Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/JCMK9XV7VjU5C3eX8S24iygirws.roa
File:                     JCMK9XV7VjU5C3eX8S24iygirws.roa (raw, json)
Hash identifier:          LYcbzCOcY7NhlvZXFEhIPzqczvNmRh0cHGkj6p90bm0=
Subject key identifier:   24:23:0A:F5:75:7B:56:35:39:0B:77:97:F1:2D:B8:8B:28:22:AF:0B
Certificate issuer:       /CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Certificate serial:       018F0A8AA1D722412D9061F8CB4AD6A667F6
Authority key identifier: A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/JCMK9XV7VjU5C3eX8S24iygirws.roa
Signing time:             Tue 23 Apr 2024 10:40:08 +0000
ROA not before:           Tue 23 Apr 2024 10:40:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200107
IP address blocks:        77.74.176.0/23 maxlen: 24
                          77.74.176.0/24 maxlen: 24
                          77.74.178.0/23 maxlen: 24
                          77.74.180.0/24 maxlen: 24
                          77.74.181.0/24 maxlen: 24
                          77.74.182.0/24 maxlen: 24
                          77.74.183.0/24 maxlen: 24
                          82.202.184.0/23 maxlen: 23
                          82.202.184.0/24 maxlen: 24
                          82.202.185.0/24 maxlen: 24
                          93.159.226.0/24 maxlen: 24
                          93.159.228.0/23 maxlen: 24
                          93.159.230.0/23 maxlen: 23
                          185.54.220.0/24 maxlen: 24
                          185.54.221.0/24 maxlen: 24
                          185.54.222.0/24 maxlen: 24
                          185.54.223.0/24 maxlen: 24
                          185.85.12.0/24 maxlen: 24
                          185.85.14.0/24 maxlen: 24
                          185.85.15.0/24 maxlen: 24
                          2a03:2480:68::/48 maxlen: 48
                          2a03:2480:69::/48 maxlen: 48
                          2a03:2480:70::/48 maxlen: 48
                          2a03:2480:80::/48 maxlen: 48
                          2a03:2480:8000::/48 maxlen: 48
                          2a03:2480:8010::/48 maxlen: 48
                          2a03:2480:8020::/48 maxlen: 48
                          2a03:2480:8021::/48 maxlen: 48
                          2a03:2480:8022::/48 maxlen: 48
                          2a03:2480:8023::/48 maxlen: 48
                          2a03:2480:8025::/48 maxlen: 48
                          2a03:2480:8026::/48 maxlen: 48
                          2a03:2480:8027::/48 maxlen: 48
                          2a03:2480:8028::/48 maxlen: 48
                          2a03:2480:8029::/48 maxlen: 48
                          2a03:2480:802a::/48 maxlen: 48
                          2a03:2480:802b::/48 maxlen: 48
                          2a03:2480:802d::/48 maxlen: 48
                          2a03:2480:802e::/48 maxlen: 48
                          2a03:2480:802f::/48 maxlen: 48
                          2a03:2480:8030::/48 maxlen: 48
                          2a03:2480:8031::/48 maxlen: 48
                          2a03:2480:8032::/48 maxlen: 48
                          2a03:2480:8033::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:0a:8a:a1:d7:22:41:2d:90:61:f8:cb:4a:d6:a6:67:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
        Validity
            Not Before: Apr 23 10:40:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24230af5757b5635390b7797f12db88b2822af0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:9e:2a:73:4a:4b:83:37:9f:4a:e5:3d:67:02:
                    f6:5d:3b:01:ec:3b:0a:1e:7e:34:12:f2:be:d3:44:
                    61:1a:0d:78:17:f7:40:05:53:0e:de:79:fb:36:25:
                    e6:cb:5d:97:85:02:af:81:0e:e6:c1:b7:87:43:e9:
                    8a:06:23:3e:eb:34:46:b4:c1:74:b2:0b:bf:71:bd:
                    03:0c:48:fa:8d:e8:05:c3:9b:c0:d8:ac:76:4a:f6:
                    3c:a8:96:f3:4f:b4:4f:62:e3:a1:e8:ec:74:22:26:
                    06:1b:1e:bc:97:d6:1d:4f:7c:b4:29:8b:6a:5c:13:
                    d6:79:fb:1b:3f:07:58:58:ec:d0:f2:93:7f:32:3f:
                    26:c5:6a:26:db:08:9f:f0:0e:98:2c:16:aa:60:40:
                    01:36:ab:69:f2:13:61:6a:f0:f4:bb:ee:af:31:e1:
                    de:6a:5e:b1:67:24:d0:22:1e:07:7a:78:d2:81:0e:
                    56:e7:ca:f4:f6:41:17:5d:07:4d:a5:54:f0:51:9e:
                    82:03:b6:32:7d:bb:59:91:f1:1a:52:ff:08:d1:16:
                    fe:b2:ec:ef:69:82:d1:6f:ca:7f:dd:6e:36:ae:6f:
                    12:83:74:74:ad:ec:2c:49:e1:ce:8b:31:a7:78:1b:
                    72:ed:e4:39:8b:8d:13:96:30:60:37:19:c4:ef:f8:
                    9a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:23:0A:F5:75:7B:56:35:39:0B:77:97:F1:2D:B8:8B:28:22:AF:0B
            X509v3 Authority Key Identifier:
                keyid:A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/JCMK9XV7VjU5C3eX8S24iygirws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.74.176.0/21
                  82.202.184.0/23
                  93.159.226.0/24
                  93.159.228.0/22
                  185.54.220.0/22
                  185.85.12.0/24
                  185.85.14.0/23
                IPv6:
                  2a03:2480:68::/47
                  2a03:2480:70::/48
                  2a03:2480:80::/48
                  2a03:2480:8000::/48
                  2a03:2480:8010::/48
                  2a03:2480:8020::/46
                  2a03:2480:8025::-2a03:2480:802b:ffff:ffff:ffff:ffff:ffff
                  2a03:2480:802d::-2a03:2480:8033:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         1c:03:5c:0f:fc:01:d6:19:73:a9:c7:30:41:b0:69:9c:f7:ef:
         40:79:48:79:65:da:09:74:47:dc:56:4a:0d:6c:b2:4e:cb:df:
         17:80:d6:81:62:bc:6b:72:3a:0d:a4:89:46:4a:f2:6d:97:33:
         7e:5d:4e:70:38:c8:05:00:55:4d:32:6a:ab:64:80:21:eb:17:
         59:f0:a9:ca:9f:c5:37:4e:b5:6f:32:cd:94:85:10:ff:7d:4e:
         78:c6:4f:a6:0e:f9:76:8c:db:b8:71:c9:49:bd:0c:8e:f8:5b:
         e9:b0:a8:25:6c:f8:81:de:2d:63:26:75:f2:4f:b7:ca:4c:66:
         26:9c:c6:19:97:cc:24:30:2a:fa:ab:a0:ef:3a:c0:2e:ae:a5:
         c6:3a:d0:0a:9e:47:ca:aa:61:2d:9f:94:c4:8b:ac:c6:62:e1:
         91:6a:82:8e:37:21:70:78:8f:31:72:e4:e9:54:05:1f:3a:31:
         32:02:0a:38:da:b1:b2:46:7b:1d:02:54:4d:6c:cc:58:7c:10:
         08:2c:c5:25:21:f1:b7:d8:db:26:0b:47:81:da:21:e2:e5:6a:
         6e:0c:25:13:62:1b:b7:b0:7d:81:57:e3:b5:a0:9b:19:f8:3b:
         ab:2a:d6:be:1c:7f:45:13:11:fd:12:e4:5b:4b:df:1c:c3:6e:
         e3:d4:b2:03
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAY8KiqHXIkEtkGH4y0rWpmf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDg1YWRlMmIwZDRlYzFjYTA5MmE4ZTI3MDNjMTkyMDBj
NzJmMzIwHhcNMjQwNDIzMTA0MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDIzMGFmNTc1N2I1NjM1MzkwYjc3OTdmMTJkYjg4YjI4MjJhZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ4qc0pLgzefSuU9ZwL2XTsB7DsK
Hn40EvK+00RhGg14F/dABVMO3nn7NiXmy12XhQKvgQ7mwbeHQ+mKBiM+6zRGtMF0
sgu/cb0DDEj6jegFw5vA2Kx2SvY8qJbzT7RPYuOh6Ox0IiYGGx68l9YdT3y0KYtq
XBPWefsbPwdYWOzQ8pN/Mj8mxWom2wif8A6YLBaqYEABNqtp8hNhavD0u+6vMeHe
al6xZyTQIh4HenjSgQ5W58r09kEXXQdNpVTwUZ6CA7YyfbtZkfEaUv8I0Rb+suzv
aYLRb8p/3W42rm8Sg3R0rewsSeHOizGneBty7eQ5i40TljBgNxnE7/iavwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFCQjCvV1e1Y1OQt3l/EtuIsoIq8LMB8GA1UdIwQY
MBaAFKfYWt4rDU7BygkqjicDwZIAxy8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYt
MDRiMGJmNjBiOWI3LzEvSkNNSzlYVjdWalU1QzNlWDhTMjRpeWdpcndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYtMDRiMGJmNjBiOWI3
LzEvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDAwBAIAATAqAwQDTUqw
AwQBUsq4AwQAXZ/iAwQCXZ/kAwQCuTbcAwQAuVUMAwQBuVUOMGQEAgACMF4DBwEq
AySAAGgDBwAqAySAAHADBwAqAySAAIADBwAqAySAgAADBwAqAySAgBADBwIqAySA
gCAwEgMHACoDJICAJQMHAioDJICAKDASAwcAKgMkgIAtAwcCKgMkgIAwMA0GCSqG
SIb3DQEBCwUAA4IBAQAcA1wP/AHWGXOpxzBBsGmc9+9AeUh5ZdoJdEfcVkoNbLJO
y98XgNaBYrxrcjoNpIlGSvJtlzN+XU5wOMgFAFVNMmqrZIAh6xdZ8KnKn8U3TrVv
Ms2UhRD/fU54xk+mDvl2jNu4cclJvQyO+FvpsKglbPiB3i1jJnXyT7fKTGYmnMYZ
l8wkMCr6q6DvOsAurqXGOtAKnkfKqmEtn5TEi6zGYuGRaoKONyFweI8xcuTpVAUf
OjEyAgo42rGyRnsdAlRNbMxYfBAILMUlIfG32NsmC0eB2iHi5WpuDCUTYhu3sH2B
V+O1oJsZ+DurKta+HH9FExH9EuRbS98cw27j1LID
-----END CERTIFICATE-----
Generated at Mon Jun 17 05:47:36 2024 by rpki-client on console-fra.rpki-client.org