Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa
File:                     3134362e3234372e35392e302f32342d3234203d3e203234383531.roa (raw, json)
Hash identifier:          wE1ZRZZm1RLxT9JyNh52iLvc8Uyqc1Cu7FhfeoxE1U8=
Subject key identifier:   EE:2A:9E:54:B2:B0:7F:FA:D3:4F:5C:AC:E6:17:6D:E9:72:5B:14:3A
Certificate issuer:       /CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Certificate serial:       2F756DF92C499A7CA8115F70F062B07EA83F57D7
Authority key identifier: A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa
Signing time:             Mon 25 Dec 2023 12:05:08 +0000
ROA not before:           Mon 25 Dec 2023 12:00:08 +0000
ROA not after:            Mon 23 Dec 2024 12:05:08 +0000
asID:                     24851
IP address blocks:        146.247.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:75:6d:f9:2c:49:9a:7c:a8:11:5f:70:f0:62:b0:7e:a8:3f:57:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
        Validity
            Not Before: Dec 25 12:00:08 2023 GMT
            Not After : Dec 23 12:05:08 2024 GMT
        Subject: CN=EE2A9E54B2B07FFAD34F5CACE6176DE9725B143A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e7:59:33:6a:0b:dc:e4:c2:73:1e:15:e6:b4:
                    a7:83:dd:88:cc:d6:46:07:f7:93:5d:1e:e0:f1:22:
                    e9:ec:e3:30:90:71:80:60:88:9c:28:c8:d2:6d:5e:
                    94:83:0a:b3:c0:06:ff:24:43:02:77:50:3c:1a:bb:
                    1f:0b:e2:4b:c1:31:25:21:b3:38:db:cb:cf:01:7c:
                    7a:e3:dd:e9:c4:f4:fa:b5:58:1a:18:82:51:a0:91:
                    10:50:dc:30:fb:3b:0a:fd:e8:69:e7:4f:ed:00:f3:
                    0f:27:cc:de:bf:7d:7b:48:fc:25:35:e9:8f:76:b7:
                    67:f7:c9:11:87:de:90:a8:97:96:63:84:5e:41:49:
                    bd:b2:ab:10:61:e7:fe:b2:f3:75:29:8a:f2:df:78:
                    12:75:79:2e:1d:b1:5f:a0:1d:b3:fb:fe:4d:da:5b:
                    ef:ce:54:6a:f8:ed:57:ec:a6:80:14:5a:00:04:37:
                    37:21:f8:85:a4:c9:cf:13:54:19:31:c3:0e:1f:d4:
                    c4:5c:ff:80:a0:f3:82:6c:ab:0d:18:e1:a0:74:d1:
                    6d:b6:49:32:17:31:97:4d:90:c9:de:1a:4b:02:d0:
                    4d:ed:04:14:a8:27:94:2d:65:d3:f5:35:04:ea:0c:
                    a8:c7:a3:24:c6:11:18:0a:1f:21:be:4f:64:78:d0:
                    7f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:2A:9E:54:B2:B0:7F:FA:D3:4F:5C:AC:E6:17:6D:E9:72:5B:14:3A
            X509v3 Authority Key Identifier:
                keyid:A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35392e302f32342d3234203d3e203234383531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.247.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:a4:39:d2:6a:a7:f8:e2:88:5e:05:df:68:c4:4e:eb:6f:7b:
         62:54:85:01:0b:76:5d:01:a7:5a:16:e8:71:37:b1:2e:10:76:
         ff:f3:ec:9c:24:69:e9:b0:ac:c4:e7:4b:07:88:56:fc:be:de:
         ee:1a:5d:8b:96:a0:88:c9:fa:88:70:52:21:c2:7a:78:c8:ed:
         11:ad:b6:ea:6f:aa:7e:84:c7:22:0b:04:b1:96:5c:16:22:b9:
         0c:97:49:7f:4d:b1:09:7e:cc:0b:54:0d:83:60:ed:62:54:48:
         2b:9f:d5:44:d0:02:07:d8:1b:72:87:cc:7c:7b:e8:40:ef:6b:
         ae:3d:b4:4a:03:1c:19:a3:43:40:1a:7f:4b:4f:98:a3:80:ca:
         d6:c1:8a:77:cc:52:9f:6e:8d:c9:e9:3d:b9:16:3a:1d:69:d0:
         42:69:b5:3e:71:dd:b0:a3:35:e5:cf:03:d3:06:3a:45:67:49:
         c6:87:ef:bb:88:56:f9:be:1e:e4:7d:be:1f:2b:0c:11:f1:3c:
         6d:fb:b7:47:f1:a2:43:a1:c1:dd:36:77:11:f4:ed:e3:84:c3:
         b3:1c:65:30:20:63:6a:bc:69:48:86:65:42:68:7f:58:b0:98:
         ce:8c:02:8c:db:a5:26:94:67:ee:bc:e0:c3:85:57:1d:b2:c5:
         bd:d4:ab:c2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL3Vt+SxJmnyoEV9w8GKwfqg/V9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZjNTA5YmE0OGU1YjUwNDk0NTcyZTA1YzQ1YzU4ZTdl
MTZkODdmYjAeFw0yMzEyMjUxMjAwMDhaFw0yNDEyMjMxMjA1MDhaMDMxMTAvBgNV
BAMTKEVFMkE5RTU0QjJCMDdGRkFEMzRGNUNBQ0U2MTc2REU5NzI1QjE0M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo51kzagvc5MJzHhXmtKeD3YjM
1kYH95NdHuDxIuns4zCQcYBgiJwoyNJtXpSDCrPABv8kQwJ3UDwaux8L4kvBMSUh
szjby88BfHrj3enE9Pq1WBoYglGgkRBQ3DD7Owr96GnnT+0A8w8nzN6/fXtI/CU1
6Y92t2f3yRGH3pCol5ZjhF5BSb2yqxBh5/6y83UpivLfeBJ1eS4dsV+gHbP7/k3a
W+/OVGr47VfspoAUWgAENzch+IWkyc8TVBkxww4f1MRc/4Cg84Jsqw0Y4aB00W22
STIXMZdNkMneGksC0E3tBBSoJ5QtZdP1NQTqDKjHoyTGERgKHyG+T2R40H/fAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7iqeVLKwf/rTT1ys5hdt6XJbFDowHwYDVR0j
BBgwFoAUpsUJukjltQSUVy4FxFxY5+Fth/swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYtOTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1
NWM1LzEvQTZDNTA5QkE0OEU1QjUwNDk0NTcyRTA1QzQ1QzU4RTdFMTZEODdGQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3BzVUp1a2psdFFTVVZ5NEZ4RnhZNS1G
dGhfcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYt
OTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1NWM1LzEvMzEzNDM2MmUzMjM0MzcyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM0MzgzNTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kvc7MA0GCSqGSIb3DQEBCwUAA4IBAQDGpDnSaqf44oheBd9oxE7rb3tiVIUBC3Zd
AadaFuhxN7EuEHb/8+ycJGnpsKzE50sHiFb8vt7uGl2LlqCIyfqIcFIhwnp4yO0R
rbbqb6p+hMciCwSxllwWIrkMl0l/TbEJfswLVA2DYO1iVEgrn9VE0AIH2Btyh8x8
e+hA72uuPbRKAxwZo0NAGn9LT5ijgMrWwYp3zFKfbo3J6T25FjodadBCabU+cd2w
ozXlzwPTBjpFZ0nGh++7iFb5vh7kfb4fKwwR8Txt+7dH8aJDocHdNncR9O3jhMOz
HGUwIGNqvGlIhmVCaH9YsJjOjAKM26UmlGfuvODDhVcdssW91KvC
-----END CERTIFICATE-----
Generated at Sat Jun 15 07:40:40 2024 by rpki-client on console-fra.rpki-client.org