Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
File:                     AS210542.roa (raw, json)
Hash identifier:          WjDiVdONXSSnFXKjjr1M6Ngd5/NzjWxz4dEXkSGaubk=
Subject key identifier:   8E:46:10:87:65:51:1B:C5:C9:1F:28:B5:A0:AC:5E:D1:EE:59:2B:1F
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       46A9D14280A558D08A3717B323C34950967E58CC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa
Signing time:             Sun 15 Sep 2024 00:01:09 +0000
ROA not before:           Sat 14 Sep 2024 23:56:09 +0000
ROA not after:            Sun 14 Sep 2025 00:01:09 +0000
asID:                     210542
IP address blocks:        179.61.173.0/24 maxlen: 24
                          181.214.2.0/24 maxlen: 24
                          181.214.25.0/24 maxlen: 24
                          181.214.33.0/24 maxlen: 24
                          181.214.75.0/24 maxlen: 24
                          181.214.130.0/24 maxlen: 24
                          181.214.132.0/24 maxlen: 24
                          181.214.185.0/24 maxlen: 24
                          181.214.205.0/24 maxlen: 24
                          181.214.250.0/24 maxlen: 24
                          181.215.18.0/24 maxlen: 24
                          181.215.110.0/24 maxlen: 24
                          181.215.127.0/24 maxlen: 24
                          181.215.136.0/24 maxlen: 24
                          181.215.148.0/24 maxlen: 24
                          181.215.154.0/24 maxlen: 24
                          181.215.190.0/24 maxlen: 24
                          181.215.239.0/24 maxlen: 24
                          185.139.238.0/24 maxlen: 24
                          185.173.27.0/24 maxlen: 24
                          191.96.111.0/24 maxlen: 24
                          194.53.142.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:a9:d1:42:80:a5:58:d0:8a:37:17:b3:23:c3:49:50:96:7e:58:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Sep 14 23:56:09 2024 GMT
            Not After : Sep 14 00:01:09 2025 GMT
        Subject: CN=8E46108765511BC5C91F28B5A0AC5ED1EE592B1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5d:7e:e5:af:91:13:39:d0:a7:96:83:22:4b:
                    fc:2a:1b:db:79:85:09:26:b1:23:0f:49:ac:be:6c:
                    b2:d1:a9:07:d6:3d:08:21:22:ec:6c:68:7c:fb:a1:
                    ba:82:c7:3e:80:18:78:a1:bd:1a:85:7c:21:fc:11:
                    3b:1a:f9:4b:a4:87:1b:18:43:1c:b2:d9:c0:b6:ab:
                    4c:dd:cb:f8:40:40:8f:c8:1b:4d:91:f5:d5:d0:a1:
                    74:67:f1:47:12:4b:49:21:c6:4f:87:01:59:03:46:
                    00:be:0a:9f:83:77:e5:ac:64:f2:cc:a3:af:e7:45:
                    ee:c3:ad:12:cd:72:c0:24:f1:2d:e4:87:f6:be:16:
                    3f:87:f8:14:72:89:54:66:ff:2c:85:40:75:3c:90:
                    b5:3f:fc:ba:a9:77:e3:53:04:7f:fe:68:e7:80:d9:
                    f1:66:c2:85:e4:3b:17:f2:bb:7b:29:bd:0f:5a:0b:
                    70:ee:bf:6b:2d:a0:5d:6f:e2:4a:47:6c:37:8d:1d:
                    cf:36:04:01:6d:11:d8:de:e8:53:36:6c:62:29:8f:
                    2d:d9:f6:f8:47:2f:20:21:ab:ea:f6:f2:0e:e2:38:
                    72:2f:aa:1d:3f:32:4c:dc:03:83:9d:db:f8:9c:fd:
                    a2:90:7e:03:c5:8d:ad:c6:7a:e9:b6:21:a5:7c:ab:
                    05:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:46:10:87:65:51:1B:C5:C9:1F:28:B5:A0:AC:5E:D1:EE:59:2B:1F
