Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa
File:                     3139342e3139352e39322e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier:          OfDYs3Ty/2FKqyYBAmqYO04ePkPiXHOEub9qX8IjO5s=
Subject key identifier:   84:88:11:28:5D:73:E7:85:83:0B:B2:D2:F1:81:C5:0F:7C:4F:D3:83
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       0858DF735B586D90A1BC5804F55A1431AD8370F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa
Signing time:             Mon 26 Feb 2024 08:53:31 +0000
ROA not before:           Mon 26 Feb 2024 08:48:31 +0000
ROA not after:            Mon 24 Feb 2025 08:53:31 +0000
asID:                     47583
IP address blocks:        194.195.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:58:df:73:5b:58:6d:90:a1:bc:58:04:f5:5a:14:31:ad:83:70:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Feb 26 08:48:31 2024 GMT
            Not After : Feb 24 08:53:31 2025 GMT
        Subject: CN=848811285D73E785830BB2D2F181C50F7C4FD383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1b:7d:51:3d:a8:81:ca:7b:d1:89:03:56:d4:
                    3b:79:c3:1d:b6:bd:b7:d8:03:52:95:a8:a0:c9:b2:
                    d7:04:33:06:11:95:27:1b:d1:77:51:d2:82:38:0c:
                    8d:8a:d6:7e:50:02:f9:07:87:d4:b3:5a:43:27:10:
                    50:56:2b:94:f5:cf:e2:18:f4:93:d2:a4:a8:b0:81:
                    de:6b:bf:a2:89:df:41:48:1c:b1:82:53:25:47:ad:
                    df:6e:df:d8:87:f7:e0:1d:f7:d9:fc:8a:fa:96:08:
                    c4:c0:6e:8f:92:87:7a:13:a7:d7:29:4e:a6:2d:ed:
                    87:f0:de:4c:03:b3:fe:51:be:d6:a7:5f:6c:67:d8:
                    64:88:36:46:1a:97:cc:53:fd:39:66:09:17:13:10:
                    d5:c0:75:f8:87:4f:20:ee:be:10:fb:e2:84:3f:29:
                    40:ad:a7:e8:aa:96:c7:e9:ab:6c:ae:c3:e2:61:46:
                    e7:10:dc:86:c2:57:90:cd:c6:ef:d2:28:77:d7:8e:
                    42:0d:c1:df:1a:82:61:03:a7:7e:47:fa:b7:17:e9:
                    d1:3f:2e:4f:02:5e:d0:33:8c:54:00:b2:5d:06:76:
                    e5:96:87:2d:03:e2:67:3b:b7:af:b6:bd:04:45:d8:
                    4c:5c:fc:09:04:9f:4b:88:03:53:08:8d:db:29:da:
                    7f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:88:11:28:5D:73:E7:85:83:0B:B2:D2:F1:81:C5:0F:7C:4F:D3:83
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.195.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:a0:bc:8a:1c:1d:39:86:ee:d1:32:99:74:e3:e9:ee:f5:84:
         1e:3c:c3:26:07:2f:d5:ab:82:9f:87:df:a2:74:3d:6e:9f:a3:
         41:94:4e:dc:fd:23:5b:86:6d:c5:87:b5:a2:fa:1e:32:08:77:
         f4:08:10:83:da:63:9a:32:5b:74:fe:a5:84:71:b4:6a:fc:20:
         fc:1e:69:fd:01:86:74:85:0d:89:4a:65:88:0b:b8:19:c9:9a:
         ba:50:0d:d6:86:8f:6c:ea:a9:16:64:a5:59:2c:c8:ea:c8:b4:
         53:6a:de:6b:59:f1:7b:b2:61:a0:e6:2f:04:ea:50:8c:90:ec:
         e9:e2:5a:66:81:2c:56:50:23:50:88:73:2b:9f:8c:d2:9d:5c:
         d3:81:bb:4e:b4:c7:c4:11:7d:cf:42:b1:b7:49:63:3c:e1:42:
         d7:38:5d:6e:55:02:c0:7c:be:7b:7b:36:29:d9:9f:4c:d4:10:
         84:2f:2e:bc:ff:ee:f8:bc:a6:21:43:10:9d:87:a6:dd:a5:66:
         df:8e:18:54:d1:e1:50:f3:3a:9f:cc:ba:02:f1:a0:20:ca:13:
         cd:f5:4b:07:8b:24:0e:0e:64:bb:6f:97:93:33:c3:29:5e:b1:
         63:c9:c3:9f:a6:f7:d0:b2:ae:a5:5f:89:11:75:8d:4b:e9:40:
         1c:5d:8b:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCFjfc1tYbZChvFgE9VoUMa2DcPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzFaFw0yNTAyMjQwODUzMzFaMDMxMTAvBgNV
BAMTKDg0ODgxMTI4NUQ3M0U3ODU4MzBCQjJEMkYxODFDNTBGN0M0RkQzODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPG31RPaiBynvRiQNW1Dt5wx22
vbfYA1KVqKDJstcEMwYRlScb0XdR0oI4DI2K1n5QAvkHh9SzWkMnEFBWK5T1z+IY
9JPSpKiwgd5rv6KJ30FIHLGCUyVHrd9u39iH9+Ad99n8ivqWCMTAbo+Sh3oTp9cp
TqYt7Yfw3kwDs/5RvtanX2xn2GSINkYal8xT/TlmCRcTENXAdfiHTyDuvhD74oQ/
KUCtp+iqlsfpq2yuw+JhRucQ3IbCV5DNxu/SKHfXjkINwd8agmEDp35H+rcX6dE/
Lk8CXtAzjFQAsl0GduWWhy0D4mc7t6+2vQRF2Exc/AkEn0uIA1MIjdsp2n+PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhIgRKF1z54WDC7LS8YHFD3xP04MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wsNcMA0GCSqGSIb3DQEBCwUAA4IBAQCZoLyKHB05hu7RMpl04+nu9YQePMMmBy/V
q4Kfh9+idD1un6NBlE7c/SNbhm3Fh7Wi+h4yCHf0CBCD2mOaMlt0/qWEcbRq/CD8
Hmn9AYZ0hQ2JSmWIC7gZyZq6UA3Who9s6qkWZKVZLMjqyLRTat5rWfF7smGg5i8E
6lCMkOzp4lpmgSxWUCNQiHMrn4zSnVzTgbtOtMfEEX3PQrG3SWM84ULXOF1uVQLA
fL57ezYp2Z9M1BCELy68/+74vKYhQxCdh6bdpWbfjhhU0eFQ8zqfzLoC8aAgyhPN
9UsHiyQODmS7b5eTM8MpXrFjycOfpvfQsq6lX4kRdY1L6UAcXYv5
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:48 2024 by rpki-client on console-ams.rpki-client.org