Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14445.roa
File:                     AS14445.roa (raw, json)
Hash identifier:          sEwbKJuQROX4EyxnMpvGyz+15zuIoBc6jFgYlMjouPs=
Subject key identifier:   81:FC:46:38:9C:74:66:E6:9D:40:5F:A7:45:37:9E:5D:99:DD:1C:2B
Certificate issuer:       /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial:       58C7D58DF699C4A3B6E1C59C4B042369E846ABE9
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14445.roa
Signing time:             Thu 13 Jul 2023 18:38:11 +0000
ROA not before:           Thu 13 Jul 2023 18:33:11 +0000
ROA not after:            Thu 11 Jul 2024 18:38:11 +0000
asID:                     14445
IP address blocks:        193.142.6.0/24 maxlen: 24
                          195.20.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 03 Mar 2024 22:13:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:c7:d5:8d:f6:99:c4:a3:b6:e1:c5:9c:4b:04:23:69:e8:46:ab:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
        Validity
            Not Before: Jul 13 18:33:11 2023 GMT
            Not After : Jul 11 18:38:11 2024 GMT
        Subject: CN=81FC46389C7466E69D405FA745379E5D99DD1C2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9a:e2:4e:dd:0e:8a:f7:66:f7:8e:99:69:da:
                    9b:fc:c9:03:b3:f4:fb:c7:2b:ca:05:b7:3b:19:71:
                    26:18:97:db:38:ce:b2:47:b6:81:65:2d:0b:06:03:
                    7c:a5:b0:e3:b0:9b:b6:24:fe:63:8d:f9:3a:45:ff:
                    79:a8:d7:19:b3:fc:39:58:e7:21:fc:12:17:a2:e0:
                    cd:23:d5:f1:30:78:67:be:d3:90:15:48:62:bd:f0:
                    2b:ec:54:3c:2a:79:5b:7c:14:46:40:b9:5d:ca:d5:
                    f4:e9:97:45:6b:89:fc:55:90:b6:10:64:0b:51:f8:
                    ea:a7:2b:db:ad:a3:d7:91:c4:06:26:f0:7e:30:67:
                    99:12:15:3f:d4:20:4e:67:11:f5:5a:72:c2:b9:d5:
                    c9:64:5f:2e:77:74:5a:59:42:8d:c4:28:76:24:ce:
                    bf:76:1d:da:52:28:09:be:1a:c0:2c:eb:16:6c:fa:
                    89:f4:13:8a:75:47:27:c4:b8:07:ba:ca:80:25:e4:
                    73:f6:b3:cb:e2:77:19:40:08:8a:34:6a:b2:29:88:
                    e3:e7:76:12:4e:46:38:89:0c:f1:a2:cd:00:90:27:
                    fe:c4:dd:ef:de:14:14:b9:dc:b3:03:7a:0b:d6:a1:
                    38:90:21:bf:fe:5a:da:a9:90:d1:90:d0:8a:e3:d7:
                    33:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:FC:46:38:9C:74:66:E6:9D:40:5F:A7:45:37:9E:5D:99:DD:1C:2B
            X509v3 Authority Key Identifier:
                keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS14445.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.142.6.0/24
                  195.20.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:3f:ae:af:31:6f:5e:1f:84:4c:dc:a4:9a:89:d1:22:dc:20:
         02:2d:ba:f6:5f:8c:8b:c8:a9:f1:d3:1a:f4:3e:92:1d:4a:0f:
         77:35:84:20:a9:49:58:12:64:4a:68:7f:9f:8a:75:d5:ea:df:
         63:9e:ca:11:a0:8d:e2:84:e2:d3:69:93:ae:71:6a:d4:4a:a9:
         98:0d:6d:cc:9d:0e:6f:cd:85:8b:2a:ac:54:82:72:31:10:f8:
         cf:43:68:4f:66:02:9c:9f:4a:16:c0:a2:10:ae:44:28:d3:7e:
         1a:23:2a:6e:d9:44:c6:e9:3f:9b:02:87:cf:c4:9f:74:6a:36:
         44:c5:a7:d9:27:5c:4b:80:f1:37:c1:cc:75:d4:49:c0:8d:80:
         6e:dc:e8:48:32:bf:69:e8:f0:7b:cf:82:41:de:05:01:b2:70:
         3b:13:46:33:4c:90:ac:f6:62:6a:33:f0:24:f0:35:14:1d:d4:
         67:ba:f3:ac:bc:6f:c9:f8:59:45:39:72:5b:7f:04:f1:a7:16:
         fa:97:8b:fc:e8:a5:1a:f1:16:9a:dc:25:e8:33:8b:c7:a6:e7:
         6f:ea:21:92:6f:f4:f2:29:10:2e:c6:2e:f0:b9:1a:11:4c:a2:
         e8:49:9d:c5:50:4c:0c:ef:67:d4:14:9e:93:ec:a3:fa:f2:64:
         b8:f3:8c:db
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUWMfVjfaZxKO24cWcSwQjaehGq+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzA3MTMxODMzMTFaFw0yNDA3MTExODM4MTFaMDMxMTAvBgNV
BAMTKDgxRkM0NjM4OUM3NDY2RTY5RDQwNUZBNzQ1Mzc5RTVEOTlERDFDMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7muJO3Q6K92b3jplp2pv8yQOz
9PvHK8oFtzsZcSYYl9s4zrJHtoFlLQsGA3ylsOOwm7Yk/mON+TpF/3mo1xmz/DlY
5yH8Ehei4M0j1fEweGe+05AVSGK98CvsVDwqeVt8FEZAuV3K1fTpl0VrifxVkLYQ
ZAtR+OqnK9uto9eRxAYm8H4wZ5kSFT/UIE5nEfVacsK51clkXy53dFpZQo3EKHYk
zr92HdpSKAm+GsAs6xZs+on0E4p1RyfEuAe6yoAl5HP2s8vidxlACIo0arIpiOPn
dhJORjiJDPGizQCQJ/7E3e/eFBS53LMDegvWoTiQIb/+WtqpkNGQ0Irj1zNvAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUgfxGOJx0ZuadQF+nRTeeXZndHCswHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMTQ0NDUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBADBjgYD
BADDFGgwDQYJKoZIhvcNAQELBQADggEBAJM/rq8xb14fhEzcpJqJ0SLcIAItuvZf
jIvIqfHTGvQ+kh1KD3c1hCCpSVgSZEpof5+KddXq32OeyhGgjeKE4tNpk65xatRK
qZgNbcydDm/NhYsqrFSCcjEQ+M9DaE9mApyfShbAohCuRCjTfhojKm7ZRMbpP5sC
h8/En3RqNkTFp9knXEuA8TfBzHXUScCNgG7c6Egyv2no8HvPgkHeBQGycDsTRjNM
kKz2Ymoz8CTwNRQd1Ge686y8b8n4WUU5clt/BPGnFvqXi/zopRrxFprcJegzi8em
52/qIZJv9PIpEC7GLvC5GhFMouhJncVQTAzvZ9QUnpPso/ryZLjzjNs=
-----END CERTIFICATE-----
Generated at Sun Mar 3 06:42:21 2024 by rpki-client on console-fra.rpki-client.org