Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3139352e3138342e3234372e302f32342d3234203d3e203437323732.roa
File:                     3139352e3138342e3234372e302f32342d3234203d3e203437323732.roa (raw, json)
Hash identifier:          JdQxoBY6+xo7xtCZX6nc+NrZJm6MDbLJm4sE0Lwg7jk=
Subject key identifier:   1A:EA:C9:81:CA:25:60:32:43:62:E0:BE:7B:4D:D8:A7:73:94:A8:40
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       1AEE426A63BFE040E7DF4DAF81555A1FD96F89D9
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3139352e3138342e3234372e302f32342d3234203d3e203437323732.roa
Signing time:             Wed 15 May 2024 10:12:57 +0000
ROA not before:           Wed 15 May 2024 10:07:57 +0000
ROA not after:            Wed 14 May 2025 10:12:57 +0000
asID:                     47272
IP address blocks:        195.184.247.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:ee:42:6a:63:bf:e0:40:e7:df:4d:af:81:55:5a:1f:d9:6f:89:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: May 15 10:07:57 2024 GMT
            Not After : May 14 10:12:57 2025 GMT
        Subject: CN=1AEAC981CA2560324362E0BE7B4DD8A77394A840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5b:a7:53:f5:bd:7b:dd:0b:5d:79:b4:36:7e:
                    6a:6f:ed:9d:da:85:7f:15:76:27:88:49:7b:5b:e1:
                    7d:f7:02:e9:af:57:92:21:06:c2:48:36:3c:d0:62:
                    ab:b3:43:85:fc:b2:f5:b8:37:86:b5:62:fc:73:5f:
                    09:7b:c4:d6:d5:da:7c:95:b2:6d:ef:76:1a:40:34:
                    7e:5e:fd:d1:8b:7f:22:55:5c:83:13:83:27:15:1b:
                    5e:ed:de:fd:76:9d:81:4e:b9:26:b7:ec:b5:45:13:
                    c1:8a:70:41:d6:8f:86:ae:b3:f6:af:71:40:3b:4f:
                    b0:bc:5e:ec:79:96:b7:e1:09:74:55:56:12:77:da:
                    06:8c:48:a2:b0:a0:b5:1e:b3:96:8d:b7:a0:4c:0e:
                    bf:fb:d7:58:f0:73:a0:fd:ff:ea:9f:63:a4:28:25:
                    f1:09:e6:2c:ed:01:da:a6:04:e7:15:84:6a:66:21:
                    b3:d6:2d:7d:09:1e:47:c3:4e:16:17:ce:1f:85:59:
                    fc:79:2b:aa:60:8d:e8:c7:5d:2b:b4:52:b0:8b:a4:
                    cb:12:ac:61:1e:e9:9b:ab:14:7e:b5:3d:c9:92:fe:
                    c4:6a:44:64:38:32:a4:0c:22:b3:27:9d:92:60:e2:
                    73:1f:85:4d:3e:38:2a:a6:2d:c7:e5:c3:d8:b3:da:
                    94:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:EA:C9:81:CA:25:60:32:43:62:E0:BE:7B:4D:D8:A7:73:94:A8:40
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3139352e3138342e3234372e302f32342d3234203d3e203437323732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.184.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:1f:f9:e9:25:9a:5a:4c:5f:2d:25:77:cf:77:14:b0:6f:cf:
         95:d7:6e:b8:80:7f:f3:24:44:1f:52:eb:21:31:8d:32:09:ed:
         0d:eb:21:9f:4f:b7:2b:5f:83:46:a7:21:92:d9:5c:a1:21:10:
         4b:82:72:c4:4a:aa:e0:3d:6c:17:1b:52:2e:b5:86:35:34:ad:
         56:23:89:58:11:ff:77:84:90:9d:74:9c:a4:6b:ac:b2:30:df:
         1e:26:1a:b4:2b:6b:d9:51:1b:56:5b:97:df:06:21:78:27:87:
         88:46:86:c6:73:76:dc:75:22:3f:ef:38:41:57:69:bf:c2:ca:
         2e:54:dc:43:39:31:b7:98:5c:6f:17:95:2b:58:75:da:53:ce:
         b1:47:9f:6c:0a:ca:7c:c3:12:78:cf:9a:31:ea:14:9e:a5:da:
         7f:65:fe:84:c6:f1:d9:39:38:68:e4:54:32:dc:c0:35:f2:9b:
         16:8b:37:c5:03:cf:de:04:97:cf:1a:90:c3:4b:87:c7:2a:40:
         a0:bc:b3:49:18:e9:d1:c6:69:c5:94:74:c5:5e:cd:7e:68:a2:
         ad:2d:b0:c2:4b:ce:e6:44:b1:b0:ca:2a:ad:5d:ea:2a:36:47:
         c2:f1:22:20:8c:c6:ee:a2:ae:07:96:7d:7a:6b:43:56:55:6b:
         bf:4d:63:b6
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUGu5CamO/4EDn302vgVVaH9lvidkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA1MTUxMDA3NTdaFw0yNTA1MTQxMDEyNTdaMDMxMTAvBgNV
BAMTKDFBRUFDOTgxQ0EyNTYwMzI0MzYyRTBCRTdCNEREOEE3NzM5NEE4NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWW6dT9b173QtdebQ2fmpv7Z3a
hX8VdieISXtb4X33AumvV5IhBsJINjzQYquzQ4X8svW4N4a1YvxzXwl7xNbV2nyV
sm3vdhpANH5e/dGLfyJVXIMTgycVG17t3v12nYFOuSa37LVFE8GKcEHWj4aus/av
cUA7T7C8Xux5lrfhCXRVVhJ32gaMSKKwoLUes5aNt6BMDr/711jwc6D9/+qfY6Qo
JfEJ5iztAdqmBOcVhGpmIbPWLX0JHkfDThYXzh+FWfx5K6pgjejHXSu0UrCLpMsS
rGEe6ZurFH61PcmS/sRqRGQ4MqQMIrMnnZJg4nMfhU0+OCqmLcflw9iz2pTtAgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUGurJgcolYDJDYuC+e03Yp3OUqEAwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzEzOTM1MmUzMTM4MzQyZTMy
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDuPcwDQYJKoZIhvcNAQELBQADggEBAFwf+eklmlpMXy0ld893FLBvz5XXbriA
f/MkRB9S6yExjTIJ7Q3rIZ9Ptytfg0anIZLZXKEhEEuCcsRKquA9bBcbUi61hjU0
rVYjiVgR/3eEkJ10nKRrrLIw3x4mGrQra9lRG1Zbl98GIXgnh4hGhsZzdtx1Ij/v
OEFXab/Cyi5U3EM5MbeYXG8XlStYddpTzrFHn2wKynzDEnjPmjHqFJ6l2n9l/oTG
8dk5OGjkVDLcwDXymxaLN8UDz94El88akMNLh8cqQKC8s0kY6dHGacWUdMVezX5o
oq0tsMJLzuZEsbDKKq1d6io2R8LxIiCMxu6irgeWfXprQ1ZVa79NY7Y=
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:06:47 2024 by rpki-client on console-fra.rpki-client.org