Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/5cEgE9LQ8KYgcsEe0W2y2H3iz6w.roa
File:                     5cEgE9LQ8KYgcsEe0W2y2H3iz6w.roa (raw, json)
Hash identifier:          YEi5MnDGSp6Om4COo327recHUgboJ2hyP0EdjPUyk68=
Subject key identifier:   E5:C1:20:13:D2:D0:F0:A6:20:72:C1:1E:D1:6D:B2:D8:7D:E2:CF:AC
Certificate issuer:       /CN=4a45472b550b34fdb01adcd510a9dcd821c9d991
Certificate serial:       018FE7D158E9748523651D5097E91A48E17C
Authority key identifier: 4A:45:47:2B:55:0B:34:FD:B0:1A:DC:D5:10:A9:DC:D8:21:C9:D9:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/5cEgE9LQ8KYgcsEe0W2y2H3iz6w.roa
Signing time:             Wed 05 Jun 2024 09:53:27 +0000
ROA not before:           Wed 05 Jun 2024 09:53:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212137
IP address blocks:        45.150.56.0/24 maxlen: 28
                          109.95.124.0/22 maxlen: 28

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 15:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e7:d1:58:e9:74:85:23:65:1d:50:97:e9:1a:48:e1:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a45472b550b34fdb01adcd510a9dcd821c9d991
        Validity
            Not Before: Jun  5 09:53:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e5c12013d2d0f0a62072c11ed16db2d87de2cfac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e3:5d:3f:4c:1a:f8:72:fb:b4:36:4d:67:02:
                    81:d8:45:d3:7f:c0:2d:15:9f:5b:f7:27:a5:f6:4e:
                    f8:c1:8e:47:1a:6f:68:61:b5:c4:dd:cb:7a:18:9b:
                    6c:1e:0e:d6:84:6d:5c:43:f9:3b:91:14:59:7b:29:
                    51:96:ee:94:2f:e9:19:60:8c:99:c9:32:d2:32:b8:
                    64:31:b1:19:af:03:05:8a:38:49:f0:99:af:7e:7c:
                    91:46:d6:65:14:26:f2:dc:1b:41:02:39:93:4a:b2:
                    34:8f:a7:14:51:04:94:32:ab:9e:19:02:82:59:ee:
                    7d:0d:70:bc:be:23:a9:ee:14:ff:f9:30:5b:9d:fb:
                    a9:d3:04:23:da:58:1e:af:a0:62:77:84:e3:f0:d1:
                    c3:f6:51:55:fc:cc:1a:8b:60:eb:9a:92:82:f1:9b:
                    f6:8d:96:5f:94:1f:d6:63:40:12:61:6d:eb:e5:6e:
                    31:a9:be:6d:f5:24:6f:fb:57:b7:a8:64:35:97:7d:
                    5b:cc:cb:4a:d1:93:f9:74:3d:fa:ce:45:88:66:fa:
                    d2:a0:30:27:7b:32:61:23:c1:1c:b1:48:1f:f5:32:
                    ce:a9:37:e0:35:57:e3:78:63:e2:3f:2f:79:0a:ba:
                    a1:ed:ef:06:d5:b8:42:b0:b8:a6:06:83:d7:df:35:
                    3c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:C1:20:13:D2:D0:F0:A6:20:72:C1:1E:D1:6D:B2:D8:7D:E2:CF:AC
            X509v3 Authority Key Identifier:
                keyid:4A:45:47:2B:55:0B:34:FD:B0:1A:DC:D5:10:A9:DC:D8:21:C9:D9:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/5cEgE9LQ8KYgcsEe0W2y2H3iz6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0e55d0-fafd-49c2-9c08-12c058bfacc1/1/SkVHK1ULNP2wGtzVEKnc2CHJ2ZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.150.56.0/24
