Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/bSZ9HQmlmDl-2g06PNPWjdv1x28.roa
File:                     bSZ9HQmlmDl-2g06PNPWjdv1x28.roa (raw, json)
Hash identifier:          7MDP/F+MIUuob8iJHdT8kFHgTHSA+3AeBaz277LJ9dA=
Subject key identifier:   6D:26:7D:1D:09:A5:98:39:7E:DA:0D:3A:3C:D3:D6:8D:DB:F5:C7:6F
Certificate issuer:       /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial:       018ED15F30C30EEB5FCEFE21C6F4AB13157D
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/bSZ9HQmlmDl-2g06PNPWjdv1x28.roa
Signing time:             Fri 12 Apr 2024 08:14:20 +0000
ROA not before:           Fri 12 Apr 2024 08:14:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47583
IP address blocks:        77.37.32.0/24 maxlen: 24
                          77.37.34.0/23 maxlen: 24
                          77.37.36.0/23 maxlen: 24
                          77.37.38.0/23 maxlen: 24
                          77.37.40.0/21 maxlen: 24
                          77.37.48.0/21 maxlen: 24
                          77.37.56.0/21 maxlen: 24
                          77.37.66.0/23 maxlen: 24
                          77.37.68.0/23 maxlen: 24
                          77.37.70.0/23 maxlen: 24
                          77.37.72.0/23 maxlen: 24
                          77.37.74.0/23 maxlen: 24
                          77.37.76.0/24 maxlen: 24
                          77.37.78.0/23 maxlen: 24
                          77.37.80.0/23 maxlen: 24
                          77.37.82.0/23 maxlen: 24
                          77.37.85.0/24 maxlen: 24
                          77.37.86.0/23 maxlen: 24
                          77.37.88.0/21 maxlen: 24
                          77.37.114.0/23 maxlen: 24
                          77.37.120.0/23 maxlen: 24
                          77.37.122.0/23 maxlen: 24
                          77.37.124.0/23 maxlen: 24
                          77.37.126.0/23 maxlen: 24
                          91.108.96.0/21 maxlen: 24
                          91.108.104.0/21 maxlen: 24
                          91.108.112.0/21 maxlen: 24
                          91.108.120.0/21 maxlen: 24
                          93.127.162.0/23 maxlen: 24
                          93.127.165.0/24 maxlen: 24
                          93.127.166.0/23 maxlen: 24
                          93.127.168.0/23 maxlen: 24
                          93.127.172.0/23 maxlen: 24
                          93.127.174.0/24 maxlen: 24
                          93.127.178.0/23 maxlen: 24
                          93.127.185.0/24 maxlen: 24
                          93.127.186.0/23 maxlen: 24
                          93.127.188.0/23 maxlen: 24
                          93.127.190.0/23 maxlen: 24
                          93.127.192.0/23 maxlen: 24
                          93.127.194.0/23 maxlen: 24
                          93.127.196.0/23 maxlen: 24
                          93.127.198.0/23 maxlen: 24
                          93.127.200.0/23 maxlen: 24
                          93.127.202.0/23 maxlen: 24
                          93.127.204.0/23 maxlen: 24
                          93.127.206.0/24 maxlen: 24
                          93.127.207.0/24 maxlen: 24
                          93.127.208.0/24 maxlen: 24
                          93.127.209.0/24 maxlen: 24
                          93.127.210.0/24 maxlen: 24
                          93.127.211.0/24 maxlen: 24
                          93.127.212.0/24 maxlen: 24
                          93.127.213.0/24 maxlen: 24
                          93.127.214.0/24 maxlen: 24
                          93.127.215.0/24 maxlen: 24
                          93.127.216.0/24 maxlen: 24
                          93.127.217.0/24 maxlen: 24
                          93.127.218.0/24 maxlen: 24
                          93.127.219.0/24 maxlen: 24
                          93.127.220.0/24 maxlen: 24
                          93.127.221.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d1:5f:30:c3:0e:eb:5f:ce:fe:21:c6:f4:ab:13:15:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
        Validity
            Not Before: Apr 12 08:14:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d267d1d09a598397eda0d3a3cd3d68ddbf5c76f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:07:75:bf:1e:1b:97:cf:03:3b:15:90:68:18:
