Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/1-mTIpifqGGuetW7O65aGqC14PdI.roa
File:                     1-mTIpifqGGuetW7O65aGqC14PdI.roa (raw, json)
Hash identifier:          xsu9jJIKUjptQptSEr0fS8KvLdUeDd+Us7kynUh+Kt8=
Subject key identifier:   FA:64:C8:A6:27:EA:18:6B:9E:B5:6E:CE:EB:96:86:A8:2D:78:3D:D2
Certificate issuer:       /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial:       0192068A6F965142D8D0A009957C61C48FB0
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/1-mTIpifqGGuetW7O65aGqC14PdI.roa
Signing time:             Wed 18 Sep 2024 19:09:48 +0000
ROA not before:           Wed 18 Sep 2024 19:09:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12301
IP address blocks:        62.77.192.0/22 maxlen: 24
                          62.77.200.0/21 maxlen: 24
                          62.77.208.0/20 maxlen: 24
                          62.77.224.0/20 maxlen: 24
                          62.77.242.0/23 maxlen: 24
                          62.77.244.0/22 maxlen: 24
                          79.120.128.0/19 maxlen: 24
                          79.120.168.0/23 maxlen: 24
                          79.120.176.0/20 maxlen: 24
                          79.120.179.0/24 maxlen: 24
                          79.120.192.0/19 maxlen: 24
                          79.120.198.0/24 maxlen: 24
                          79.120.200.0/24 maxlen: 24
                          79.120.224.0/20 maxlen: 24
                          79.120.240.0/21 maxlen: 24
                          79.120.250.0/23 maxlen: 24
                          81.0.64.0/20 maxlen: 24
                          81.0.80.0/23 maxlen: 24
                          81.0.88.0/23 maxlen: 24
                          81.0.96.0/23 maxlen: 24
                          81.0.100.0/22 maxlen: 24
                          81.0.104.0/22 maxlen: 24
                          81.0.110.0/23 maxlen: 24
                          81.0.112.0/21 maxlen: 24
                          81.0.120.0/23 maxlen: 24
                          81.0.120.0/24 maxlen: 24
                          81.0.121.0/24 maxlen: 24
                          81.0.124.0/23 maxlen: 24
                          81.94.176.0/20 maxlen: 24
                          82.131.160.0/20 maxlen: 24
                          82.131.176.0/22 maxlen: 24
                          82.131.180.0/23 maxlen: 24
                          82.131.192.0/22 maxlen: 24
                          82.131.199.0/24 maxlen: 24
                          82.131.208.0/21 maxlen: 24
                          82.141.128.0/18 maxlen: 24
                          82.144.160.0/22 maxlen: 24
                          82.144.168.0/22 maxlen: 24
                          82.144.178.0/23 maxlen: 24
                          82.144.180.0/22 maxlen: 24
                          82.144.184.0/22 maxlen: 24
                          82.144.190.0/23 maxlen: 24
                          87.97.64.0/20 maxlen: 24
                          89.186.98.0/23 maxlen: 24
                          89.186.100.0/23 maxlen: 24
                          89.186.104.0/23 maxlen: 24
                          89.186.116.0/23 maxlen: 24
                          91.82.8.0/21 maxlen: 24
                          91.82.16.0/21 maxlen: 24
                          91.82.40.0/21 maxlen: 24
                          91.82.48.0/21 maxlen: 24
                          91.82.58.0/23 maxlen: 24
                          91.82.62.0/23 maxlen: 24
                          91.82.72.0/21 maxlen: 24
                          91.82.80.0/23 maxlen: 24
                          91.82.84.0/22 maxlen: 24
                          91.82.88.0/21 maxlen: 24
                          91.82.96.0/19 maxlen: 24
