Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138342e302f32342d3234203d3e20313336373837.roa
File:                     34352e38302e3138342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          pxWbGw5wlsB58LPqFFv441ZnOw8H5e8TMFRF1PEc6KM=
Subject key identifier:   22:E3:21:98:78:9C:E5:90:BD:FA:4B:13:5E:9E:01:C4:20:2B:A7:62
Certificate issuer:       /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial:       2CB284F488D1D5A9F50D4D305E473E3E756917B5
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138342e302f32342d3234203d3e20313336373837.roa
Signing time:             Sat 02 Mar 2024 21:54:00 +0000
ROA not before:           Sat 02 Mar 2024 21:49:00 +0000
ROA not after:            Sat 01 Mar 2025 21:54:00 +0000
asID:                     136787
IP address blocks:        45.80.184.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:42:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:b2:84:f4:88:d1:d5:a9:f5:0d:4d:30:5e:47:3e:3e:75:69:17:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
        Validity
            Not Before: Mar  2 21:49:00 2024 GMT
            Not After : Mar  1 21:54:00 2025 GMT
        Subject: CN=22E32198789CE590BDFA4B135E9E01C4202BA762
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:0a:ba:56:04:86:02:85:0a:db:27:56:f4:99:
                    0e:fd:0a:ee:1e:b7:a4:a3:38:53:e7:01:7c:84:b6:
                    8d:2a:75:27:8c:10:c8:02:d9:25:72:fe:b3:28:d3:
                    62:d3:f7:31:1a:ad:6a:89:bd:85:c2:b7:cf:73:17:
                    e7:02:64:0d:a9:8d:13:94:3a:3e:5a:20:4b:8e:04:
                    27:61:a3:ce:c3:57:95:c0:74:53:57:52:29:02:5b:
                    13:d2:fe:79:37:ff:69:28:d6:fd:be:9a:3f:e9:74:
                    c8:ef:40:d1:6f:82:f6:1b:22:d9:9c:05:88:54:8e:
                    22:a9:ce:75:88:19:2f:c1:e8:3e:b9:58:d8:83:9b:
                    0d:17:dc:dc:a0:ab:85:6e:a4:e6:97:66:ee:0b:0d:
                    b5:77:5f:ef:42:a8:d2:72:98:c8:ad:4f:3a:48:d6:
                    f6:ce:6f:07:f0:62:45:bf:fc:d2:0d:d0:87:1f:50:
                    0d:22:3c:f9:b0:17:a3:f8:15:14:bc:cd:46:6b:f6:
                    51:d8:10:65:13:0c:9e:25:fa:22:ff:9a:35:f0:47:
                    6f:10:29:22:de:6e:39:1e:1f:46:c6:26:4c:18:b5:
                    83:f6:9a:c5:a6:82:2d:48:57:ef:35:18:9d:e4:32:
                    83:2a:20:3f:a3:d3:33:a0:e8:39:4a:34:95:ea:28:
                    14:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:E3:21:98:78:9C:E5:90:BD:FA:4B:13:5E:9E:01:C4:20:2B:A7:62
            X509v3 Authority Key Identifier:
                keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38302e3138342e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:a8:64:1f:aa:ae:bf:ba:2c:b1:87:24:31:bc:53:8a:41:7a:
         e0:6b:1f:83:eb:c0:7b:66:df:aa:64:48:20:08:9e:6e:5d:10:
         46:18:76:e6:80:f5:6d:61:b0:be:15:2f:25:58:20:aa:51:c4:
         db:9d:4a:bc:fc:33:dd:ea:b8:f0:76:bf:ba:15:4b:2d:36:b7:
         18:91:86:89:60:b8:2a:dc:9a:aa:7f:49:3a:b7:a3:81:9c:6b:
         f2:29:6b:29:0f:d3:d2:3b:2b:17:41:c1:65:d7:03:92:80:99:
         7a:63:3e:18:41:19:a7:22:32:0c:55:7c:5a:24:c2:02:f3:fe:
         cb:3c:3b:1f:61:f0:89:1f:9d:0f:3d:34:17:ab:92:09:76:f5:
         aa:a3:eb:21:57:af:b2:ce:c3:71:b7:9b:e9:73:9a:96:df:0e:
         a2:20:55:12:55:65:e4:03:43:82:8f:04:2a:c6:dc:e7:9f:13:
         00:ae:85:ae:10:79:73:7c:e6:98:ed:c0:81:47:87:6c:76:cd:
         7f:f0:9c:00:8c:39:80:67:bd:f5:a5:50:21:bb:14:64:ae:08:
         c7:6d:18:88:50:e9:36:5a:67:38:18:af:cc:5a:e6:de:45:de:
         52:60:f4:12:ba:82:cd:ee:0f:6d:bb:f6:bb:3f:67:18:5a:12:
         e7:95:b0:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULLKE9IjR1an1DU0wXkc+PnVpF7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAzMDIyMTQ5MDBaFw0yNTAzMDEyMTU0MDBaMDMxMTAvBgNV
BAMTKDIyRTMyMTk4Nzg5Q0U1OTBCREZBNEIxMzVFOUUwMUM0MjAyQkE3NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmCrpWBIYChQrbJ1b0mQ79Cu4e
t6SjOFPnAXyEto0qdSeMEMgC2SVy/rMo02LT9zEarWqJvYXCt89zF+cCZA2pjROU
Oj5aIEuOBCdho87DV5XAdFNXUikCWxPS/nk3/2ko1v2+mj/pdMjvQNFvgvYbItmc
BYhUjiKpznWIGS/B6D65WNiDmw0X3Nygq4VupOaXZu4LDbV3X+9CqNJymMitTzpI
1vbObwfwYkW//NIN0IcfUA0iPPmwF6P4FRS8zUZr9lHYEGUTDJ4l+iL/mjXwR28Q
KSLebjkeH0bGJkwYtYP2msWmgi1IV+81GJ3kMoMqID+j0zOg6DlKNJXqKBQnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIuMhmHic5ZC9+ksTXp4BxCArp2IwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzMDJlMzEzODM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVC4MA0GCSqGSIb3DQEBCwUAA4IBAQAiqGQfqq6/uiyxhyQxvFOKQXrgax+D68B7
Zt+qZEggCJ5uXRBGGHbmgPVtYbC+FS8lWCCqUcTbnUq8/DPd6rjwdr+6FUstNrcY
kYaJYLgq3Jqqf0k6t6OBnGvyKWspD9PSOysXQcFl1wOSgJl6Yz4YQRmnIjIMVXxa
JMIC8/7LPDsfYfCJH50PPTQXq5IJdvWqo+shV6+yzsNxt5vpc5qW3w6iIFUSVWXk
A0OCjwQqxtznnxMAroWuEHlzfOaY7cCBR4dsds1/8JwAjDmAZ731pVAhuxRkrgjH
bRiIUOk2Wmc4GK/MWubeRd5SYPQSuoLN7g9tu/a7P2cYWhLnlbDT
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:11 2024 by rpki-client on console-fra.rpki-client.org