Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa
File:                     RihKQ1DZfuV_tdeajMl20NPjMzc.roa (raw, json)
Hash identifier:          pvpOVT2u2y7micHnoPR1OO8PmhCVksaJEkRP96rXh6I=
Subject key identifier:   46:28:4A:43:50:D9:7E:E5:7F:B5:D7:9A:8C:C9:76:D0:D3:E3:33:37
Certificate issuer:       /CN=97bf5be73f1823274498df52a37535d13da5be62
Certificate serial:       018CC3B7181F21649EA117A274BACA77B62C
Authority key identifier: 97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa
Signing time:             Mon 01 Jan 2024 06:30:05 +0000
ROA not before:           Mon 01 Jan 2024 06:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20897
IP address blocks:        193.93.101.0/24 maxlen: 24
                          193.93.102.0/24 maxlen: 24
                          193.93.103.0/24 maxlen: 24
                          193.93.102.0/23 maxlen: 23
                          193.93.100.0/24 maxlen: 24
                          193.108.162.0/23 maxlen: 23
                          2001:67c:2380::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:18:1f:21:64:9e:a1:17:a2:74:ba:ca:77:b6:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97bf5be73f1823274498df52a37535d13da5be62
        Validity
            Not Before: Jan  1 06:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=46284a4350d97ee57fb5d79a8cc976d0d3e33337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:88:7e:c3:d3:22:02:69:1c:d0:65:f3:c6:a1:
                    90:a0:32:00:c5:3f:86:05:9e:98:ad:f8:32:3e:be:
                    13:62:e5:bd:75:3d:77:31:6b:25:f3:d2:8e:2f:bf:
                    87:14:e8:7e:d5:b2:b2:a1:49:65:cb:78:49:47:88:
                    b2:6f:8b:d2:75:a0:04:f2:df:d5:84:54:6d:41:90:
                    95:d2:b8:12:08:c1:b4:d3:08:fa:32:57:3e:6b:31:
                    56:fb:b7:19:4d:33:07:0f:0e:c1:95:73:1b:69:21:
                    e2:e9:bb:a8:9f:84:6b:c7:93:a0:e0:c4:2d:6c:ff:
                    87:a7:09:45:c3:d7:4f:38:99:97:36:0d:23:d9:7c:
                    97:b2:ba:c6:ed:da:d3:12:f4:28:3d:d5:c1:c1:59:
                    8e:ee:aa:b2:35:a6:40:e3:a7:b7:2d:03:e1:70:43:
                    88:eb:bb:dc:d6:ea:30:ce:9f:08:52:71:dd:34:21:
                    b0:85:26:36:d8:f3:d6:bc:7b:fe:50:61:22:6c:c0:
                    b7:fe:c6:e8:14:c5:f5:80:49:31:7d:95:33:69:82:
                    30:36:4f:2a:99:62:ea:64:2b:4d:60:42:2e:7d:81:
                    de:41:09:06:28:29:94:28:96:44:af:03:c6:11:2f:
                    1b:4c:37:14:82:3d:82:3c:19:92:2f:e0:ff:bf:25:
                    08:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:28:4A:43:50:D9:7E:E5:7F:B5:D7:9A:8C:C9:76:D0:D3:E3:33:37
            X509v3 Authority Key Identifier:
                keyid:97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/RihKQ1DZfuV_tdeajMl20NPjMzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.93.100.0/22
                  193.108.162.0/23
                IPv6:
                  2001:67c:2380::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:8b:59:24:f3:80:20:5a:2c:81:00:b3:c2:6e:6f:28:d7:87:
         5a:46:24:f8:bd:56:30:e1:54:d0:ba:e8:9c:b4:ce:31:3b:dc:
         54:68:dc:fa:27:67:e1:11:91:cf:ae:c0:de:d0:b7:cf:ec:a6:
         68:56:dc:9e:34:9d:6a:a0:70:df:6d:15:db:80:de:94:38:9e:
         0c:28:48:3e:a0:74:57:e3:54:50:33:ed:c6:3a:82:04:33:b4:
         f5:df:07:a5:91:53:61:cd:ca:d8:2d:aa:05:ce:75:eb:7e:96:
         a2:67:55:8b:b6:40:d8:f8:f5:a5:ae:67:21:ff:b1:30:ec:02:
         d3:3e:de:eb:9c:63:a6:60:30:4d:19:96:a7:5b:17:1a:05:aa:
         1e:4a:89:c0:54:99:b6:6e:5d:47:3d:82:9e:ab:c7:a5:dd:1e:
         b7:55:fc:db:82:f5:e4:91:11:47:84:55:43:a5:d2:c1:ff:1c:
         e6:5b:bd:ec:54:e1:88:32:7d:68:e6:47:92:27:6c:11:77:0f:
         e7:4a:1e:5e:30:32:ba:b0:f2:d4:fc:be:93:16:ad:aa:d6:4c:
         84:37:89:7a:9b:b1:46:a6:b4:a0:fb:4c:ea:8c:70:72:13:a1:
         a3:cc:3c:81:fe:1e:28:6c:d7:c0:e1:23:84:d4:00:52:ca:da:
         65:d9:42:98
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtxgfIWSeoReidLrKd7YsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmY1YmU3M2YxODIzMjc0NDk4ZGY1MmEzNzUzNWQxM2Rh
NWJlNjIwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI4NGE0MzUwZDk3ZWU1N2ZiNWQ3OWE4Y2M5NzZkMGQzZTMzMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4h+w9MiAmkc0GXzxqGQoDIAxT+G
BZ6YrfgyPr4TYuW9dT13MWsl89KOL7+HFOh+1bKyoUlly3hJR4iyb4vSdaAE8t/V
hFRtQZCV0rgSCMG00wj6Mlc+azFW+7cZTTMHDw7BlXMbaSHi6buon4Rrx5Og4MQt
bP+HpwlFw9dPOJmXNg0j2XyXsrrG7drTEvQoPdXBwVmO7qqyNaZA46e3LQPhcEOI
67vc1uowzp8IUnHdNCGwhSY22PPWvHv+UGEibMC3/sboFMX1gEkxfZUzaYIwNk8q
mWLqZCtNYEIufYHeQQkGKCmUKJZErwPGES8bTDcUgj2CPBmSL+D/vyUI3QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEYoSkNQ2X7lf7XXmozJdtDT4zM3MB8GA1UdIwQY
MBaAFJe/W+c/GCMnRJjfUqN1NdE9pb5iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUt
M2Y0NDUxOTY2NWFjLzEvUmloS1ExRFpmdVZfdGRlYWpNbDIwTlBqTXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUtM2Y0NDUxOTY2NWFj
LzEvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCwV1kAwQB
wWyiMA8EAgACMAkDBwAgAQZ8I4AwDQYJKoZIhvcNAQELBQADggEBACeLWSTzgCBa
LIEAs8JubyjXh1pGJPi9VjDhVNC66Jy0zjE73FRo3PonZ+ERkc+uwN7Qt8/spmhW
3J40nWqgcN9tFduA3pQ4ngwoSD6gdFfjVFAz7cY6ggQztPXfB6WRU2HNytgtqgXO
det+lqJnVYu2QNj49aWuZyH/sTDsAtM+3uucY6ZgME0ZlqdbFxoFqh5KicBUmbZu
XUc9gp6rx6XdHrdV/NuC9eSREUeEVUOl0sH/HOZbvexU4YgyfWjmR5InbBF3D+dK
Hl4wMrqw8tT8vpMWrarWTIQ3iXqbsUamtKD7TOqMcHIToaPMPIH+Hihs18DhI4TU
AFLK2mXZQpg=
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:25:07 2024 by rpki-client on console-fra.rpki-client.org