Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34312e302f32342d3234203d3e203439363038.roa
File:                     3138352e3235302e34312e302f32342d3234203d3e203439363038.roa (raw, json)
Hash identifier:          N+74LWplsmBrA1Qo3/sgwbk4EKoKMkiHXq8IKjTelyk=
Subject key identifier:   7F:B9:FF:FB:F8:DB:8C:56:EB:B3:4C:DE:01:5B:30:56:09:82:9F:0C
Certificate issuer:       /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial:       305ED2CC18F3EFA4263368DA4697EB1540B3B7D5
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34312e302f32342d3234203d3e203439363038.roa
Signing time:             Sun 17 Mar 2024 15:05:51 +0000
ROA not before:           Sun 17 Mar 2024 15:00:51 +0000
ROA not after:            Sun 16 Mar 2025 15:05:51 +0000
asID:                     49608
IP address blocks:        185.250.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:5e:d2:cc:18:f3:ef:a4:26:33:68:da:46:97:eb:15:40:b3:b7:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
        Validity
            Not Before: Mar 17 15:00:51 2024 GMT
            Not After : Mar 16 15:05:51 2025 GMT
        Subject: CN=7FB9FFFBF8DB8C56EBB34CDE015B305609829F0C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:57:af:43:fe:ad:e5:c1:d3:f8:35:f3:4a:d1:
                    6e:23:50:56:dc:5c:09:30:b3:b8:17:49:ad:97:ba:
                    23:c1:e0:13:e7:32:0a:7c:16:a9:9b:4f:ac:91:62:
                    f8:8d:9e:69:6b:9b:d8:65:9c:03:0b:07:95:74:ee:
                    d9:c1:98:66:7b:61:71:75:ad:8e:db:09:60:e0:f5:
                    9c:c8:c1:06:17:01:0c:f2:fa:61:fc:2b:4a:19:12:
                    86:c1:67:a6:54:ea:be:68:c9:5f:ab:7a:69:83:30:
                    cb:eb:2b:8c:6d:06:29:21:40:39:2a:c8:f7:6b:8e:
                    0d:c5:ff:46:38:5d:4e:09:c1:c0:96:07:d9:c5:6e:
                    82:f9:ff:17:35:c0:06:55:e1:00:89:9f:20:c4:ae:
                    47:e4:10:e2:c3:ce:63:0d:d1:33:fa:24:49:dd:54:
                    2f:ea:ab:5f:14:bb:31:3b:bc:29:5b:77:88:2b:ae:
                    2a:7d:0b:7c:ba:54:ab:21:d1:0d:12:f7:06:04:a5:
                    a9:28:b5:4b:50:84:ff:05:3f:9c:d0:22:2a:36:25:
                    14:57:85:da:7b:5e:c0:c4:89:3d:1b:f6:27:94:68:
                    28:b5:7a:5f:9f:0d:25:aa:e6:cc:25:c2:2b:6b:d0:
                    62:cd:99:c6:55:3e:b4:17:9b:4e:99:55:61:70:3e:
                    fb:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:B9:FF:FB:F8:DB:8C:56:EB:B3:4C:DE:01:5B:30:56:09:82:9F:0C
            X509v3 Authority Key Identifier:
                keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34312e302f32342d3234203d3e203439363038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.250.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:4e:32:f2:63:3b:f4:25:3b:79:13:c1:e5:e8:7d:d4:69:cf:
         89:54:43:7d:f0:2b:cb:15:b3:63:b0:04:a2:c7:11:66:8e:af:
         d1:dc:28:14:db:20:1f:9b:af:8f:c8:ca:db:b9:e0:54:56:8d:
         d6:f5:e3:b1:84:5c:38:33:ed:bd:e8:02:cc:05:47:ad:35:00:
         65:4a:56:dc:9d:7d:cc:e3:41:c5:c1:35:51:67:70:dd:c8:93:
         b4:21:5e:d5:96:8a:ee:62:d5:52:cc:27:63:99:02:c5:cb:5a:
         4f:ae:ff:a0:70:4f:99:b8:9a:b1:84:c0:e3:d7:53:f8:e7:15:
         d8:ec:53:5c:56:d1:ca:fb:68:cb:91:01:31:81:c5:bf:43:5d:
         e5:ff:c0:ec:8c:ad:76:81:95:97:17:15:10:37:87:c1:d8:4d:
         a6:1b:b3:f1:45:50:6e:b4:76:a9:01:03:c9:0e:d6:5c:3a:2a:
         26:26:7f:9d:ef:0a:95:9f:e5:64:52:b0:58:8c:06:2e:3e:db:
         a6:c0:46:af:aa:f5:05:da:c8:a9:34:d6:12:1d:72:4e:e5:ae:
         c7:df:26:1b:4e:7d:48:bb:5b:aa:2b:e4:5b:6a:13:62:ad:a0:
         74:a8:f7:63:22:d6:2c:c9:c5:33:9a:7b:d5:61:9f:7c:f6:ed:
         28:3f:30:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMF7SzBjz76QmM2jaRpfrFUCzt9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNDAzMTcxNTAwNTFaFw0yNTAzMTYxNTA1NTFaMDMxMTAvBgNV
BAMTKDdGQjlGRkZCRjhEQjhDNTZFQkIzNENERTAxNUIzMDU2MDk4MjlGMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQV69D/q3lwdP4NfNK0W4jUFbc
XAkws7gXSa2XuiPB4BPnMgp8FqmbT6yRYviNnmlrm9hlnAMLB5V07tnBmGZ7YXF1
rY7bCWDg9ZzIwQYXAQzy+mH8K0oZEobBZ6ZU6r5oyV+remmDMMvrK4xtBikhQDkq
yPdrjg3F/0Y4XU4JwcCWB9nFboL5/xc1wAZV4QCJnyDErkfkEOLDzmMN0TP6JEnd
VC/qq18UuzE7vClbd4grrip9C3y6VKsh0Q0S9wYEpakotUtQhP8FP5zQIio2JRRX
hdp7XsDEiT0b9ieUaCi1el+fDSWq5swlwitr0GLNmcZVPrQXm06ZVWFwPvtlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUf7n/+/jbjFbrs0zeAVswVgmCnwwwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzEzODM1MmUzMjM1MzAyZTM0
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM5MzYzMDM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufopMA0GCSqGSIb3DQEBCwUAA4IBAQBwTjLyYzv0JTt5E8Hl6H3Uac+JVEN98CvL
FbNjsASixxFmjq/R3CgU2yAfm6+PyMrbueBUVo3W9eOxhFw4M+296ALMBUetNQBl
SlbcnX3M40HFwTVRZ3DdyJO0IV7VloruYtVSzCdjmQLFy1pPrv+gcE+ZuJqxhMDj
11P45xXY7FNcVtHK+2jLkQExgcW/Q13l/8DsjK12gZWXFxUQN4fB2E2mG7PxRVBu
tHapAQPJDtZcOiomJn+d7wqVn+VkUrBYjAYuPtumwEavqvUF2sipNNYSHXJO5a7H
3yYbTn1Iu1uqK+RbahNiraB0qPdjItYsycUzmnvVYZ989u0oPzAR
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:08:36 2024 by rpki-client on console-fra.rpki-client.org