Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3139332e33352e3232362e302f32342d3234203d3e203536393632.roa
File:                     3139332e33352e3232362e302f32342d3234203d3e203536393632.roa (raw, json)
Hash identifier:          2m+vYneSFBpvO/uFHFmO7h+IWpx3QJEHgh5pvfyA0ew=
Subject key identifier:   FF:7A:33:2F:8E:BB:2E:4F:12:B7:EF:73:06:B5:16:CB:7C:6F:F5:EE
Certificate issuer:       /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial:       7537F4B0F301850C2FAF4A1F3955CD7ADC04A9C5
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3139332e33352e3232362e302f32342d3234203d3e203536393632.roa
Signing time:             Sat 15 Jun 2024 10:41:39 +0000
ROA not before:           Sat 15 Jun 2024 10:36:39 +0000
ROA not after:            Sat 14 Jun 2025 10:41:39 +0000
asID:                     56962
IP address blocks:        193.35.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 15 Oct 2024 13:20:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:37:f4:b0:f3:01:85:0c:2f:af:4a:1f:39:55:cd:7a:dc:04:a9:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
        Validity
            Not Before: Jun 15 10:36:39 2024 GMT
            Not After : Jun 14 10:41:39 2025 GMT
        Subject: CN=FF7A332F8EBB2E4F12B7EF7306B516CB7C6FF5EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:33:06:c8:3a:50:a0:d6:7f:b8:90:95:3e:b2:
                    98:82:fb:01:fe:80:8b:a2:7b:67:97:2c:53:71:30:
                    fc:d2:92:d9:8d:1d:e6:b3:1b:d8:e9:8d:b6:eb:43:
                    92:48:3a:b8:db:a5:7a:40:a3:9a:5a:16:4d:d7:b6:
                    5c:a5:64:ac:26:35:58:d2:eb:a1:ea:cf:e3:0b:d7:
                    d6:52:e8:76:e5:92:02:09:e3:0c:27:e9:eb:80:bc:
                    a3:30:ad:af:de:99:75:53:82:e6:f5:16:21:c8:b1:
                    d6:5b:68:31:b8:0d:1a:c7:e5:16:6e:a5:63:09:f3:
                    e5:b3:d9:b0:36:c0:0d:88:f9:35:7b:01:55:84:be:
                    c4:6e:d1:ac:01:a4:07:e0:fb:0d:fd:cf:20:bb:96:
                    42:d7:52:33:fa:37:b3:a4:10:18:c0:27:9e:e4:9d:
                    f6:5f:e0:a3:fa:6a:d7:e2:dd:63:55:13:da:6d:2e:
                    1c:de:6c:34:31:80:e7:11:f9:6d:31:7b:f5:41:19:
                    62:e0:4a:fe:98:59:b6:8a:b7:9d:30:2d:84:d0:30:
                    90:4c:d0:ff:d0:fa:83:8b:da:48:05:52:72:55:fd:
                    93:1e:8d:64:7a:d8:8c:c0:41:1a:8d:a2:50:ec:b2:
                    ba:4b:6e:c9:0d:d4:c3:64:8d:91:1d:29:19:b7:72:
                    3a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7A:33:2F:8E:BB:2E:4F:12:B7:EF:73:06:B5:16:CB:7C:6F:F5:EE
            X509v3 Authority Key Identifier:
                keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3139332e33352e3232362e302f32342d3234203d3e203536393632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:c7:1a:08:08:54:65:73:76:32:91:30:bf:3c:85:2e:8f:49:
         16:a9:54:44:db:ef:cd:4c:4f:b1:dc:c3:ca:a0:fb:05:c0:35:
         4a:96:d7:82:a6:57:19:b8:7c:11:1d:80:a6:09:83:d6:51:59:
         53:8c:d4:4b:39:56:72:09:04:30:83:00:b6:ce:ac:4b:c0:43:
         ac:d3:41:e1:b0:bc:6a:c0:6a:e2:3d:41:f0:09:28:9c:fa:35:
         33:90:56:34:16:53:39:d1:3a:0e:8c:25:f9:57:0d:58:62:a7:
         a4:83:68:11:7c:e1:0d:0d:c1:79:e1:d7:fc:eb:cb:d3:40:ce:
         11:02:c7:ab:54:b7:22:c3:ab:9f:36:57:c8:0c:db:9b:f7:5a:
         4c:92:49:66:a6:eb:38:d7:7c:32:30:9f:f1:56:d4:11:32:65:
         03:ac:12:5c:a0:f8:e8:63:28:ef:62:3b:54:9b:25:20:7d:e2:
         be:dc:95:61:64:75:08:42:cb:57:07:d7:ae:58:eb:03:20:00:
         50:e6:3f:5b:58:d3:bd:56:cb:73:19:59:46:c2:c2:a6:4e:e4:
         e1:75:d2:d2:0f:a6:47:31:62:32:da:5a:4d:71:43:4f:26:a4:
         ce:41:b7:a4:58:9c:bf:ca:b4:7e:fa:e2:a9:d2:28:eb:cf:2d:
         6e:75:56:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdTf0sPMBhQwvr0ofOVXNetwEqcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA2MTUxMDM2MzlaFw0yNTA2MTQxMDQxMzlaMDMxMTAvBgNV
BAMTKEZGN0EzMzJGOEVCQjJFNEYxMkI3RUY3MzA2QjUxNkNCN0M2RkY1RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcMwbIOlCg1n+4kJU+spiC+wH+
gIuie2eXLFNxMPzSktmNHeazG9jpjbbrQ5JIOrjbpXpAo5paFk3XtlylZKwmNVjS
66Hqz+ML19ZS6HblkgIJ4wwn6euAvKMwra/emXVTgub1FiHIsdZbaDG4DRrH5RZu
pWMJ8+Wz2bA2wA2I+TV7AVWEvsRu0awBpAfg+w39zyC7lkLXUjP6N7OkEBjAJ57k
nfZf4KP6atfi3WNVE9ptLhzebDQxgOcR+W0xe/VBGWLgSv6YWbaKt50wLYTQMJBM
0P/Q+oOL2kgFUnJV/ZMejWR62IzAQRqNolDssrpLbskN1MNkjZEdKRm3cjqTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/3ozL467Lk8St+9zBrUWy3xv9e4wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzOTMzMmUzMzM1MmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM2MzkzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSPiMA0GCSqGSIb3DQEBCwUAA4IBAQBbxxoICFRlc3YykTC/PIUuj0kWqVRE2+/N
TE+x3MPKoPsFwDVKlteCplcZuHwRHYCmCYPWUVlTjNRLOVZyCQQwgwC2zqxLwEOs
00HhsLxqwGriPUHwCSic+jUzkFY0FlM50ToOjCX5Vw1YYqekg2gRfOENDcF54df8
68vTQM4RAserVLciw6ufNlfIDNub91pMkklmpus413wyMJ/xVtQRMmUDrBJcoPjo
YyjvYjtUmyUgfeK+3JVhZHUIQstXB9euWOsDIABQ5j9bWNO9VstzGVlGwsKmTuTh
ddLSD6ZHMWIy2lpNcUNPJqTOQbekWJy/yrR++uKp0ijrzy1udVak
-----END CERTIFICATE-----
Generated at Mon Oct 14 17:29:35 2024 by rpki-client on console-ams.rpki-client.org