Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/iefsxh6larGbcXxGerpenf2Oquo.roa
File:                     iefsxh6larGbcXxGerpenf2Oquo.roa (raw, json)
Hash identifier:          YjWdncKxD23hitt7fFilG3DU99akKPuae7OdUDzG6yA=
Subject key identifier:   89:E7:EC:C6:1E:A5:6A:B1:9B:71:7C:46:7A:BA:5E:9D:FD:8E:AA:EA
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018F09B8FB3611CE8218EE6A95D6F4EF1098
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/iefsxh6larGbcXxGerpenf2Oquo.roa
Signing time:             Tue 23 Apr 2024 06:51:08 +0000
ROA not before:           Tue 23 Apr 2024 06:51:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34665
IP address blocks:        5.8.8.0/22 maxlen: 22
                          5.8.8.0/23 maxlen: 23
                          5.8.8.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.10.0/24 maxlen: 24
                          5.8.11.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.8.16.0/24 maxlen: 24
                          5.8.19.0/24 maxlen: 24
                          5.8.48.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.48.0/24 maxlen: 24
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/23 maxlen: 23
                          5.8.50.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.8.52.0/22 maxlen: 22
                          5.8.52.0/23 maxlen: 23
                          5.8.52.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.54.0/23 maxlen: 23
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.65.0/24 maxlen: 24
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.4.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.101.6.0/24 maxlen: 24
                          5.101.7.0/24 maxlen: 24
                          5.101.32.0/22 maxlen: 24
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.101.64.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.80.0/21 maxlen: 21
                          5.101.90.0/23 maxlen: 23
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.46.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.49.0/24 maxlen: 24
                          5.188.62.0/24 maxlen: 24
                          5.188.166.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          5.188.210.0/24 maxlen: 24
                          5.188.211.0/24 maxlen: 24
                          5.188.222.0/24 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.233.0/24 maxlen: 24
                          5.188.234.0/23 maxlen: 23
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          31.184.192.0/22 maxlen: 22
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/24 maxlen: 24
                          31.184.193.0/24 maxlen: 24
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.196.0/24 maxlen: 24
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.198.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.231.0/24 maxlen: 24
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          37.9.48.0/24 maxlen: 24
                          37.139.48.0/23 maxlen: 23
                          37.139.53.0/24 maxlen: 24
                          37.139.54.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.58.0/24 maxlen: 24
                          37.139.59.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 23
                          46.161.8.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.12.0/23 maxlen: 23
                          46.161.14.0/23 maxlen: 23
                          46.161.20.0/22 maxlen: 22
                          46.161.24.0/23 maxlen: 23
                          46.161.32.0/22 maxlen: 22
                          46.161.42.0/24 maxlen: 24