                  109.95.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:fa:c3:75:cf:0e:0b:3d:d3:07:3e:6d:be:14:7b:26:d2:00:
         12:22:0d:10:ba:ae:8d:55:f0:50:1d:a6:70:45:11:f8:5a:f2:
         3a:fa:07:ff:ec:7e:58:0d:68:05:ef:38:be:28:b5:fc:d6:cb:
         9a:0c:e1:f4:5b:3e:4e:02:b1:4c:e3:7c:95:00:60:35:ed:bc:
         47:d1:f4:12:42:6d:96:08:91:2d:18:f2:fe:a9:ee:d6:29:1d:
         93:c6:eb:9e:87:a0:56:f6:f0:fd:ad:ad:d6:b4:5e:cb:8c:cd:
         08:b6:c8:59:80:e3:7c:fa:1e:33:10:b6:53:7d:65:e3:68:f9:
         5d:61:d9:e4:26:03:d1:23:8c:7a:48:fd:50:f8:14:ce:85:6a:
         b4:91:5d:66:d6:aa:3a:d1:bf:3c:f3:51:05:2a:98:80:2a:d4:
         74:4b:39:ca:3a:35:86:f0:46:9d:95:15:28:19:a6:20:7c:e5:
         82:e9:3e:c3:12:d4:99:be:e4:f9:39:39:b3:bc:30:e6:47:65:
         aa:4a:d5:9e:aa:b4:98:19:2d:e4:27:25:08:84:1d:fa:1e:7d:
         47:c5:b8:07:30:a5:54:ff:c3:46:21:2f:ae:10:0f:9d:ec:7f:
         de:d8:35:ff:69:8e:a6:88:ed:7f:cf:c9:c3:a6:b5:29:f8:34:
         30:5c:2f:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/n0VjpdIUjZR1Ql+kaSOF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDU0NzJiNTUwYjM0ZmRiMDFhZGNkNTEwYTlkY2Q4MjFj
OWQ5OTEwHhcNMjQwNjA1MDk1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMxMjAxM2QyZDBmMGE2MjA3MmMxMWVkMTZkYjJkODdkZTJjZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweNdP0wa+HL7tDZNZwKB2EXTf8At
FZ9b9yel9k74wY5HGm9oYbXE3ct6GJtsHg7WhG1cQ/k7kRRZeylRlu6UL+kZYIyZ
yTLSMrhkMbEZrwMFijhJ8JmvfnyRRtZlFCby3BtBAjmTSrI0j6cUUQSUMqueGQKC
We59DXC8viOp7hT/+TBbnfup0wQj2lger6Bid4Tj8NHD9lFV/Mwai2DrmpKC8Zv2
jZZflB/WY0ASYW3r5W4xqb5t9SRv+1e3qGQ1l31bzMtK0ZP5dD36zkWIZvrSoDAn
ezJhI8EcsUgf9TLOqTfgNVfjeGPiPy95Crqh7e8G1bhCsLimBoPX3zU8DQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOXBIBPS0PCmIHLBHtFtsth94s+sMB8GA1UdIwQY
MBaAFEpFRytVCzT9sBrc1RCp3NghydmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tWSEsxVUxOUDJ3R3R6VkVLbmMyQ0hKMlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZTU1ZDAtZmFmZC00OWMyLTljMDgt
MTJjMDU4YmZhY2MxLzEvNWNFZ0U5TFE4S1lnY3NFZTBXMnkySDNpejZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZTU1ZDAtZmFmZC00OWMyLTljMDgtMTJjMDU4YmZhY2Mx
LzEvU2tWSEsxVUxOUDJ3R3R6VkVLbmMyQ0hKMlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZY4AwQC
bV98MA0GCSqGSIb3DQEBCwUAA4IBAQAN+sN1zw4LPdMHPm2+FHsm0gASIg0Quq6N
VfBQHaZwRRH4WvI6+gf/7H5YDWgF7zi+KLX81suaDOH0Wz5OArFM43yVAGA17bxH
0fQSQm2WCJEtGPL+qe7WKR2Txuueh6BW9vD9ra3WtF7LjM0ItshZgON8+h4zELZT
fWXjaPldYdnkJgPRI4x6SP1Q+BTOhWq0kV1m1qo60b8881EFKpiAKtR0SznKOjWG
8EadlRUoGaYgfOWC6T7DEtSZvuT5OTmzvDDmR2WqStWeqrSYGS3kJyUIhB36Hn1H
xbgHMKVU/8NGIS+uEA+d7H/e2DX/aY6miO1/z8nDprUp+DQwXC+j
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:48:07 2024 by rpki-client on console-fra.rpki-client.org