Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AvDRWbsHGMNHvJgndAkhMvuYwXs.roa
File:                     AvDRWbsHGMNHvJgndAkhMvuYwXs.roa (raw, json)
Hash identifier:          rdw+cxcdzdY4FwJQq2amXAWrfZzgf3P32+hLjnNHMgM=
Subject key identifier:   02:F0:D1:59:BB:07:18:C3:47:BC:98:27:74:09:21:32:FB:98:C1:7B
Certificate issuer:       /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial:       018CC793802ECD8790B3E68C850B1EE8DBB0
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AvDRWbsHGMNHvJgndAkhMvuYwXs.roa
Signing time:             Tue 02 Jan 2024 00:29:41 +0000
ROA not before:           Tue 02 Jan 2024 00:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        146.247.108.0/24 maxlen: 24
                          146.247.107.0/24 maxlen: 24
                          146.247.106.0/24 maxlen: 24
                          146.247.111.0/24 maxlen: 24
                          146.247.112.0/23 maxlen: 23
                          146.247.118.0/24 maxlen: 24
                          146.247.115.0/24 maxlen: 24
                          146.247.114.0/24 maxlen: 24
                          146.247.117.0/24 maxlen: 24
                          146.247.116.0/24 maxlen: 24
                          146.247.122.0/24 maxlen: 24
                          146.247.121.0/24 maxlen: 24
                          146.247.120.0/24 maxlen: 24
                          146.247.119.0/24 maxlen: 24
                          146.247.127.0/24 maxlen: 24
                          146.247.126.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:80:2e:cd:87:90:b3:e6:8c:85:0b:1e:e8:db:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
        Validity
            Not Before: Jan  2 00:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=02f0d159bb0718c347bc982774092132fb98c17b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:64:65:7c:7e:e0:5d:21:07:26:87:28:8c:0b:
                    09:cf:3f:9f:d3:63:56:5f:b7:97:15:bf:ac:20:27:
                    50:9e:8b:d7:94:b8:ac:89:ca:ce:b0:e3:d5:84:dd:
                    7e:5e:91:87:3b:c3:df:43:64:9e:b7:b9:d7:2e:a0:
                    ef:81:a8:85:0d:f8:0c:0f:de:19:66:ab:f2:88:2e:
                    98:5a:ab:38:78:1b:d4:7c:b8:3f:fb:ee:11:3e:67:
                    b9:8d:df:c5:1f:9b:6c:7d:06:fc:c8:03:27:1c:bf:
                    14:b3:d7:3f:41:56:35:7b:ee:92:45:fd:94:33:d4:
                    5e:d0:a1:a6:59:d4:ea:7a:60:a7:a1:25:63:4f:5c:
                    84:67:bf:2d:0f:3e:16:77:c2:fe:74:f1:b5:74:5c:
                    a4:d4:6d:b1:ce:02:1f:df:35:b1:a5:c3:f9:6b:27:
                    2d:07:80:c1:61:33:e6:a2:0c:00:3f:4a:62:86:e0:
                    db:b7:24:fb:eb:f3:ce:98:a1:15:eb:62:66:91:b8:
                    23:f9:56:0d:a6:ea:5d:9a:82:71:f0:c3:41:7e:79:
                    51:3f:4e:95:ae:35:e8:61:08:aa:5e:10:dd:f2:4b:
                    fa:d5:df:8b:d1:b0:01:12:1d:28:fb:d8:ae:46:f4:
                    30:1b:2a:54:a7:fd:ef:b4:40:7b:d4:6b:2d:d4:19:
                    90:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F0:D1:59:BB:07:18:C3:47:BC:98:27:74:09:21:32:FB:98:C1:7B
            X509v3 Authority Key Identifier:
                keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AvDRWbsHGMNHvJgndAkhMvuYwXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.106.0-146.247.108.255
                  146.247.111.0-146.247.122.255
                  146.247.126.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:d2:bc:b6:95:63:b1:fe:16:d4:52:92:24:d1:a1:e7:af:ce:
         f4:fa:5b:d0:82:99:77:28:da:cb:f6:9e:1f:d2:86:51:9f:a3:
         91:19:e0:d3:f9:de:d9:ca:79:17:d2:0b:a5:fe:1b:19:40:16:
         03:6b:e4:49:6c:14:6a:a2:0c:67:37:b6:a7:cd:c1:50:ca:ab:
         65:81:b7:07:d4:5d:02:2f:17:6b:a3:7d:f0:d7:de:51:c3:4d:
         c4:6d:3b:cc:be:e6:ba:43:b7:13:c9:33:b6:d4:48:3a:0f:fb:
         b9:1f:55:30:82:5e:05:5a:27:9f:d7:91:e5:2d:b3:22:5f:32:
         55:10:57:12:ba:26:5d:e7:11:ee:c5:28:55:0a:14:55:e4:bd:
         0f:b4:6c:29:5b:0d:1d:b2:d7:0c:c0:dc:96:02:75:c0:e2:85:
         77:5b:c4:0a:92:ce:6f:f8:cc:05:81:25:2f:82:41:85:c8:62:
         50:6d:9e:18:ef:a4:ce:fd:c0:37:96:ba:d6:95:ab:63:49:1a:
         cd:db:f1:a1:87:96:ad:f4:6f:b9:a2:e6:f6:89:55:fb:be:e0:
         be:f7:ed:a8:07:0a:ad:75:34:6a:84:cc:f9:d0:39:73:20:7d:
         3c:ec:b4:0c:06:ce:1e:0a:2b:c3:aa:a5:7a:2d:8d:b7:d2:8b:
         9a:d4:c9:f7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHk4AuzYeQs+aMhQse6NuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjQwMTAyMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmYwZDE1OWJiMDcxOGMzNDdiYzk4Mjc3NDA5MjEzMmZiOThjMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGRlfH7gXSEHJocojAsJzz+f02NW
X7eXFb+sICdQnovXlLisicrOsOPVhN1+XpGHO8PfQ2Set7nXLqDvgaiFDfgMD94Z
ZqvyiC6YWqs4eBvUfLg/++4RPme5jd/FH5tsfQb8yAMnHL8Us9c/QVY1e+6SRf2U
M9Re0KGmWdTqemCnoSVjT1yEZ78tDz4Wd8L+dPG1dFyk1G2xzgIf3zWxpcP5ayct
B4DBYTPmogwAP0pihuDbtyT76/POmKEV62Jmkbgj+VYNpupdmoJx8MNBfnlRP06V
rjXoYQiqXhDd8kv61d+L0bABEh0o+9iuRvQwGypUp/3vtEB71Gst1BmQFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFALw0Vm7BxjDR7yYJ3QJITL7mMF7MB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvQXZEUldic0hHTU5IdkpnbmRBa2hNdnVZd1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAGS92oD
BACS92wwDAMEAJL3bwMEAJL3egMEAZL3fjANBgkqhkiG9w0BAQsFAAOCAQEAE9K8
tpVjsf4W1FKSJNGh56/O9Ppb0IKZdyjay/aeH9KGUZ+jkRng0/ne2cp5F9ILpf4b
GUAWA2vkSWwUaqIMZze2p83BUMqrZYG3B9RdAi8Xa6N98NfeUcNNxG07zL7mukO3
E8kzttRIOg/7uR9VMIJeBVonn9eR5S2zIl8yVRBXEromXecR7sUoVQoUVeS9D7Rs
KVsNHbLXDMDclgJ1wOKFd1vECpLOb/jMBYElL4JBhchiUG2eGO+kzv3AN5a61pWr
Y0kazdvxoYeWrfRvuaLm9olV+77gvvftqAcKrXU0aoTM+dA5cyB9POy0DAbOHgor
w6qlei2Nt9KLmtTJ9w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:53 2024 by rpki-client on console-ams.rpki-client.org