Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS60781.roa
File:                     AS60781.roa (raw, json)
Hash identifier:          4AybkFkZjbp+mF4dWuOdZQzilI42GKioCooEuPEwdq8=
Subject key identifier:   3D:4B:92:4B:B4:DE:B7:E4:3F:37:B4:22:5A:E8:DA:6D:1C:64:35:AC
Certificate issuer:       /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial:       1519C9FE37E3FEF138855D0E1AF42819E85074CF
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS60781.roa
Signing time:             Thu 31 Oct 2024 13:43:26 +0000
ROA not before:           Thu 31 Oct 2024 13:38:26 +0000
ROA not after:            Thu 30 Oct 2025 13:43:26 +0000
asID:                     60781
IP address blocks:        152.89.251.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:19:c9:fe:37:e3:fe:f1:38:85:5d:0e:1a:f4:28:19:e8:50:74:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
        Validity
            Not Before: Oct 31 13:38:26 2024 GMT
            Not After : Oct 30 13:43:26 2025 GMT
        Subject: CN=3D4B924BB4DEB7E43F37B4225AE8DA6D1C6435AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e0:18:e4:b8:cc:07:bf:6e:67:73:4b:66:c4:
                    5d:39:59:24:f8:db:bc:a2:82:ca:4b:46:15:c7:40:
                    1d:f2:4e:cf:57:88:ba:d3:4d:be:37:0b:0d:77:c3:
                    3a:1f:c3:42:fb:5a:e2:f2:9a:ce:83:03:37:7c:bb:
                    ee:28:43:6b:53:09:2d:43:7c:55:80:87:0e:83:bc:
                    59:07:cc:05:0c:c7:31:1e:3a:e5:e6:40:18:04:84:
                    3b:f8:1d:2c:00:60:72:78:ef:48:94:1f:8f:35:ca:
                    cb:34:4b:b8:78:3c:7b:c9:e1:30:96:6c:92:2e:2b:
                    cb:5e:a7:a7:52:bf:c4:89:50:e2:b6:e0:a0:4c:52:
                    6f:69:ce:52:26:99:23:1e:de:92:6c:62:d5:08:2b:
                    e2:55:ad:5a:34:ab:72:44:5c:db:e7:59:2d:9a:ba:
                    03:70:19:0f:ee:f2:93:ec:70:b2:b9:1a:c3:f3:f9:
                    ac:92:87:7c:a2:a8:c6:97:50:b4:7c:a0:dc:b9:14:
                    11:9c:c0:00:c5:1d:7d:b4:69:fd:e2:22:02:3c:5b:
                    56:b9:c0:dc:01:41:56:50:1e:96:5a:47:97:75:95:
                    e7:04:ac:04:5b:e3:91:38:7e:d3:20:e7:fb:9d:b9:
                    cf:69:75:31:42:7a:af:62:62:9c:40:63:64:d1:42:
                    7f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:4B:92:4B:B4:DE:B7:E4:3F:37:B4:22:5A:E8:DA:6D:1C:64:35:AC
            X509v3 Authority Key Identifier:
                keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS60781.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:2d:86:6f:b9:bb:47:67:88:11:5e:d9:c3:73:a9:f9:8d:a5:
         7b:76:e8:5f:1a:b2:be:45:d8:4d:fc:08:19:f5:e8:cf:09:ff:
         79:11:ee:23:8d:14:b7:04:79:bb:ed:ca:cc:b4:85:b2:59:ed:
         47:70:06:6d:5a:57:af:67:95:25:ba:a0:57:ad:bd:92:f4:2d:
         7a:75:ab:23:8a:3e:2c:da:ca:5f:cb:67:d0:20:d1:c0:4c:bd:
         5c:f8:c8:fa:6f:94:0e:57:73:92:e5:d0:c2:64:04:cf:77:fc:
         9e:6d:d4:49:0b:57:70:77:c2:3a:b3:f1:bd:af:62:13:1b:62:
         30:5f:e5:5e:dc:98:19:d5:a3:73:1c:fe:ee:e0:5f:52:f1:37:
         f2:0f:95:2b:96:b9:2a:3e:5d:8c:25:a5:0a:25:89:a1:98:79:
         e1:6e:58:b3:ad:e3:df:f8:c4:6a:97:c8:b6:3a:a8:2f:27:63:
         c9:aa:64:6b:24:aa:1e:2d:64:10:fe:60:91:3f:12:51:84:71:
         10:bf:b4:c9:28:0a:9f:e5:26:bc:e8:78:59:9b:66:a5:35:50:
         79:4a:54:81:42:f1:4d:73:b1:b4:11:87:fc:2b:90:b6:51:13:
         08:a4:eb:eb:ba:63:2d:a1:9f:5f:d3:d3:a6:15:f0:37:91:04:
         46:b8:de:6c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUFRnJ/jfj/vE4hV0OGvQoGehQdM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDEwMzExMzM4MjZaFw0yNTEwMzAxMzQzMjZaMDMxMTAvBgNV
BAMTKDNENEI5MjRCQjRERUI3RTQzRjM3QjQyMjVBRThEQTZEMUM2NDM1QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK4BjkuMwHv25nc0tmxF05WST4
27yigspLRhXHQB3yTs9XiLrTTb43Cw13wzofw0L7WuLyms6DAzd8u+4oQ2tTCS1D
fFWAhw6DvFkHzAUMxzEeOuXmQBgEhDv4HSwAYHJ470iUH481yss0S7h4PHvJ4TCW
bJIuK8tep6dSv8SJUOK24KBMUm9pzlImmSMe3pJsYtUIK+JVrVo0q3JEXNvnWS2a
ugNwGQ/u8pPscLK5GsPz+aySh3yiqMaXULR8oNy5FBGcwADFHX20af3iIgI8W1a5
wNwBQVZQHpZaR5d1lecErARb45E4ftMg5/uduc9pdTFCeq9iYpxAY2TRQn/pAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUPUuSS7Tet+Q/N7QiWujabRxkNawwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTNjA3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACYWfsw
DQYJKoZIhvcNAQELBQADggEBAJIthm+5u0dniBFe2cNzqfmNpXt26F8asr5F2E38
CBn16M8J/3kR7iONFLcEebvtysy0hbJZ7UdwBm1aV69nlSW6oFetvZL0LXp1qyOK
Pizayl/LZ9Ag0cBMvVz4yPpvlA5Xc5Ll0MJkBM93/J5t1EkLV3B3wjqz8b2vYhMb
YjBf5V7cmBnVo3Mc/u7gX1LxN/IPlSuWuSo+XYwlpQoliaGYeeFuWLOt49/4xGqX
yLY6qC8nY8mqZGskqh4tZBD+YJE/ElGEcRC/tMkoCp/lJrzoeFmbZqU1UHlKVIFC
8U1zsbQRh/wrkLZREwik6+u6Yy2hn1/T06YV8DeRBEa43mw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:15:23 2024 by rpki-client on console-ams.rpki-client.org