Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130352e302f32342d3234203d3e20323135383836.roa
File:                     3138352e3234302e3130352e302f32342d3234203d3e20323135383836.roa (raw, json)
Hash identifier:          Zg7Zy94s0jkW2vAFLU4oSa1vifJGmomHg+RPCbDKJZY=
Subject key identifier:   38:FC:39:FA:4B:DD:DC:19:51:BC:B6:A1:07:21:CF:7A:27:F2:33:32
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       66D547ADBCA641F2E63E075495D23E058BF623A7
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130352e302f32342d3234203d3e20323135383836.roa
Signing time:             Fri 26 Jul 2024 23:44:46 +0000
ROA not before:           Fri 26 Jul 2024 23:39:46 +0000
ROA not after:            Fri 25 Jul 2025 23:44:46 +0000
asID:                     215886
IP address blocks:        185.240.105.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:d5:47:ad:bc:a6:41:f2:e6:3e:07:54:95:d2:3e:05:8b:f6:23:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Jul 26 23:39:46 2024 GMT
            Not After : Jul 25 23:44:46 2025 GMT
        Subject: CN=38FC39FA4BDDDC1951BCB6A10721CF7A27F23332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:2e:93:79:b7:91:22:45:e1:21:19:16:91:d8:
                    1d:24:e6:62:fe:92:75:00:f8:41:b6:b6:ae:50:8d:
                    39:9b:00:16:e7:f2:5f:3d:b4:d0:45:89:d7:37:1e:
                    f4:0f:59:72:41:21:11:d5:5e:bc:93:d8:99:e4:a0:
                    41:3b:fd:46:de:53:02:f9:2a:76:ff:a2:6d:f4:26:
                    8e:fe:82:a8:82:41:90:dd:06:9a:46:42:b9:57:20:
                    5e:ed:96:72:79:c7:60:b4:32:e5:2c:4d:5d:c8:23:
                    bc:4b:85:be:53:5f:41:f0:0d:7c:00:59:3e:36:5c:
                    5f:f6:43:18:da:f2:e7:92:bd:67:79:bb:d0:18:ff:
                    42:f8:45:ce:b7:13:c9:6f:23:07:90:2b:a5:80:cb:
                    a6:6d:47:31:50:60:8c:d9:d3:da:4b:0e:d1:97:61:
                    bc:da:e2:41:ca:e1:af:49:75:d9:0b:bc:41:7b:35:
                    de:77:48:72:9b:be:84:a5:4a:1b:1b:bc:8f:7f:cc:
                    30:8d:70:a5:96:9c:70:a8:6e:08:dc:17:40:30:ec:
                    d8:76:d6:d9:4e:3b:65:9d:37:1a:ea:69:df:e4:66:
                    58:d0:8c:47:7b:aa:bf:79:50:d4:82:e1:c2:c1:c7:
                    99:8e:2d:d4:34:42:32:09:f5:e3:67:37:59:ce:01:
                    da:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:FC:39:FA:4B:DD:DC:19:51:BC:B6:A1:07:21:CF:7A:27:F2:33:32
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130352e302f32342d3234203d3e20323135383836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.240.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:d2:86:aa:8f:e2:27:04:1c:92:e8:6c:ee:15:54:1f:54:01:
         2b:c7:19:fc:e0:f3:24:47:8d:51:f3:c9:bd:0b:9d:01:0f:66:
         23:0e:3c:69:5a:06:16:e5:b7:92:d0:9e:bc:f4:a1:d6:af:44:
         5d:56:18:cd:c6:59:56:19:bc:9e:19:03:01:da:b4:81:20:c6:
         c8:be:09:04:cf:fe:d5:b0:8c:6d:e7:cb:ec:74:ef:54:20:fa:
         90:a2:05:00:2e:69:0e:6a:e1:b0:d3:f0:ef:28:07:d5:c3:55:
         ce:2d:63:03:8f:2a:d0:3d:08:41:63:6a:1d:3a:a2:02:21:41:
         14:72:f0:2c:b3:38:da:03:0f:70:5e:0b:b6:df:c4:90:04:69:
         99:d6:79:0d:57:45:b7:86:a4:c3:72:5c:44:bc:8e:8f:90:4d:
         a0:ac:fd:82:8b:d0:6b:9f:2d:49:77:a4:65:8a:73:27:71:ab:
         25:4c:bf:46:03:dc:44:4c:e6:6e:42:fe:d2:6b:c0:83:53:5a:
         09:ee:56:4e:86:5f:66:48:52:4c:b9:33:ad:2e:55:e1:9e:57:
         8c:b7:00:65:e5:8b:7f:15:79:43:a2:4a:22:cc:1d:a1:8a:20:
         c5:8a:99:79:b1:cc:1e:d5:f5:28:f9:2d:a7:9d:65:4d:00:24:
         be:63:e6:d3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZtVHrbymQfLmPgdUldI+BYv2I6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDA3MjYyMzM5NDZaFw0yNTA3MjUyMzQ0NDZaMDMxMTAvBgNV
BAMTKDM4RkMzOUZBNEJERERDMTk1MUJDQjZBMTA3MjFDRjdBMjdGMjMzMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCILpN5t5EiReEhGRaR2B0k5mL+
knUA+EG2tq5QjTmbABbn8l89tNBFidc3HvQPWXJBIRHVXryT2JnkoEE7/UbeUwL5
Knb/om30Jo7+gqiCQZDdBppGQrlXIF7tlnJ5x2C0MuUsTV3II7xLhb5TX0HwDXwA
WT42XF/2Qxja8ueSvWd5u9AY/0L4Rc63E8lvIweQK6WAy6ZtRzFQYIzZ09pLDtGX
Ybza4kHK4a9JddkLvEF7Nd53SHKbvoSlShsbvI9/zDCNcKWWnHCobgjcF0Aw7Nh2
1tlOO2WdNxrqad/kZljQjEd7qr95UNSC4cLBx5mOLdQ0QjIJ9eNnN1nOAdpRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUOPw5+kvd3BlRvLahByHPeifyMzIwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM4MzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnwaTANBgkqhkiG9w0BAQsFAAOCAQEAHtKGqo/iJwQckuhs7hVUH1QBK8cZ
/ODzJEeNUfPJvQudAQ9mIw48aVoGFuW3ktCevPSh1q9EXVYYzcZZVhm8nhkDAdq0
gSDGyL4JBM/+1bCMbefL7HTvVCD6kKIFAC5pDmrhsNPw7ygH1cNVzi1jA48q0D0I
QWNqHTqiAiFBFHLwLLM42gMPcF4Ltt/EkARpmdZ5DVdFt4akw3JcRLyOj5BNoKz9
govQa58tSXekZYpzJ3GrJUy/RgPcREzmbkL+0mvAg1NaCe5WToZfZkhSTLkzrS5V
4Z5XjLcAZeWLfxV5Q6JKIswdoYogxYqZebHMHtX1KPktp51lTQAkvmPm0w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:13 2024 by rpki-client on console-fra.rpki-client.org