Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/e4SSucYbzifgFfCqaUB7YzHLqqE.roa
File:                     e4SSucYbzifgFfCqaUB7YzHLqqE.roa (raw, json)
Hash identifier:          Ve9DmYQxUlLm4M2yveWtwwnFRafiW0F21FePhYBLWxU=
Subject key identifier:   7B:84:92:B9:C6:1B:CE:27:E0:15:F0:AA:69:40:7B:63:31:CB:AA:A1
Certificate issuer:       /CN=fc43309bda46e8ed25ec0c1e8a93006f22691e3c
Certificate serial:       018CC94AA5EBAB83F91B64E90B82848D9278
Authority key identifier: FC:43:30:9B:DA:46:E8:ED:25:EC:0C:1E:8A:93:00:6F:22:69:1E:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_EMwm9pG6O0l7AweipMAbyJpHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/e4SSucYbzifgFfCqaUB7YzHLqqE.roa
Signing time:             Tue 02 Jan 2024 08:29:21 +0000
ROA not before:           Tue 02 Jan 2024 08:29:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35724
IP address blocks:        194.50.162.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/_EMwm9pG6O0l7AweipMAbyJpHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/_EMwm9pG6O0l7AweipMAbyJpHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_EMwm9pG6O0l7AweipMAbyJpHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 17:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4a:a5:eb:ab:83:f9:1b:64:e9:0b:82:84:8d:92:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc43309bda46e8ed25ec0c1e8a93006f22691e3c
        Validity
            Not Before: Jan  2 08:29:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b8492b9c61bce27e015f0aa69407b6331cbaaa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f6:4d:8e:72:40:4a:45:67:e6:f6:6b:dd:28:
                    ce:7e:72:b6:21:82:70:b9:bf:b9:f0:0e:95:11:46:
                    fc:8e:b3:e9:48:2b:76:55:31:d5:55:25:5d:a7:2d:
                    4e:06:53:f5:c0:fb:3d:6d:bc:de:26:2c:1a:be:c8:
                    f1:6a:ce:01:ac:6a:ba:fa:6f:a6:ac:03:82:2a:97:
                    65:bf:06:61:76:57:ac:8c:c6:bd:56:e0:c7:2b:b2:
                    5c:4d:92:c1:ca:3c:9b:08:64:d5:27:2b:a4:2e:0b:
                    d1:dd:0e:54:df:bf:92:24:03:39:62:95:65:18:d8:
                    db:46:d4:d1:fb:e1:3e:7c:0a:41:69:57:2c:f2:fe:
                    75:49:ef:4d:de:e5:b8:ea:90:b0:d2:85:bf:50:61:
                    98:e3:f1:4f:01:81:22:43:1c:e3:52:1e:96:ef:ee:
                    82:ef:b3:cf:fd:4b:3a:97:e7:58:06:8f:d8:9f:c1:
                    d2:33:03:89:f4:e9:c0:84:a5:91:c8:7c:8e:56:ef:
                    c5:38:0d:33:37:d7:10:d6:50:7b:6e:19:8e:65:34:
                    c5:d8:0f:dc:05:d9:9c:12:7d:bc:40:15:eb:9d:c9:
                    84:92:0b:49:cd:bc:7c:1b:76:28:8f:e2:7d:54:c3:
                    8e:a5:99:6a:b5:99:90:be:2c:25:41:7e:62:e4:1c:
                    18:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:84:92:B9:C6:1B:CE:27:E0:15:F0:AA:69:40:7B:63:31:CB:AA:A1
            X509v3 Authority Key Identifier:
