Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/B1t0cf6jKVPfi9F4ZvS2asdaWKg.roa
File:                     B1t0cf6jKVPfi9F4ZvS2asdaWKg.roa (raw, json)
Hash identifier:          6tAbuyHG30JV7evUDcp/1DNqGl1tO0RQx4DKZ/6zjuA=
Subject key identifier:   07:5B:74:71:FE:A3:29:53:DF:8B:D1:78:66:F4:B6:6A:C7:5A:58:A8
Certificate issuer:       /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Certificate serial:       018CC3B70D76B8CB82DEB48161370871F69D
Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/B1t0cf6jKVPfi9F4ZvS2asdaWKg.roa
Signing time:             Mon 01 Jan 2024 06:30:02 +0000
ROA not before:           Mon 01 Jan 2024 06:30:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7922
IP address blocks:        2a0c:93c0:8002::/48 maxlen: 48
                          2a0c:93c0:c002::/48 maxlen: 48
                          2a0c:93c0:8000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:0d:76:b8:cb:82:de:b4:81:61:37:08:71:f6:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
        Validity
            Not Before: Jan  1 06:30:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=075b7471fea32953df8bd17866f4b66ac75a58a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b4:99:0b:cb:b5:6e:5e:8c:55:99:74:af:9c:
                    69:bd:8a:67:df:be:70:c4:ca:0f:0b:62:f7:04:07:
                    f3:d5:a5:67:e5:1e:8a:df:5f:dd:e3:d3:fd:b0:c5:
                    31:77:14:cd:9d:01:ed:c5:9e:92:5d:65:f6:42:e3:
                    25:2d:d5:6c:2e:28:ac:0d:dd:65:03:f7:f9:34:d7:
                    86:08:e7:bf:9f:5e:a3:b6:21:be:a5:15:4e:cc:f2:
                    85:4b:59:03:ca:1a:5e:ef:fe:47:83:13:41:61:7f:
                    6f:dd:49:0d:5f:0c:c1:42:72:02:db:0e:5c:33:9c:
                    d0:bd:88:00:ab:91:3e:6f:f2:c8:99:e1:58:4b:bd:
                    db:00:4a:62:69:27:eb:d0:d3:4d:93:a8:bb:d5:17:
                    39:09:59:ba:18:18:b2:de:8f:ac:49:bd:1c:1b:f0:
                    22:d3:6b:8d:53:6e:0e:a3:2c:4b:d6:00:2d:b4:fa:
                    23:bd:0b:5b:4f:35:c4:95:3e:ba:2e:1f:22:b2:f7:
                    e0:fa:b8:dd:0a:7c:4d:c3:b6:ff:8a:38:54:c4:c0:
                    7a:d5:c3:d7:6e:8f:f0:ed:ed:98:ac:69:0a:72:95:
                    f1:6f:24:7e:e9:08:d1:c9:99:9e:5f:f0:da:0e:46:
                    47:32:84:3d:87:9b:98:a2:eb:1d:f5:d2:3d:50:73:
                    13:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:5B:74:71:FE:A3:29:53:DF:8B:D1:78:66:F4:B6:6A:C7:5A:58:A8
            X509v3 Authority Key Identifier:
                keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/B1t0cf6jKVPfi9F4ZvS2asdaWKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:93c0:8000::/48
                  2a0c:93c0:8002::/48
                  2a0c:93c0:c002::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:6a:2c:5b:ad:a6:a6:f8:a2:15:b7:1f:ee:cf:42:bb:9a:07:
         17:a1:d0:e7:4f:4d:be:d5:38:ed:d9:d8:32:65:91:87:07:89:
         d1:7f:b8:f9:57:78:5d:f4:1c:ab:5c:c8:f8:3b:5d:ed:f9:bb:
         fd:f6:08:da:f2:6c:20:61:64:11:03:31:49:56:a5:21:23:50:
         47:4e:f5:8a:5a:5d:10:68:d7:f1:ff:50:6e:67:c4:09:bb:51:
         bd:a9:f6:d5:0e:20:11:67:b7:0d:6d:21:e2:14:a7:78:39:3e:
         4b:0e:2f:91:29:c4:1e:47:79:d8:a2:64:22:0d:48:dd:a0:a1:
         78:68:e3:91:65:91:c7:e4:03:05:9e:d3:e5:85:af:db:b5:93:
         7e:ca:5c:b4:10:b8:9c:fd:1e:84:58:03:e6:ac:02:a9:7a:b2:
         d8:6e:e8:1d:8d:da:23:89:b1:88:56:8f:ee:59:dc:a1:c1:c0:
         5e:34:0f:74:4b:80:e7:c0:c2:bc:c8:17:f1:57:88:df:93:e8:
         02:9b:63:56:0d:f4:8c:ba:45:b8:f6:e7:8e:6c:d8:b3:27:64:
         13:33:c9:78:68:2c:5a:4f:01:5c:ea:85:b1:92:85:df:20:3a:
         4f:59:c2:e0:98:5e:7d:13:b3:5b:5b:1b:78:de:59:b5:61:03:
         ec:49:fd:07
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtw12uMuC3rSBYTcIcfadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh
YWEwZmQwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzViNzQ3MWZlYTMyOTUzZGY4YmQxNzg2NmY0YjY2YWM3NWE1OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrSZC8u1bl6MVZl0r5xpvYpn375w
xMoPC2L3BAfz1aVn5R6K31/d49P9sMUxdxTNnQHtxZ6SXWX2QuMlLdVsLiisDd1l
A/f5NNeGCOe/n16jtiG+pRVOzPKFS1kDyhpe7/5HgxNBYX9v3UkNXwzBQnIC2w5c
M5zQvYgAq5E+b/LImeFYS73bAEpiaSfr0NNNk6i71Rc5CVm6GBiy3o+sSb0cG/Ai
02uNU24OoyxL1gAttPojvQtbTzXElT66Lh8isvfg+rjdCnxNw7b/ijhUxMB61cPX
bo/w7e2YrGkKcpXxbyR+6QjRyZmeX/DaDkZHMoQ9h5uYousd9dI9UHMTYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAdbdHH+oylT34vReGb0tmrHWlioMB8GA1UdIwQY
MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt
YzBmM2JhZDk5YTQwLzEvQjF0MGNmNmpLVlBmaTlGNFp2UzJhc2RhV0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw
LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyTwIAA
AwcAKgyTwIACAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQAPaixbraam+KIV
tx/uz0K7mgcXodDnT02+1Tjt2dgyZZGHB4nRf7j5V3hd9ByrXMj4O13t+bv99gja
8mwgYWQRAzFJVqUhI1BHTvWKWl0QaNfx/1BuZ8QJu1G9qfbVDiARZ7cNbSHiFKd4
OT5LDi+RKcQeR3nYomQiDUjdoKF4aOORZZHH5AMFntPlha/btZN+yly0ELic/R6E
WAPmrAKperLYbugdjdojibGIVo/uWdyhwcBeNA90S4DnwMK8yBfxV4jfk+gCm2NW
DfSMukW49ueObNizJ2QTM8l4aCxaTwFc6oWxkoXfIDpPWcLgmF59E7NbWxt43lm1
YQPsSf0H
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:58:24 2024 by rpki-client on console-ams.rpki-client.org