Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Cvbl7Uuw865nD-wNji9JxbYmPg0.roa
File:                     Cvbl7Uuw865nD-wNji9JxbYmPg0.roa (raw, json)
Hash identifier:          FZhwrFKGfQkWd+5BBXg078GNki3ZrSr0KhbjWFVjtn8=
Subject key identifier:   0A:F6:E5:ED:4B:B0:F3:AE:67:0F:EC:0D:8E:2F:49:C5:B6:26:3E:0D
Certificate issuer:       /CN=678bd649073646c1f4c3b01cacaa72e209e9daff
Certificate serial:       018CC801B84CA4E2AE3B38186333386DC67C
Authority key identifier: 67:8B:D6:49:07:36:46:C1:F4:C3:B0:1C:AC:AA:72:E2:09:E9:DA:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Cvbl7Uuw865nD-wNji9JxbYmPg0.roa
Signing time:             Tue 02 Jan 2024 02:30:05 +0000
ROA not before:           Tue 02 Jan 2024 02:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48067
IP address blocks:        93.113.192.0/21 maxlen: 21
                          185.251.30.0/23 maxlen: 23
                          185.251.28.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:b8:4c:a4:e2:ae:3b:38:18:63:33:38:6d:c6:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=678bd649073646c1f4c3b01cacaa72e209e9daff
        Validity
            Not Before: Jan  2 02:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0af6e5ed4bb0f3ae670fec0d8e2f49c5b6263e0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:33:cf:47:a1:7d:95:3d:c4:bd:dd:be:88:e4:
                    40:21:f0:33:df:1a:06:c2:2a:5f:3f:2e:51:8b:6a:
                    6c:3f:bb:1a:f5:d7:4c:35:58:3b:2c:d2:a3:3e:31:
                    7b:5e:b9:96:92:22:09:1a:83:de:8d:d9:8d:81:80:
                    2b:df:7a:da:c9:cd:2d:41:40:da:0f:98:81:9b:17:
                    f3:44:af:98:84:31:a3:cf:10:1c:4e:85:19:2e:99:
                    11:a6:bf:8e:49:7a:7b:63:f2:a8:e6:b2:1e:74:f7:
                    b0:e3:6f:ce:91:7a:ad:0d:e0:91:cb:d3:d6:36:44:
                    b0:59:74:49:fe:02:d0:67:f0:83:a8:a9:b8:ca:21:
                    42:c9:79:17:99:f8:95:ee:b5:6e:5f:79:e6:ed:45:
                    c2:2b:4d:4f:34:dc:9c:26:12:be:ee:53:f4:aa:74:
                    76:93:9f:58:96:88:d1:19:55:bb:e0:bd:13:b6:92:
                    6b:1b:1e:fc:42:44:55:77:ac:48:2b:dd:c3:97:1a:
                    ee:78:49:93:0c:b9:78:e5:1e:8a:cf:61:17:17:20:
                    d0:b8:fa:68:67:07:a3:3e:f6:e2:7c:78:6c:ef:ff:
                    c5:71:98:46:db:f5:fd:ea:82:31:ce:62:5f:d7:dc:
                    26:04:3d:96:94:8e:2e:d2:4b:24:54:4d:ba:fd:db:
                    43:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:F6:E5:ED:4B:B0:F3:AE:67:0F:EC:0D:8E:2F:49:C5:B6:26:3E:0D
            X509v3 Authority Key Identifier:
                keyid:67:8B:D6:49:07:36:46:C1:F4:C3:B0:1C:AC:AA:72:E2:09:E9:DA:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Cvbl7Uuw865nD-wNji9JxbYmPg0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc3441-3e8f-44ed-913e-ed78cb76661c/1/Z4vWSQc2RsH0w7AcrKpy4gnp2v8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.113.192.0/21
