Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
File:                     AS5511.roa (raw, json)
Hash identifier:          NLZ0Piv7xphmTDkxFcSxOCGzs8u2RvuzPL7tXzhWOfA=
Subject key identifier:   42:74:1B:1F:C6:17:62:75:9F:B7:7B:83:79:7D:11:FC:0C:78:05:B0
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       1172585D8B288AC2BF1C147CCE887E121C3A928C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa
Signing time:             Fri 25 Jul 2025 10:53:36 +0000
ROA not before:           Fri 25 Jul 2025 10:48:36 +0000
ROA not after:            Fri 24 Jul 2026 10:53:36 +0000
asID:                     5511
IP address blocks:        82.21.94.0/24 maxlen: 24
                          82.21.150.0/24 maxlen: 24
                          82.21.169.0/24 maxlen: 24
                          82.22.86.0/24 maxlen: 24
                          82.22.96.0/24 maxlen: 24
                          82.22.111.0/24 maxlen: 24
                          82.22.114.0/24 maxlen: 24
                          82.22.120.0/24 maxlen: 24
                          82.22.121.0/24 maxlen: 24
                          82.22.122.0/24 maxlen: 24
                          82.22.123.0/24 maxlen: 24
                          82.22.141.0/24 maxlen: 24
                          82.22.144.0/24 maxlen: 24
                          82.22.171.0/24 maxlen: 24
                          82.22.175.0/24 maxlen: 24
                          82.22.197.0/24 maxlen: 24
                          82.23.3.0/24 maxlen: 24
                          82.23.4.0/24 maxlen: 24
                          82.23.5.0/24 maxlen: 24
                          82.23.6.0/24 maxlen: 24
                          82.23.15.0/24 maxlen: 24
                          82.23.44.0/24 maxlen: 24
                          82.23.45.0/24 maxlen: 24
                          82.23.46.0/24 maxlen: 24
                          82.23.47.0/24 maxlen: 24
                          82.23.48.0/24 maxlen: 24
                          82.23.50.0/24 maxlen: 24
                          82.23.51.0/24 maxlen: 24
                          82.23.52.0/24 maxlen: 24
                          82.23.53.0/24 maxlen: 24
                          82.23.55.0/24 maxlen: 24
                          82.23.56.0/24 maxlen: 24
                          82.23.57.0/24 maxlen: 24
                          82.23.58.0/24 maxlen: 24
                          82.23.61.0/24 maxlen: 24
                          82.23.62.0/24 maxlen: 24
                          82.23.63.0/24 maxlen: 24
                          82.23.64.0/24 maxlen: 24
                          82.23.69.0/24 maxlen: 24
                          82.23.74.0/24 maxlen: 24
                          82.23.79.0/24 maxlen: 24
                          82.23.123.0/24 maxlen: 24
                          82.23.134.0/24 maxlen: 24
                          82.24.8.0/24 maxlen: 24
                          82.24.17.0/24 maxlen: 24
                          82.24.25.0/24 maxlen: 24
                          82.24.26.0/24 maxlen: 24
                          82.24.63.0/24 maxlen: 24
                          82.24.90.0/24 maxlen: 24