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210542.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.173.0/24
                  181.214.2.0/24
                  181.214.25.0/24
                  181.214.33.0/24
                  181.214.75.0/24
                  181.214.130.0/24
                  181.214.132.0/24
                  181.214.185.0/24
                  181.214.205.0/24
                  181.214.250.0/24
                  181.215.18.0/24
                  181.215.110.0/24
                  181.215.127.0/24
                  181.215.136.0/24
                  181.215.148.0/24
                  181.215.154.0/24
                  181.215.190.0/24
                  181.215.239.0/24
                  185.139.238.0/24
                  185.173.27.0/24
                  191.96.111.0/24
                  194.53.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:74:24:00:3d:9e:49:fe:ed:7e:26:e1:a4:92:39:eb:84:49:
         02:05:34:03:81:d7:92:53:9b:ad:43:05:7b:a7:26:ec:9f:cd:
         97:4c:03:8d:32:75:30:70:11:41:7a:bc:03:63:e8:64:cb:a8:
         6c:0d:de:87:cf:92:1b:be:bb:14:b6:62:1c:a9:87:64:1f:24:
         8d:66:3d:a4:40:5c:b7:21:1e:b1:61:08:60:8a:2f:f9:87:78:
         47:40:00:ab:f3:dd:ce:b8:fc:b7:87:53:64:26:8a:c9:5c:fa:
         f0:fe:c5:16:9f:fd:f5:0f:4d:8f:70:4d:8d:f3:03:aa:c8:31:
         c1:e2:98:f5:82:71:a9:a1:d7:70:1f:d1:1f:be:ad:22:b2:f4:
         f5:e9:92:60:1c:14:04:90:b0:4c:bc:92:59:2b:53:0e:34:9c:
         22:98:ca:1f:3e:e2:02:7f:d8:8a:ec:30:6e:ad:73:5b:48:6b:
         a1:f0:6a:10:e9:d6:81:88:66:91:6d:0a:df:d0:99:59:da:ea:
         66:b4:40:36:f6:85:9f:cb:73:fc:5f:a7:2a:ed:6e:1c:18:2c:
         cf:29:3b:6c:71:d6:2e:46:8a:d9:49:de:7b:c4:66:b0:fd:3d:
         2f:fe:89:17:1c:dc:c0:19:7b:48:91:1b:df:79:cb:2d:9a:4e:
         64:08:79:e8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIURqnRQoClWNCKNxezI8NJUJZ+WMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MTQyMzU2MDlaFw0yNTA5MTQwMDAxMDlaMDMxMTAvBgNV
BAMTKDhFNDYxMDg3NjU1MTFCQzVDOTFGMjhCNUEwQUM1RUQxRUU1OTJCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWXX7lr5ETOdCnloMiS/wqG9t5
hQkmsSMPSay+bLLRqQfWPQghIuxsaHz7obqCxz6AGHihvRqFfCH8ETsa+UukhxsY
Qxyy2cC2q0zdy/hAQI/IG02R9dXQoXRn8UcSS0khxk+HAVkDRgC+Cp+Dd+WsZPLM
o6/nRe7DrRLNcsAk8S3kh/a+Fj+H+BRyiVRm/yyFQHU8kLU//Lqpd+NTBH/+aOeA
2fFmwoXkOxfyu3spvQ9aC3Duv2stoF1v4kpHbDeNHc82BAFtEdje6FM2bGIpjy3Z
9vhHLyAhq+r28g7iOHIvqh0/MkzcA4Od2/ic/aKQfgPFja3Geum2IaV8qwWvAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUjkYQh2VRG8XJHyi1oKxe0e5ZKx8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwNTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQD
BACzPa0DBAC11gIDBAC11hkDBAC11iEDBAC11ksDBAC11oIDBAC11oQDBAC11rkD
BAC11s0DBAC11voDBAC11xIDBAC1124DBAC1138DBAC114gDBAC115QDBAC115oD
BAC1174DBAC11+8DBAC5i+4DBAC5rRsDBAC/YG8DBADCNY4wDQYJKoZIhvcNAQEL
BQADggEBADV0JAA9nkn+7X4m4aSSOeuESQIFNAOB15JTm61DBXunJuyfzZdMA40y
dTBwEUF6vANj6GTLqGwN3ofPkhu+uxS2Yhyph2QfJI1mPaRAXLchHrFhCGCKL/mH
eEdAAKvz3c64/LeHU2Qmislc+vD+xRaf/fUPTY9wTY3zA6rIMcHimPWCcamh13Af
0R++rSKy9PXpkmAcFASQsEy8klkrUw40nCKYyh8+4gJ/2IrsMG6tc1tIa6HwahDp
1oGIZpFtCt/QmVna6ma0QDb2hZ/Lc/xfpyrtbhwYLM8pO2xx1i5GitlJ3nvEZrD9
PS/+iRcc3MAZe0iRG995yy2aTmQIeeg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:57 2024 by rpki-client on console-ams.rpki-client.org