                  185.251.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:b5:7e:07:76:20:30:ad:83:7c:a4:a5:1f:71:46:6c:d9:e6:
         dc:84:5f:49:a0:3a:f4:99:69:81:a1:dd:c6:d3:3d:7f:05:94:
         4b:d3:27:ec:3c:ee:3d:62:54:8a:ab:08:4b:cc:53:de:69:aa:
         5a:fd:e8:3f:45:45:20:65:6a:69:91:84:9e:69:e4:e0:1a:d8:
         73:3f:4e:a3:04:ec:cd:53:03:2d:d1:aa:61:bc:41:73:1a:49:
         58:13:d9:2a:ab:08:8f:eb:0c:18:72:45:cf:37:45:03:f4:24:
         83:29:d5:67:8b:e8:f1:a3:cd:a3:db:f0:cc:63:16:da:fc:c7:
         5e:1f:24:ef:d8:6c:23:cc:02:cc:8f:20:ed:1b:9d:59:0c:d2:
         78:8f:86:e7:91:c0:53:2c:66:56:85:a2:b3:a7:9c:31:f3:9c:
         04:54:96:4e:ac:c4:be:4e:11:dd:9d:06:ab:f8:97:c3:cd:57:
         cc:07:8d:70:5e:43:11:5b:03:32:76:68:e8:66:b8:b5:15:71:
         dc:5f:cc:ad:04:cd:b3:35:ed:c3:66:c2:53:b3:27:98:ef:b1:
         f5:f5:d2:3d:ce:71:29:d3:7c:bf:74:a0:05:e8:3b:96:2c:f5:
         b7:50:e2:aa:52:55:38:94:94:d9:7d:c7:ae:99:4b:26:58:e5:
         31:fd:96:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAbhMpOKuOzgYYzM4bcZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGJkNjQ5MDczNjQ2YzFmNGMzYjAxY2FjYWE3MmUyMDll
OWRhZmYwHhcNMjQwMTAyMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY2ZTVlZDRiYjBmM2FlNjcwZmVjMGQ4ZTJmNDljNWI2MjYzZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDPPR6F9lT3Evd2+iORAIfAz3xoG
wipfPy5Ri2psP7sa9ddMNVg7LNKjPjF7XrmWkiIJGoPejdmNgYAr33rayc0tQUDa
D5iBmxfzRK+YhDGjzxAcToUZLpkRpr+OSXp7Y/Ko5rIedPew42/OkXqtDeCRy9PW
NkSwWXRJ/gLQZ/CDqKm4yiFCyXkXmfiV7rVuX3nm7UXCK01PNNycJhK+7lP0qnR2
k59YlojRGVW74L0TtpJrGx78QkRVd6xIK93DlxrueEmTDLl45R6Kz2EXFyDQuPpo
ZwejPvbifHhs7//FcZhG2/X96oIxzmJf19wmBD2WlI4u0kskVE26/dtDRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAr25e1LsPOuZw/sDY4vScW2Jj4NMB8GA1UdIwQY
MBaAFGeL1kkHNkbB9MOwHKyqcuIJ6dr/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjR2V1NRYzJSc0gwdzdBY3JLcHk0Z25wMnY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzM0NDEtM2U4Zi00NGVkLTkxM2Ut
ZWQ3OGNiNzY2NjFjLzEvQ3ZibDdVdXc4NjVuRC13TmppOUp4YlltUGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzM0NDEtM2U4Zi00NGVkLTkxM2UtZWQ3OGNiNzY2NjFj
LzEvWjR2V1NRYzJSc0gwdzdBY3JLcHk0Z25wMnY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXXHAAwQC
ufscMA0GCSqGSIb3DQEBCwUAA4IBAQBZtX4HdiAwrYN8pKUfcUZs2ebchF9JoDr0
mWmBod3G0z1/BZRL0yfsPO49YlSKqwhLzFPeaapa/eg/RUUgZWppkYSeaeTgGthz
P06jBOzNUwMt0aphvEFzGklYE9kqqwiP6wwYckXPN0UD9CSDKdVni+jxo82j2/DM
Yxba/MdeHyTv2GwjzALMjyDtG51ZDNJ4j4bnkcBTLGZWhaKzp5wx85wEVJZOrMS+
ThHdnQar+JfDzVfMB41wXkMRWwMydmjoZri1FXHcX8ytBM2zNe3DZsJTsyeY77H1
9dI9znEp03y/dKAF6DuWLPW3UOKqUlU4lJTZfceumUsmWOUx/ZaN
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:23 2024 by rpki-client on console-ams.rpki-client.org