                          91.82.128.0/23 maxlen: 24
                          91.82.148.0/22 maxlen: 24
                          91.82.152.0/21 maxlen: 24
                          91.82.174.0/23 maxlen: 24
                          91.82.184.0/22 maxlen: 24
                          91.82.192.0/20 maxlen: 24
                          91.82.208.0/23 maxlen: 24
                          91.82.216.0/21 maxlen: 24
                          91.82.224.0/22 maxlen: 24
                          91.82.236.0/22 maxlen: 24
                          91.82.244.0/22 maxlen: 24
                          91.82.248.0/23 maxlen: 24
                          91.82.252.0/22 maxlen: 24
                          91.83.40.0/21 maxlen: 24
                          91.83.48.0/22 maxlen: 24
                          91.83.56.0/21 maxlen: 24
                          91.83.64.0/20 maxlen: 24
                          91.83.80.0/21 maxlen: 24
                          91.83.88.0/22 maxlen: 24
                          91.83.92.0/23 maxlen: 24
                          91.83.96.0/22 maxlen: 24
                          91.83.100.0/23 maxlen: 24
                          91.83.104.0/22 maxlen: 24
                          91.83.108.0/23 maxlen: 24
                          91.83.122.0/23 maxlen: 24
                          91.83.124.0/22 maxlen: 24
                          91.83.128.0/21 maxlen: 24
                          91.83.146.0/23 maxlen: 24
                          91.83.148.0/22 maxlen: 24
                          91.83.152.0/23 maxlen: 24
                          91.83.156.0/22 maxlen: 24
                          91.83.160.0/20 maxlen: 24
                          91.83.176.0/22 maxlen: 24
                          91.83.208.0/20 maxlen: 24
                          91.83.220.0/22 maxlen: 22
                          91.83.224.0/20 maxlen: 24
                          91.83.240.0/21 maxlen: 24
                          91.83.248.0/22 maxlen: 24
                          91.83.254.0/23 maxlen: 24
                          94.125.248.0/21 maxlen: 24
                          185.50.28.0/22 maxlen: 24
                          193.68.32.0/19 maxlen: 24
                          193.91.64.0/19 maxlen: 24
                          193.226.194.0/23 maxlen: 24
                          193.226.196.0/22 maxlen: 24
                          193.226.200.0/21 maxlen: 24
                          193.226.208.0/22 maxlen: 24
                          193.226.216.0/21 maxlen: 24
                          193.226.224.0/23 maxlen: 24
                          193.226.228.0/22 maxlen: 24
                          193.226.234.0/23 maxlen: 24
                          193.226.236.0/23 maxlen: 24
                          193.226.242.0/23 maxlen: 24
                          193.226.250.0/23 maxlen: 24
                          193.226.252.0/22 maxlen: 24
                          194.143.224.0/19 maxlen: 24
                          194.169.253.0/24 maxlen: 24
                          195.184.0.0/19 maxlen: 24
                          212.24.160.0/19 maxlen: 19
                          212.108.192.0/18 maxlen: 24
                          213.16.64.0/18 maxlen: 24
                          213.163.0.0/18 maxlen: 24
                          213.197.64.0/21 maxlen: 24
                          213.253.192.0/18 maxlen: 24
                          2001:1aa0::/29 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:06:8a:6f:96:51:42:d8:d0:a0:09:95:7c:61:c4:8f:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
        Validity
            Not Before: Sep 18 19:09:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa64c8a627ea186b9eb56eceeb9686a82d783dd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:6d:a6:5f:7d:15:fc:43:6d:7f:e7:ff:44:1e:
                    3e:ef:5d:e8:1f:5c:34:45:c6:41:40:35:33:bf:d3:
                    53:74:6b:0e:56:9f:b9:98:ae:db:12:37:4f:65:fb:
                    63:0c:b7:cc:bc:51:79:ac:d2:25:95:b1:b3:91:b3:
                    82:9c:c2:7d:1d:3b:e8:43:07:2d:bd:e1:e0:5d:5f:
                    09:6a:52:51:da:16:3a:ff:ac:7f:5e:17:bf:af:9d:
                    54:d9:2f:a5:28:0f:c0:c4:c8:99:e1:a2:44:bd:42:
                    bd:e0:25:5b:1c:a4:2a:6c:60:c3:f6:19:58:7d:d9:
                    d6:1e:76:22:82:ab:30:e3:a6:f7:c6:4e:66:a7:f5:
                    bf:6d:a5:be:71:15:f2:bb:f6:d4:b9:12:dc:15:1f:
                    ac:b7:63:46:31:ca:4b:9b:ff:5c:5d:63:91:3f:87:
                    45:60:26:8c:3f:c6:78:fa:31:44:c9:91:df:36:72:
                    e4:c6:21:c3:25:25:48:b9:1e:bb:29:8d:61:87:bf:
                    5e:26:16:94:d9:8e:86:76:13:06:c7:28:7a:26:48:
                    23:d1:e0:ce:58:6b:ef:30:66:b1:d6:87:34:6a:de:
                    1e:ba:a0:2f:69:44:0d:c3:90:7c:e2:fc:3a:ea:e9:
                    d3:e9:14:c0:e3:71:61:80:d8:fc:f1:aa:5e:a0:b9:
                    33:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:64:C8:A6:27:EA:18:6B:9E:B5:6E:CE:EB:96:86:A8:2D:78:3D:D2
            X509v3 Authority Key Identifier:
                keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/1-mTIpifqGGuetW7O65aGqC14PdI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.77.192.0/22
                  62.77.200.0-62.77.239.255
                  62.77.242.0-62.77.247.255
                  79.120.128.0/19
                  79.120.168.0/23
                  79.120.176.0-79.120.247.255
                  79.120.250.0/23
                  81.0.64.0-81.0.81.255
                  81.0.88.0/23
                  81.0.96.0/23
                  81.0.100.0-81.0.107.255
                  81.0.110.0-81.0.121.255
                  81.0.124.0/23
                  81.94.176.0/20
                  82.131.160.0-82.131.181.255
                  82.131.192.0/22
                  82.131.199.0/24
                  82.131.208.0/21
                  82.141.128.0/18
                  82.144.160.0/22
                  82.144.168.0/22
                  82.144.178.0-82.144.187.255
                  82.144.190.0/23
                  87.97.64.0/20
                  89.186.98.0-89.186.101.255
                  89.186.104.0/23
                  89.186.116.0/23
                  91.82.8.0-91.82.23.255
                  91.82.40.0-91.82.55.255
                  91.82.58.0/23
                  91.82.62.0/23
                  91.82.72.0-91.82.81.255
                  91.82.84.0-91.82.129.255
                  91.82.148.0-91.82.159.255
                  91.82.174.0/23
                  91.82.184.0/22
                  91.82.192.0-91.82.209.255
                  91.82.216.0-91.82.227.255
                  91.82.236.0/22
                  91.82.244.0-91.82.249.255
                  91.82.252.0/22
                  91.83.40.0-91.83.51.255
                  91.83.56.0-91.83.93.255
                  91.83.96.0-91.83.101.255
                  91.83.104.0-91.83.109.255
                  91.83.122.0-91.83.135.255
                  91.83.146.0-91.83.153.255
                  91.83.156.0-91.83.179.255
                  91.83.208.0-91.83.251.255
                  91.83.254.0/23
                  94.125.248.0/21
                  185.50.28.0/22
                  193.68.32.0/19
                  193.91.64.0/19
                  193.226.194.0-193.226.211.255
                  193.226.216.0-193.226.225.255
                  193.226.228.0/22
                  193.226.234.0-193.226.237.255
                  193.226.242.0/23
                  193.226.250.0-193.226.255.255