                          82.24.105.0/24 maxlen: 24
                          82.24.175.0/24 maxlen: 24
                          82.24.246.0/24 maxlen: 24
                          82.25.134.0/24 maxlen: 24
                          82.25.246.0/24 maxlen: 24
                          82.26.83.0/24 maxlen: 24
                          82.26.204.0/24 maxlen: 24
                          82.27.20.0/24 maxlen: 24
                          82.27.101.0/24 maxlen: 24
                          82.27.103.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 15:55:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:72:58:5d:8b:28:8a:c2:bf:1c:14:7c:ce:88:7e:12:1c:3a:92:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 25 10:48:36 2025 GMT
            Not After : Jul 24 10:53:36 2026 GMT
        Subject: CN=42741B1FC61762759FB77B83797D11FC0C7805B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:16:56:38:1f:bb:8d:54:e5:3a:b9:60:86:e7:
                    d6:b9:cc:06:2d:51:19:c8:58:d0:07:5e:13:2d:66:
                    20:87:c5:f9:a3:e6:f9:0f:37:32:fd:9a:96:da:7f:
                    de:75:18:dd:24:29:29:2c:9c:0e:30:df:26:e7:4d:
                    34:aa:e4:76:aa:95:f4:b7:7c:c5:8d:de:24:d1:25:
                    29:8b:e0:6b:72:41:c3:0e:85:d2:d8:1b:4a:f3:7c:
                    c0:84:3a:77:4b:8b:c7:94:73:7c:74:09:b5:30:24:
                    08:83:d2:76:e1:e8:b7:61:66:21:e4:3c:ab:d8:b3:
                    7a:eb:f6:53:be:d1:8c:d3:62:98:c9:c7:2c:4d:c4:
                    ad:ea:dd:c2:1b:10:b0:a3:32:c2:cf:bc:b6:40:49:
                    65:bd:f2:c9:d7:79:27:81:be:8d:30:f7:36:a2:9a:
                    d1:b0:7c:7a:0c:90:3b:a2:d1:cb:da:a3:6f:a0:cf:
                    8e:a6:14:7b:ed:bf:5f:2f:54:9c:ae:5f:d9:17:27:
                    70:32:4f:c2:ba:37:37:4b:45:d4:cb:fb:de:f4:a7:
                    57:99:e9:fb:8f:32:d9:5f:5a:b2:a4:bc:44:eb:29:
                    57:19:c1:0b:3a:f3:8a:8d:91:6a:21:0b:f6:66:ac:
                    16:9a:bf:b6:38:77:a1:b6:5d:f4:0a:67:63:63:a3:
                    8f:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:74:1B:1F:C6:17:62:75:9F:B7:7B:83:79:7D:11:FC:0C:78:05:B0
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5511.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.94.0/24
                  82.21.150.0/24
                  82.21.169.0/24
                  82.22.86.0/24
                  82.22.96.0/24
                  82.22.111.0/24
                  82.22.114.0/24
                  82.22.120.0/22
                  82.22.141.0/24
                  82.22.144.0/24
                  82.22.171.0/24
                  82.22.175.0/24
                  82.22.197.0/24
                  82.23.3.0-82.23.6.255
                  82.23.15.0/24
                  82.23.44.0-82.23.48.255
                  82.23.50.0-82.23.53.255
                  82.23.55.0-82.23.58.255
                  82.23.61.0-82.23.64.255
                  82.23.69.0/24
                  82.23.74.0/24
                  82.23.79.0/24
                  82.23.123.0/24
                  82.23.134.0/24
                  82.24.8.0/24
