Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa
File:                     AS63023.roa (raw, json)
Hash identifier:          fLdBc5wctnfdgZFBHjA/7AocB1d/z+9hfanCdXXy4yQ=
Subject key identifier:   0B:BC:20:AA:3C:6E:75:03:50:2B:5D:39:C0:96:B8:1A:72:E6:C7:95
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       45ECA8496024A21D0159509EB928A96AA7836D2D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa
Signing time:             Sun 07 Jan 2024 00:00:05 +0000
ROA not before:           Sat 06 Jan 2024 23:55:05 +0000
ROA not after:            Sun 05 Jan 2025 00:00:05 +0000
asID:                     63023
IP address blocks:        141.11.122.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:ec:a8:49:60:24:a2:1d:01:59:50:9e:b9:28:a9:6a:a7:83:6d:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jan  6 23:55:05 2024 GMT
            Not After : Jan  5 00:00:05 2025 GMT
        Subject: CN=0BBC20AA3C6E7503502B5D39C096B81A72E6C795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:16:bf:c6:90:49:14:f6:41:4c:5b:6f:71:d3:
                    d4:ea:bf:6b:89:0d:c4:e8:c7:ec:bd:4c:9e:97:8b:
                    c3:f3:46:27:89:d4:b6:0c:28:8b:85:7a:6f:74:23:
                    d4:50:61:26:90:f7:74:26:cc:38:f7:1f:b7:20:45:
                    8a:26:f8:33:fa:d0:bb:f6:94:18:ee:1b:d8:06:63:
                    8d:73:8a:72:e7:5d:a9:60:95:52:61:fb:73:a4:51:
                    7a:a1:d0:37:c5:f6:01:35:5e:49:52:ab:19:30:a0:
                    05:6e:75:25:bd:e4:7d:63:d7:92:6e:ab:f7:d6:84:
                    e4:36:dc:35:5a:67:c8:87:77:92:cb:ee:0a:89:eb:
                    42:86:44:0f:c0:2e:04:1e:89:af:97:5b:8b:cf:91:
                    da:16:bf:40:8b:c9:9f:5c:45:06:c2:3e:a9:60:1a:
                    ba:f8:d1:dd:4a:ca:dd:e7:9d:e0:1f:1d:17:51:66:
                    8b:62:5d:aa:6a:9f:80:f9:7c:02:0e:24:cf:f0:93:
                    3a:7e:d0:27:34:c5:eb:6d:87:83:5f:1d:8a:b9:27:
                    60:84:7e:88:57:92:3d:f8:30:98:fe:91:5c:c6:0d:
                    f6:2a:13:bb:23:11:47:09:89:03:1f:80:8c:ff:6f:
                    58:09:fe:55:25:d5:fa:ee:85:7e:3e:a5:ed:c9:04:
                    d9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:BC:20:AA:3C:6E:75:03:50:2B:5D:39:C0:96:B8:1A:72:E6:C7:95
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:00:95:98:dc:7e:53:b7:27:b9:cb:58:7b:7c:5e:2f:1a:29:
         56:46:c2:7c:a9:ec:97:ec:91:59:d1:b5:72:29:e2:00:d4:f4:
         02:dd:fd:7d:8e:96:d2:3a:12:d7:08:12:a5:d8:70:17:d1:41:
         a9:80:57:75:47:65:45:52:fb:5f:e6:a6:73:4b:2f:97:6c:8f:
         c0:be:e5:32:8a:0d:96:1e:9f:c0:0d:7b:8f:0b:14:86:f2:85:
         9f:71:c3:7e:c9:91:a8:45:55:0e:c7:aa:3b:60:07:ce:3b:d4:
         a1:b8:ca:8c:b1:67:f4:af:e9:3d:ee:54:9a:7d:df:19:c9:f7:
         36:16:ff:56:53:ae:f1:bc:34:5a:d5:3a:7c:cf:bb:8d:1a:6e:
         3f:90:34:91:79:84:61:3f:1a:b9:5b:32:bc:7c:b1:06:37:b6:
         91:6d:09:5b:5b:bd:7b:d3:92:1f:19:58:16:68:74:be:37:47:
         f2:b8:88:29:7e:64:92:47:bf:ae:40:e9:9f:dc:4d:eb:93:bf:
         03:85:34:05:f5:ca:a0:76:d9:92:31:3d:b4:12:b3:2a:a5:f0:
         0d:dc:54:34:cc:58:cd:22:23:03:32:b6:a3:a8:3b:cc:32:c8:
         68:9c:65:ac:56:96:8f:3f:f6:48:d9:f0:ae:4d:f3:ea:3a:0a:
         62:a6:22:dd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUReyoSWAkoh0BWVCeuSipaqeDbS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAxMDYyMzU1MDVaFw0yNTAxMDUwMDAwMDVaMDMxMTAvBgNV
BAMTKDBCQkMyMEFBM0M2RTc1MDM1MDJCNUQzOUMwOTZCODFBNzJFNkM3OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXFr/GkEkU9kFMW29x09Tqv2uJ
DcTox+y9TJ6Xi8PzRieJ1LYMKIuFem90I9RQYSaQ93QmzDj3H7cgRYom+DP60Lv2
lBjuG9gGY41zinLnXalglVJh+3OkUXqh0DfF9gE1XklSqxkwoAVudSW95H1j15Ju
q/fWhOQ23DVaZ8iHd5LL7gqJ60KGRA/ALgQeia+XW4vPkdoWv0CLyZ9cRQbCPqlg
Grr40d1Kyt3nneAfHRdRZotiXapqn4D5fAIOJM/wkzp+0Cc0xetth4NfHYq5J2CE
fohXkj34MJj+kVzGDfYqE7sjEUcJiQMfgIz/b1gJ/lUl1fruhX4+pe3JBNkpAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUC7wgqjxudQNQK105wJa4GnLmx5UwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjMwMjMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC3ow
DQYJKoZIhvcNAQELBQADggEBAAgAlZjcflO3J7nLWHt8Xi8aKVZGwnyp7JfskVnR
tXIp4gDU9ALd/X2OltI6EtcIEqXYcBfRQamAV3VHZUVS+1/mpnNLL5dsj8C+5TKK
DZYen8ANe48LFIbyhZ9xw37JkahFVQ7HqjtgB8471KG4yoyxZ/Sv6T3uVJp93xnJ
9zYW/1ZTrvG8NFrVOnzPu40abj+QNJF5hGE/GrlbMrx8sQY3tpFtCVtbvXvTkh8Z
WBZodL43R/K4iCl+ZJJHv65A6Z/cTeuTvwOFNAX1yqB22ZIxPbQSsyql8A3cVDTM
WM0iIwMytqOoO8wyyGicZaxWlo8/9kjZ8K5N8+o6CmKmIt0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:59:16 2024 by rpki-client on console-ams.rpki-client.org