Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa
File:                     39352e3136392e3136372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier:          qly1Jd5CoWKjMKUUuUOiYM/Zs/B2R5A4Q72Ibqsr/4o=
Subject key identifier:   4B:EB:49:C7:EF:DE:83:43:E1:07:2C:0E:84:03:47:61:20:6B:36:B9
Certificate issuer:       /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial:       37430E4B756C72D9F0D6286504C98290BBEDA052
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa
Signing time:             Wed 11 Sep 2024 15:29:25 +0000
ROA not before:           Wed 11 Sep 2024 15:24:25 +0000
ROA not after:            Wed 10 Sep 2025 15:29:25 +0000
asID:                     29802
IP address blocks:        95.169.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:43:0e:4b:75:6c:72:d9:f0:d6:28:65:04:c9:82:90:bb:ed:a0:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
        Validity
            Not Before: Sep 11 15:24:25 2024 GMT
            Not After : Sep 10 15:29:25 2025 GMT
        Subject: CN=4BEB49C7EFDE8343E1072C0E84034761206B36B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:23:66:96:9d:0a:1c:18:41:ff:4c:08:17:3f:
                    c5:15:13:fe:ae:9b:fb:93:78:d1:eb:9a:63:81:c7:
                    ff:69:aa:38:93:cb:c6:90:8f:e2:9b:04:d7:2a:3b:
                    79:f3:43:ec:d4:de:df:23:0b:2f:2e:ad:3a:e1:59:
                    21:da:10:16:bb:01:31:32:12:3f:60:dd:41:7b:6c:
                    17:b0:01:6f:09:c0:9e:8d:12:5f:2f:26:26:c2:ff:
                    ed:eb:ac:b0:05:dc:34:cc:4c:3e:ed:d9:0f:41:66:
                    45:83:17:b2:cf:c1:e2:3f:bc:dd:e8:10:8d:8f:a5:
                    24:39:12:5c:1a:64:a7:35:16:91:4f:92:15:5f:ee:
                    28:f3:89:c9:00:8f:8d:c4:de:a4:27:24:d7:ae:a9:
                    f7:fa:0a:61:10:cb:53:64:ff:13:bc:bd:80:3b:b5:
                    fb:8b:b5:77:f5:30:b1:d4:e5:2e:2f:e2:10:74:ee:
                    77:03:5e:e8:81:99:f5:5f:4f:2c:b9:b2:c2:20:c1:
                    f8:14:e9:11:dc:22:be:d9:b3:12:57:83:6a:dc:46:
                    5e:df:fe:2b:2d:f8:51:d5:aa:22:31:1a:0d:af:d4:
                    ba:18:44:8c:ec:e8:c3:0b:c6:a0:3f:d4:d1:78:9f:
                    fd:52:0a:1f:7b:c0:33:25:cc:37:e2:63:4a:58:9a:
                    6a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:EB:49:C7:EF:DE:83:43:E1:07:2C:0E:84:03:47:61:20:6B:36:B9
            X509v3 Authority Key Identifier:
                keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136372e302f32342d3234203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.169.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:3a:b8:b4:a5:0e:a6:35:db:b8:18:36:ee:4a:d4:e7:65:64:
         a1:55:47:19:81:a6:1c:19:71:4d:48:5d:ac:cd:10:f1:63:e5:
         43:03:b6:fb:b0:dd:38:ee:69:80:d2:19:fa:58:69:1a:7f:e6:
         eb:7a:f7:6b:95:c8:a8:65:61:8d:e2:ed:f7:2b:ea:15:0a:f2:
         08:6d:cc:87:73:94:59:c7:ff:3d:3f:34:15:f0:82:7b:77:fe:
         c6:69:58:55:c3:c3:d9:64:a8:8f:69:0b:56:12:4f:8d:d9:e7:
         d2:13:7b:30:7a:81:84:48:da:bf:09:a7:9d:3f:1a:1f:e0:6b:
         3d:41:5f:dc:47:da:33:15:c9:12:c5:1a:93:48:df:c2:89:6b:
         6d:d9:3d:35:b9:f2:de:bc:db:30:ea:11:e6:0c:8a:e6:76:e1:
         38:bd:a4:ca:29:e4:db:12:35:19:19:8c:c3:b4:64:90:10:e1:
         aa:5d:0e:17:a8:7f:b3:d4:c8:3e:6e:8d:15:e4:2d:2f:7b:bb:
         43:ea:71:6f:61:19:aa:85:b2:45:86:bb:dd:35:f7:a3:2a:8c:
         81:94:14:e3:22:30:33:2a:9f:ab:3d:ae:02:66:ba:8c:6b:ef:
         cb:25:f5:d5:00:88:8f:bb:41:c7:89:6e:83:90:ec:a3:99:9a:
         f4:34:eb:92
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN0MOS3Vsctnw1ihlBMmCkLvtoFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDA5MTExNTI0MjVaFw0yNTA5MTAxNTI5MjVaMDMxMTAvBgNV
BAMTKDRCRUI0OUM3RUZERTgzNDNFMTA3MkMwRTg0MDM0NzYxMjA2QjM2QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsI2aWnQocGEH/TAgXP8UVE/6u
m/uTeNHrmmOBx/9pqjiTy8aQj+KbBNcqO3nzQ+zU3t8jCy8urTrhWSHaEBa7ATEy
Ej9g3UF7bBewAW8JwJ6NEl8vJibC/+3rrLAF3DTMTD7t2Q9BZkWDF7LPweI/vN3o
EI2PpSQ5ElwaZKc1FpFPkhVf7ijzickAj43E3qQnJNeuqff6CmEQy1Nk/xO8vYA7
tfuLtXf1MLHU5S4v4hB07ncDXuiBmfVfTyy5ssIgwfgU6RHcIr7ZsxJXg2rcRl7f
/ist+FHVqiIxGg2v1LoYRIzs6MMLxqA/1NF4n/1SCh97wDMlzDfiY0pYmmoZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUS+tJx+/eg0PhBywOhANHYSBrNrkwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mnMA0GCSqGSIb3DQEBCwUAA4IBAQCbOri0pQ6mNdu4GDbuStTnZWShVUcZgaYc
GXFNSF2szRDxY+VDA7b7sN047mmA0hn6WGkaf+brevdrlcioZWGN4u33K+oVCvII
bcyHc5RZx/89PzQV8IJ7d/7GaVhVw8PZZKiPaQtWEk+N2efSE3sweoGESNq/Caed
Pxof4Gs9QV/cR9ozFckSxRqTSN/CiWtt2T01ufLevNsw6hHmDIrmduE4vaTKKeTb
EjUZGYzDtGSQEOGqXQ4XqH+z1Mg+bo0V5C0ve7tD6nFvYRmqhbJFhrvdNfejKoyB
lBTjIjAzKp+rPa4CZrqMa+/LJfXVAIiPu0HHiW6DkOyjmZr0NOuS
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org