                  194.143.224.0/19
                  194.169.253.0/24
                  195.184.0.0/19
                  212.24.160.0/19
                  212.108.192.0/18
                  213.16.64.0/18
                  213.163.0.0/18
                  213.197.64.0/21
                  213.253.192.0/18
                IPv6:
                  2001:1aa0::/29

    Signature Algorithm: sha256WithRSAEncryption
         97:c4:77:6c:bd:22:de:e6:78:dc:c8:a5:a1:e9:d0:22:ba:b2:
         f0:51:f5:93:b7:6f:af:51:ae:ae:67:f8:f6:c5:92:b2:3a:37:
         23:79:bf:1f:77:a5:3a:39:4b:21:b1:02:e3:d6:56:d3:d1:d5:
         b4:e2:cd:1b:19:23:f7:e9:92:48:c0:37:a1:ec:2f:8a:e5:08:
         f3:15:6e:36:2d:9a:c7:57:30:50:c4:2b:6b:2b:bf:12:2a:b1:
         dd:8d:85:53:81:f3:a2:e9:87:f9:38:da:df:ae:8f:2b:b2:d5:
         7a:ec:78:40:d4:d2:ac:e1:75:f5:69:a1:2a:c0:f2:2a:2f:45:
         4b:18:ba:c5:13:77:03:8c:44:22:81:be:26:c4:02:03:32:b8:
         68:ed:64:51:36:f6:13:e3:76:1b:bb:41:bc:88:cd:54:06:ab:
         5b:83:be:6f:48:eb:c0:39:84:43:f1:46:42:0e:b2:d9:b9:e6:
         6d:6d:0b:99:f9:d4:4a:12:ef:80:d3:d0:b7:7a:df:3c:88:07:
         5e:04:27:b3:24:5e:4a:df:8b:46:44:d3:85:7d:a8:6d:8a:b6:
         c7:fa:b1:b1:73:38:2c:0a:10:24:59:c2:89:94:de:8f:74:7a:
         6a:7f:a6:e8:cf:fc:24:61:22:f4:7c:b0:25:0b:cc:3e:9b:16:
         57:aa:aa:93
-----BEGIN CERTIFICATE-----
MIIHljCCBn6gAwIBAgISAZIGim+WUULY0KAJlXxhxI+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwOTE4MTkwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY0YzhhNjI3ZWExODZiOWViNTZlY2VlYjk2ODZhODJkNzgzZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG2mX30V/ENtf+f/RB4+713oH1w0
RcZBQDUzv9NTdGsOVp+5mK7bEjdPZftjDLfMvFF5rNIllbGzkbOCnMJ9HTvoQwct
veHgXV8JalJR2hY6/6x/Xhe/r51U2S+lKA/AxMiZ4aJEvUK94CVbHKQqbGDD9hlY
fdnWHnYigqsw46b3xk5mp/W/baW+cRXyu/bUuRLcFR+st2NGMcpLm/9cXWORP4dF
YCaMP8Z4+jFEyZHfNnLkxiHDJSVIuR67KY1hh79eJhaU2Y6GdhMGxyh6Jkgj0eDO
WGvvMGax1oc0at4euqAvaUQNw5B84vw66unT6RTA43FhgNj88apeoLkzYwIDAQAB
o4IEojCCBJ4wHQYDVR0OBBYEFPpkyKYn6hhrnrVuzuuWhqgteD3SMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvMS1tVElwaWZxR0d1ZXRXN082NWFHcUMxNFBkSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjcvZjJjNWU4LThkMzctNDgzOC1hMzNiLWVjYzQ5YmRjMmFk
OC8xL3Y3Q1hvMndqSmRFREhfUUpHNkFLaGtXZFFvZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCArUGCCsGAQUFBwEHAQH/BIICpDCCAqAwggKNBAIAATCC
AoUDBAI+TcAwDAMEAz5NyAMEBD5N4DAMAwQBPk3yAwQDPk3wAwQFT3iAAwQBT3io
MAwDBARPeLADBANPePADBAFPePowDAMEBlEAQAMEAVEAUAMEAVEAWAMEAVEAYDAM
AwQCUQBkAwQCUQBoMAwDBAFRAG4DBAFRAHgDBAFRAHwDBARRXrAwDAMEBVKDoAME
AVKDtAMEAlKDwAMEAFKDxwMEA1KD0AMEBlKNgAMEAlKQoAMEAlKQqDAMAwQBUpCy
AwQCUpC4AwQBUpC+AwQEV2FAMAwDBAFZumIDBAFZumQDBAFZumgDBAFZunQwDAME
A1tSCAMEA1tSEDAMAwQDW1IoAwQDW1IwAwQBW1I6AwQBW1I+MAwDBANbUkgDBAFb
UlAwDAMEAltSVAMEAVtSgDAMAwQCW1KUAwQFW1KAAwQBW1KuAwQCW1K4MAwDBAZb
UsADBAFbUtAwDAMEA1tS2AMEAltS4AMEAltS7DAMAwQCW1L0AwQBW1L4AwQCW1L8
MAwDBANbUygDBAJbUzAwDAMEA1tTOAMEAVtTXDAMAwQFW1NgAwQBW1NkMAwDBANb
U2gDBAFbU2wwDAMEAVtTegMEA1tTgDAMAwQBW1OSAwQBW1OYMAwDBAJbU5wDBAJb
U7AwDAMEBFtT0AMEAltT+AMEAVtT/gMEA159+AMEArkyHAMEBcFEIAMEBcFbQDAM
AwQBweLCAwQCweLQMAwDBAPB4tgDBAHB4uADBALB4uQwDAMEAcHi6gMEAcHi7AME
AcHi8jALAwQBweL6AwMAweIDBAXCj+ADBADCqf0DBAXDuAADBAXUGKADBAbUbMAD
BAbVEEADBAbVowADBAPVxUADBAbV/cAwDQQCAAIwBwMFAyABGqAwDQYJKoZIhvcN
AQELBQADggEBAJfEd2y9It7meNzIpaHp0CK6svBR9ZO3b69Rrq5n+PbFkrI6NyN5
vx93pTo5SyGxAuPWVtPR1bTizRsZI/fpkkjAN6HsL4rlCPMVbjYtmsdXMFDEK2sr
vxIqsd2NhVOB86Lph/k42t+ujyuy1XrseEDU0qzhdfVpoSrA8iovRUsYusUTdwOM
RCKBvibEAgMyuGjtZFE29hPjdhu7QbyIzVQGq1uDvm9I68A5hEPxRkIOstm55m1t
C5n51EoS74DT0Ld63zyIB14EJ7MkXkrfi0ZE04V9qG2Ktsf6sbFzOCwKECRZwomU
3o90emp/pujP/CRhIvR8sCULzD6bFleqqpM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:39 2024 by rpki-client on console-fra.rpki-client.org