Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138362e302f32342d3234203d3e203631333137.roa
File:                     36322e3132322e3138362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          VUIjdEczLAKkO/RvceFD0qOM2mE5giUZbHDkmK+A23o=
Subject key identifier:   34:79:0A:9F:70:B4:0A:03:3B:44:B6:0A:5C:1B:86:8E:DF:F6:F3:8E
Certificate issuer:       /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial:       746524A50D4E8060526FF492A44432489385977B
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138362e302f32342d3234203d3e203631333137.roa
Signing time:             Tue 27 Aug 2024 02:05:19 +0000
ROA not before:           Tue 27 Aug 2024 02:00:19 +0000
ROA not after:            Tue 26 Aug 2025 02:05:19 +0000
asID:                     61317
IP address blocks:        62.122.186.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 15 Oct 2024 13:20:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:65:24:a5:0d:4e:80:60:52:6f:f4:92:a4:44:32:48:93:85:97:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
        Validity
            Not Before: Aug 27 02:00:19 2024 GMT
            Not After : Aug 26 02:05:19 2025 GMT
        Subject: CN=34790A9F70B40A033B44B60A5C1B868EDFF6F38E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c9:a7:a6:9f:5f:40:fb:0a:19:9a:c4:35:db:
                    bc:9d:20:52:89:64:16:38:78:3c:0f:54:16:75:2b:
                    cf:6b:7e:76:a8:5e:34:de:f6:b7:d7:4a:f9:98:3c:
                    93:e7:8b:30:24:0e:e0:aa:59:e4:aa:0d:e3:e9:76:
                    e5:dc:13:d0:eb:b1:92:a6:e4:31:57:89:f0:e9:10:
                    a8:b6:93:b0:cd:a6:0f:97:7c:3c:dd:4b:e2:e7:0a:
                    ac:f0:4b:b5:19:67:61:74:71:ec:19:fa:c7:03:c5:
                    fb:e3:93:da:43:83:bf:76:6a:25:f9:10:1c:a9:97:
                    e0:9f:5b:1a:dc:3c:92:bf:9e:34:45:22:dc:51:2f:
                    1e:b8:46:41:28:1c:ec:1a:eb:cc:de:1e:3b:b1:d6:
                    eb:1d:64:d3:b0:44:e8:e2:a5:d1:61:cd:85:a5:25:
                    bd:74:c7:96:2d:da:c4:49:6d:41:3b:3e:a5:02:e3:
                    85:51:9a:98:55:c8:45:13:2d:b7:a8:70:9a:a0:45:
                    24:b5:aa:5d:c8:cc:76:14:30:0b:6c:61:2d:67:01:
                    a0:08:50:95:b3:ac:6e:78:c2:19:6b:19:22:00:f3:
                    f5:06:f1:a9:1f:9c:99:a8:a4:b5:78:13:c6:cb:25:
                    74:fe:17:11:f6:eb:a8:f9:c4:e2:d1:b8:c5:17:fc:
                    a4:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:79:0A:9F:70:B4:0A:03:3B:44:B6:0A:5C:1B:86:8E:DF:F6:F3:8E
            X509v3 Authority Key Identifier:
                keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/36322e3132322e3138362e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:e5:d1:07:ea:94:97:bc:25:b5:79:d8:3b:77:38:cb:a2:02:
         c9:ce:d6:af:e5:0b:8d:8a:3e:a4:2f:ab:6e:91:d8:36:8f:21:
         53:8b:1c:ce:ed:79:40:64:ce:18:c5:27:d3:6a:81:dd:a3:ed:
         b3:dc:37:10:8e:fa:51:86:94:f7:18:61:0c:82:21:f1:ce:94:
         85:83:61:fc:98:6d:2d:3e:bd:be:90:e5:97:fb:2c:8d:c4:aa:
         a9:7b:d4:8e:50:e1:90:fd:26:6f:61:c7:8c:0d:3d:01:bf:c4:
         28:96:7f:34:f6:78:6d:ff:5b:d3:8a:1c:d5:a9:3e:0c:c5:4b:
         8a:29:f9:90:f0:b7:ea:cf:86:ce:27:41:b5:2f:3d:ca:9b:5d:
         c8:23:40:a3:32:a0:47:bf:92:37:ea:b0:62:bd:b2:fa:6c:c1:
         e8:44:ce:94:c1:78:d1:ec:20:9a:b8:24:37:36:6a:bc:ff:60:
         cc:2d:0a:3d:a4:ac:8f:63:97:84:20:a8:b0:a6:78:e5:0e:64:
         a7:ab:2e:17:9a:23:3f:e1:6d:8e:35:5c:7a:a6:a0:9a:13:a1:
         3c:21:6e:80:c6:0d:6e:d4:37:08:5e:89:ff:d3:4c:19:5b:52:
         c1:fe:13:46:20:4f:4e:12:51:a3:0f:81:32:96:db:28:28:ad:
         f5:86:76:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdGUkpQ1OgGBSb/SSpEQySJOFl3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA4MjcwMjAwMTlaFw0yNTA4MjYwMjA1MTlaMDMxMTAvBgNV
BAMTKDM0NzkwQTlGNzBCNDBBMDMzQjQ0QjYwQTVDMUI4NjhFREZGNkYzOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiyaemn19A+woZmsQ127ydIFKJ
ZBY4eDwPVBZ1K89rfnaoXjTe9rfXSvmYPJPnizAkDuCqWeSqDePpduXcE9DrsZKm
5DFXifDpEKi2k7DNpg+XfDzdS+LnCqzwS7UZZ2F0cewZ+scDxfvjk9pDg792aiX5
EBypl+CfWxrcPJK/njRFItxRLx64RkEoHOwa68zeHjux1usdZNOwROjipdFhzYWl
Jb10x5Yt2sRJbUE7PqUC44VRmphVyEUTLbeocJqgRSS1ql3IzHYUMAtsYS1nAaAI
UJWzrG54whlrGSIA8/UG8akfnJmopLV4E8bLJXT+FxH266j5xOLRuMUX/KQdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNHkKn3C0CgM7RLYKXBuGjt/2844wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzYzMjJlMzEzMjMyMmUzMTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Pnq6MA0GCSqGSIb3DQEBCwUAA4IBAQCk5dEH6pSXvCW1edg7dzjLogLJztav5QuN
ij6kL6tukdg2jyFTixzO7XlAZM4YxSfTaoHdo+2z3DcQjvpRhpT3GGEMgiHxzpSF
g2H8mG0tPr2+kOWX+yyNxKqpe9SOUOGQ/SZvYceMDT0Bv8Qoln809nht/1vTihzV
qT4MxUuKKfmQ8Lfqz4bOJ0G1Lz3Km13II0CjMqBHv5I36rBivbL6bMHoRM6UwXjR
7CCauCQ3Nmq8/2DMLQo9pKyPY5eEIKiwpnjlDmSnqy4XmiM/4W2ONVx6pqCaE6E8
IW6Axg1u1DcIXon/00wZW1LB/hNGIE9OElGjD4EyltsoKK31hnaW
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:19:45 2024 by rpki-client on console-fra.rpki-client.org