Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/VJ9uLgdzCh-ZiSlUgXgInuCyqZU.roa
File:                     VJ9uLgdzCh-ZiSlUgXgInuCyqZU.roa (raw, json)
Hash identifier:          bBqXPzNwoLntgc34ad2/ByE0jGPiq3fUdCzXgTv7DJc=
Subject key identifier:   54:9F:6E:2E:07:73:0A:1F:99:89:29:54:81:78:08:9E:E0:B2:A9:95
Certificate issuer:       /CN=11ec1a0e64ea84b69a407cf3f2a925388ab4ecb4
Certificate serial:       018CC86F75AA9DD42CD5749F87DBA5B6E3B2
Authority key identifier: 11:EC:1A:0E:64:EA:84:B6:9A:40:7C:F3:F2:A9:25:38:8A:B4:EC:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EewaDmTqhLaaQHzz8qklOIq07LQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/VJ9uLgdzCh-ZiSlUgXgInuCyqZU.roa
Signing time:             Tue 02 Jan 2024 04:29:56 +0000
ROA not before:           Tue 02 Jan 2024 04:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     396982
IP address blocks:        31.25.14.0/24 maxlen: 24
                          31.25.13.0/24 maxlen: 24
                          31.25.12.0/24 maxlen: 24
                          185.197.148.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/EewaDmTqhLaaQHzz8qklOIq07LQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/EewaDmTqhLaaQHzz8qklOIq07LQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EewaDmTqhLaaQHzz8qklOIq07LQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:75:aa:9d:d4:2c:d5:74:9f:87:db:a5:b6:e3:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11ec1a0e64ea84b69a407cf3f2a925388ab4ecb4
        Validity
            Not Before: Jan  2 04:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=549f6e2e07730a1f998929548178089ee0b2a995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e8:c3:20:13:14:d4:c4:c9:54:6d:da:ab:7d:
                    1a:26:51:fd:fe:9f:4c:c4:76:ba:6f:3c:69:d3:70:
                    44:19:99:d1:de:87:c1:0c:73:24:fa:42:ed:ad:7d:
                    18:63:49:e9:bd:ee:5a:71:9c:3b:6e:45:7d:e4:8a:
                    d5:4b:41:de:6b:64:30:3b:ac:1f:2f:9c:a8:c3:1d:
                    dc:bc:72:b5:1b:3a:3a:6c:82:00:db:11:bf:96:fe:
                    1c:3d:5c:92:2b:fe:43:2d:35:dc:37:cf:db:6c:99:
                    70:d2:d2:f5:6d:ce:cc:dd:a5:c6:25:00:46:23:36:
                    76:6c:7a:4c:48:64:0f:5a:d5:7f:10:32:44:54:33:
                    48:11:a9:7b:55:20:bd:fd:7f:c6:90:de:1d:24:e6:
                    0a:9b:20:ca:29:93:cd:59:c2:03:8a:87:94:21:f8:
                    21:53:49:8c:ba:8d:e6:1f:3e:ec:41:8e:b6:e4:7b:
                    47:1d:ae:74:ae:2a:14:56:d6:5b:2a:96:93:2d:c2:
                    49:91:33:3a:6e:d2:d5:48:cc:74:7a:ec:84:5b:4f:
                    e2:bf:7d:dd:4c:65:b3:b7:1b:7c:55:2e:3e:3f:3a:
                    4b:4b:6e:58:42:a1:2d:77:b0:f7:16:b5:c0:0f:2c:
                    b7:83:cf:53:6f:a7:20:50:34:45:0e:41:ac:c3:5e:
                    66:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:9F:6E:2E:07:73:0A:1F:99:89:29:54:81:78:08:9E:E0:B2:A9:95
            X509v3 Authority Key Identifier:
