Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa
File:                     37372e38312e3133372e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier:          ennZkEqO/HOLTbkwSB/IUa7OOVQrllN9MoEAzouxNf4=
Subject key identifier:   3E:0B:65:8B:96:ED:F9:CE:B6:3A:3F:17:55:90:2F:9A:13:05:6A:BA
Certificate issuer:       /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial:       7F2A3BB143415BDD04F46DE9AC0AAD71AC9CE84F
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa
Signing time:             Fri 03 Nov 2023 20:10:47 +0000
ROA not before:           Fri 03 Nov 2023 20:05:47 +0000
ROA not after:            Fri 01 Nov 2024 20:10:47 +0000
asID:                     399641
IP address blocks:        77.81.137.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 01 Mar 2024 12:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:2a:3b:b1:43:41:5b:dd:04:f4:6d:e9:ac:0a:ad:71:ac:9c:e8:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
        Validity
            Not Before: Nov  3 20:05:47 2023 GMT
            Not After : Nov  1 20:10:47 2024 GMT
        Subject: CN=3E0B658B96EDF9CEB63A3F1755902F9A13056ABA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e4:04:59:4a:34:f1:e9:fb:5c:8e:38:69:bd:
                    c2:54:af:05:eb:cf:61:61:54:e7:ad:4b:d3:4b:25:
                    3e:70:a3:d7:25:58:f8:af:62:c5:3f:28:f2:ea:e0:
                    ee:ca:b3:81:08:7c:40:54:ac:cc:74:36:09:1c:a6:
                    95:2f:bd:03:c9:ce:40:4a:0c:f8:3e:ad:11:d4:86:
                    b0:31:ae:11:5f:04:cb:ba:a9:be:84:0c:c1:03:cb:
                    3e:42:84:c0:0b:9d:89:fd:84:61:82:d7:4f:5c:fa:
                    d5:89:97:90:2a:4f:df:91:b5:73:2e:00:b1:57:d0:
                    38:22:e4:60:1e:5f:61:36:7a:7a:1c:ca:2b:4a:6c:
                    ee:16:41:b0:60:da:d0:06:dd:a3:15:73:d8:2a:d0:
                    4c:7e:ee:27:53:9c:e4:95:89:db:d4:c2:01:10:04:
                    d6:80:8f:dc:3d:d3:12:4f:48:a7:34:b2:ad:f0:f3:
                    49:b5:39:5a:a5:2b:c9:7b:11:9d:0b:16:5d:95:0a:
                    45:fd:20:8a:e1:4c:b5:41:0f:31:81:ca:db:ce:11:
                    04:aa:7a:ac:0e:89:23:1c:9b:d3:36:d5:8f:00:7f:
                    a1:71:b0:d0:83:ed:ab:c6:a7:48:86:8e:13:99:0d:
                    3a:05:0c:fc:14:4c:8b:1c:3d:7d:6f:21:e5:bb:bb:
                    62:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:0B:65:8B:96:ED:F9:CE:B6:3A:3F:17:55:90:2F:9A:13:05:6A:BA
            X509v3 Authority Key Identifier:
                keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:ac:2e:c2:19:28:40:99:0b:b9:4a:34:2d:b8:72:0d:89:07:
         4f:6d:6a:06:ea:ba:98:ec:2e:db:be:68:ce:78:51:8a:2a:7e:
         47:ee:58:72:1b:33:d6:d5:c6:77:3b:71:9c:8e:2b:89:68:7f:
         d7:0b:33:62:97:21:04:03:43:70:b8:3e:cc:ca:16:fd:e3:be:
         d2:0c:60:75:47:f2:6b:3b:e8:38:b6:3f:c0:0c:30:af:46:c5:
         0b:34:85:54:e9:e2:d4:96:b1:6b:a6:0f:70:3d:d9:28:a5:62:
         02:4e:2e:ae:1e:40:fb:c6:f3:20:00:0b:bb:bd:bf:5f:42:53:
         29:9e:46:54:da:d3:c8:cc:04:c8:2d:26:df:1d:6a:de:5f:39:
         45:dd:95:c4:6d:53:51:52:2e:fe:1a:a8:ee:8f:8c:4b:91:2e:
         0a:22:16:60:99:ec:a1:d6:b8:32:5b:91:6d:b4:ba:13:40:f8:
         24:44:1c:91:e8:77:39:59:02:77:4b:d9:ca:b6:6f:61:fe:b9:
         d1:2b:fc:1d:cf:5f:f4:c1:61:b7:e3:09:8e:28:32:0e:35:ad:
         4a:35:7b:fb:bf:bc:fb:79:47:d3:55:62:7f:cb:ce:25:12:40:
         fb:c2:b6:e1:30:5b:5c:a7:10:3b:43:e6:74:63:59:69:81:3d:
         c1:eb:73:b4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfyo7sUNBW90E9G3prAqtcayc6E8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yMzExMDMyMDA1NDdaFw0yNDExMDEyMDEwNDdaMDMxMTAvBgNV
BAMTKDNFMEI2NThCOTZFREY5Q0VCNjNBM0YxNzU1OTAyRjlBMTMwNTZBQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI5ARZSjTx6ftcjjhpvcJUrwXr
z2FhVOetS9NLJT5wo9clWPivYsU/KPLq4O7Ks4EIfEBUrMx0NgkcppUvvQPJzkBK
DPg+rRHUhrAxrhFfBMu6qb6EDMEDyz5ChMALnYn9hGGC109c+tWJl5AqT9+RtXMu
ALFX0Dgi5GAeX2E2enocyitKbO4WQbBg2tAG3aMVc9gq0Ex+7idTnOSVidvUwgEQ
BNaAj9w90xJPSKc0sq3w80m1OVqlK8l7EZ0LFl2VCkX9IIrhTLVBDzGBytvOEQSq
eqwOiSMcm9M21Y8Af6FxsNCD7avGp0iGjhOZDToFDPwUTIscPX1vIeW7u2ILAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPgtli5bt+c62Oj8XVZAvmhMFarowHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzczNzJlMzgzMTJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM5MzYzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TVGJMA0GCSqGSIb3DQEBCwUAA4IBAQAbrC7CGShAmQu5SjQtuHINiQdPbWoG6rqY
7C7bvmjOeFGKKn5H7lhyGzPW1cZ3O3GcjiuJaH/XCzNilyEEA0NwuD7Myhb9477S
DGB1R/JrO+g4tj/ADDCvRsULNIVU6eLUlrFrpg9wPdkopWICTi6uHkD7xvMgAAu7
vb9fQlMpnkZU2tPIzATILSbfHWreXzlF3ZXEbVNRUi7+Gqjuj4xLkS4KIhZgmeyh
1rgyW5FttLoTQPgkRByR6Hc5WQJ3S9nKtm9h/rnRK/wdz1/0wWG34wmOKDIONa1K
NXv7v7z7eUfTVWJ/y84lEkD7wrbhMFtcpxA7Q+Z0Y1lpgT3B63O0
-----END CERTIFICATE-----
Generated at Thu Feb 29 21:33:05 2024 by rpki-client on console-fra.rpki-client.org