Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa
File:                     37372e38332e3235332e302f32342d3234203d3e20333938333835.roa (raw, json)
Hash identifier:          YfFARHbeyn8I02CqI9mdvuolpWMnEI9v9CXBSyH46/s=
Subject key identifier:   A8:54:B7:CF:67:87:61:C6:5F:53:D2:F8:25:76:8E:CA:4E:9B:AD:FD
Certificate issuer:       /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial:       46AFA7A5E24516D2FADE616FE4B866E476C182EE
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa
Signing time:             Thu 22 Feb 2024 17:05:14 +0000
ROA not before:           Thu 22 Feb 2024 17:00:14 +0000
ROA not after:            Thu 20 Feb 2025 17:05:14 +0000
asID:                     398385
IP address blocks:        77.83.253.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:af:a7:a5:e2:45:16:d2:fa:de:61:6f:e4:b8:66:e4:76:c1:82:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
        Validity
            Not Before: Feb 22 17:00:14 2024 GMT
            Not After : Feb 20 17:05:14 2025 GMT
        Subject: CN=A854B7CF678761C65F53D2F825768ECA4E9BADFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:30:2c:74:7c:8e:47:d2:8c:48:b5:4e:7f:5c:
                    7c:b0:e9:d3:d4:28:e0:17:2c:32:27:1f:5a:e6:65:
                    48:75:a5:d4:b9:77:eb:3c:28:36:60:06:2e:2b:26:
                    f5:56:d8:6f:8a:c4:4f:11:bb:3f:0e:95:39:29:40:
                    e8:c8:7e:23:81:fd:b4:17:96:bd:c1:07:f4:6f:fc:
                    ac:07:26:78:a0:9f:c3:1c:4f:ed:fd:d8:12:c1:1a:
                    de:43:ce:8c:33:3c:53:6d:34:10:8d:cb:68:b5:7b:
                    87:c9:07:b2:f6:1c:aa:de:e8:b1:ac:da:34:73:18:
                    7d:77:30:d1:e6:af:06:4f:47:d8:9e:10:fa:84:86:
                    64:d7:1f:3b:1f:f4:2f:0e:83:04:a0:4d:63:2f:c3:
                    8a:94:4f:34:65:e3:06:b3:98:1c:0d:f7:b1:a5:2e:
                    cd:ae:42:59:40:9a:3b:45:cb:80:57:06:ca:23:92:
                    5f:f3:b4:6b:a8:ba:29:62:23:4e:53:83:45:e5:da:
                    7e:0f:a9:a7:a6:57:8e:98:f6:89:02:dd:d0:9a:65:
                    8b:7a:50:69:5d:5a:b2:36:cd:fb:02:e5:4d:eb:3e:
                    d0:1c:76:3c:6e:99:de:e8:84:f0:c3:37:7e:ef:cf:
                    cb:37:8f:99:4f:29:1e:c6:65:6b:ed:4f:17:0b:55:
                    af:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:54:B7:CF:67:87:61:C6:5F:53:D2:F8:25:76:8E:CA:4E:9B:AD:FD
            X509v3 Authority Key Identifier:
                keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:8b:bb:92:9c:16:e8:c0:3d:41:44:85:bf:a9:09:24:af:75:
         00:34:65:0e:69:7f:b8:60:08:a2:a7:6d:a6:f4:77:d4:84:24:
         8d:ec:a3:8b:a7:56:36:55:82:18:b3:bd:a4:df:43:65:69:4a:
         b7:ea:62:a2:b0:6c:8a:db:80:68:8c:77:a0:84:3c:37:7f:0e:
         61:e4:56:ba:e0:ce:fa:26:dd:0a:d3:c9:0f:33:0a:d7:e2:aa:
         bf:62:96:8f:35:bd:5d:63:3a:1e:50:27:f2:b0:77:bf:08:eb:
         e1:e8:fc:92:0d:a3:b9:5c:90:52:b0:8c:f5:b2:4b:78:c1:ad:
         45:ba:ad:37:f9:48:56:98:28:4c:7e:ac:70:17:0c:b3:4b:c8:
         29:a2:9a:d9:83:e4:90:46:00:99:73:31:49:13:dd:87:4f:20:
         59:1e:af:2a:4e:9b:02:5d:5a:c5:dc:79:d2:a3:7a:b2:e4:49:
         1c:fd:42:68:47:86:75:63:ef:b3:f1:c7:09:51:a1:0e:fe:7b:
         72:af:a5:fb:27:e8:a8:fa:44:ab:7a:30:87:d6:f2:f2:79:4c:
         9a:0b:69:62:32:5f:1e:ae:15:5d:c2:48:d1:07:08:b3:bb:a2:
         8f:70:b9:b6:9e:38:e9:1c:95:80:db:58:c1:64:92:60:33:9f:
         55:c1:82:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURq+npeJFFtL63mFv5Lhm5HbBgu4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMjIxNzAwMTRaFw0yNTAyMjAxNzA1MTRaMDMxMTAvBgNV
BAMTKEE4NTRCN0NGNjc4NzYxQzY1RjUzRDJGODI1NzY4RUNBNEU5QkFERkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkMCx0fI5H0oxItU5/XHyw6dPU
KOAXLDInH1rmZUh1pdS5d+s8KDZgBi4rJvVW2G+KxE8Ruz8OlTkpQOjIfiOB/bQX
lr3BB/Rv/KwHJnign8McT+392BLBGt5DzowzPFNtNBCNy2i1e4fJB7L2HKre6LGs
2jRzGH13MNHmrwZPR9ieEPqEhmTXHzsf9C8OgwSgTWMvw4qUTzRl4wazmBwN97Gl
Ls2uQllAmjtFy4BXBsojkl/ztGuouiliI05Tg0Xl2n4PqaemV46Y9okC3dCaZYt6
UGldWrI2zfsC5U3rPtAcdjxumd7ohPDDN37vz8s3j5lPKR7GZWvtTxcLVa/xAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqFS3z2eHYcZfU9L4JXaOyk6brf0wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzczNzJlMzgzMzJlMzIzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM4MzMzODM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TVP9MA0GCSqGSIb3DQEBCwUAA4IBAQA8i7uSnBbowD1BRIW/qQkkr3UANGUOaX+4
YAiip22m9HfUhCSN7KOLp1Y2VYIYs72k30NlaUq36mKisGyK24BojHeghDw3fw5h
5Fa64M76Jt0K08kPMwrX4qq/YpaPNb1dYzoeUCfysHe/COvh6PySDaO5XJBSsIz1
skt4wa1Fuq03+UhWmChMfqxwFwyzS8gpoprZg+SQRgCZczFJE92HTyBZHq8qTpsC
XVrF3HnSo3qy5Ekc/UJoR4Z1Y++z8ccJUaEO/ntyr6X7J+io+kSrejCH1vLyeUya
C2liMl8erhVdwkjRBwizu6KPcLm2njjpHJWA21jBZJJgM59VwYJl
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:39:34 2024 by rpki-client on console-fra.rpki-client.org