Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/36322e3139322e3137342e302f32342d3234203d3e203134343435.roa
File:                     36322e3139322e3137342e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier:          Ks9FYEjAxCDATrvSClIMNr4I2YSrmWbTVddJLMvjkn0=
Subject key identifier:   47:03:09:6F:91:83:56:10:E4:19:40:93:A8:0D:F8:2C:5D:FF:94:E7
Certificate issuer:       /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial:       52616ABD865E1EFD32F6E0FCA07716C9FC391B89
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/36322e3139322e3137342e302f32342d3234203d3e203134343435.roa
Signing time:             Thu 24 Aug 2023 19:45:52 +0000
ROA not before:           Thu 24 Aug 2023 19:40:52 +0000
ROA not after:            Thu 22 Aug 2024 19:45:52 +0000
asID:                     14445
IP address blocks:        62.192.174.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Mar 2024 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:61:6a:bd:86:5e:1e:fd:32:f6:e0:fc:a0:77:16:c9:fc:39:1b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
        Validity
            Not Before: Aug 24 19:40:52 2023 GMT
            Not After : Aug 22 19:45:52 2024 GMT
        Subject: CN=4703096F91835610E4194093A80DF82C5DFF94E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:61:be:ae:2c:47:7f:a5:f4:2b:9a:a6:f4:04:
                    6e:bb:a5:97:e0:ca:1c:72:ae:d3:9b:0a:11:40:e9:
                    7b:d7:49:56:38:c6:02:aa:15:4b:4c:dc:ea:ae:d3:
                    21:0d:f7:49:af:4f:3b:a8:d0:b7:73:5c:26:ae:1c:
                    26:14:0a:70:d2:6f:47:bd:27:78:9e:76:7e:70:89:
                    5e:a2:06:5f:ce:ea:b8:b0:7b:f9:5b:17:04:30:7e:
                    01:f3:ac:1b:ca:1d:f0:d9:90:9e:6d:ef:36:39:bd:
                    f8:e9:33:fc:ad:80:c1:0a:43:7f:f4:01:c9:16:75:
                    76:fb:c0:d5:98:f9:4a:72:ef:10:6f:2e:7b:24:95:
                    b6:74:8e:54:9d:6c:f0:b9:f3:6c:3c:93:06:96:93:
                    c9:90:36:52:d4:6f:b2:51:fb:15:ef:85:3a:b3:74:
                    20:af:6f:2c:9a:4d:e1:3b:3f:1f:b2:09:5c:d8:d9:
                    9e:d9:05:89:85:db:ae:f3:0c:53:95:a2:4c:61:47:
                    1e:2b:22:4f:c0:4f:3f:d2:84:a5:5b:1d:16:ee:15:
                    d0:73:ce:1d:d5:04:47:30:aa:34:f0:f7:fc:13:c4:
                    2d:32:c1:c0:22:cf:9d:0a:1f:03:d1:f8:03:00:fc:
                    69:52:ab:ec:66:91:e5:5e:7d:a5:e1:a8:38:7e:d7:
                    87:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:03:09:6F:91:83:56:10:E4:19:40:93:A8:0D:F8:2C:5D:FF:94:E7
            X509v3 Authority Key Identifier:
                keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/36322e3139322e3137342e302f32342d3234203d3e203134343435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.192.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:40:37:14:f6:a4:9d:29:44:51:25:46:6d:e8:1d:ae:3f:47:
         bf:71:3e:13:91:1a:0d:44:4f:91:e9:62:1c:a9:63:bb:1f:18:
         0e:f8:34:d5:fa:c4:3d:d9:da:be:91:21:ca:3c:ae:5e:7a:e8:
         5b:05:e9:7a:f2:6b:84:0e:18:a2:d9:40:f8:cd:b3:98:66:fd:
         50:ad:03:1a:4d:1c:23:87:ec:ff:56:14:b7:85:1f:99:a4:5a:
         be:bf:8b:c7:2a:f6:76:1f:aa:b6:56:54:fc:d2:92:86:09:70:
         45:d0:2d:a9:9c:15:49:43:57:d2:fa:3c:c0:27:ee:2f:c0:87:
         3c:b6:03:cf:f9:25:5f:ed:d9:8d:49:de:c0:ed:ba:58:50:22:
         3e:c8:d5:9e:63:92:84:d2:80:13:01:1c:1e:be:f6:34:e6:1d:
         7f:32:47:8c:0b:27:23:68:c3:c2:5b:89:a5:c5:41:0e:a4:35:
         3f:84:a4:d9:57:d8:a4:57:20:bf:fd:74:fd:e8:6e:64:f3:5d:
         93:e1:d9:b6:8f:65:60:9a:65:c2:7a:1b:30:8d:c8:49:9b:f0:
         14:ec:cb:af:12:d4:3f:9f:62:d5:ee:3d:f1:5e:f2:88:86:d9:
         d8:d8:a2:fd:3c:e4:cc:ce:53:c1:df:43:fa:93:00:f2:f6:5a:
         61:39:fb:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUmFqvYZeHv0y9uD8oHcWyfw5G4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzA4MjQxOTQwNTJaFw0yNDA4MjIxOTQ1NTJaMDMxMTAvBgNV
BAMTKDQ3MDMwOTZGOTE4MzU2MTBFNDE5NDA5M0E4MERGODJDNURGRjk0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxYb6uLEd/pfQrmqb0BG67pZfg
yhxyrtObChFA6XvXSVY4xgKqFUtM3Oqu0yEN90mvTzuo0LdzXCauHCYUCnDSb0e9
J3iedn5wiV6iBl/O6riwe/lbFwQwfgHzrBvKHfDZkJ5t7zY5vfjpM/ytgMEKQ3/0
AckWdXb7wNWY+Upy7xBvLnsklbZ0jlSdbPC582w8kwaWk8mQNlLUb7JR+xXvhTqz
dCCvbyyaTeE7Px+yCVzY2Z7ZBYmF267zDFOVokxhRx4rIk/ATz/ShKVbHRbuFdBz
zh3VBEcwqjTw9/wTxC0ywcAiz50KHwPR+AMA/GlSq+xmkeVefaXhqDh+14elAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURwMJb5GDVhDkGUCTqA34LF3/lOcwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzYzMjJlMzEzOTMyMmUzMTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzQzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
PsCuMA0GCSqGSIb3DQEBCwUAA4IBAQC3QDcU9qSdKURRJUZt6B2uP0e/cT4TkRoN
RE+R6WIcqWO7HxgO+DTV+sQ92dq+kSHKPK5eeuhbBel68muEDhii2UD4zbOYZv1Q
rQMaTRwjh+z/VhS3hR+ZpFq+v4vHKvZ2H6q2VlT80pKGCXBF0C2pnBVJQ1fS+jzA
J+4vwIc8tgPP+SVf7dmNSd7A7bpYUCI+yNWeY5KE0oATARwevvY05h1/MkeMCycj
aMPCW4mlxUEOpDU/hKTZV9ikVyC//XT96G5k812T4dm2j2VgmmXCehswjchJm/AU
7MuvEtQ/n2LV7j3xXvKIhtnY2KL9POTMzlPB30P6kwDy9lphOftQ
-----END CERTIFICATE-----
Generated at Sun Mar 3 10:18:14 2024 by rpki-client on console-fra.rpki-client.org