                  82.24.17.0/24
                  82.24.25.0-82.24.26.255
                  82.24.63.0/24
                  82.24.90.0/24
                  82.24.105.0/24
                  82.24.175.0/24
                  82.24.246.0/24
                  82.25.134.0/24
                  82.25.246.0/24
                  82.26.83.0/24
                  82.26.204.0/24
                  82.27.20.0/24
                  82.27.101.0/24
                  82.27.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:d4:41:d9:09:22:51:3b:27:9f:9f:a8:df:c6:eb:2c:b7:43:
         8c:47:c9:9d:a3:ab:8a:7c:f8:19:ae:07:bb:d7:32:d5:3b:a3:
         55:57:89:7e:9c:d5:17:cb:1c:8e:45:51:ff:bd:62:30:cb:27:
         18:0f:aa:71:d2:57:f0:f2:4a:5d:3a:2f:81:9b:f5:4c:93:de:
         d5:d2:e7:4c:4d:3d:56:ff:12:f5:48:30:e4:46:cc:9a:5c:7e:
         c8:85:c9:4d:37:fb:87:6c:71:bd:58:7b:3f:45:43:f9:85:87:
         a1:8f:70:e6:51:68:cf:86:af:a4:00:bd:3e:d4:1f:4b:ca:f0:
         c7:6e:af:02:f6:d4:50:86:a7:c6:d1:d2:4d:60:d0:02:ce:9b:
         d6:e7:fc:09:aa:d1:a8:e2:7e:e9:17:3e:c0:19:66:29:37:ba:
         81:19:d2:2a:a5:82:92:36:16:96:fb:1a:7b:01:60:30:54:a1:
         f6:33:60:0b:75:6c:ad:4d:91:98:9d:08:e8:ea:54:c9:da:87:
         09:4b:eb:ef:86:d8:53:60:0b:2f:d0:4a:5f:dd:ad:98:a8:0f:
         24:a1:f5:d0:5b:b2:4a:24:08:ca:8d:bd:5f:e9:46:71:d2:dc:
         0b:04:4d:e4:7d:95:a4:fb:ac:4e:b1:b1:cf:7a:ec:62:2b:fc:
         ba:c3:1e:6e
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgIUEXJYXYsoisK/HBR8zoh+Ehw6kowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjUxMDQ4MzZaFw0yNjA3MjQxMDUzMzZaMDMxMTAvBgNV
BAMTKDQyNzQxQjFGQzYxNzYyNzU5RkI3N0I4Mzc5N0QxMUZDMEM3ODA1QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAFlY4H7uNVOU6uWCG59a5zAYt
URnIWNAHXhMtZiCHxfmj5vkPNzL9mpbaf951GN0kKSksnA4w3ybnTTSq5HaqlfS3
fMWN3iTRJSmL4GtyQcMOhdLYG0rzfMCEOndLi8eUc3x0CbUwJAiD0nbh6LdhZiHk
PKvYs3rr9lO+0YzTYpjJxyxNxK3q3cIbELCjMsLPvLZASWW98snXeSeBvo0w9zai
mtGwfHoMkDui0cvao2+gz46mFHvtv18vVJyuX9kXJ3AyT8K6NzdLRdTL+970p1eZ
6fuPMtlfWrKkvETrKVcZwQs684qNkWohC/ZmrBaav7Y4d6G2XfQKZ2Njo487AgMB
AAGjggMmMIIDIjAdBgNVHQ4EFgQUQnQbH8YXYnWft3uDeX0R/Ax4BbAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTUxMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATsGCCsGAQUFBwEHAQH/BIIBKjCCASYwggEiBAIAATCC
ARoDBABSFV4DBABSFZYDBABSFakDBABSFlYDBABSFmADBABSFm8DBABSFnIDBAJS
FngDBABSFo0DBABSFpADBABSFqsDBABSFq8DBABSFsUwDAMEAFIXAwMEAFIXBgME
AFIXDzAMAwQCUhcsAwQAUhcwMAwDBAFSFzIDBAFSFzQwDAMEAFIXNwMEAFIXOjAM
AwQAUhc9AwQAUhdAAwQAUhdFAwQAUhdKAwQAUhdPAwQAUhd7AwQAUheGAwQAUhgI
AwQAUhgRMAwDBABSGBkDBABSGBoDBABSGD8DBABSGFoDBABSGGkDBABSGK8DBABS
GPYDBABSGYYDBABSGfYDBABSGlMDBABSGswDBABSGxQDBABSG2UDBABSG2cwDQYJ
KoZIhvcNAQELBQADggEBADPUQdkJIlE7J5+fqN/G6yy3Q4xHyZ2jq4p8+BmuB7vX
MtU7o1VXiX6c1RfLHI5FUf+9YjDLJxgPqnHSV/DySl06L4Gb9UyT3tXS50xNPVb/
EvVIMORGzJpcfsiFyU03+4dscb1Yez9FQ/mFh6GPcOZRaM+Gr6QAvT7UH0vK8Mdu
rwL21FCGp8bR0k1g0ALOm9bn/Amq0ajifukXPsAZZik3uoEZ0iqlgpI2Fpb7GnsB
YDBUofYzYAt1bK1NkZidCOjqVMnahwlL6++G2FNgCy/QSl/drZioDySh9dBbskok
CMqNvV/pRnHS3AsETeR9laT7rE6xsc967GIr/LrDHm4=
-----END CERTIFICATE-----
Generated at Sat Jul 26 02:02:11 2025 by rpki-client