Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa
File:                     Xd2lcSJV29wC4M-NHCroizgpTVU.roa (raw, json)
Hash identifier:          wr7x0kWiZuqprClN9DGvYSn0dkayfba+VXhMfkuW/DM=
Subject key identifier:   5D:DD:A5:71:22:55:DB:DC:02:E0:CF:8D:1C:2A:E8:8B:38:29:4D:55
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0191BD9829B553C8C8E777240718EC38FB90
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa
Signing time:             Wed 04 Sep 2024 15:12:31 +0000
ROA not before:           Wed 04 Sep 2024 15:12:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44477
IP address blocks:        62.76.226.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          193.124.2.0/24 maxlen: 24
                          193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          193.124.49.0/24 maxlen: 24
                          193.124.91.0/24 maxlen: 24
                          193.124.94.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.226.0/24 maxlen: 24
                          193.124.227.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.43.0/24 maxlen: 24
                          194.58.46.0/24 maxlen: 24
                          194.58.58.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          194.58.60.0/24 maxlen: 24
                          194.58.67.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          194.87.6.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.23.0/24 maxlen: 24
                          194.87.34.0/24 maxlen: 24
                          194.87.36.0/24 maxlen: 24
                          194.87.42.0/24 maxlen: 24
                          194.87.53.0/24 maxlen: 24
                          194.87.63.0/24 maxlen: 24
                          194.87.78.0/24 maxlen: 24
                          194.87.105.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.117.0/24 maxlen: 24
                          194.87.120.0/24 maxlen: 24
                          194.87.121.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.177.0/24 maxlen: 24
                          194.87.180.0/24 maxlen: 24
                          194.87.181.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          194.87.205.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.135.24.0/24 maxlen: 24
                          194.135.46.0/24 maxlen: 24
                          195.58.55.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          195.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.19.0/24 maxlen: 24
                          195.133.22.0/24 maxlen: 24
                          195.133.58.0/24 maxlen: 24
                          195.133.59.0/24 maxlen: 24
                          195.133.80.0/24 maxlen: 24
                          195.133.82.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.192.0.0/24 maxlen: 24
                          212.192.7.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          212.192.30.0/24 maxlen: 24
                          212.192.210.0/24 maxlen: 24
                          212.192.211.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          212.192.247.0/24 maxlen: 24
                          212.193.10.0/24 maxlen: 24
                          212.193.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:bd:98:29:b5:53:c8:c8:e7:77:24:07:18:ec:38:fb:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep  4 15:12:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ddda5712255dbdc02e0cf8d1c2ae88b38294d55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:49:64:24:d5:fa:3a:fa:60:55:84:92:cc:15:
                    ba:ed:d2:9f:f4:db:dd:88:0d:e3:b9:99:c1:8e:3f:
                    4e:94:c1:60:e7:e7:ba:1d:15:93:17:36:a6:f8:13:
                    7c:d2:c7:0e:d5:0f:10:19:82:f7:51:68:d5:e2:23:
                    06:0b:b0:8c:75:e8:7a:62:64:54:ff:f9:f2:c8:3b:
                    6a:f7:2e:7e:0a:1a:42:5d:16:4b:e5:fd:89:4c:88:
                    34:c4:31:d6:a8:27:77:3d:dc:37:11:b7:e9:02:4c:
                    a2:d5:5a:02:9c:12:80:31:a5:05:cc:78:b6:a7:d3:
                    bb:7c:c1:4e:f8:2e:d7:95:cd:bf:90:f2:08:3e:68:
                    1f:aa:92:17:41:75:55:40:ee:96:45:e4:ec:c5:d7:
                    46:4d:36:4c:20:e4:0b:f2:71:24:91:19:55:9d:e8:
                    47:29:e6:ff:f8:85:0f:7c:e5:d9:12:6d:2c:62:0b:
                    6c:15:f6:08:7b:68:f9:6c:93:51:a7:00:77:31:37:
                    9e:4e:af:9e:ef:6f:a0:07:8b:51:13:74:ef:40:ba:
                    bb:ac:11:44:a5:f5:24:1c:db:e2:4c:8a:6d:36:6e:
                    61:4d:13:6c:e6:89:57:22:16:02:d0:b5:c0:f9:c6:
                    6d:7d:1a:6c:40:5b:01:4a:fa:78:94:6d:aa:0d:a6:
                    f7:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:DD:A5:71:22:55:DB:DC:02:E0:CF:8D:1C:2A:E8:8B:38:29:4D:55
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Xd2lcSJV29wC4M-NHCroizgpTVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.226.0/24