                keyid:FC:43:30:9B:DA:46:E8:ED:25:EC:0C:1E:8A:93:00:6F:22:69:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EMwm9pG6O0l7AweipMAbyJpHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/e4SSucYbzifgFfCqaUB7YzHLqqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/008217-6034-4f8f-8e28-602473de6e3d/1/_EMwm9pG6O0l7AweipMAbyJpHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:b5:3a:35:8f:b4:c6:8d:17:6c:a7:fa:2f:91:28:1f:c4:a8:
         82:32:62:07:ff:01:5a:75:ee:67:bf:e9:bf:a5:e5:ea:42:10:
         08:7f:aa:58:d1:06:28:00:cc:e5:75:bd:c6:8f:49:65:29:f7:
         a0:3b:cb:3c:10:2d:ca:ae:da:7b:c9:53:76:6b:8b:a3:f6:ff:
         6c:69:5d:c8:84:21:96:da:d3:39:41:37:67:41:b3:c9:e3:c4:
         cd:6f:8b:10:b2:1e:dc:c7:32:cf:ac:f5:0e:2d:c6:5f:d2:0e:
         69:0b:1d:78:c3:f7:70:08:4f:fa:28:6c:06:e7:59:4a:45:04:
         6f:2b:e2:65:93:b1:07:51:03:ed:b5:26:fe:d7:47:b5:89:d3:
         fa:64:fe:bc:47:d4:63:03:c0:fa:d5:0e:1c:df:4c:07:81:a9:
         74:30:2f:54:6e:b1:bf:bf:db:d6:4e:38:76:67:c5:dc:b4:0e:
         6d:ff:99:93:12:e9:cf:2b:b2:8c:c5:ca:73:d7:4b:aa:d5:a2:
         70:71:d0:01:97:5f:08:a8:3b:2a:7b:dd:5d:83:54:21:37:18:
         4c:c5:02:56:fd:c8:54:34:fa:01:b2:d5:5a:9a:ff:02:9e:22:
         c3:ee:4e:fe:8c:4c:44:4f:2b:90:24:6e:5d:37:68:c9:5a:46:
         4c:48:de:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSqXrq4P5G2TpC4KEjZJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDMzMDliZGE0NmU4ZWQyNWVjMGMxZThhOTMwMDZmMjI2
OTFlM2MwHhcNMjQwMTAyMDgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjg0OTJiOWM2MWJjZTI3ZTAxNWYwYWE2OTQwN2I2MzMxY2JhYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPZNjnJASkVn5vZr3SjOfnK2IYJw
ub+58A6VEUb8jrPpSCt2VTHVVSVdpy1OBlP1wPs9bbzeJiwavsjxas4BrGq6+m+m
rAOCKpdlvwZhdlesjMa9VuDHK7JcTZLByjybCGTVJyukLgvR3Q5U37+SJAM5YpVl
GNjbRtTR++E+fApBaVcs8v51Se9N3uW46pCw0oW/UGGY4/FPAYEiQxzjUh6W7+6C
77PP/Us6l+dYBo/Yn8HSMwOJ9OnAhKWRyHyOVu/FOA0zN9cQ1lB7bhmOZTTF2A/c
BdmcEn28QBXrncmEkgtJzbx8G3Yoj+J9VMOOpZlqtZmQviwlQX5i5BwYxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHuEkrnGG84n4BXwqmlAe2Mxy6qhMB8GA1UdIwQY
MBaAFPxDMJvaRujtJewMHoqTAG8iaR48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VNd205cEc2TzBsN0F3ZWlwTUFieUpwSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wMDgyMTctNjAzNC00ZjhmLThlMjgt
NjAyNDczZGU2ZTNkLzEvZTRTU3VjWWJ6aWZnRmZDcWFVQjdZekhMcXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wMDgyMTctNjAzNC00ZjhmLThlMjgtNjAyNDczZGU2ZTNk
LzEvX0VNd205cEc2TzBsN0F3ZWlwTUFieUpwSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjKiMA0G
CSqGSIb3DQEBCwUAA4IBAQBstTo1j7TGjRdsp/ovkSgfxKiCMmIH/wFade5nv+m/
peXqQhAIf6pY0QYoAMzldb3Gj0llKfegO8s8EC3Krtp7yVN2a4uj9v9saV3IhCGW
2tM5QTdnQbPJ48TNb4sQsh7cxzLPrPUOLcZf0g5pCx14w/dwCE/6KGwG51lKRQRv
K+Jlk7EHUQPttSb+10e1idP6ZP68R9RjA8D61Q4c30wHgal0MC9UbrG/v9vWTjh2
Z8XctA5t/5mTEunPK7KMxcpz10uq1aJwcdABl18IqDsqe91dg1QhNxhMxQJW/chU
NPoBstVamv8CniLD7k7+jExETyuQJG5dN2jJWkZMSN4R
-----END CERTIFICATE-----
Generated at Sun Jun 16 22:40:29 2024 by rpki-client on console-fra.rpki-client.org