Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/DRlUupqZIr7fiDvqcxzWjbVqcWo.roa
File:                     DRlUupqZIr7fiDvqcxzWjbVqcWo.roa (raw, json)
Hash identifier:          78sjLx2n021XJaNz77IhBMm+ussq+bbvnLGIiZQ4r/0=
Subject key identifier:   0D:19:54:BA:9A:99:22:BE:DF:88:3B:EA:73:1C:D6:8D:B5:6A:71:6A
Certificate issuer:       /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial:       018CC424A1583598C954F4CDD67BBD65A5DF
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/DRlUupqZIr7fiDvqcxzWjbVqcWo.roa
Signing time:             Mon 01 Jan 2024 08:29:44 +0000
ROA not before:           Mon 01 Jan 2024 08:29:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137409
IP address blocks:        93.127.176.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:a1:58:35:98:c9:54:f4:cd:d6:7b:bd:65:a5:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
        Validity
            Not Before: Jan  1 08:29:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d1954ba9a9922bedf883bea731cd68db56a716a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9c:c7:af:5f:ad:a3:4a:69:f1:c6:f5:0a:c6:
                    96:bd:fc:70:07:33:e0:30:34:8e:10:8e:d7:8a:a2:
                    8d:71:b0:38:e8:c6:11:31:68:44:b4:2c:e7:09:e1:
                    a5:98:6a:79:d0:61:c8:51:ac:cb:ca:ff:73:7c:cd:
                    58:c5:73:f4:3f:62:4b:0b:22:e8:2f:0f:2a:f5:29:
                    8d:c9:d6:a4:55:e0:7d:55:38:be:70:ce:f0:2e:ac:
                    61:67:bc:77:46:85:c0:e8:7a:c8:b7:1a:58:2c:7c:
                    e3:85:30:df:6d:38:e3:d0:3d:09:f9:27:d5:78:a6:
                    18:fb:fe:82:e4:a3:15:ad:d3:96:e3:0c:cb:5f:67:
                    cb:89:4a:a7:e1:04:1b:8a:77:96:02:e3:a9:8c:73:
                    17:e3:60:e0:96:41:87:ac:20:30:f9:84:ea:e3:6a:
                    f2:c9:19:7c:79:12:80:84:92:79:20:b7:65:6e:cd:
                    91:63:ef:23:cb:18:17:30:2b:44:ee:12:5e:18:8a:
                    78:87:2d:9e:90:0d:8d:6a:88:d3:a3:39:95:fb:d0:
                    62:0d:7e:d8:a8:c2:fe:4a:dd:8f:d6:f0:5b:f3:c4:
                    9b:8f:51:de:a2:66:6a:45:46:23:01:75:fb:d1:76:
                    fe:8f:51:14:55:a8:5b:69:8c:1a:9c:12:0f:89:d6:
                    94:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:19:54:BA:9A:99:22:BE:DF:88:3B:EA:73:1C:D6:8D:B5:6A:71:6A
            X509v3 Authority Key Identifier:
                keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/DRlUupqZIr7fiDvqcxzWjbVqcWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.127.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:0c:fd:8b:50:91:3b:61:41:81:e2:9f:08:2a:e5:b6:c4:ca:
         75:b5:b0:3d:62:8f:18:8c:e4:70:56:f5:47:96:61:e8:8f:9e:
         78:7c:ac:8d:91:e0:c8:52:f3:e0:ea:27:8f:88:e7:2a:8f:71:
         09:fe:10:88:c1:00:a9:a0:24:37:e9:6b:45:35:02:02:f2:4d:
         10:f5:4f:eb:14:e7:bf:a9:95:e4:03:7b:42:3c:ef:60:e7:11:
         06:e3:70:7f:6f:5d:db:ae:85:5e:34:d4:a0:0c:7e:10:7d:75:
         1e:96:ed:e6:eb:84:ca:68:de:45:0a:0d:96:4b:40:77:c7:da:
         39:22:76:4d:44:ec:d9:88:1a:35:5f:2a:1b:a7:1c:c5:8c:b4:
         c3:80:0a:9f:14:35:87:47:c7:fe:84:95:7b:d0:74:a9:50:0a:
         3e:2c:c3:44:ae:d6:5d:bf:0d:ac:43:84:3c:13:a9:fd:80:50:
         09:bc:4b:43:04:1a:63:1e:79:e0:99:74:a8:f0:64:e7:b1:34:
         6c:61:0c:1d:e1:7f:30:c5:1f:4d:81:69:b5:26:0e:72:af:ec:
         24:72:85:a4:1c:fc:3c:40:47:eb:51:78:8b:86:a3:f5:7a:cd:
         8f:3c:00:19:57:30:97:ba:c8:c8:4f:56:ce:ce:11:bf:30:00:
         2f:b1:2f:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJKFYNZjJVPTN1nu9ZaXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMTAxMDgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE5NTRiYTlhOTkyMmJlZGY4ODNiZWE3MzFjZDY4ZGI1NmE3MTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5zHr1+to0pp8cb1CsaWvfxwBzPg
MDSOEI7XiqKNcbA46MYRMWhEtCznCeGlmGp50GHIUazLyv9zfM1YxXP0P2JLCyLo
Lw8q9SmNydakVeB9VTi+cM7wLqxhZ7x3RoXA6HrItxpYLHzjhTDfbTjj0D0J+SfV
eKYY+/6C5KMVrdOW4wzLX2fLiUqn4QQbineWAuOpjHMX42DglkGHrCAw+YTq42ry
yRl8eRKAhJJ5ILdlbs2RY+8jyxgXMCtE7hJeGIp4hy2ekA2NaojTozmV+9BiDX7Y
qML+St2P1vBb88Sbj1HeomZqRUYjAXX70Xb+j1EUVahbaYwanBIPidaU5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0ZVLqamSK+34g76nMc1o21anFqMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvRFJsVXVwcVpJcjdmaUR2cWN4eldqYlZxY1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXX+wMA0G
CSqGSIb3DQEBCwUAA4IBAQA5DP2LUJE7YUGB4p8IKuW2xMp1tbA9Yo8YjORwVvVH
lmHoj554fKyNkeDIUvPg6iePiOcqj3EJ/hCIwQCpoCQ36WtFNQIC8k0Q9U/rFOe/
qZXkA3tCPO9g5xEG43B/b13broVeNNSgDH4QfXUelu3m64TKaN5FCg2WS0B3x9o5
InZNROzZiBo1XyobpxzFjLTDgAqfFDWHR8f+hJV70HSpUAo+LMNErtZdvw2sQ4Q8
E6n9gFAJvEtDBBpjHnngmXSo8GTnsTRsYQwd4X8wxR9NgWm1Jg5yr+wkcoWkHPw8
QEfrUXiLhqP1es2PPAAZVzCXusjIT1bOzhG/MAAvsS83
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:29 2024 by rpki-client on console-fra.rpki-client.org