                  62.76.231.0/24
                  62.76.235.0/24
                  193.124.2.0/23
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.18.0/24
                  193.124.49.0/24
                  193.124.91.0/24
                  193.124.94.0/24
                  193.124.201.0/24
                  193.124.226.0/23
                  194.58.38.0/24
                  194.58.43.0/24
                  194.58.46.0/24
                  194.58.58.0-194.58.60.255
                  194.58.67.0/24
                  194.87.3.0/24
                  194.87.6.0/23
                  194.87.16.0/24
                  194.87.23.0/24
                  194.87.34.0/24
                  194.87.36.0/24
                  194.87.42.0/24
                  194.87.53.0/24
                  194.87.63.0/24
                  194.87.78.0/24
                  194.87.105.0/24
                  194.87.116.0/23
                  194.87.120.0/23
                  194.87.160.0/24
                  194.87.163.0/24
                  194.87.165.0-194.87.166.255
                  194.87.176.0/23
                  194.87.180.0-194.87.182.255
                  194.87.205.0/24
                  194.87.240.0/24
                  194.135.23.0-194.135.24.255
                  194.135.46.0/24
                  195.58.55.0-195.58.56.255
                  195.58.59.0/24
                  195.58.62.0/24
                  195.133.12.0/24
                  195.133.19.0/24
                  195.133.22.0/24
                  195.133.58.0/23
                  195.133.80.0/24
                  195.133.82.0/24
                  195.133.195.0/24
                  212.192.0.0/24
                  212.192.7.0/24
                  212.192.10.0/24
                  212.192.30.0/24
                  212.192.210.0/23
                  212.192.241.0/24
                  212.192.247.0/24
                  212.193.10.0/24
                  212.193.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:e6:a5:7e:26:bb:e2:3b:3f:47:2f:b0:47:0c:67:14:48:3d:
         18:38:fa:61:1a:0f:c5:49:d9:a0:18:72:c0:10:54:73:b7:0a:
         fe:0c:e3:f5:e9:43:b2:d7:9b:5d:52:04:8d:d6:2e:47:dd:c5:
         80:99:55:65:73:76:88:7b:75:f5:3e:d8:6b:02:4f:95:da:3e:
         e0:7f:de:13:ff:aa:6c:6c:e5:6f:4c:2e:66:78:bc:e6:32:ea:
         ab:40:50:a0:49:0b:1a:c5:fb:e1:0f:8e:39:ef:fb:2a:3f:22:
         2b:d8:9d:24:fd:4c:51:4e:68:17:22:c1:df:37:f8:52:38:37:
         44:ce:ef:37:9a:f3:ab:a5:25:4a:66:bc:87:81:e1:33:87:45:
         e1:28:df:05:cf:b2:0e:18:16:a8:e4:16:30:85:92:90:a6:ed:
         36:3e:9a:9b:0e:b9:c7:18:00:52:27:2e:7b:cb:0a:0f:30:cd:
         c6:a8:e3:fa:c7:4d:c7:62:1e:2a:3a:ab:b6:af:49:45:33:d5:
         18:63:99:df:9b:2b:ce:ef:a9:15:89:a9:26:40:de:8b:9a:28:
         e2:0b:c9:a2:21:11:72:c5:dd:99:c5:54:07:1a:b0:66:1a:ff:
         ea:8c:7e:c3:b2:c2:f1:f0:b0:ec:af:d1:02:b9:3e:b3:78:d8:
         4a:1a:7e:ec
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgISAZG9mCm1U8jI53ckBxjsOPuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwOTA0MTUxMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRkYTU3MTIyNTVkYmRjMDJlMGNmOGQxYzJhZTg4YjM4Mjk0ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0lkJNX6OvpgVYSSzBW67dKf9Nvd
iA3juZnBjj9OlMFg5+e6HRWTFzam+BN80scO1Q8QGYL3UWjV4iMGC7CMdeh6YmRU
//nyyDtq9y5+ChpCXRZL5f2JTIg0xDHWqCd3Pdw3EbfpAkyi1VoCnBKAMaUFzHi2
p9O7fMFO+C7Xlc2/kPIIPmgfqpIXQXVVQO6WReTsxddGTTZMIOQL8nEkkRlVnehH
Keb/+IUPfOXZEm0sYgtsFfYIe2j5bJNRpwB3MTeeTq+e72+gB4tRE3TvQLq7rBFE
pfUkHNviTIptNm5hTRNs5olXIhYC0LXA+cZtfRpsQFsBSvp4lG2qDab37QIDAQAB
o4IDkTCCA40wHQYDVR0OBBYEFF3dpXEiVdvcAuDPjRwq6Is4KU1VMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWGQybGNTSlYyOXdDNE0tTkhDcm9pemdwVFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpQYIKwYBBQUHAQcBAf8EggGUMIIBkDCCAYwEAgABMIIB
hAMEAD5M4gMEAD5M5wMEAD5M6wMEAcF8AgMEAMF8BgMEAMF8CAMEAMF8EgMEAMF8
MQMEAMF8WwMEAMF8XgMEAMF8yQMEAcF84gMEAMI6JgMEAMI6KwMEAMI6LjAMAwQB
wjo6AwQAwjo8AwQAwjpDAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcXAwQAwlciAwQA
wlckAwQAwlcqAwQAwlc1AwQAwlc/AwQAwldOAwQAwldpAwQBwld0AwQBwld4AwQA
wlegAwQAwlejMAwDBADCV6UDBADCV6YDBAHCV7AwDAMEAsJXtAMEAMJXtgMEAMJX
zQMEAMJX8DAMAwQAwocXAwQAwocYAwQAwocuMAwDBADDOjcDBADDOjgDBADDOjsD
BADDOj4DBADDhQwDBADDhRMDBADDhRYDBAHDhToDBADDhVADBADDhVIDBADDhcMD
BADUwAADBADUwAcDBADUwAoDBADUwB4DBAHUwNIDBADUwPEDBADUwPcDBADUwQoD
BADUwQ8wDQYJKoZIhvcNAQELBQADggEBAJTmpX4mu+I7P0cvsEcMZxRIPRg4+mEa
D8VJ2aAYcsAQVHO3Cv4M4/XpQ7LXm11SBI3WLkfdxYCZVWVzdoh7dfU+2GsCT5Xa
PuB/3hP/qmxs5W9MLmZ4vOYy6qtAUKBJCxrF++EPjjnv+yo/IivYnST9TFFOaBci
wd83+FI4N0TO7zea86ulJUpmvIeB4TOHReEo3wXPsg4YFqjkFjCFkpCm7TY+mpsO
uccYAFInLnvLCg8wzcao4/rHTcdiHio6q7avSUUz1Rhjmd+bK87vqRWJqSZA3oua
KOILyaIhEXLF3ZnFVAcasGYa/+qMfsOywvHwsOyv0QK5PrN42Eoafuw=
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:21:47 2024 by rpki-client on console-ams.rpki-client.org