Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa
File:                     YcnR809u3SaDpi3R2xOWIxLjmpY.roa (raw, json)
Hash identifier:          27e28swcjpJ7HbaAwIl2UJimOFL+9A7Zjq5lrsaahIc=
Subject key identifier:   61:C9:D1:F3:4F:6E:DD:26:83:A6:2D:D1:DB:13:96:23:12:E3:9A:96
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       018CC492E6D71AD94F76720D2302F5F7BDA3
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa
Signing time:             Mon 01 Jan 2024 10:30:10 +0000
ROA not before:           Mon 01 Jan 2024 10:30:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205207
IP address blocks:        185.14.160.0/22 maxlen: 22
                          46.209.58.0/24 maxlen: 24
                          77.104.106.0/24 maxlen: 24
                          5.160.49.0/24 maxlen: 24
                          77.237.68.0/24 maxlen: 24
                          77.104.64.0/19 maxlen: 19
                          77.104.66.0/24 maxlen: 24
                          77.237.80.0/20 maxlen: 20
                          77.104.64.0/18 maxlen: 18
                          77.237.87.0/24 maxlen: 24
                          77.104.73.0/24 maxlen: 24
                          77.104.75.0/24 maxlen: 24
                          77.104.72.0/21 maxlen: 21
                          77.104.80.0/20 maxlen: 24
                          46.209.95.0/24 maxlen: 24
                          77.237.64.0/20 maxlen: 20
                          77.237.64.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 17:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:e6:d7:1a:d9:4f:76:72:0d:23:02:f5:f7:bd:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 10:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61c9d1f34f6edd2683a62dd1db13962312e39a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:62:ce:64:62:b1:86:22:0b:9b:5f:9e:20:7f:
                    8f:24:9a:e5:5b:32:e1:d2:e4:d4:0b:5c:37:4c:f5:
                    2c:1a:9c:2b:33:b1:35:40:5a:12:49:c6:22:e5:f1:
                    19:32:0f:22:1e:8a:ba:01:d3:ad:78:c8:e8:69:c8:
                    c4:1d:7d:3b:ea:8c:cb:5c:20:fe:87:ce:d9:15:90:
                    6f:2f:a9:77:6a:5e:0a:04:69:6c:76:92:5b:1a:64:
                    4f:35:25:e2:a6:53:08:0d:5e:bf:f4:5e:d4:fc:f0:
                    46:fe:8e:53:5a:82:f4:1a:35:05:fe:42:71:a6:08:
                    4c:d8:5a:07:05:da:1b:32:7a:14:d5:cb:3a:94:76:
                    6a:0b:7f:6b:38:c2:a9:cd:c8:45:72:3e:b7:38:87:
                    9d:c1:06:b7:d9:87:f8:59:0b:a5:11:0e:20:22:99:
                    00:ab:1f:26:44:5e:ba:53:e0:04:41:d7:85:0b:5f:
                    a3:a3:f9:d9:60:34:43:55:9e:f9:0e:2c:09:0d:da:
                    1d:4c:aa:14:93:1f:b3:cf:d8:8e:c4:93:d6:a5:fa:
                    49:1f:ec:dc:47:60:5e:47:89:4e:60:0a:af:f6:c4:
