Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
File:                     AS14445.roa (raw, json)
Hash identifier:          fN5ELg3ly0gE09/GvU3ASyWMu1sfmo5b5nJZUQkhI08=
Subject key identifier:   4B:DB:1F:B5:7B:CB:62:A4:14:E2:7F:26:89:46:A8:4A:13:02:A8:D9
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       567DF110E3464E4F719FDD03DA5679F790DCA874
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa
Signing time:             Tue 13 Feb 2024 00:00:09 +0000
ROA not before:           Mon 12 Feb 2024 23:55:09 +0000
ROA not after:            Tue 11 Feb 2025 00:00:09 +0000
asID:                     14445
IP address blocks:        45.93.44.0/24 maxlen: 24
                          179.61.147.0/24 maxlen: 24
                          179.61.170.0/24 maxlen: 24
                          179.61.212.0/24 maxlen: 24
                          181.214.54.0/24 maxlen: 24
                          181.214.101.0/24 maxlen: 24
                          181.214.140.0/24 maxlen: 24
                          181.215.65.0/24 maxlen: 24
                          181.215.189.0/24 maxlen: 24
                          181.215.255.0/24 maxlen: 24
                          191.96.174.0/24 maxlen: 24
                          191.101.36.0/24 maxlen: 24
                          191.101.176.0/24 maxlen: 24
                          191.101.188.0/24 maxlen: 24
                          191.101.239.0/24 maxlen: 24
                          193.58.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Mar 2024 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:7d:f1:10:e3:46:4e:4f:71:9f:dd:03:da:56:79:f7:90:dc:a8:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Feb 12 23:55:09 2024 GMT
            Not After : Feb 11 00:00:09 2025 GMT
        Subject: CN=4BDB1FB57BCB62A414E27F268946A84A1302A8D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:7f:56:02:4d:4b:ca:90:04:5b:a0:15:90:9b:
                    0d:d0:35:c2:4a:57:ab:bc:e8:41:85:d0:c7:a5:a3:
                    51:dd:fd:71:80:a6:28:f7:7d:39:be:ff:c9:a6:a3:
                    6b:c8:d8:41:f0:d2:1b:07:f5:d3:29:2a:57:71:64:
                    02:04:6f:fc:64:0b:25:95:8d:a3:85:76:ef:c1:ad:
                    a6:b3:4a:55:7e:61:86:70:a1:67:73:4c:6d:50:0b:
                    28:bb:62:1f:0a:aa:0a:2a:29:ae:52:81:8c:6f:6c:
                    b4:52:09:d9:26:e8:f7:91:0d:6a:91:b5:98:87:b1:
                    cf:5d:0b:38:fd:32:f8:56:8e:9f:70:56:fd:64:91:
                    cf:57:e4:f7:01:dd:6e:95:db:78:fa:47:eb:33:f1:
                    06:11:f9:81:e0:9c:64:39:bc:8b:aa:cd:79:56:9a:
                    74:ae:3b:d7:71:f1:21:c6:cf:fb:8a:ca:b8:5a:88:
                    dc:d1:4b:8f:5e:c4:b2:1b:00:45:00:88:a7:10:d0:
                    08:00:12:61:65:2e:d3:0b:8d:e7:15:1e:52:24:3c:
                    3b:2c:f9:1c:c5:16:9b:2d:f1:cf:3f:67:6f:59:58:
                    26:15:44:a9:86:cb:84:68:1a:d0:28:ca:ee:f4:bc:
                    7b:8a:9c:69:37:bf:5d:00:20:8f:de:5a:53:c2:5a:
                    92:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:DB:1F:B5:7B:CB:62:A4:14:E2:7F:26:89:46:A8:4A:13:02:A8:D9