                          46.161.43.0/24 maxlen: 24
                          46.161.44.0/22 maxlen: 22
                          46.161.48.0/22 maxlen: 22
                          46.161.48.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/23 maxlen: 23
                          46.161.50.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          91.243.48.0/22 maxlen: 22
                          91.243.48.0/23 maxlen: 23
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.50.0/23 maxlen: 23
                          91.243.50.0/24 maxlen: 24
                          91.243.51.0/24 maxlen: 24
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.62.0/23 maxlen: 23
                          91.243.90.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.93.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.0.0/23 maxlen: 23
                          95.215.0.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.2.0/24 maxlen: 24
                          95.215.3.0/24 maxlen: 24
                          146.185.212.0/24 maxlen: 24
                          146.185.213.0/24 maxlen: 24
                          146.185.223.0/24 maxlen: 24
                          146.185.224.0/21 maxlen: 21
                          146.185.233.0/24 maxlen: 24
                          146.185.244.0/23 maxlen: 23
                          188.143.232.0/22 maxlen: 22
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          195.2.240.0/23 maxlen: 24
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 13 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:09:b8:fb:36:11:ce:82:18:ee:6a:95:d6:f4:ef:10:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Apr 23 06:51:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=89e7ecc61ea56ab19b717c467aba5e9dfd8eaaea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fc:3b:57:4a:0a:ed:41:8b:c7:fe:d6:3a:83:
                    6d:98:f6:6d:d4:51:f4:a8:07:0d:9c:f5:59:e1:b5:
                    35:71:cc:35:51:8e:20:91:ba:07:92:7e:82:e6:d9:
                    a7:9b:ae:d1:18:2f:67:dc:8b:a5:86:01:7c:81:4e:
                    ac:82:56:18:3c:f0:9e:d9:94:88:df:a8:d4:c1:7f:
                    32:d9:0d:44:69:f2:ae:c5:e3:32:af:83:35:46:70:
                    eb:01:87:c6:79:a4:1f:07:39:8d:6d:bc:b0:61:8d:
                    ed:65:c1:a1:a6:80:c0:fc:9e:e8:ee:17:0c:5d:a8:
                    c4:da:b5:0a:12:d0:59:21:51:d7:36:e6:57:38:9f:
                    fa:e7:77:dc:63:6d:e2:4e:07:27:04:d4:75:59:10:
                    92:8f:72:31:35:47:ef:92:02:c6:73:04:ff:41:6f:
                    ed:9b:84:f3:4f:e3:7e:cf:e9:a0:26:2e:24:86:03:
                    08:fc:30:c5:ea:30:20:2a:17:57:25:67:51:58:ce:
                    0f:7a:bd:99:97:35:2a:26:0a:d0:b4:93:39:79:79:
                    2f:e0:96:2a:69:80:7a:38:2d:dc:ed:47:a1:01:ab:
                    e6:31:59:04:aa:b0:62:4a:ab:5b:44:c2:88:10:c5:
                    9f:ba:b4:55:b4:c2:88:ac:f6:e6:aa:bb:4a:49:45:
                    3a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:E7:EC:C6:1E:A5:6A:B1:9B:71:7C:46:7A:BA:5E:9D:FD:8E:AA:EA
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/iefsxh6larGbcXxGerpenf2Oquo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0-5.8.16.255
                  5.8.19.0/24
                  5.8.48.0/21
                  5.8.60.0/23
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/22
                  5.101.64.0/22
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.44.0/22
                  5.188.49.0/24
                  5.188.62.0/24
                  5.188.166.0/24
                  5.188.207.0-5.188.211.255
                  5.188.222.0/23