                    5a:7e:f8:d3:ab:07:fe:20:4b:c5:0e:e2:c2:da:67:
                    a9:cf:55:7c:9d:1c:5d:4e:f2:53:06:ce:cd:46:32:
                    04:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:C9:D1:F3:4F:6E:DD:26:83:A6:2D:D1:DB:13:96:23:12:E3:9A:96
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.49.0/24
                  46.209.58.0/24
                  46.209.95.0/24
                  77.104.64.0/18
                  77.237.64.0/19
                  185.14.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:7c:6c:cd:f0:25:27:d8:1a:51:d9:ee:9d:4d:f1:39:dd:1f:
         64:4b:c0:bb:f7:95:db:50:ac:1b:0b:ea:52:3e:fa:d0:d6:17:
         97:46:b7:29:6c:a4:a1:4e:2b:9f:ad:23:46:65:47:44:74:35:
         0d:8f:e9:ab:85:1f:8b:cb:22:bd:0c:f5:c4:d5:1e:4b:5e:fc:
         cf:1e:9d:e4:a0:a2:18:44:ad:44:ca:6a:0e:e5:2f:43:f8:7b:
         15:b7:33:93:dd:73:ab:a8:40:36:15:59:40:ed:55:14:fd:97:
         a0:d1:ff:44:76:c4:1c:d7:38:3e:3b:bf:94:89:22:88:90:42:
         94:db:5c:f5:22:b2:6c:ac:ed:81:e2:c0:16:35:f2:f4:03:23:
         69:f5:ef:43:cd:33:1c:c9:7d:dc:44:f8:4f:89:fd:f2:36:3c:
         c4:d4:24:a1:e0:5e:14:e4:9b:4e:11:c5:bc:02:f8:77:b8:69:
         dc:62:80:db:64:ea:43:7d:13:46:6e:1b:1e:53:67:52:e9:9a:
         a6:1e:52:c7:de:45:9f:4d:e6:88:f7:af:dc:5b:a6:2d:86:fb:
         bf:e5:c3:f0:31:6d:39:53:a5:65:01:20:d2:45:bf:bb:42:4d:
         44:b5:b6:da:a7:ae:e6:00:b1:bc:7d:ab:81:3a:ff:fd:3e:df:
         44:7f:c7:45
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEkubXGtlPdnINIwL1972jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM5ZDFmMzRmNmVkZDI2ODNhNjJkZDFkYjEzOTYyMzEyZTM5YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmLOZGKxhiILm1+eIH+PJJrlWzLh
0uTUC1w3TPUsGpwrM7E1QFoSScYi5fEZMg8iHoq6AdOteMjoacjEHX076ozLXCD+
h87ZFZBvL6l3al4KBGlsdpJbGmRPNSXiplMIDV6/9F7U/PBG/o5TWoL0GjUF/kJx
pghM2FoHBdobMnoU1cs6lHZqC39rOMKpzchFcj63OIedwQa32Yf4WQulEQ4gIpkA
qx8mRF66U+AEQdeFC1+jo/nZYDRDVZ75DiwJDdodTKoUkx+zz9iOxJPWpfpJH+zc
R2BeR4lOYAqv9sRafvjTqwf+IEvFDuLC2mepz1V8nRxdTvJTBs7NRjIEoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGHJ0fNPbt0mg6Yt0dsTliMS45qWMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWWNuUjgwOXUzU2FEcGkzUjJ4T1dJeExqbXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABaAxAwQA
LtE6AwQALtFfAwQGTWhAAwQFTe1AAwQCuQ6gMA0GCSqGSIb3DQEBCwUAA4IBAQAD
fGzN8CUn2BpR2e6dTfE53R9kS8C795XbUKwbC+pSPvrQ1heXRrcpbKShTiufrSNG
ZUdEdDUNj+mrhR+LyyK9DPXE1R5LXvzPHp3koKIYRK1EymoO5S9D+HsVtzOT3XOr
qEA2FVlA7VUU/Zeg0f9EdsQc1zg+O7+UiSKIkEKU21z1IrJsrO2B4sAWNfL0AyNp
9e9DzTMcyX3cRPhPif3yNjzE1CSh4F4U5JtOEcW8Avh3uGncYoDbZOpDfRNGbhse
U2dS6ZqmHlLH3kWfTeaI96/cW6Ythvu/5cPwMW05U6VlASDSRb+7Qk1Etbbap67m
ALG8fauBOv/9Pt9Ef8dF
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:31:49 2024 by rpki-client on console-ams.rpki-client.org