Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/B1NPZgdPr5KwE6QxUwsDLRtHA1k.roa
File:                     B1NPZgdPr5KwE6QxUwsDLRtHA1k.roa (raw, json)
Hash identifier:          ScJOIQWzymQlg+/IPVbdauKTi1OosXsA4LhpOJDGubo=
Subject key identifier:   07:53:4F:66:07:4F:AF:92:B0:13:A4:31:53:0B:03:2D:1B:47:03:59
Certificate issuer:       /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial:       018E8B82BDDC8AC3498450153E0657CF433C
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/B1NPZgdPr5KwE6QxUwsDLRtHA1k.roa
Signing time:             Fri 29 Mar 2024 18:39:45 +0000
ROA not before:           Fri 29 Mar 2024 18:39:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25369
IP address blocks:        185.130.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8b:82:bd:dc:8a:c3:49:84:50:15:3e:06:57:cf:43:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
        Validity
            Not Before: Mar 29 18:39:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07534f66074faf92b013a431530b032d1b470359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:91:d6:37:10:4c:16:e2:c7:f3:d3:7a:03:ac:
                    15:5c:e2:74:df:22:66:b3:85:6f:61:4c:ad:d4:d2:
                    5b:3a:f5:9e:f7:de:2a:52:b5:fb:59:d2:7b:d2:45:
                    11:e5:29:75:84:e1:c5:cc:84:8b:b4:f1:68:0b:20:
                    48:f1:89:08:1a:69:58:bd:c1:0e:24:e7:6c:d8:62:
                    70:bc:42:8e:4d:59:27:d6:53:3f:a4:25:0e:01:46:
                    58:2f:60:fa:2d:e6:d7:c7:cf:65:ed:73:81:9c:b5:
                    fb:49:ab:b7:e8:f1:cf:d9:41:c8:87:d0:29:a6:15:
                    b9:f8:ca:05:2f:5d:22:53:80:db:72:1f:04:79:0c:
                    68:f2:16:26:43:0f:32:01:6d:96:df:9d:f6:d3:e3:
                    82:9d:06:20:c9:b3:88:9e:fc:1d:e5:36:73:c5:dd:
                    05:5b:13:36:a1:28:4f:d0:49:88:77:e1:d0:22:80:
                    c8:2a:a9:87:5c:c3:4d:96:ec:c7:dd:69:10:94:1c:
                    fa:de:32:07:7d:1b:7d:c2:a2:98:df:df:66:e4:51:
                    e3:35:57:11:f2:fa:f8:3f:9f:6b:d7:09:55:52:a4:
                    e8:4d:af:68:84:27:df:fa:e8:a0:fe:5b:0e:cd:38:
                    52:e4:e5:97:dd:70:5f:da:94:ed:69:ac:dd:3a:8a:
                    0e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:53:4F:66:07:4F:AF:92:B0:13:A4:31:53:0B:03:2D:1B:47:03:59
            X509v3 Authority Key Identifier:
                keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/B1NPZgdPr5KwE6QxUwsDLRtHA1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:78:2c:4c:76:dd:b4:1c:ad:c7:12:bb:45:fe:52:a7:1a:bd:
         65:01:4c:72:ff:8b:81:21:fb:43:02:f1:89:0d:68:9d:ee:38:
         a7:ca:78:0c:ae:34:72:92:93:d4:68:f0:20:b4:d1:7a:41:74:
         75:e0:66:be:fa:77:e2:00:65:77:a1:7f:1d:b7:38:7d:cf:4e:
         ab:2e:e5:83:3e:2a:4d:4c:46:ee:bc:55:70:41:83:b1:32:57:
         53:05:64:92:30:a7:06:af:ec:48:af:c6:e0:ae:7c:9e:e7:0b:
         89:d0:7d:64:ab:43:94:60:2f:db:79:9d:81:03:e6:94:5a:55:
         f0:23:f8:8a:30:af:25:cd:76:b0:9f:e5:d4:ef:94:65:d8:c2:
         ce:b5:55:fb:fb:38:ce:cf:a0:28:bd:11:cb:4d:6b:d0:1a:f3:
         8c:04:f5:24:5b:d9:68:b5:47:3a:fd:a0:b9:9f:fa:db:f0:bb:
         fb:d8:9c:70:f1:1e:32:e4:17:ac:f2:c9:e6:ca:06:5d:96:24:
         7c:a9:9d:72:b2:9c:bf:ef:45:ec:50:c3:cf:89:2a:81:b2:97:
         4e:e6:da:95:09:ca:52:9c:da:7f:5a:46:f0:00:0a:4d:c4:e7:
         02:92:ba:8a:10:b0:6a:df:50:47:db:bf:d8:84:88:73:6f:db:
         3a:7d:38:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6Lgr3cisNJhFAVPgZXz0M8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjQwMzI5MTgzOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzUzNGY2NjA3NGZhZjkyYjAxM2E0MzE1MzBiMDMyZDFiNDcwMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZHWNxBMFuLH89N6A6wVXOJ03yJm
s4VvYUyt1NJbOvWe994qUrX7WdJ70kUR5Sl1hOHFzISLtPFoCyBI8YkIGmlYvcEO
JOds2GJwvEKOTVkn1lM/pCUOAUZYL2D6LebXx89l7XOBnLX7Sau36PHP2UHIh9Ap
phW5+MoFL10iU4Dbch8EeQxo8hYmQw8yAW2W35320+OCnQYgybOInvwd5TZzxd0F
WxM2oShP0EmId+HQIoDIKqmHXMNNluzH3WkQlBz63jIHfRt9wqKY399m5FHjNVcR
8vr4P59r1wlVUqToTa9ohCff+uig/lsOzThS5OWX3XBf2pTtaazdOooO0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdTT2YHT6+SsBOkMVMLAy0bRwNZMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvQjFOUFpnZFByNUt3RTZReFV3c0RMUnRIQTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQAxeCxMdt20HK3HErtF/lKnGr1lAUxy/4uBIftDAvGJ
DWid7jinyngMrjRykpPUaPAgtNF6QXR14Ga++nfiAGV3oX8dtzh9z06rLuWDPipN
TEbuvFVwQYOxMldTBWSSMKcGr+xIr8bgrnye5wuJ0H1kq0OUYC/beZ2BA+aUWlXw
I/iKMK8lzXawn+XU75Rl2MLOtVX7+zjOz6AovRHLTWvQGvOMBPUkW9lotUc6/aC5
n/rb8Lv72Jxw8R4y5Bes8snmygZdliR8qZ1yspy/70XsUMPPiSqBspdO5tqVCcpS
nNp/WkbwAApNxOcCkrqKELBq31BH27/YhIhzb9s6fTjV
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:35:28 2024 by rpki-client on console-ams.rpki-client.org