                  5.188.233.0-5.188.235.255
                  31.44.184.0/24
                  31.44.188.0/22
                  31.184.192.0/21
                  31.184.228.0/23
                  31.184.231.0/24
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.48.0/24
                  37.139.48.0/23
                  37.139.53.0-37.139.59.255
                  46.161.2.0/23
                  46.161.8.0/24
                  46.161.10.0/24
                  46.161.12.0/22
                  46.161.20.0-46.161.25.255
                  46.161.32.0/22
                  46.161.42.0-46.161.51.255
                  91.243.48.0/22
                  91.243.60.0/22
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.212.0/23
                  146.185.223.0-146.185.231.255
                  146.185.233.0/24
                  146.185.244.0/23
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         90:80:f2:ad:cc:da:2b:fd:5b:e9:f5:37:43:e5:10:b7:9e:d5:
         9b:2f:36:b7:ad:e2:1a:4e:f7:70:dd:ab:d2:83:54:83:66:ad:
         c6:ce:67:0f:87:56:c2:6c:27:55:35:6a:8f:46:49:42:8d:7c:
         fa:dd:8e:27:c2:d3:65:d1:be:31:56:a2:4f:4f:b1:85:af:21:
         1f:2f:cb:62:9f:1b:22:cd:fd:07:34:dc:a5:aa:04:50:f4:43:
         4a:15:e1:79:f6:e5:8a:b0:eb:c8:71:45:d5:6b:96:a4:25:71:
         d1:84:db:83:62:b4:a6:20:2d:da:fb:7f:51:fd:d3:d3:a4:46:
         a9:d1:9c:5b:3e:b6:a0:e4:aa:b0:d5:fb:51:bb:a6:0a:2c:8f:
         65:83:48:f3:6a:d2:a1:01:f9:ff:b2:b2:dc:ff:ba:56:7b:f0:
         ae:1b:31:34:fe:5c:d8:07:90:5a:6d:0d:85:eb:a1:35:f6:ee:
         cd:3f:94:a9:9f:5e:18:85:11:d8:1b:e4:0e:49:ce:82:ce:34:
         5b:3d:d3:30:73:2d:f6:42:27:2d:ee:49:a1:0d:10:69:d9:60:
         80:3b:da:24:2c:4b:ac:48:17:2f:66:e2:4b:9b:6d:10:4e:e8:
         cc:0f:8c:04:5b:d4:49:44:9a:77:e2:44:4d:79:59:67:9f:df:
         0b:05:d8:d5
-----BEGIN CERTIFICATE-----
MIIGWjCCBUKgAwIBAgISAY8JuPs2Ec6CGO5qldb07xCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwNDIzMDY1MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU3ZWNjNjFlYTU2YWIxOWI3MTdjNDY3YWJhNWU5ZGZkOGVhYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/w7V0oK7UGLx/7WOoNtmPZt1FH0
qAcNnPVZ4bU1ccw1UY4gkboHkn6C5tmnm67RGC9n3IulhgF8gU6sglYYPPCe2ZSI
36jUwX8y2Q1EafKuxeMyr4M1RnDrAYfGeaQfBzmNbbywYY3tZcGhpoDA/J7o7hcM
XajE2rUKEtBZIVHXNuZXOJ/653fcY23iTgcnBNR1WRCSj3IxNUfvkgLGcwT/QW/t
m4TzT+N+z+mgJi4khgMI/DDF6jAgKhdXJWdRWM4Per2ZlzUqJgrQtJM5eXkv4JYq
aYB6OC3c7UehAavmMVkEqrBiSqtbRMKIEMWfurRVtMKIrPbmqrtKSUU6DQIDAQAB
o4IDZjCCA2IwHQYDVR0OBBYEFInn7MYepWqxm3F8Rnq6Xp39jqrqMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvaWVmc3hoNmxhckdiY1h4R2VycGVuZjJPcXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBegYIKwYBBQUHAQcBAf8EggFpMIIBZTCCAU4EAgABMIIB
RjAMAwQDBQgIAwQABQgQAwQABQgTAwQDBQgwAwQBBQg8AwQABQhBAwQDBWUAAwQC
BWUgAwQCBWVAAwQDBWVQAwQBBWVaAwQCBbwsAwQABbwxAwQABbw+AwQABbymMAwD
BAAFvM8DBAIFvNADBAEFvN4wDAMEAAW86QMEAgW86AMEAB8suAMEAh8svAMEAx+4
wAMEAR+45AMEAB+45wMEAR+47gMEAB+48wMEACUJMAMEASWLMDAMAwQAJYs1AwQC
JYs4AwQBLqECAwQALqEIAwQALqEKAwQCLqEMMAwDBAIuoRQDBAEuoRgDBAIuoSAw
DAMEAS6hKgMEAi6hMAMEAlvzMAMEAlvzPAMEAVvzWgMEAFvzXQMEAl/XAAMEAZK5
1DAMAwQAkrnfAwQDkrngAwQAkrnpAwQBkrn0AwQCvI/oAwQBwwLwMBEEAgACMAsD
CQYqAB14AQABwDANBgkqhkiG9w0BAQsFAAOCAQEAkIDyrczaK/1b6fU3Q+UQt57V
my82t63iGk73cN2r0oNUg2atxs5nD4dWwmwnVTVqj0ZJQo18+t2OJ8LTZdG+MVai
T0+xha8hHy/LYp8bIs39BzTcpaoEUPRDShXhefblirDryHFF1WuWpCVx0YTbg2K0
piAt2vt/Uf3T06RGqdGcWz62oOSqsNX7UbumCiyPZYNI82rSoQH5/7Ky3P+6Vnvw
rhsxNP5c2AeQWm0NheuhNfbuzT+UqZ9eGIUR2BvkDknOgs40Wz3TMHMt9kInLe5J
oQ0QadlggDvaJCxLrEgXL2biS5ttEE7ozA+MBFvUSUSad+JETXlZZ5/fCwXY1Q==
-----END CERTIFICATE-----
Generated at Sun May 12 20:13:25 2024 by rpki-client on console-fra.rpki-client.org