Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa
File:                     Ey2SgxnU-4IyUnecveXZknjTgTU.roa (raw, json)
Hash identifier:          IqYdZYmRhw/yCkrd+ojCB9/TQgs+XzEx/pCfqNXUT5M=
Subject key identifier:   13:2D:92:83:19:D4:FB:82:32:52:77:9C:BD:E5:D9:92:78:D3:81:35
Certificate issuer:       /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial:       018CCA2AA3E1610F14FD0C551326351C45F8
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa
Signing time:             Tue 02 Jan 2024 12:34:01 +0000
ROA not before:           Tue 02 Jan 2024 12:34:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44493
IP address blocks:        31.192.233.0/24 maxlen: 24
                          31.192.232.0/24 maxlen: 24
                          31.192.238.0/24 maxlen: 24
                          31.192.237.0/24 maxlen: 24
                          31.192.236.0/24 maxlen: 24
                          31.192.235.0/24 maxlen: 24
                          31.192.234.0/24 maxlen: 24
                          31.192.239.0/24 maxlen: 24
                          2a0a:eec0:6::/48 maxlen: 48
                          2a0a:eec0:5::/48 maxlen: 48
                          2a0a:eec0::/48 maxlen: 48
                          2a0a:eec0:3::/48 maxlen: 48
                          2a03:a0e0::/32 maxlen: 32
                          2a0a:eec0:4::/48 maxlen: 48
                          2a0a:eec0:7::/48 maxlen: 48
                          2a0a:eec0:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:a3:e1:61:0f:14:fd:0c:55:13:26:35:1c:45:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
        Validity
            Not Before: Jan  2 12:34:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=132d928319d4fb823252779cbde5d99278d38135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f5:35:46:22:a0:c4:fa:5d:c1:e1:a8:0c:82:
                    65:25:36:11:df:ce:e1:2b:78:05:bf:7f:9a:a3:bb:
                    73:9d:84:f7:11:35:ad:92:fb:f1:b2:10:26:62:68:
                    40:98:18:d5:ac:14:3a:4d:94:7d:58:8f:cd:85:f2:
                    2f:4b:36:e5:66:2d:bc:94:b2:f3:0d:1b:c3:70:55:
                    ca:d7:d7:6d:ef:32:f3:e8:a3:0f:0e:11:62:3c:99:
                    9f:bb:01:73:ff:df:2d:ab:06:6a:cd:da:b6:46:d9:
                    43:77:cf:52:95:6e:4f:e8:60:a5:49:ff:0f:75:0f:
                    ec:c1:f6:05:09:54:5b:56:6e:f2:ac:41:9d:c8:a6:
                    b7:aa:a2:e1:c4:c5:60:2d:79:32:12:9d:ef:df:15:
                    49:15:b0:ac:80:81:89:15:9e:10:9b:10:20:47:d8:
                    fd:ad:b8:0e:f7:f7:f2:de:15:42:50:1d:0a:43:b7:
                    64:c9:44:b1:98:3b:d0:bd:fa:6f:26:84:9f:37:a6:
                    26:7e:0e:a9:8a:06:24:e2:78:d5:2a:60:79:b7:ee:
                    28:40:63:ac:9d:19:9c:80:a4:10:f7:3b:4f:4e:13:
                    3f:7e:cf:13:b8:ef:0d:ee:99:b0:de:db:72:df:8d:
                    99:a7:e6:9a:68:01:40:62:28:04:85:13:03:d3:e9:
                    00:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:2D:92:83:19:D4:FB:82:32:52:77:9C:BD:E5:D9:92:78:D3:81:35
            X509v3 Authority Key Identifier:
                keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.192.232.0/21
                IPv6:
                  2a03:a0e0::/32
                  2a0a:eec0::/48
                  2a0a:eec0:2::-2a0a:eec0:7:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         84:47:57:90:61:f5:20:56:7c:3a:e1:8b:da:af:4a:aa:35:88:
         53:b3:54:c6:2c:9b:39:68:f7:9f:14:f8:69:6d:d0:d0:1e:94:
         75:d2:3a:c4:93:95:de:2a:d8:00:ba:e7:09:9b:92:26:a0:d4:
         93:33:3b:e4:4c:f4:4f:3d:3c:30:f5:14:fd:d4:f0:74:eb:c6:
         b2:31:30:7c:34:11:05:93:b1:b8:d2:2a:f4:c7:81:bb:52:ad:
         6c:34:4b:86:6f:0f:35:ba:ad:ca:8b:11:75:d5:26:c8:82:4f:
         57:0f:03:21:02:ec:2c:5f:f9:54:b7:ab:91:fc:d2:c1:9f:9f:
         82:f2:40:c0:be:27:40:72:1f:84:c4:f2:69:fa:6e:f0:68:7c:
         1d:45:34:49:d8:cb:83:9d:d5:e4:13:84:3d:72:52:d3:30:b8:
         09:9a:29:00:26:39:53:6d:69:44:9e:dc:65:e7:f9:ea:67:b5:
         e7:e8:f1:b0:f7:2c:46:dd:78:bd:5e:f2:66:b4:11:37:0b:42:
         31:be:03:26:85:68:ed:1b:c0:de:16:f4:a3:34:0d:92:f6:56:
         36:1b:1c:0a:df:b8:59:08:0f:65:61:ed:87:4b:f9:73:b6:f9:
         87:1a:84:39:90:3f:41:5e:4e:ef:18:95:c9:21:41:e7:19:ac:
         7e:92:b5:71
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzKKqPhYQ8U/QxVEyY1HEX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJkOTI4MzE5ZDRmYjgyMzI1Mjc3OWNiZGU1ZDk5Mjc4ZDM4MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfU1RiKgxPpdweGoDIJlJTYR387h
K3gFv3+ao7tznYT3ETWtkvvxshAmYmhAmBjVrBQ6TZR9WI/NhfIvSzblZi28lLLz
DRvDcFXK19dt7zLz6KMPDhFiPJmfuwFz/98tqwZqzdq2RtlDd89SlW5P6GClSf8P
dQ/swfYFCVRbVm7yrEGdyKa3qqLhxMVgLXkyEp3v3xVJFbCsgIGJFZ4QmxAgR9j9
rbgO9/fy3hVCUB0KQ7dkyUSxmDvQvfpvJoSfN6Ymfg6pigYk4njVKmB5t+4oQGOs
nRmcgKQQ9ztPThM/fs8TuO8N7pmw3tty342Zp+aaaAFAYigEhRMD0+kAcQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBMtkoMZ1PuCMlJ3nL3l2ZJ404E1MB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvRXkyU2d4blUtNEl5VW5lY3ZlWFprbmpUZ1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQDH8DoMCoE
AgACMCQDBQAqA6DgAwcAKgruwAAAMBIDBwEqCu7AAAIDBwMqCu7AAAAwDQYJKoZI
hvcNAQELBQADggEBAIRHV5Bh9SBWfDrhi9qvSqo1iFOzVMYsmzlo958U+Glt0NAe
lHXSOsSTld4q2AC65wmbkiag1JMzO+RM9E89PDD1FP3U8HTrxrIxMHw0EQWTsbjS
KvTHgbtSrWw0S4ZvDzW6rcqLEXXVJsiCT1cPAyEC7Cxf+VS3q5H80sGfn4LyQMC+
J0ByH4TE8mn6bvBofB1FNEnYy4Od1eQThD1yUtMwuAmaKQAmOVNtaUSe3GXn+epn
tefo8bD3LEbdeL1e8ma0ETcLQjG+AyaFaO0bwN4W9KM0DZL2VjYbHArfuFkID2Vh
7YdL+XO2+YcahDmQP0FeTu8YlckhQecZrH6StXE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:52:24 2024 by rpki-client on console-fra.rpki-client.org