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14445.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.44.0/24
                  179.61.147.0/24
                  179.61.170.0/24
                  179.61.212.0/24
                  181.214.54.0/24
                  181.214.101.0/24
                  181.214.140.0/24
                  181.215.65.0/24
                  181.215.189.0/24
                  181.215.255.0/24
                  191.96.174.0/24
                  191.101.36.0/24
                  191.101.176.0/24
                  191.101.188.0/24
                  191.101.239.0/24
                  193.58.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:7f:3e:03:0a:e8:7a:c8:78:77:ed:1c:70:de:0a:08:51:9a:
         a8:5c:74:e5:a7:96:35:e6:d3:0e:9f:d9:b7:33:33:b8:8a:fb:
         fe:6f:d4:dd:1f:83:d9:9b:ae:f3:3a:3f:5f:11:91:af:d0:2d:
         8a:7c:6f:2a:e5:de:cb:d4:5f:5f:bc:b1:68:ad:ff:85:8f:0b:
         c8:ab:f3:22:01:a8:23:13:2f:bc:31:12:7a:16:e4:2f:33:e4:
         7a:e2:b0:15:f6:48:a8:a0:89:2d:52:c1:e7:ac:7a:7a:3e:ad:
         52:82:ad:24:62:d0:cd:36:eb:a2:ba:df:1d:a1:28:b0:c7:39:
         b1:12:41:8a:96:a9:ce:a3:df:5c:ba:cb:20:2f:58:d4:fe:6d:
         c0:2b:82:7f:25:4d:0c:40:c3:58:23:da:8e:3e:9e:ca:29:14:
         5e:e6:33:53:3c:0b:a6:bd:cd:0a:b9:ba:f2:2b:13:9f:c5:90:
         11:78:03:23:47:2e:e2:ac:aa:ad:09:cc:19:5c:ad:51:e5:31:
         0a:6e:f2:30:e8:aa:73:9c:3a:da:d0:1c:60:dc:ce:9a:54:17:
         ec:1c:84:90:07:e8:ce:e5:1b:88:71:02:5e:5d:fd:00:f0:9b:
         83:ad:dc:d7:93:85:6f:00:2c:f0:12:1d:62:50:f6:65:05:43:
         5f:2f:54:8d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUVn3xEONGTk9xn90D2lZ595DcqHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAyMTIyMzU1MDlaFw0yNTAyMTEwMDAwMDlaMDMxMTAvBgNV
BAMTKDRCREIxRkI1N0JDQjYyQTQxNEUyN0YyNjg5NDZBODRBMTMwMkE4RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUf1YCTUvKkARboBWQmw3QNcJK
V6u86EGF0Melo1Hd/XGApij3fTm+/8mmo2vI2EHw0hsH9dMpKldxZAIEb/xkCyWV
jaOFdu/BraazSlV+YYZwoWdzTG1QCyi7Yh8KqgoqKa5SgYxvbLRSCdkm6PeRDWqR
tZiHsc9dCzj9MvhWjp9wVv1kkc9X5PcB3W6V23j6R+sz8QYR+YHgnGQ5vIuqzXlW
mnSuO9dx8SHGz/uKyrhaiNzRS49exLIbAEUAiKcQ0AgAEmFlLtMLjecVHlIkPDss
+RzFFpst8c8/Z29ZWCYVRKmGy4RoGtAoyu70vHuKnGk3v10AII/eWlPCWpIlAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUS9sftXvLYqQU4n8miUaoShMCqNkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQ0NDUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIweQYIKwYBBQUHAQcBAf8EajBoMGYEAgABMGADBAAtXSwD
BACzPZMDBACzPaoDBACzPdQDBAC11jYDBAC11mUDBAC11owDBAC110EDBAC1170D
BAC11/8DBAC/YK4DBAC/ZSQDBAC/ZbADBAC/ZbwDBAC/Ze8DBADBOmowDQYJKoZI
hvcNAQELBQADggEBAH5/PgMK6HrIeHftHHDeCghRmqhcdOWnljXm0w6f2bczM7iK
+/5v1N0fg9mbrvM6P18Rka/QLYp8byrl3svUX1+8sWit/4WPC8ir8yIBqCMTL7wx
EnoW5C8z5HrisBX2SKigiS1Sweeseno+rVKCrSRi0M0266K63x2hKLDHObESQYqW
qc6j31y6yyAvWNT+bcArgn8lTQxAw1gj2o4+nsopFF7mM1M8C6a9zQq5uvIrE5/F
kBF4AyNHLuKsqq0JzBlcrVHlMQpu8jDoqnOcOtrQHGDczppUF+wchJAH6M7lG4hx
Al5d/QDwm4Ot3NeThW8ALPASHWJQ9mUFQ18vVI0=
-----END CERTIFICATE-----
Generated at Sun Mar 3 11:03:31 2024 by rpki-client on console-fra.rpki-client.org