Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31392e302f32342d3234203d3e203631333137.roa
File:                     39332e39322e31392e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          V6Z86uxrACipTWOrp3TXH6UNEJgsUWNL4dYbXMpslac=
Subject key identifier:   CA:9C:A7:B9:08:6B:11:55:18:25:86:60:84:4F:02:FB:2F:F3:6D:15
Certificate issuer:       /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial:       0BA8317E2A3BFCD6426FED703138D8BCCA392075
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31392e302f32342d3234203d3e203631333137.roa
Signing time:             Thu 04 Apr 2024 12:05:16 +0000
ROA not before:           Thu 04 Apr 2024 12:00:16 +0000
ROA not after:            Thu 03 Apr 2025 12:05:16 +0000
asID:                     61317
IP address blocks:        93.92.19.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:a8:31:7e:2a:3b:fc:d6:42:6f:ed:70:31:38:d8:bc:ca:39:20:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
        Validity
            Not Before: Apr  4 12:00:16 2024 GMT
            Not After : Apr  3 12:05:16 2025 GMT
        Subject: CN=CA9CA7B9086B115518258660844F02FB2FF36D15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:83:84:b7:d2:cd:9f:6b:43:60:1d:e9:74:ce:
                    1d:23:aa:1a:b9:c1:96:1b:12:bd:0b:76:c3:1e:ed:
                    6a:b0:15:e2:25:7a:63:34:62:6d:87:1b:8e:e7:da:
                    87:91:6b:91:60:b4:24:4c:3a:4b:b1:6b:70:ef:2a:
                    be:20:8d:2b:e3:7d:6b:b6:a9:da:2e:dc:c8:50:07:
                    37:0c:6c:01:73:05:38:75:80:ab:1d:69:a0:83:f8:
                    35:ee:1b:ff:51:11:e3:b3:ef:50:42:07:fb:10:e4:
                    5d:0b:7d:d8:76:ff:68:b3:3f:5f:4c:9e:59:9f:dd:
                    55:e1:57:27:3d:ee:06:ce:df:da:a4:9f:cb:ee:da:
                    8e:f0:2f:0e:14:a3:5c:c8:89:48:87:31:55:a1:27:
                    ec:bc:0b:4b:6a:76:40:62:b7:8a:7f:69:3c:1d:78:
                    d1:9a:96:6b:d0:41:6a:a7:0b:d4:49:a4:16:b5:5a:
                    e3:77:55:6f:11:a2:3c:85:a6:89:ff:cc:50:b8:a0:
                    12:59:fa:14:b9:ff:fc:f5:34:fa:07:02:c1:a5:b6:
                    0d:61:c7:57:bc:16:cd:50:d6:e0:3a:f0:08:90:b5:
                    68:7c:e2:dd:f7:fe:21:67:27:11:ba:5a:6d:0a:80:
                    e9:0d:9c:24:4f:cd:97:15:10:74:7c:69:31:83:ee:
                    48:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:9C:A7:B9:08:6B:11:55:18:25:86:60:84:4F:02:FB:2F:F3:6D:15
            X509v3 Authority Key Identifier:
                keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31392e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.92.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:ee:8b:17:bf:4b:b1:db:aa:23:3d:ef:4d:7c:4e:37:3e:13:
         aa:47:8b:be:f9:b4:6b:f2:ae:f9:35:37:24:e2:a1:c6:0a:9f:
         ca:c2:28:ea:fc:5d:be:46:99:24:4b:18:86:1b:d7:4d:9c:ca:
         88:5c:6f:4b:b8:ed:3e:fa:6e:a6:02:de:c7:e5:09:dc:f5:96:
         9e:d3:11:ad:bc:1f:ae:ed:82:22:ae:e0:1a:1f:bc:a7:82:ec:
         b5:a0:a7:bc:a3:01:aa:10:3c:58:46:d9:a3:ba:08:d5:50:be:
         02:52:9b:1a:3c:61:20:b3:ed:54:31:c6:bb:e3:07:d6:db:9d:
         c6:db:64:e1:31:f6:ac:e9:d6:02:5c:be:5d:f4:e4:6b:55:1e:
         6b:5f:7f:75:78:7f:07:03:20:69:4d:ed:32:55:7b:f3:2c:3e:
         fc:c0:15:9f:20:c2:ac:93:7a:a3:37:84:75:21:5e:f1:ba:3b:
         93:4a:82:be:3c:7e:ef:8d:55:97:94:29:6c:65:f1:be:8f:08:
         6d:40:14:ac:ea:76:1f:59:31:c6:21:b8:7a:4a:05:46:ce:6a:
         44:7b:7f:0f:6e:8d:6d:a3:8e:f7:01:70:97:74:89:74:79:a7:
         b8:3f:97:4d:f0:d1:3d:cf:f2:4c:ed:88:ea:b7:95:5b:38:b9:
         fa:f1:63:fa
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUC6gxfio7/NZCb+1wMTjYvMo5IHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNDA0MDQxMjAwMTZaFw0yNTA0MDMxMjA1MTZaMDMxMTAvBgNV
BAMTKENBOUNBN0I5MDg2QjExNTUxODI1ODY2MDg0NEYwMkZCMkZGMzZEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNg4S30s2fa0NgHel0zh0jqhq5
wZYbEr0LdsMe7WqwFeIlemM0Ym2HG47n2oeRa5FgtCRMOkuxa3DvKr4gjSvjfWu2
qdou3MhQBzcMbAFzBTh1gKsdaaCD+DXuG/9REeOz71BCB/sQ5F0Lfdh2/2izP19M
nlmf3VXhVyc97gbO39qkn8vu2o7wLw4Uo1zIiUiHMVWhJ+y8C0tqdkBit4p/aTwd
eNGalmvQQWqnC9RJpBa1WuN3VW8RojyFpon/zFC4oBJZ+hS5//z1NPoHAsGltg1h
x1e8Fs1Q1uA68AiQtWh84t33/iFnJxG6Wm0KgOkNnCRPzZcVEHR8aTGD7khRAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUypynuQhrEVUYJYZghE8C+y/zbRUwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzkzMzJlMzkzMjJlMzEzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABdXBMw
DQYJKoZIhvcNAQELBQADggEBAF3uixe/S7HbqiM97018Tjc+E6pHi775tGvyrvk1
NyTiocYKn8rCKOr8Xb5GmSRLGIYb102cyohcb0u47T76bqYC3sflCdz1lp7TEa28
H67tgiKu4BofvKeC7LWgp7yjAaoQPFhG2aO6CNVQvgJSmxo8YSCz7VQxxrvjB9bb
ncbbZOEx9qzp1gJcvl305GtVHmtff3V4fwcDIGlN7TJVe/MsPvzAFZ8gwqyTeqM3
hHUhXvG6O5NKgr48fu+NVZeUKWxl8b6PCG1AFKzqdh9ZMcYhuHpKBUbOakR7fw9u
jW2jjvcBcJd0iXR5p7g/l03w0T3P8kztiOq3lVs4ufrxY/o=
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:56:30 2024 by rpki-client on console-fra.rpki-client.org