Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3139332e3234362e352e302f32342d3234203d3e203134343435.roa
File:                     3139332e3234362e352e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier:          CcLWC55fOyd5UDOp9XCoULUChRu3nUTZRYe1D+P3piM=
Subject key identifier:   93:23:43:16:46:18:93:A1:99:B7:B3:D2:EB:81:94:23:69:B7:02:8C
Certificate issuer:       /CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
Certificate serial:       7F557701255D055C03F96D80AFD257336F7353C1
Authority key identifier: C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3139332e3234362e352e302f32342d3234203d3e203134343435.roa
Signing time:             Thu 25 May 2023 20:18:04 +0000
ROA not before:           Thu 25 May 2023 20:13:04 +0000
ROA not after:            Thu 23 May 2024 20:18:04 +0000
asID:                     14445
IP address blocks:        193.246.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 03 Mar 2024 15:44:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:55:77:01:25:5d:05:5c:03:f9:6d:80:af:d2:57:33:6f:73:53:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
        Validity
            Not Before: May 25 20:13:04 2023 GMT
            Not After : May 23 20:18:04 2024 GMT
        Subject: CN=93234316461893A199B7B3D2EB81942369B7028C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:74:00:72:8b:05:ba:98:46:c8:47:1c:d6:29:
                    fb:57:54:68:40:32:1f:ec:53:f3:a8:aa:73:68:6b:
                    8d:a7:ad:c7:09:39:78:5d:f7:9a:53:9b:7c:90:a6:
                    01:7f:59:8e:90:52:bd:8b:2f:62:33:88:98:6b:b9:
                    3b:31:02:ce:49:7b:90:ca:45:9d:56:59:0c:79:20:
                    69:45:a7:d4:cd:ea:fc:dd:4d:cf:e2:45:31:b6:38:
                    90:92:b9:ac:ed:dc:88:93:38:34:35:b1:9f:4b:de:
                    45:9c:4a:bd:5d:2f:4e:79:29:c8:15:5d:26:83:e9:
                    4a:48:e1:8f:57:72:7a:d8:21:b5:db:e4:b3:96:97:
                    a0:0d:0d:e5:70:70:b3:78:d0:73:a4:91:d1:b9:20:
                    ed:0c:70:b1:9e:82:1f:71:74:6e:73:4d:2e:aa:38:
                    47:e0:6d:20:b8:db:ef:cb:05:a9:22:54:33:6c:2b:
                    2e:38:35:6a:19:91:0d:97:1a:ac:f2:a4:e3:62:c5:
                    90:2b:42:92:d3:59:e1:f5:2a:fc:4a:dd:f4:ec:e3:
                    29:cd:c7:07:fa:9b:f2:e0:77:d2:ea:49:a2:31:78:
                    d4:2d:dd:95:58:9a:27:ef:2d:ef:8d:af:63:1f:ad:
                    85:ea:bc:5a:c9:f3:dc:c4:fc:fe:83:2d:5f:d3:c6:
                    b1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:23:43:16:46:18:93:A1:99:B7:B3:D2:EB:81:94:23:69:B7:02:8C
            X509v3 Authority Key Identifier:
                keyid:C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3139332e3234362e352e302f32342d3234203d3e203134343435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.246.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:06:a5:be:13:1b:5d:4b:b1:80:c4:a3:37:0a:39:2c:69:5a:
         28:d6:66:a7:10:89:b3:64:6e:1a:74:3e:fe:1c:a0:2b:38:54:
         8b:84:a7:29:40:88:50:13:6c:e8:7c:82:9a:29:c2:c3:37:3e:
         1a:b7:da:58:bb:52:26:cf:3d:a0:d9:b6:90:cd:f6:6a:14:2e:
         1a:c2:37:b6:3f:cd:89:86:86:9f:63:05:4e:9d:b1:bc:bc:22:
         fe:e9:9a:b3:3e:70:c0:9e:4f:ee:5b:d4:4c:00:b3:19:c2:dd:
         ad:fb:ff:39:78:eb:a9:e6:ae:cd:86:3d:8a:14:17:27:a7:91:
         35:26:94:cd:2d:c0:4c:d5:ab:ed:b7:c0:90:e9:16:61:37:5b:
         02:5e:83:01:0f:26:99:06:7f:8b:53:d6:b6:60:54:58:8b:f5:
         a0:db:c8:b2:d5:1d:c9:87:a0:eb:6c:0f:00:9c:34:6e:6a:16:
         4b:18:bf:3a:36:b8:94:5c:39:37:76:58:46:f9:aa:a0:fb:eb:
         05:37:e1:26:cf:58:a2:ce:60:d9:40:41:31:ee:93:be:0f:4d:
         80:6f:c5:ca:57:af:6b:1d:a0:2b:9b:d5:a2:d8:6a:ec:3b:10:
         08:dc:16:4f:ff:29:3f:6e:4d:90:7b:a9:17:41:78:60:92:f6:
         95:2b:77:d8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUf1V3ASVdBVwD+W2Ar9JXM29zU8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc5ZDAyYzYxODg2MWFkNDViYWY3OGNlMzkwMjNjYmNi
NDk0YTdiZjAeFw0yMzA1MjUyMDEzMDRaFw0yNDA1MjMyMDE4MDRaMDMxMTAvBgNV
BAMTKDkzMjM0MzE2NDYxODkzQTE5OUI3QjNEMkVCODE5NDIzNjlCNzAyOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDdAByiwW6mEbIRxzWKftXVGhA
Mh/sU/OoqnNoa42nrccJOXhd95pTm3yQpgF/WY6QUr2LL2IziJhruTsxAs5Je5DK
RZ1WWQx5IGlFp9TN6vzdTc/iRTG2OJCSuazt3IiTODQ1sZ9L3kWcSr1dL055KcgV
XSaD6UpI4Y9XcnrYIbXb5LOWl6ANDeVwcLN40HOkkdG5IO0McLGegh9xdG5zTS6q
OEfgbSC42+/LBakiVDNsKy44NWoZkQ2XGqzypONixZArQpLTWeH1KvxK3fTs4ynN
xwf6m/Lgd9LqSaIxeNQt3ZVYmifvLe+Nr2MfrYXqvFrJ89zE/P6DLV/TxrEnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkyNDFkYYk6GZt7PS64GUI2m3AowwHwYDVR0j
BBgwFoAUx50CxhiGGtRbr3jOOQI8vLSUp78wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEtYTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0
ZjI4LzAvQzc5RDAyQzYxODg2MUFENDVCQUY3OENFMzkwMjNDQkNCNDk0QTdCRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3g1MEN4aGlHR3RSYnIzak9PUUk4dkxT
VXA3OC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEt
YTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0ZjI4LzAvMzEzOTMzMmUzMjM0MzYyZTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM0MzQzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMH2
BTANBgkqhkiG9w0BAQsFAAOCAQEAjAalvhMbXUuxgMSjNwo5LGlaKNZmpxCJs2Ru
GnQ+/hygKzhUi4SnKUCIUBNs6HyCminCwzc+GrfaWLtSJs89oNm2kM32ahQuGsI3
tj/NiYaGn2MFTp2xvLwi/umasz5wwJ5P7lvUTACzGcLdrfv/OXjrqeauzYY9ihQX
J6eRNSaUzS3ATNWr7bfAkOkWYTdbAl6DAQ8mmQZ/i1PWtmBUWIv1oNvIstUdyYeg
62wPAJw0bmoWSxi/Oja4lFw5N3ZYRvmqoPvrBTfhJs9Yos5g2UBBMe6Tvg9NgG/F
ylevax2gK5vVothq7DsQCNwWT/8pP25NkHupF0F4YJL2lSt32A==
-----END CERTIFICATE-----
Generated at Sat Mar 2 21:47:25 2024 by rpki-client on console-fra.rpki-client.org