Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa
File:                     xYfXaQ2HU9NkTt0lghxlALce3h0.roa (raw, json)
Hash identifier:          E6rA7scumvTxg/jrCmNlmYmHq2R+WCnd3lXgLYrdsTs=
Subject key identifier:   C5:87:D7:69:0D:87:53:D3:64:4E:DD:25:82:1C:65:00:B7:1E:DE:1D
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018F71C019273CA4B3FCED5F8A19884FB13C
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa
Signing time:             Mon 13 May 2024 11:39:25 +0000
ROA not before:           Mon 13 May 2024 11:39:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202766
IP address blocks:        45.80.80.0/24 maxlen: 24
                          45.80.82.0/23 maxlen: 23
                          45.80.82.0/24 maxlen: 24
                          45.80.83.0/24 maxlen: 24
                          45.83.50.0/23 maxlen: 23
                          45.83.50.0/24 maxlen: 24
                          45.83.51.0/24 maxlen: 24
                          80.66.112.0/20 maxlen: 20
                          80.66.112.0/23 maxlen: 23
                          80.66.114.0/24 maxlen: 24
                          80.66.115.0/24 maxlen: 24
                          80.66.116.0/24 maxlen: 24
                          80.66.117.0/24 maxlen: 24
                          80.66.118.0/24 maxlen: 24
                          80.66.119.0/24 maxlen: 24
                          80.66.120.0/24 maxlen: 24
                          80.66.121.0/24 maxlen: 24
                          80.66.122.0/24 maxlen: 24
                          80.66.123.0/24 maxlen: 24
                          80.66.124.0/24 maxlen: 24
                          80.66.125.0/24 maxlen: 24
                          80.66.126.0/24 maxlen: 24
                          80.66.127.0/24 maxlen: 24
                          89.42.70.0/24 maxlen: 24
                          89.44.150.0/24 maxlen: 24
                          89.44.151.0/24 maxlen: 24
                          94.198.46.0/24 maxlen: 24
                          94.198.47.0/24 maxlen: 24
                          178.19.32.0/24 maxlen: 24
                          178.19.33.0/24 maxlen: 24
                          178.19.44.0/24 maxlen: 24
                          178.19.47.0/24 maxlen: 24
                          185.203.20.0/22 maxlen: 22
                          185.203.20.0/24 maxlen: 24
                          185.203.21.0/24 maxlen: 24
                          185.203.22.0/24 maxlen: 24
                          185.203.23.0/24 maxlen: 24
                          185.229.212.0/22 maxlen: 22
                          185.229.212.0/24 maxlen: 24
                          185.229.213.0/24 maxlen: 24
                          185.229.214.0/24 maxlen: 24
                          185.229.215.0/24 maxlen: 24
                          185.242.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 09:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:71:c0:19:27:3c:a4:b3:fc:ed:5f:8a:19:88:4f:b1:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: May 13 11:39:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c587d7690d8753d3644edd25821c6500b71ede1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c7:8d:8e:10:80:f5:0d:ca:c6:9b:aa:09:bf:
                    bd:71:b5:8d:37:a0:26:cb:b6:a3:69:aa:54:7c:a0:
                    d7:bb:e3:32:35:9d:e8:35:13:50:b1:0d:05:a7:55:
                    1f:d1:ce:d8:fd:03:ad:d1:26:47:82:aa:cf:e8:05:
                    ad:64:8e:63:2a:c9:6d:5b:68:c2:fe:eb:2a:91:db:
                    f2:f2:21:6e:f4:72:c6:a1:1d:f5:79:f1:de:6a:47:
                    87:06:44:96:f2:2d:77:5b:41:07:58:cc:62:38:0e:
