Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233322e302f32332d3233203d3e20323134323430.roa
File:                     3139332e32342e3233322e302f32332d3233203d3e20323134323430.roa (raw, json)
Hash identifier:          IE183VqO+F52HWn1DPHjI/7o/gqGxmRRAt8wnHBpU6Q=
Subject key identifier:   1C:D0:1C:46:D4:39:FA:CA:CE:8C:F3:EC:12:65:21:6C:EC:3E:7D:C4
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       72ECAFCB702E13D8FB02C9AEE08EC6DE91E05A8C
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233322e302f32332d3233203d3e20323134323430.roa
Signing time:             Mon 07 Oct 2024 11:49:02 +0000
ROA not before:           Mon 07 Oct 2024 11:44:02 +0000
ROA not after:            Mon 06 Oct 2025 11:49:02 +0000
asID:                     214240
IP address blocks:        193.24.232.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Nov 2024 05:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:ec:af:cb:70:2e:13:d8:fb:02:c9:ae:e0:8e:c6:de:91:e0:5a:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Oct  7 11:44:02 2024 GMT
            Not After : Oct  6 11:49:02 2025 GMT
        Subject: CN=1CD01C46D439FACACE8CF3EC1265216CEC3E7DC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:79:90:c4:a3:cd:ca:2d:39:0a:6d:9e:10:da:
                    f9:d4:03:1e:6f:85:e8:e3:4b:81:6c:2c:01:53:ed:
                    6e:30:a4:eb:3f:bb:b6:74:4e:13:0b:18:29:d7:f8:
                    5f:24:70:bd:d4:c4:75:86:8a:10:4d:28:64:2b:d9:
                    7f:98:38:60:1f:48:5e:1b:64:d5:9e:aa:a8:dd:8b:
                    8e:24:3f:c3:75:b8:d2:15:73:05:98:e6:8c:7f:8b:
                    0e:10:3e:75:69:12:72:78:ab:b7:ff:4b:75:5a:b2:
                    23:84:f1:f0:74:4e:89:f3:df:5f:45:56:98:10:cf:
                    f6:78:74:e7:b5:ca:91:6f:ef:0f:4e:bb:61:dc:bf:
                    c9:0b:8e:54:41:48:65:a8:37:3c:f5:5b:15:9a:91:
                    d1:cb:02:51:d6:08:7c:07:89:cb:a6:be:00:c2:bb:
                    f3:f5:f4:1f:07:b4:69:28:3f:26:49:e9:24:fc:57:
                    e6:ed:1b:c8:af:4e:47:c4:b7:6b:56:af:4f:98:e4:
                    b9:23:6f:7e:07:4a:5d:a1:40:38:c6:4f:61:56:76:
                    fe:2a:0d:fc:32:a4:8e:97:26:cb:26:9f:5e:2b:df:
                    0f:ab:10:73:7c:14:8b:71:d2:83:bc:21:8e:39:55:
                    2d:e6:ee:42:5b:28:af:57:8e:1a:a3:52:07:55:ec:
                    3e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:D0:1C:46:D4:39:FA:CA:CE:8C:F3:EC:12:65:21:6C:EC:3E:7D:C4
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233322e302f32332d3233203d3e20323134323430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a8:27:5d:e1:5b:50:ff:c7:23:ac:df:50:9f:da:00:50:96:7d:
         0f:7e:37:78:55:e7:24:dc:96:9f:51:f7:54:60:19:bc:ea:d5:
         73:e3:e8:2d:3a:c8:83:18:f5:bd:80:d4:bb:83:c4:08:67:21:
         d4:58:3f:ba:5f:98:0b:b0:ae:7e:c8:0b:60:94:6d:1f:62:b7:
         81:a8:39:01:1f:9e:e8:e4:94:e5:2a:23:6d:f6:52:d1:22:19:
         2f:96:c7:bc:e7:e1:b6:11:1c:51:50:29:28:b3:ba:ea:e6:89:
         04:93:49:55:c7:24:1f:6b:d9:ac:b1:25:55:c1:0c:dc:38:a5:
         09:10:93:f1:52:79:65:7a:57:a4:72:84:6c:8e:f5:14:31:1d:
         ee:69:fd:cb:e6:15:a5:fa:10:39:17:8c:5f:e1:be:11:bb:16:
         19:eb:38:5f:77:3a:a3:9f:d7:3b:54:16:87:a9:d6:76:c3:70:
         61:4d:bb:28:43:5b:bc:c1:14:ff:65:7d:f1:b4:68:5f:f6:b9:
         b7:0f:77:f9:c0:1e:af:b2:b1:7f:dc:b4:a6:63:57:0e:68:ee:
         ac:0a:31:86:84:87:2e:76:14:71:6a:af:ef:33:58:47:12:4b:
         80:1d:c4:f3:1b:16:88:5a:24:45:76:3f:1f:ab:43:f9:ff:4b:
         46:f6:2f:d3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcuyvy3AuE9j7Asmu4I7G3pHgWowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDEwMDcxMTQ0MDJaFw0yNTEwMDYxMTQ5MDJaMDMxMTAvBgNV
BAMTKDFDRDAxQzQ2RDQzOUZBQ0FDRThDRjNFQzEyNjUyMTZDRUMzRTdEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNeZDEo83KLTkKbZ4Q2vnUAx5v
hejjS4FsLAFT7W4wpOs/u7Z0ThMLGCnX+F8kcL3UxHWGihBNKGQr2X+YOGAfSF4b
ZNWeqqjdi44kP8N1uNIVcwWY5ox/iw4QPnVpEnJ4q7f/S3VasiOE8fB0Tonz319F
VpgQz/Z4dOe1ypFv7w9Ou2Hcv8kLjlRBSGWoNzz1WxWakdHLAlHWCHwHicumvgDC
u/P19B8HtGkoPyZJ6ST8V+btG8ivTkfEt2tWr0+Y5Lkjb34HSl2hQDjGT2FWdv4q
DfwypI6XJssmn14r3w+rEHN8FItx0oO8IY45VS3m7kJbKK9XjhqjUgdV7D5XAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHNAcRtQ5+srOjPPsEmUhbOw+fcQwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzOTMzMmUzMjM0MmUzMjMz
MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMxMzQzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHBGOgwDQYJKoZIhvcNAQELBQADggEBAKgnXeFbUP/HI6zfUJ/aAFCWfQ9+N3hV
5yTclp9R91RgGbzq1XPj6C06yIMY9b2A1LuDxAhnIdRYP7pfmAuwrn7IC2CUbR9i
t4GoOQEfnujklOUqI232UtEiGS+Wx7zn4bYRHFFQKSizuurmiQSTSVXHJB9r2ayx
JVXBDNw4pQkQk/FSeWV6V6RyhGyO9RQxHe5p/cvmFaX6EDkXjF/hvhG7FhnrOF93
OqOf1ztUFoep1nbDcGFNuyhDW7zBFP9lffG0aF/2ubcPd/nAHq+ysX/ctKZjVw5o
7qwKMYaEhy52FHFqr+8zWEcSS4AdxPMbFohaJEV2Px+rQ/n/S0b2L9M=
-----END CERTIFICATE-----
Generated at Mon Nov 4 08:26:19 2024 by rpki-client on console-fra.rpki-client.org