Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214329.roa
File:                     AS214329.roa (raw, json)
Hash identifier:          ba/uWIJge16mAiDp5ZwWjN4YxFDJaADbpIpS6cSkfls=
Subject key identifier:   BF:7C:94:45:23:B4:60:60:BA:B0:1C:0B:1F:3E:29:28:96:16:22:6D
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       21FD68747EB4FBE5CCC41B69D50065DA75BA735B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214329.roa
Signing time:             Sat 09 Nov 2024 03:11:44 +0000
ROA not before:           Sat 09 Nov 2024 03:06:44 +0000
ROA not after:            Sat 08 Nov 2025 03:11:44 +0000
asID:                     214329
IP address blocks:        92.113.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:fd:68:74:7e:b4:fb:e5:cc:c4:1b:69:d5:00:65:da:75:ba:73:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Nov  9 03:06:44 2024 GMT
            Not After : Nov  8 03:11:44 2025 GMT
        Subject: CN=BF7C944523B46060BAB01C0B1F3E29289616226D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:85:ce:62:ab:c7:e6:39:64:f7:a1:67:59:39:
                    fe:0b:bc:dc:88:39:5c:fa:e2:00:2c:72:01:f4:c7:
                    3e:b1:65:fe:4e:32:c6:c0:df:36:bd:cf:9c:08:c2:
                    55:a4:2e:df:11:d1:e9:3f:2b:ce:8b:9b:43:4b:87:
                    05:58:a1:94:1a:d2:22:1c:58:46:4f:b9:e4:b5:75:
                    1d:13:b2:e4:9c:8c:b3:23:de:12:0c:41:6c:88:db:
                    e6:42:77:fc:d7:75:67:5f:19:cd:b4:ac:5a:ce:f0:
                    47:ec:69:03:a8:86:56:5a:b5:72:0c:04:96:20:6f:
                    0e:9b:51:54:dd:aa:8a:f0:96:29:8f:1f:5e:a9:b4:
                    a6:70:48:e2:a0:11:d0:82:0b:4e:a4:07:ef:8e:a3:
                    f5:a3:7b:22:69:ed:a2:3d:f6:cd:c4:d5:4d:63:7c:
                    bb:a8:eb:3d:de:5a:3e:a1:ce:8e:94:69:6b:67:7e:
                    9c:8f:a2:76:6e:0f:64:1e:a6:e7:cc:26:1f:cd:48:
                    6a:56:db:dc:26:c5:9f:34:b7:4a:74:7c:29:0e:7e:
                    d8:88:2f:43:a5:e0:2d:07:e3:71:72:e2:79:37:b9:
                    0d:36:c9:00:e3:f6:43:0a:79:df:40:d9:cb:51:03:
                    9f:6f:e3:d1:10:07:a2:d2:39:3b:43:6e:00:3d:9a:
                    63:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:7C:94:45:23:B4:60:60:BA:B0:1C:0B:1F:3E:29:28:96:16:22:6D
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214329.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.113.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:98:35:b3:91:f8:0b:93:7b:b3:f7:d3:62:9e:83:4f:80:46:
         05:13:44:25:f2:1b:fc:c0:2d:a5:65:b1:a0:11:fc:0b:0c:91:
         3e:e8:a8:af:b1:de:0e:30:91:c9:8b:88:4c:2b:92:93:d0:59:
         f2:31:10:89:0c:12:d3:c5:d6:23:13:c8:a1:d4:f8:f4:88:db:
         64:e9:c2:4b:52:6d:33:de:34:61:46:d3:65:d0:49:d5:4a:f1:
         29:2a:97:07:b3:48:92:94:04:00:08:d8:f9:66:91:03:bf:6d:
         08:df:01:e0:e3:45:d1:2f:ae:03:f8:5a:dc:7d:2f:4e:3e:73:
         a5:e1:af:ab:f8:a2:18:11:f4:b2:e4:a9:65:b4:5d:24:4a:eb:
         b3:17:c9:82:2f:1d:20:82:8a:d6:9c:0c:80:e4:50:05:70:b5:
         5b:6c:b0:3e:5a:5f:b4:a5:b3:d1:bb:cc:37:e3:48:fe:05:f5:
         52:cc:61:fe:49:68:fb:bc:ab:46:1e:ec:1d:d6:4f:7c:70:08:
         5b:a3:d0:81:59:58:0b:19:ed:af:24:14:48:ee:9a:f7:72:e2:
         ce:7c:16:25:ce:ab:18:2b:64:29:e2:e7:bc:64:6b:cf:83:0a:
         23:fe:be:3c:7f:87:b5:df:c3:27:79:69:9c:ef:c5:51:f1:c3:
         ee:a1:9a:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUIf1odH60++XMxBtp1QBl2nW6c1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMDkwMzA2NDRaFw0yNTExMDgwMzExNDRaMDMxMTAvBgNV
BAMTKEJGN0M5NDQ1MjNCNDYwNjBCQUIwMUMwQjFGM0UyOTI4OTYxNjIyNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8hc5iq8fmOWT3oWdZOf4LvNyI
OVz64gAscgH0xz6xZf5OMsbA3za9z5wIwlWkLt8R0ek/K86Lm0NLhwVYoZQa0iIc
WEZPueS1dR0TsuScjLMj3hIMQWyI2+ZCd/zXdWdfGc20rFrO8EfsaQOohlZatXIM
BJYgbw6bUVTdqorwlimPH16ptKZwSOKgEdCCC06kB++Oo/WjeyJp7aI99s3E1U1j
fLuo6z3eWj6hzo6UaWtnfpyPonZuD2QepufMJh/NSGpW29wmxZ80t0p0fCkOftiI
L0Ol4C0H43Fy4nk3uQ02yQDj9kMKed9A2ctRA59v49EQB6LSOTtDbgA9mmNjAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUv3yURSO0YGC6sBwLHz4pKJYWIm0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MzI5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHFb
MA0GCSqGSIb3DQEBCwUAA4IBAQAmmDWzkfgLk3uz99NinoNPgEYFE0Ql8hv8wC2l
ZbGgEfwLDJE+6Kivsd4OMJHJi4hMK5KT0FnyMRCJDBLTxdYjE8ih1Pj0iNtk6cJL
Um0z3jRhRtNl0EnVSvEpKpcHs0iSlAQACNj5ZpEDv20I3wHg40XRL64D+FrcfS9O
PnOl4a+r+KIYEfSy5KlltF0kSuuzF8mCLx0ggorWnAyA5FAFcLVbbLA+Wl+0pbPR
u8w340j+BfVSzGH+SWj7vKtGHuwd1k98cAhbo9CBWVgLGe2vJBRI7pr3cuLOfBYl
zqsYK2Qp4ue8ZGvPgwoj/r48f4e138MneWmc78VR8cPuoZrz
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:26 2024 by rpki-client on console-ams.rpki-client.org