Authority Key Identifier:
                keyid:ED:65:18:C4:26:CF:C4:08:2F:B9:2E:C7:40:D7:C3:C7:88:25:56:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WUYxCbPxAgvuS7HQNfDx4glVjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/r1nqY3EZigQIZt0P80zc_Y93nbo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5fbd09-0a61-421c-9c36-05b3b9709f09/1/7WUYxCbPxAgvuS7HQNfDx4glVjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.74.24.0-217.74.28.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:fa:c9:12:61:d4:82:f0:78:99:a9:6d:c9:6a:73:cf:e0:dd:
         15:eb:d5:1f:c7:0d:b9:ff:6f:11:81:e4:85:55:d8:f0:4d:73:
         2c:c1:fc:10:75:f7:9e:47:5d:1a:02:f6:45:bb:94:bd:e2:c1:
         07:17:ee:fc:00:f7:7f:66:c5:7d:54:16:82:9b:57:c3:7a:eb:
         0b:0d:77:d3:70:ee:fd:fa:1f:33:42:46:4c:ad:63:f8:33:31:
         0e:97:ee:d8:f1:4a:a1:60:5d:37:f6:a3:cf:c7:c9:89:7a:47:
         1b:b6:47:79:8f:7f:7b:a1:04:17:b5:c6:49:b9:e3:14:37:6a:
         39:28:2b:c8:3f:c2:08:8a:8a:a7:0f:26:c6:51:18:55:23:0c:
         e9:12:fa:b5:06:f4:93:92:0c:1b:e5:8c:39:d2:0e:d3:5e:b4:
         61:a6:3f:e6:3e:7a:c4:a8:2c:69:9f:bd:0e:65:29:19:87:95:
         2c:cf:3d:c3:a9:5b:48:b3:7d:54:25:e8:52:4b:3a:d1:a5:cb:
         3c:5d:cc:ea:43:65:b9:43:a4:e3:ff:01:6e:0d:b7:a2:e8:89:
         a5:60:b0:25:87:9c:0e:19:7b:db:ef:47:4f:f1:93:d2:eb:58:
         ea:41:b0:da:e5:b0:e4:9b:1d:c9:d8:dc:60:17:cf:c1:12:35:
         74:97:07:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGS2E9WEHPEI3dRYqldIItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjUxOGM0MjZjZmM0MDgyZmI5MmVjNzQwZDdjM2M3ODgy
NTU2M2IwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU5ZWE2MzcxMTk4YTA0MDg2NmRkMGZmMzRjZGNmZDhmNzc5ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy7mcyuZu81ZUoXueiaoePztFCLG
NKyBOS2qrMq6iJZfKFcR7PZ3u+8VjL/iKHjlMaDKGhraoxEsPCfpEz/kgsbTHtML
8OSKHXBbOsFjszWYOt5ljjsEw0oheHHhLZEFjyewFlU1nOle3jgxux1HiYtxSmcp
2IIIjLq4u/zyeWE3wLSsqABA2xnwoYmfmnyRwRW/NcZ/QsSIDuqDV8DMRyJS3vAM
PGBQs6aHzu74AL6NDP3/p/KOVRwE3vI/BPU+2Ne8sB1Ji8flulEtR9XhH3plBiSr
k79QulGvPv0+BigEkcL6EH1zVNq2z5n66iSk5xL2ALXJp/GpIQtYYUngPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK9Z6mNxGYoECGbdD/NM3P2Pd526MB8GA1UdIwQY
MBaAFO1lGMQmz8QIL7kux0DXw8eIJVY7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dVWXhDYlB4QWd2dVM3SFFOZkR4NGdsVmpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81ZmJkMDktMGE2MS00MjFjLTljMzYt
MDViM2I5NzA5ZjA5LzEvcjFucVkzRVppZ1FJWnQwUDgwemNfWTkzbmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81ZmJkMDktMGE2MS00MjFjLTljMzYtMDViM2I5NzA5ZjA5
LzEvN1dVWXhDYlB4QWd2dVM3SFFOZkR4NGdsVmpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPZShgD
BADZShwwDQYJKoZIhvcNAQELBQADggEBADv6yRJh1ILweJmpbclqc8/g3RXr1R/H
Dbn/bxGB5IVV2PBNcyzB/BB1955HXRoC9kW7lL3iwQcX7vwA939mxX1UFoKbV8N6
6wsNd9Nw7v36HzNCRkytY/gzMQ6X7tjxSqFgXTf2o8/HyYl6Rxu2R3mPf3uhBBe1
xkm54xQ3ajkoK8g/wgiKiqcPJsZRGFUjDOkS+rUG9JOSDBvljDnSDtNetGGmP+Y+
esSoLGmfvQ5lKRmHlSzPPcOpW0izfVQl6FJLOtGlyzxdzOpDZblDpOP/AW4Nt6Lo
iaVgsCWHnA4Ze9vvR0/xk9LrWOpBsNrlsOSbHcnY3GAXz8ESNXSXB4Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:43:45 2024 by rpki-client on console-fra.rpki-client.org