                    1c:54:1c:a8:14:0c:5d:41:97:29:20:5a:97:3c:fd:
                    ce:48:54:f4:08:f8:38:d8:1d:07:92:48:3f:22:83:
                    38:65:85:76:a1:d4:c8:9f:29:e4:cf:00:98:e9:d6:
                    2a:75:a5:02:f5:26:2c:8d:ec:b6:9d:75:74:47:33:
                    50:45:9a:51:d7:c9:bf:0b:9f:23:dd:32:b4:20:4a:
                    38:3a:06:60:03:6e:84:ac:a8:9f:24:68:61:1f:fd:
                    df:00:37:bb:3b:a6:4b:2c:af:0f:90:0d:c9:07:3c:
                    38:33:0d:4a:1d:ff:35:47:67:ca:5c:67:06:4a:d6:
                    1c:c3:c0:f7:50:84:44:f4:29:a9:53:aa:72:70:32:
                    5a:dd:ab:b7:64:a3:5a:d6:ef:1e:42:0a:76:7c:ed:
                    d0:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:87:D7:69:0D:87:53:D3:64:4E:DD:25:82:1C:65:00:B7:1E:DE:1D
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.80.0/24
                  45.80.82.0/23
                  45.83.50.0/23
                  80.66.112.0/20
                  89.42.70.0/24
                  89.44.150.0/23
                  94.198.46.0/23
                  178.19.32.0/23
                  178.19.44.0/24
                  178.19.47.0/24
                  185.203.20.0/22
                  185.229.212.0/22
                  185.242.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:6c:fa:86:a9:36:48:8c:b8:93:d0:13:c0:d0:94:3b:d9:11:
         9d:f8:2a:9a:73:34:08:88:6d:65:e6:91:c3:db:66:08:4e:1c:
         22:58:ed:a6:8d:3d:19:47:92:37:73:13:8b:97:4b:30:2d:00:
         bd:bb:20:a3:58:88:a5:b3:9e:77:73:42:c7:19:b0:a1:18:05:
         89:39:16:76:dd:60:4d:3b:e5:0f:2e:15:89:0a:bc:2b:60:df:
         2e:cd:c8:99:bc:a3:64:39:42:07:73:38:48:54:57:2a:fa:51:
         40:df:06:0f:f6:a4:5b:02:80:6a:c8:63:8c:af:db:18:66:7a:
         01:2c:48:29:22:da:41:1e:0e:71:74:b8:98:63:1a:29:8e:84:
         4c:22:cf:27:3b:9b:37:29:cc:88:4d:32:d5:2d:71:bf:12:db:
         5e:52:f5:1c:9d:18:02:e7:83:b7:2f:da:a1:4a:e0:2d:37:f6:
         78:0c:02:0d:28:dc:84:cd:62:92:a1:fd:c6:e4:76:57:2f:b0:
         a4:14:d8:c8:0b:95:70:9b:e6:21:a6:af:c8:28:34:77:14:09:
         be:12:c2:77:da:d1:b1:03:dd:1e:ba:be:ba:31:e6:c2:66:95:
         c3:3c:34:bb:31:02:33:8b:74:bd:d1:83:68:49:ff:08:94:94:
         45:19:88:88
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY9xwBknPKSz/O1fihmIT7E8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNTEzMTEzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg3ZDc2OTBkODc1M2QzNjQ0ZWRkMjU4MjFjNjUwMGI3MWVkZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38eNjhCA9Q3KxpuqCb+9cbWNN6Am
y7ajaapUfKDXu+MyNZ3oNRNQsQ0Fp1Uf0c7Y/QOt0SZHgqrP6AWtZI5jKsltW2jC
/usqkdvy8iFu9HLGoR31efHeakeHBkSW8i13W0EHWMxiOA4cVByoFAxdQZcpIFqX
PP3OSFT0CPg42B0Hkkg/IoM4ZYV2odTInynkzwCY6dYqdaUC9SYsjey2nXV0RzNQ
RZpR18m/C58j3TK0IEo4OgZgA26ErKifJGhhH/3fADe7O6ZLLK8PkA3JBzw4Mw1K
Hf81R2fKXGcGStYcw8D3UIRE9CmpU6pycDJa3au3ZKNa1u8eQgp2fO3QJwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMWH12kNh1PTZE7dJYIcZQC3Ht4dMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveFlmWGFRMkhVOU5rVHQwbGdoeGxBTGNlM2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALVBQAwQB
LVBSAwQBLVMyAwQEUEJwAwQAWSpGAwQBWSyWAwQBXsYuAwQBshMgAwQAshMsAwQA
shMvAwQCucsUAwQCueXUAwQAufKvMA0GCSqGSIb3DQEBCwUAA4IBAQA/bPqGqTZI
jLiT0BPA0JQ72RGd+CqaczQIiG1l5pHD22YIThwiWO2mjT0ZR5I3cxOLl0swLQC9
uyCjWIils553c0LHGbChGAWJORZ23WBNO+UPLhWJCrwrYN8uzciZvKNkOUIHczhI
VFcq+lFA3wYP9qRbAoBqyGOMr9sYZnoBLEgpItpBHg5xdLiYYxopjoRMIs8nO5s3
KcyITTLVLXG/EtteUvUcnRgC54O3L9qhSuAtN/Z4DAINKNyEzWKSof3G5HZXL7Ck
FNjIC5Vwm+Yhpq/IKDR3FAm+EsJ32tGxA90eur66MebCZpXDPDS7MQIzi3S90YNo
Sf8IlJRFGYiI
-----END CERTIFICATE-----
Generated at Fri Jun 14 17:10:22 2024 by rpki-client on console-fra.rpki-client.org