Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa
File:                     AS63023.roa (raw, json)
Hash identifier:          4hw9WgU7eYkfRLPyMyuaq1dS+e3X12v9EjHFw+YO9Eo=
Subject key identifier:   3C:25:7E:31:DB:28:2E:59:9E:C4:83:E8:FF:F2:7E:C6:72:2B:E7:4E
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       0467502FF2561108F07774166097A2A118C72B29
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa
Signing time:             Sun 08 Dec 2024 00:53:48 +0000
ROA not before:           Sun 08 Dec 2024 00:48:48 +0000
ROA not after:            Sun 07 Dec 2025 00:53:48 +0000
asID:                     63023
IP address blocks:        141.11.122.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Dec 2024 15:18:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:67:50:2f:f2:56:11:08:f0:77:74:16:60:97:a2:a1:18:c7:2b:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Dec  8 00:48:48 2024 GMT
            Not After : Dec  7 00:53:48 2025 GMT
        Subject: CN=3C257E31DB282E599EC483E8FFF27EC6722BE74E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:59:0b:46:24:5f:db:df:90:56:00:e0:6d:30:
                    f0:82:4b:78:26:e0:39:c5:ea:07:66:c1:31:22:64:
                    1e:68:e7:d1:0d:68:7d:ac:70:e8:8d:a0:af:eb:50:
                    28:b6:56:be:cf:34:aa:f8:de:97:fb:6c:8e:28:d6:
                    23:65:08:c9:6b:d7:91:d6:fd:9b:1b:16:29:91:ed:
                    ed:82:95:11:88:0c:1a:d5:1f:c7:34:6a:db:cd:47:
                    46:d4:5a:26:a9:76:9e:83:a7:d8:11:cc:fc:e9:31:
                    d0:39:e7:8d:38:70:55:ea:d4:42:c8:33:81:68:c9:
                    ec:06:cb:8f:48:bc:bf:9e:90:f9:c1:b0:e4:44:2d:
                    85:22:cb:e2:66:32:61:62:41:26:47:ee:22:74:53:
                    ec:11:5b:f1:fb:89:d4:d9:cd:f8:1b:62:e6:8a:b4:
                    d3:23:f3:b3:47:f0:19:4f:85:4e:24:7f:c0:5c:db:
                    a6:1f:c6:b5:bd:af:7c:42:37:8b:95:a2:04:47:e9:
                    54:e2:5d:ab:52:0a:e7:46:0f:3e:31:9e:cd:4e:16:
                    7b:6a:f5:d6:ce:0b:b2:6e:7e:1d:e0:1a:5b:43:2e:
                    4e:f7:5d:6f:73:bb:cb:76:81:39:d8:59:b3:38:aa:
                    b9:4b:72:53:28:36:0f:3f:c4:56:c1:c6:a4:c7:41:
                    a2:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:25:7E:31:DB:28:2E:59:9E:C4:83:E8:FF:F2:7E:C6:72:2B:E7:4E
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS63023.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:fb:94:4f:a8:b4:73:33:06:e6:9b:4b:af:3c:66:31:7f:b1:
         16:8b:d6:b0:3c:71:ee:0c:58:7b:e6:4c:e7:35:7c:e1:1d:67:
         7b:5b:b7:5a:f9:8c:e4:8b:4a:04:36:ca:3a:ca:f8:4a:04:91:
         41:97:ba:ea:98:d1:0a:de:c1:9e:44:b9:bb:76:b3:31:b2:22:
         65:36:61:a4:64:48:9c:7c:4a:32:8d:9a:cc:79:c0:cd:0c:ad:
         06:c2:da:5c:32:9c:3e:7b:08:31:91:f5:85:dd:f2:b2:89:09:
         6b:d5:39:18:ad:dd:0c:16:be:d7:3b:a7:9d:aa:f7:e5:33:7c:
         d5:79:0f:ce:41:d3:68:39:9b:4c:51:27:06:a9:c5:cd:f8:2f:
         0d:55:a9:43:58:e3:27:e8:87:29:77:93:a4:fb:1d:74:e4:41:
         52:ec:18:fe:87:c4:f5:52:40:fd:42:b7:85:f4:44:3d:ea:60:
         5a:b1:84:4d:2c:78:81:95:f3:77:e4:d4:77:54:52:e9:81:3e:
         8b:19:a2:75:74:35:79:43:7b:73:29:93:68:89:3d:8b:98:ea:
         ec:14:36:0d:80:93:70:f9:67:0b:30:db:dc:75:bf:73:a6:b1:
         9d:fe:d0:b5:f8:d0:29:da:cb:80:c1:08:d7:f7:f6:b3:45:f0:
         95:11:59:a9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUBGdQL/JWEQjwd3QWYJeioRjHKykwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEyMDgwMDQ4NDhaFw0yNTEyMDcwMDUzNDhaMDMxMTAvBgNV
BAMTKDNDMjU3RTMxREIyODJFNTk5RUM0ODNFOEZGRjI3RUM2NzIyQkU3NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCWQtGJF/b35BWAOBtMPCCS3gm
4DnF6gdmwTEiZB5o59ENaH2scOiNoK/rUCi2Vr7PNKr43pf7bI4o1iNlCMlr15HW
/ZsbFimR7e2ClRGIDBrVH8c0atvNR0bUWiapdp6Dp9gRzPzpMdA55404cFXq1ELI
M4FoyewGy49IvL+ekPnBsORELYUiy+JmMmFiQSZH7iJ0U+wRW/H7idTZzfgbYuaK
tNMj87NH8BlPhU4kf8Bc26YfxrW9r3xCN4uVogRH6VTiXatSCudGDz4xns1OFntq
9dbOC7Jufh3gGltDLk73XW9zu8t2gTnYWbM4qrlLclMoNg8/xFbBxqTHQaJBAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUPCV+MdsoLlmexIPo//J+xnIr504wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjMwMjMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC3ow
DQYJKoZIhvcNAQELBQADggEBAB77lE+otHMzBuabS688ZjF/sRaL1rA8ce4MWHvm
TOc1fOEdZ3tbt1r5jOSLSgQ2yjrK+EoEkUGXuuqY0QrewZ5Eubt2szGyImU2YaRk
SJx8SjKNmsx5wM0MrQbC2lwynD57CDGR9YXd8rKJCWvVORit3QwWvtc7p52q9+Uz
fNV5D85B02g5m0xRJwapxc34Lw1VqUNY4yfohyl3k6T7HXTkQVLsGP6HxPVSQP1C
t4X0RD3qYFqxhE0seIGV83fk1HdUUumBPosZonV0NXlDe3Mpk2iJPYuY6uwUNg2A
k3D5Zwsw29x1v3OmsZ3+0LX40Cnay4DBCNf39rNF8JURWak=
-----END CERTIFICATE-----
Generated at Tue Dec 10 01:11:31 2024 by rpki-client on console-ams.rpki-client.org