Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa
File:                     H59b5Oo8ObpV-FWMdiBdaxh75w8.roa (raw, json)
Hash identifier:          HnBpVO/+rwm+y+C6RmLuibg0PfAiPxGRaso4rDbgVSY=
Subject key identifier:   1F:9F:5B:E4:EA:3C:39:BA:55:F8:55:8C:76:20:5D:6B:18:7B:E7:0F
Certificate issuer:       /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial:       018DDABA721F8D8149665F2CCBE3EE62B45C
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa
Signing time:             Sat 24 Feb 2024 10:47:48 +0000
ROA not before:           Sat 24 Feb 2024 10:47:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57862
IP address blocks:        37.122.152.0/22 maxlen: 22
                          37.122.152.0/23 maxlen: 23
                          37.122.153.0/24 maxlen: 24
                          37.122.154.0/23 maxlen: 23
                          37.122.154.0/24 maxlen: 24
                          37.122.155.0/24 maxlen: 24
                          37.122.156.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:da:ba:72:1f:8d:81:49:66:5f:2c:cb:e3:ee:62:b4:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
        Validity
            Not Before: Feb 24 10:47:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f9f5be4ea3c39ba55f8558c76205d6b187be70f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:4a:43:a3:c3:85:4c:eb:b2:23:29:8f:3c:45:
                    3f:19:fb:cb:70:a5:05:a2:83:8c:b5:be:f6:a1:2d:
                    7e:07:fe:8c:a0:79:a0:59:b4:41:ad:08:e9:6e:b4:
                    ce:0a:c9:66:03:71:8f:45:ed:e4:a7:88:7d:64:e6:
                    57:75:69:95:c4:43:1d:ba:2a:b0:0d:a1:25:21:79:
                    bc:94:30:b9:6f:0b:94:b7:6f:4a:22:ab:d0:47:21:
                    4b:eb:1b:95:70:2d:b7:e9:14:84:b5:b3:5f:08:cd:
                    97:b5:98:91:a3:5c:1c:bc:d8:31:00:43:91:ff:68:
                    66:4d:4b:54:62:1f:16:b8:62:5f:4d:37:69:08:09:
                    13:c6:c1:70:89:1f:c3:e0:31:c2:71:13:f5:84:ec:
                    8c:65:32:51:e7:2a:d1:d3:8c:a0:83:5c:d6:d5:fd:
                    07:c8:46:a3:ca:af:3e:83:92:72:29:b9:73:fa:e3:
                    47:4c:96:88:a7:0e:bb:81:68:dc:39:c2:06:94:bb:
                    93:8a:ba:b9:d2:44:e1:f7:ab:d4:23:e4:b7:38:e6:
                    1a:e7:85:f5:0a:80:ff:e5:4f:12:18:71:7c:c6:c5:
                    e8:a8:52:bd:2b:b0:97:59:60:5a:21:54:da:21:b0:
                    20:7f:77:00:a2:ab:5b:2c:a5:15:c8:60:80:2c:f1:
                    8c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:9F:5B:E4:EA:3C:39:BA:55:F8:55:8C:76:20:5D:6B:18:7B:E7:0F
            X509v3 Authority Key Identifier:
                keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/H59b5Oo8ObpV-FWMdiBdaxh75w8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.122.152.0-37.122.156.255

    Signature Algorithm: sha256WithRSAEncryption
         03:ac:d6:d0:ae:0e:53:3c:af:93:43:fc:50:d7:fc:a7:55:33:
         c7:6f:8b:73:d6:e0:fc:06:13:6c:a8:20:23:9a:dd:63:85:0c:
         fa:9f:c3:2c:7f:1d:94:5d:27:d1:49:fa:65:d5:93:e0:c6:41:
         60:c9:5c:3c:00:af:09:6d:fd:bb:8c:db:5f:69:3a:cb:c5:a8:
         8c:67:98:6b:b4:5c:5a:4b:4f:0c:78:c0:b8:75:ef:9c:c9:d5:
         93:b3:c2:51:b9:e2:8a:2b:52:b5:7b:10:78:24:f1:4a:c3:72:
         e2:9b:84:d8:ac:de:ec:bc:e9:4d:79:72:63:12:b8:49:f3:5e:
         60:74:f8:ff:cd:49:33:08:71:f0:9a:1a:33:48:86:eb:c2:42:
         5a:b5:71:cb:47:0c:2f:91:b7:30:77:57:39:d5:63:c8:0e:0d:
         86:77:2e:eb:26:38:51:e0:f5:91:7d:08:72:b1:ec:87:ca:5f:
         14:a4:94:81:79:c5:d0:05:46:e8:85:29:c9:1c:1d:4b:bd:aa:
         54:0a:29:d1:a0:d7:08:b0:39:8c:fc:c1:68:ef:ad:1b:f0:1f:
         40:b0:84:5b:65:4c:b6:21:ef:59:e5:46:20:da:93:87:e5:96:
         c1:e5:c2:fb:1d:7d:fc:2d:bb:b4:fb:22:2b:59:8a:d4:c4:7e:
         f5:46:12:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3aunIfjYFJZl8sy+PuYrRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwMjI0MTA0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjlmNWJlNGVhM2MzOWJhNTVmODU1OGM3NjIwNWQ2YjE4N2JlNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkpDo8OFTOuyIymPPEU/GfvLcKUF
ooOMtb72oS1+B/6MoHmgWbRBrQjpbrTOCslmA3GPRe3kp4h9ZOZXdWmVxEMduiqw
DaElIXm8lDC5bwuUt29KIqvQRyFL6xuVcC236RSEtbNfCM2XtZiRo1wcvNgxAEOR
/2hmTUtUYh8WuGJfTTdpCAkTxsFwiR/D4DHCcRP1hOyMZTJR5yrR04ygg1zW1f0H
yEajyq8+g5JyKblz+uNHTJaIpw67gWjcOcIGlLuTirq50kTh96vUI+S3OOYa54X1
CoD/5U8SGHF8xsXoqFK9K7CXWWBaIVTaIbAgf3cAoqtbLKUVyGCALPGMXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB+fW+TqPDm6VfhVjHYgXWsYe+cPMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvSDU5YjVPbzhPYnBWLUZXTWRpQmRheGg3NXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAAOs1tCuDlM8r5ND/FDX/KdVM8dvi3PW
4PwGE2yoICOa3WOFDPqfwyx/HZRdJ9FJ+mXVk+DGQWDJXDwArwlt/buM219pOsvF
qIxnmGu0XFpLTwx4wLh175zJ1ZOzwlG54oorUrV7EHgk8UrDcuKbhNis3uy86U15
cmMSuEnzXmB0+P/NSTMIcfCaGjNIhuvCQlq1cctHDC+RtzB3VznVY8gODYZ3Lusm
OFHg9ZF9CHKx7IfKXxSklIF5xdAFRuiFKckcHUu9qlQKKdGg1wiwOYz8wWjvrRvw
H0CwhFtlTLYh71nlRiDak4fllsHlwvsdffwtu7T7IitZitTEfvVGErk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 08:14:53 2024 by rpki-client on console-ams.rpki-client.org