Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34372e302f32342d3234203d3e20323031333431.roa
File:                     3138352e3136322e34372e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier:          Tienk5JJgaHXXC/+f8X+liZPo/4c1yTA96iy0wg5LOk=
Subject key identifier:   A4:75:04:FD:07:B0:22:57:B5:A4:36:C1:8C:26:02:3A:3F:66:7C:6C
Certificate issuer:       /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial:       43802BFC302E7111744C1616EF74F55A26EE052C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34372e302f32342d3234203d3e20323031333431.roa
Signing time:             Mon 26 Feb 2024 08:53:45 +0000
ROA not before:           Mon 26 Feb 2024 08:48:45 +0000
ROA not after:            Mon 24 Feb 2025 08:53:45 +0000
asID:                     201341
IP address blocks:        185.162.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 12:48:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:80:2b:fc:30:2e:71:11:74:4c:16:16:ef:74:f5:5a:26:ee:05:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
        Validity
            Not Before: Feb 26 08:48:45 2024 GMT
            Not After : Feb 24 08:53:45 2025 GMT
        Subject: CN=A47504FD07B02257B5A436C18C26023A3F667C6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b1:14:26:c5:c7:ae:40:c6:3e:0e:79:c9:ef:
                    7b:92:fc:02:00:19:06:bc:cb:46:c0:2b:9c:a6:df:
                    33:bb:47:55:66:17:d6:c6:1d:62:af:9a:52:3b:8d:
                    91:86:c3:27:4b:bd:f9:bd:ca:03:1a:55:7e:ca:ec:
                    3f:05:ab:f8:24:10:22:23:41:23:8f:0e:49:ef:b2:
                    4e:70:84:ee:15:ff:7c:d4:57:1a:e0:52:0d:01:12:
                    10:1c:3b:87:f7:db:12:39:91:14:8f:45:4e:36:f8:
                    3f:59:d6:8d:97:8d:2d:11:c9:22:30:31:7b:85:40:
                    9a:7c:54:d6:e9:b3:d5:fd:0a:62:2c:9f:33:91:9f:
                    9b:0a:32:d6:0f:2e:cf:ba:76:98:ac:d4:a3:51:64:
                    98:20:c7:37:2c:1f:3e:62:76:2c:7c:50:87:2d:87:
                    a8:f4:82:72:04:2f:2f:89:a3:b6:f9:2e:17:75:87:
                    34:da:d9:ae:9f:08:e7:3e:e4:1c:32:bf:06:67:88:
                    0a:50:81:58:80:56:54:7a:ee:df:47:d4:bb:e1:12:
                    c3:18:f1:53:6a:f3:d6:84:f4:a6:70:4b:ed:4a:b5:
                    c8:8d:c1:c5:cb:26:6d:d0:fb:7c:29:3c:1e:19:de:
                    45:fd:5b:e7:21:ea:0f:3b:fc:44:ae:e3:b5:18:36:
                    bd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:75:04:FD:07:B0:22:57:B5:A4:36:C1:8C:26:02:3A:3F:66:7C:6C
            X509v3 Authority Key Identifier:
                keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34372e302f32342d3234203d3e20323031333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:8a:02:bc:81:4b:b8:f5:1d:55:73:ee:44:65:c8:ca:bf:f6:
         fe:9c:d0:d1:85:b8:cf:12:fb:99:4b:3e:01:ad:e1:82:05:d0:
         62:c9:00:25:b6:ce:6f:6f:a1:3d:22:d8:57:bf:b7:36:e3:f5:
         30:0e:29:7c:f1:a7:4c:29:8d:18:4d:3c:e5:a8:a5:30:34:a8:
         a7:b9:da:2a:fd:f9:fd:d8:24:1a:50:04:80:d9:09:17:5d:b2:
         61:93:8e:d5:c6:71:6e:87:4e:19:11:81:39:ff:93:af:7f:23:
         d3:84:b6:4c:57:c0:c2:88:60:f6:b9:c0:fb:e8:ab:8b:fa:18:
         7c:4c:2d:6d:a0:cf:4a:d9:b2:b1:ac:4e:6e:2d:25:4e:3e:58:
         ce:36:15:79:7c:dc:07:d4:e0:8f:80:47:47:64:4e:66:f6:3a:
         26:fb:ee:4d:e8:ee:ab:d3:1f:f4:11:f5:28:08:b4:fc:b7:d0:
         e6:5c:04:c6:b2:6b:57:08:e4:52:9b:94:60:8d:cb:52:e7:77:
         9b:8a:06:30:51:6e:49:b3:88:f7:5b:dd:aa:5c:0c:98:9f:1f:
         8c:de:01:ca:52:e6:3f:d3:79:75:c5:90:da:cc:9c:d4:82:63:
         cc:b7:03:60:56:ef:58:38:38:81:c8:07:27:8e:fa:63:8a:13:
         c9:19:8d:29
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUQ4Ar/DAucRF0TBYW73T1WibuBSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDVaFw0yNTAyMjQwODUzNDVaMDMxMTAvBgNV
BAMTKEE0NzUwNEZEMDdCMDIyNTdCNUE0MzZDMThDMjYwMjNBM0Y2NjdDNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4sRQmxceuQMY+DnnJ73uS/AIA
GQa8y0bAK5ym3zO7R1VmF9bGHWKvmlI7jZGGwydLvfm9ygMaVX7K7D8Fq/gkECIj
QSOPDknvsk5whO4V/3zUVxrgUg0BEhAcO4f32xI5kRSPRU42+D9Z1o2XjS0RySIw
MXuFQJp8VNbps9X9CmIsnzORn5sKMtYPLs+6dpis1KNRZJggxzcsHz5idix8UIct
h6j0gnIELy+Jo7b5Lhd1hzTa2a6fCOc+5BwyvwZniApQgViAVlR67t9H1LvhEsMY
8VNq89aE9KZwS+1KtciNwcXLJm3Q+3wpPB4Z3kX9W+ch6g87/ESu47UYNr2BAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUpHUE/QewIle1pDbBjCYCOj9mfGwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MjJlMzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmiLzANBgkqhkiG9w0BAQsFAAOCAQEAbYoCvIFLuPUdVXPuRGXIyr/2
/pzQ0YW4zxL7mUs+Aa3hggXQYskAJbbOb2+hPSLYV7+3NuP1MA4pfPGnTCmNGE08
5ailMDSop7naKv35/dgkGlAEgNkJF12yYZOO1cZxbodOGRGBOf+Tr38j04S2TFfA
wohg9rnA++iri/oYfEwtbaDPStmysaxObi0lTj5YzjYVeXzcB9Tgj4BHR2ROZvY6
JvvuTejuq9Mf9BH1KAi0/LfQ5lwExrJrVwjkUpuUYI3LUud3m4oGMFFuSbOI91vd
qlwMmJ8fjN4BylLmP9N5dcWQ2syc1IJjzLcDYFbvWDg4gcgHJ476Y4oTyRmNKQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:18:35 2024 by rpki-client on console-ams.rpki-client.org