Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa
File:                     AS49770.roa (raw, json)
Hash identifier:          qCtgIrzSKW0Toc6tU0jjOIAJgwVK5/HbZrjvmFECJeE=
Subject key identifier:   4E:3D:9C:1C:D1:EB:2A:6B:24:9C:AA:B1:75:2F:F8:AA:48:2E:5E:89
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       6884F4DADCA703AB0FF47F3B7D54B1280983ECC4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa
Signing time:             Tue 18 Jun 2024 10:34:31 +0000
ROA not before:           Tue 18 Jun 2024 10:29:31 +0000
ROA not after:            Tue 17 Jun 2025 10:34:31 +0000
asID:                     49770
IP address blocks:        92.112.212.0/24 maxlen: 24
                          92.112.217.0/24 maxlen: 24
                          92.112.228.0/24 maxlen: 24
                          92.112.231.0/24 maxlen: 24
                          92.112.236.0/24 maxlen: 24
                          92.112.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:84:f4:da:dc:a7:03:ab:0f:f4:7f:3b:7d:54:b1:28:09:83:ec:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jun 18 10:29:31 2024 GMT
            Not After : Jun 17 10:34:31 2025 GMT
        Subject: CN=4E3D9C1CD1EB2A6B249CAAB1752FF8AA482E5E89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e4:d4:fa:98:e0:08:c7:ea:05:e2:ed:76:ea:
                    cd:57:90:df:fb:27:43:8b:c0:68:73:4d:23:4b:34:
                    32:e6:ff:9b:dc:9d:e7:d4:3a:8c:e4:f8:ce:6a:a5:
                    d6:66:73:8e:ac:7b:0b:81:f8:bc:cc:41:81:b5:64:
                    a5:c3:4b:30:96:70:4e:da:e6:45:26:3d:84:07:2a:
                    50:88:40:58:16:cf:0d:6d:e3:5f:2a:92:9f:1e:0b:
                    88:8b:eb:99:67:04:45:3e:9a:ff:c3:50:84:7f:79:
                    54:a4:3a:70:24:3e:25:b7:0c:cd:6a:49:14:36:06:
                    2b:aa:75:b7:2c:41:e2:19:83:f3:69:b5:a0:d9:8e:
                    b9:30:80:a4:51:bb:2a:df:37:d5:86:fa:4e:34:89:
                    79:c6:ae:eb:16:b6:a9:e1:3c:4c:a0:8a:76:f3:29:
                    a2:c6:25:ed:ee:21:be:75:06:c6:17:f6:23:29:ff:
                    42:ea:6c:22:13:a1:02:7a:9b:08:4e:d2:5d:00:3a:
                    86:9c:65:a5:10:37:43:46:02:fd:17:67:33:e0:c6:
                    e7:52:cb:80:4d:a0:8d:6f:14:0a:a3:81:de:64:70:
                    6b:b4:11:20:62:18:39:56:03:78:d0:7c:fa:c8:c0:
                    8b:21:db:25:7b:71:67:bb:52:80:5b:b5:17:56:e9:
                    44:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3D:9C:1C:D1:EB:2A:6B:24:9C:AA:B1:75:2F:F8:AA:48:2E:5E:89
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS49770.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.212.0/24
                  92.112.217.0/24
                  92.112.228.0/24
                  92.112.231.0/24
                  92.112.236.0/24
                  92.112.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:8b:69:a6:ab:3f:b1:8c:05:8c:fe:2f:2d:ce:4a:e9:c3:5b:
         4f:fe:cb:8a:71:b1:94:bf:72:b7:9b:65:e7:b5:31:93:7d:68:
         d4:55:e7:9e:16:00:3f:de:0a:27:03:3c:ae:e5:ba:9a:e6:61:
         0e:8e:be:11:d4:72:fc:c7:91:f5:26:bd:be:d8:8c:e5:05:eb:
         f6:14:1b:8e:c3:75:8f:b5:a9:5e:6a:63:d1:c2:30:fd:b4:01:
         dd:84:4b:64:41:4c:73:d1:89:e1:45:06:70:97:3a:82:d2:e5:
         25:a2:64:6a:ff:3f:11:a8:de:02:31:2d:a8:e5:6b:e2:2d:51:
         bf:4e:3a:b5:58:3c:01:fd:3a:da:1c:e6:95:1c:1c:6e:72:d4:
         e5:a3:81:ee:31:25:8e:d3:08:7c:47:5e:bf:74:00:9a:1a:39:
         00:c0:8d:ac:23:23:fb:73:85:8b:f6:d3:26:1e:2d:d7:13:31:
         b5:d8:67:30:9f:f3:2e:11:c7:72:37:db:7e:8f:6c:4b:5d:58:
         70:59:a3:4e:f0:11:1f:d2:a3:9f:68:9b:f4:ed:c1:a6:ec:71:
         ae:fa:d2:58:18:3d:61:25:1f:c8:1f:41:38:5a:34:57:84:61:
         6b:ea:35:4b:3b:5b:71:e7:66:71:ee:25:06:da:45:29:2f:88:
         c8:a2:4c:cd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUaIT02tynA6sP9H87fVSxKAmD7MQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA2MTgxMDI5MzFaFw0yNTA2MTcxMDM0MzFaMDMxMTAvBgNV
BAMTKDRFM0Q5QzFDRDFFQjJBNkIyNDlDQUFCMTc1MkZGOEFBNDgyRTVFODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT5NT6mOAIx+oF4u126s1XkN/7
J0OLwGhzTSNLNDLm/5vcnefUOozk+M5qpdZmc46sewuB+LzMQYG1ZKXDSzCWcE7a
5kUmPYQHKlCIQFgWzw1t418qkp8eC4iL65lnBEU+mv/DUIR/eVSkOnAkPiW3DM1q
SRQ2BiuqdbcsQeIZg/NptaDZjrkwgKRRuyrfN9WG+k40iXnGrusWtqnhPEyginbz
KaLGJe3uIb51BsYX9iMp/0LqbCIToQJ6mwhO0l0AOoacZaUQN0NGAv0XZzPgxudS
y4BNoI1vFAqjgd5kcGu0ESBiGDlWA3jQfPrIwIsh2yV7cWe7UoBbtRdW6UQ1AgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUTj2cHNHrKmsknKqxdS/4qkguXokwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDk3NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABccNQD
BABccNkDBABccOQDBABccOcDBABccOwDBABccO8wDQYJKoZIhvcNAQELBQADggEB
AKKLaaarP7GMBYz+Ly3OSunDW0/+y4pxsZS/crebZee1MZN9aNRV554WAD/eCicD
PK7luprmYQ6OvhHUcvzHkfUmvb7YjOUF6/YUG47DdY+1qV5qY9HCMP20Ad2ES2RB
THPRieFFBnCXOoLS5SWiZGr/PxGo3gIxLajla+ItUb9OOrVYPAH9Otoc5pUcHG5y
1OWjge4xJY7TCHxHXr90AJoaOQDAjawjI/tzhYv20yYeLdcTMbXYZzCf8y4Rx3I3
236PbEtdWHBZo07wER/So59om/Ttwabsca760lgYPWElH8gfQThaNFeEYWvqNUs7
W3HnZnHuJQbaRSkviMiiTM0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:06 2024 by rpki-client on console-fra.rpki-client.org