Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa
File:                     39352e3136392e3136392e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier:          MKWz9yCoy3y6Dfjk4I5UESnHv6esVj8zNYuVZTU3NGU=
Subject key identifier:   16:A1:19:90:0E:5E:0F:DD:C7:19:59:64:97:7D:68:92:96:58:C2:76
Certificate issuer:       /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial:       4893C13759B517387CFAE3C4A3543E315536BFF2
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa
Signing time:             Fri 31 May 2024 09:35:30 +0000
ROA not before:           Fri 31 May 2024 09:30:30 +0000
ROA not after:            Fri 30 May 2025 09:35:30 +0000
asID:                     31103
IP address blocks:        95.169.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:93:c1:37:59:b5:17:38:7c:fa:e3:c4:a3:54:3e:31:55:36:bf:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
        Validity
            Not Before: May 31 09:30:30 2024 GMT
            Not After : May 30 09:35:30 2025 GMT
        Subject: CN=16A119900E5E0FDDC7195964977D68929658C276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7d:30:a1:d4:c3:2a:6d:c6:f3:57:8b:7d:5d:
                    84:2d:68:b8:6c:c2:90:ba:4c:65:ef:1a:e3:5a:9e:
                    ec:2e:9f:80:07:3a:1b:0f:ea:e8:ee:44:99:00:d7:
                    32:14:5e:0c:4c:a5:9b:9f:83:52:6c:e6:fc:49:d5:
                    45:1a:a1:ee:70:18:2c:ff:bf:8a:bd:35:d0:07:f5:
                    d0:65:23:5a:ea:73:f2:54:e8:39:61:ce:ed:5b:d4:
                    49:d7:6b:3d:a3:62:81:4a:a2:ef:31:2a:94:84:f4:
                    92:19:af:8c:4a:10:48:6a:fe:90:84:ca:11:b3:7c:
                    25:23:8f:c5:f9:64:8a:5d:6c:72:ff:4c:7f:8b:6c:
                    17:a2:f9:1c:cc:41:d6:57:cc:93:53:3d:ce:db:6a:
                    0f:75:15:72:c2:7f:b9:70:69:36:27:60:64:7a:9f:
                    21:d9:ec:4d:5c:6e:d3:02:32:ef:07:e3:60:c2:45:
                    78:ff:f3:40:81:aa:f4:1b:45:05:c9:44:86:7d:02:
                    e1:6b:a1:e1:8c:03:e5:ec:3d:32:42:48:bc:52:c8:
                    4c:d1:5e:70:71:c1:48:ea:55:bd:e7:cd:ff:5c:69:
                    49:2e:b9:18:d1:95:68:3c:bf:7c:35:2a:57:11:c5:
                    d2:24:9a:5d:f3:c0:11:9d:ee:75:c9:15:df:dd:b5:
                    3c:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:A1:19:90:0E:5E:0F:DD:C7:19:59:64:97:7D:68:92:96:58:C2:76
            X509v3 Authority Key Identifier:
                keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136392e302f32342d3234203d3e203331313033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.169.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:37:31:c6:b1:d3:9c:d7:02:b5:33:f2:53:ad:6e:93:cd:d6:
         ef:94:fc:b3:c1:1c:e2:f8:0b:df:3f:cb:ea:70:5a:7d:1e:11:
         c1:57:0b:32:9d:46:69:99:05:6a:d1:86:a8:d0:ac:48:c4:2b:
         5f:cd:07:a9:e8:7d:dd:0e:c8:6c:9a:8f:d0:67:ca:2c:21:f8:
         08:6b:52:13:c2:4b:99:30:f3:5f:02:1f:49:50:74:d3:ce:ed:
         cd:f1:86:f9:65:dc:23:07:cc:0a:cf:70:af:a1:b1:0a:16:67:
         c1:7a:bf:37:40:73:7b:03:4c:66:a6:6f:d2:dc:6d:18:c7:76:
         a8:98:2d:4d:20:11:52:ee:46:0e:22:07:11:c1:00:ce:c7:48:
         d6:74:81:5b:8f:af:14:1f:52:7a:ba:3e:c2:d5:7a:ee:87:b1:
         c0:bd:e0:ff:d0:c3:e1:d2:d2:5c:cc:f2:e6:ea:3b:ed:6e:a2:
         86:7d:ac:03:cd:52:25:70:e4:37:55:fe:c2:dc:4f:84:27:71:
         90:43:91:12:66:d3:85:4b:bb:12:d8:83:f3:ed:31:75:d1:01:
         8d:ce:d0:50:ab:7d:e2:f7:69:83:8b:20:07:9e:c2:c1:ea:92:
         a2:82:86:8a:8d:a9:a4:b6:c3:1a:17:dc:75:0f:a2:71:21:93:
         f2:f5:13:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSJPBN1m1Fzh8+uPEo1Q+MVU2v/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDA1MzEwOTMwMzBaFw0yNTA1MzAwOTM1MzBaMDMxMTAvBgNV
BAMTKDE2QTExOTkwMEU1RTBGRERDNzE5NTk2NDk3N0Q2ODkyOTY1OEMyNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpfTCh1MMqbcbzV4t9XYQtaLhs
wpC6TGXvGuNanuwun4AHOhsP6ujuRJkA1zIUXgxMpZufg1Js5vxJ1UUaoe5wGCz/
v4q9NdAH9dBlI1rqc/JU6Dlhzu1b1EnXaz2jYoFKou8xKpSE9JIZr4xKEEhq/pCE
yhGzfCUjj8X5ZIpdbHL/TH+LbBei+RzMQdZXzJNTPc7bag91FXLCf7lwaTYnYGR6
nyHZ7E1cbtMCMu8H42DCRXj/80CBqvQbRQXJRIZ9AuFroeGMA+XsPTJCSLxSyEzR
XnBxwUjqVb3nzf9caUkuuRjRlWg8v3w1KlcRxdIkml3zwBGd7nXJFd/dtTy7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFqEZkA5eD93HGVlkl31okpZYwnYwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mpMA0GCSqGSIb3DQEBCwUAA4IBAQAmNzHGsdOc1wK1M/JTrW6TzdbvlPyzwRzi
+AvfP8vqcFp9HhHBVwsynUZpmQVq0Yao0KxIxCtfzQep6H3dDshsmo/QZ8osIfgI
a1ITwkuZMPNfAh9JUHTTzu3N8Yb5ZdwjB8wKz3CvobEKFmfBer83QHN7A0xmpm/S
3G0Yx3aomC1NIBFS7kYOIgcRwQDOx0jWdIFbj68UH1J6uj7C1Xruh7HAveD/0MPh
0tJczPLm6jvtbqKGfawDzVIlcOQ3Vf7C3E+EJ3GQQ5ESZtOFS7sS2IPz7TF10QGN
ztBQq33i92mDiyAHnsLB6pKigoaKjamktsMaF9x1D6JxIZPy9RPU
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org