                    bc:d4:c9:c4:48:84:1f:9b:25:29:d2:41:73:ee:28:
                    84:c1:01:6e:e2:5a:5c:81:e2:01:23:e8:f9:7b:9b:
                    7b:56:8a:2f:e8:4d:3c:c8:40:99:37:39:0e:2b:0c:
                    e2:97:e1:69:9f:91:9d:a2:cd:61:d2:05:cd:4f:69:
                    ab:3f:3f:40:c9:93:a3:e5:7d:72:34:aa:af:d3:2c:
                    63:eb:18:28:b6:90:47:8b:d7:d3:b7:56:cf:45:0c:
                    ff:7f:04:28:a9:db:0c:66:86:2b:b6:c0:b5:84:fa:
                    36:e5:4e:02:a9:38:a5:c4:6a:34:f4:3a:9e:5d:f0:
                    a8:24:f8:f8:07:ac:fd:0c:b5:52:fa:bd:c4:d2:49:
                    45:f7:9b:bc:85:67:2f:69:0a:18:fb:17:c8:92:55:
                    38:9d:c9:29:40:c5:a3:12:bc:4e:7f:39:49:c2:77:
                    f0:2a:45:dd:04:e0:a1:8a:4d:20:21:cd:96:5d:42:
                    a0:f5:55:47:eb:2d:d1:e2:eb:dc:11:c1:5b:78:ea:
                    f4:3e:76:8a:ea:2b:6b:65:3f:58:a6:98:63:61:ac:
                    6a:3f:d1:b1:e9:2a:13:7b:8b:eb:6c:47:17:d1:48:
                    24:58:cf:cd:f5:04:2c:b7:e7:67:55:aa:df:fa:4d:
                    e0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:26:7D:1D:09:A5:98:39:7E:DA:0D:3A:3C:D3:D6:8D:DB:F5:C7:6F
            X509v3 Authority Key Identifier:
                keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/bSZ9HQmlmDl-2g06PNPWjdv1x28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.37.32.0/24
                  77.37.34.0-77.37.63.255
                  77.37.66.0-77.37.76.255
                  77.37.78.0-77.37.83.255
                  77.37.85.0-77.37.95.255
                  77.37.114.0/23
                  77.37.120.0/21
                  91.108.96.0/19
                  93.127.162.0/23
                  93.127.165.0-93.127.169.255
                  93.127.172.0-93.127.174.255
                  93.127.178.0/23
                  93.127.185.0-93.127.221.255

    Signature Algorithm: sha256WithRSAEncryption
         37:02:75:73:50:e2:f9:e6:7b:a9:21:ab:b5:89:09:0a:87:04:
         aa:ce:95:48:78:ee:29:08:71:6a:ad:1c:bf:7f:02:ed:19:fe:
         e6:d8:89:83:2b:5a:97:82:d9:ae:e4:ba:63:81:63:ff:01:2b:
         aa:4a:ba:21:25:d6:33:7d:58:0c:53:43:d1:95:7f:26:f9:4a:
         82:2f:c6:c9:b5:38:fe:4a:68:74:e4:77:84:13:af:a3:55:e1:
         59:37:9a:98:20:b9:5b:1e:46:79:70:bd:14:64:8d:b3:3b:32:
         92:2d:10:7c:a1:21:14:9c:a0:bc:b0:7b:c0:36:b9:33:a2:0e:
         61:e9:0f:93:de:6e:67:8d:3f:7f:ce:16:f8:19:82:99:91:19:
         b8:60:2e:fa:98:ee:09:31:3d:22:69:44:71:34:57:23:fb:0e:
         8c:e6:ce:9b:b8:9a:83:b8:68:7f:dc:37:e9:e9:a1:e4:1e:b9:
         af:7d:8f:05:9c:a2:03:50:0a:bb:7d:bd:50:0e:55:0d:23:6f:
         1e:d8:38:ab:79:1d:e1:81:7e:dd:cc:b9:e4:78:f2:6b:38:4d:
         8a:a3:01:2b:0b:70:0c:3d:af:9d:9c:cd:5d:e2:f0:05:1a:f1:
         86:fa:dc:f5:1d:9f:d5:82:ae:d8:9c:35:dc:11:2b:2f:6e:86:
         6f:c6:82:5c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAY7RXzDDDutfzv4hxvSrExV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwNDEyMDgxNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDI2N2QxZDA5YTU5ODM5N2VkYTBkM2EzY2QzZDY4ZGRiZjVjNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgd1vx4bl88DOxWQaBi81MnESIQf
myUp0kFz7iiEwQFu4lpcgeIBI+j5e5t7Voov6E08yECZNzkOKwzil+Fpn5Gdos1h
0gXNT2mrPz9AyZOj5X1yNKqv0yxj6xgotpBHi9fTt1bPRQz/fwQoqdsMZoYrtsC1
hPo25U4CqTilxGo09DqeXfCoJPj4B6z9DLVS+r3E0klF95u8hWcvaQoY+xfIklU4
nckpQMWjErxOfzlJwnfwKkXdBOChik0gIc2WXUKg9VVH6y3R4uvcEcFbeOr0PnaK
6itrZT9YpphjYaxqP9Gx6SoTe4vrbEcX0UgkWM/N9QQst+dnVarf+k3gjwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFG0mfR0JpZg5ftoNOjzT1o3b9cdvMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvYlNaOUhRbWxtRGwtMmcwNlBOUFdqZHYxeDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABN
JSAwDAMEAU0lIgMEBk0lADAMAwQBTSVCAwQATSVMMAwDBAFNJU4DBAJNJVAwDAME
AE0lVQMEBU0lQAMEAU0lcgMEA00leAMEBVtsYAMEAV1/ojAMAwQAXX+lAwQBXX+o
MAwDBAJdf6wDBABdf64DBAFdf7IwDAMEAF1/uQMEAV1/3DANBgkqhkiG9w0BAQsF
AAOCAQEANwJ1c1Di+eZ7qSGrtYkJCocEqs6VSHjuKQhxaq0cv38C7Rn+5tiJgyta
l4LZruS6Y4Fj/wErqkq6ISXWM31YDFND0ZV/JvlKgi/GybU4/kpodOR3hBOvo1Xh
WTeamCC5Wx5GeXC9FGSNszsyki0QfKEhFJygvLB7wDa5M6IOYekPk95uZ40/f84W
+BmCmZEZuGAu+pjuCTE9ImlEcTRXI/sOjObOm7iag7hof9w36emh5B65r32PBZyi
A1AKu329UA5VDSNvHtg4q3kd4YF+3cy55HjyazhNiqMBKwtwDD2vnZzNXeLwBRrx
hvrc9R2f1YKu2Jw13BErL26Gb8aCXA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:49:25 2024 by rpki-client on console-fra.rpki-client.org