                keyid:11:EC:1A:0E:64:EA:84:B6:9A:40:7C:F3:F2:A9:25:38:8A:B4:EC:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EewaDmTqhLaaQHzz8qklOIq07LQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/VJ9uLgdzCh-ZiSlUgXgInuCyqZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0cf745-a4d8-423d-a2d9-8302ed850c87/1/EewaDmTqhLaaQHzz8qklOIq07LQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.25.12.0-31.25.14.255
                  185.197.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:f7:09:2c:fc:e8:38:81:f1:f0:69:5e:79:89:77:89:e7:7c:
         b3:bc:21:80:d0:ae:45:9c:13:ce:30:34:65:9c:95:a7:df:43:
         79:18:e5:d5:28:63:5c:a9:8c:2a:0a:13:54:67:96:87:8f:88:
         c3:db:31:46:06:ea:fa:ea:01:d8:47:f6:b9:01:c1:f6:ac:bf:
         05:6f:c2:6d:38:bb:ec:76:80:1a:3f:bb:0e:93:74:37:4a:42:
         e9:a6:74:f2:f6:bf:85:da:08:57:1c:36:a1:86:b3:63:c1:1c:
         9e:d0:a1:b6:16:e9:2a:8d:d2:6b:c4:e1:1c:12:4d:b1:cd:a9:
         4c:63:e8:c5:98:c7:85:fa:29:1b:69:02:df:56:0e:3b:32:76:
         85:c7:c2:18:3c:3e:9f:52:f5:fa:72:72:a6:54:0b:62:38:b8:
         02:77:58:23:3e:bf:2c:8d:8d:81:12:8b:41:86:a0:59:1e:ff:
         64:d5:81:f6:7d:49:b8:9d:cb:12:cc:32:91:da:75:97:94:28:
         2d:8b:80:70:71:8e:4c:5d:ea:25:b1:02:2f:90:a2:bb:fd:fc:
         ec:54:c6:1f:96:09:cf:c5:b7:ff:58:79:f8:82:e3:22:d4:b1:
         a3:49:80:c7:4f:a7:e2:1c:ab:44:f6:50:91:9f:fe:02:76:cc:
         56:7b:76:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIb3WqndQs1XSfh9ultuOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWMxYTBlNjRlYTg0YjY5YTQwN2NmM2YyYTkyNTM4OGFi
NGVjYjQwHhcNMjQwMTAyMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDlmNmUyZTA3NzMwYTFmOTk4OTI5NTQ4MTc4MDg5ZWUwYjJhOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkujDIBMU1MTJVG3aq30aJlH9/p9M
xHa6bzxp03BEGZnR3ofBDHMk+kLtrX0YY0npve5acZw7bkV95IrVS0Hea2QwO6wf
L5yowx3cvHK1Gzo6bIIA2xG/lv4cPVySK/5DLTXcN8/bbJlw0tL1bc7M3aXGJQBG
IzZ2bHpMSGQPWtV/EDJEVDNIEal7VSC9/X/GkN4dJOYKmyDKKZPNWcIDioeUIfgh
U0mMuo3mHz7sQY625HtHHa50rioUVtZbKpaTLcJJkTM6btLVSMx0euyEW0/iv33d
TGWztxt8VS4+PzpLS25YQqEtd7D3FrXADyy3g89Tb6cgUDRFDkGsw15moQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFSfbi4HcwofmYkpVIF4CJ7gsqmVMB8GA1UdIwQY
MBaAFBHsGg5k6oS2mkB88/KpJTiKtOy0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWV3YURtVHFoTGFhUUh6ejhxa2xPSXEwN0xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wY2Y3NDUtYTRkOC00MjNkLWEyZDkt
ODMwMmVkODUwYzg3LzEvVko5dUxnZHpDaC1aaVNsVWdYZ0ludUN5cVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wY2Y3NDUtYTRkOC00MjNkLWEyZDktODMwMmVkODUwYzg3
LzEvRWV3YURtVHFoTGFhUUh6ejhxa2xPSXEwN0xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAIfGQwD
BAAfGQ4DBAC5xZQwDQYJKoZIhvcNAQELBQADggEBAFP3CSz86DiB8fBpXnmJd4nn
fLO8IYDQrkWcE84wNGWclaffQ3kY5dUoY1ypjCoKE1RnloePiMPbMUYG6vrqAdhH
9rkBwfasvwVvwm04u+x2gBo/uw6TdDdKQummdPL2v4XaCFccNqGGs2PBHJ7QobYW
6SqN0mvE4RwSTbHNqUxj6MWYx4X6KRtpAt9WDjsydoXHwhg8Pp9S9fpycqZUC2I4
uAJ3WCM+vyyNjYESi0GGoFke/2TVgfZ9SbidyxLMMpHadZeUKC2LgHBxjkxd6iWx
Ai+Qorv9/OxUxh+WCc/Ft/9YefiC4yLUsaNJgMdPp+Icq0T2UJGf/gJ2zFZ7djI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:39 2024 by rpki-client on console-fra.rpki-client.org