Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5-5DU1tzEvJGUNVwGQL1xEZCJy8.roa
File:                     5-5DU1tzEvJGUNVwGQL1xEZCJy8.roa (raw, json)
Hash identifier:          hirvqE5fxtaUESnMk3CHL6X1zKw00gz16NU2nrfbufA=
Subject key identifier:   E7:EE:43:53:5B:73:12:F2:46:50:D5:70:19:02:F5:C4:46:42:27:2F
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       018CC79446F5E4629DCFFA018A51BA9FA648
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5-5DU1tzEvJGUNVwGQL1xEZCJy8.roa
Signing time:             Tue 02 Jan 2024 00:30:32 +0000
ROA not before:           Tue 02 Jan 2024 00:30:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47771
IP address blocks:        77.77.164.0/24 maxlen: 24
                          77.77.165.0/24 maxlen: 24
                          77.77.166.0/24 maxlen: 24
                          77.77.167.0/24 maxlen: 24
                          87.119.105.0/24 maxlen: 24
                          87.119.100.0/24 maxlen: 24
                          87.119.101.0/24 maxlen: 24
                          87.119.103.0/24 maxlen: 24
                          87.119.104.0/24 maxlen: 24
                          87.119.102.0/24 maxlen: 24
                          87.119.64.0/24 maxlen: 24
                          87.119.70.0/24 maxlen: 24
                          87.119.71.0/24 maxlen: 24
                          87.119.65.0/24 maxlen: 24
                          87.119.66.0/24 maxlen: 24
                          87.119.69.0/24 maxlen: 24
                          87.119.67.0/24 maxlen: 24
                          87.119.68.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 11 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:46:f5:e4:62:9d:cf:fa:01:8a:51:ba:9f:a6:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 00:30:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e7ee43535b7312f24650d5701902f5c44642272f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1c:27:28:15:8b:95:95:64:fa:b7:0b:e2:fb:
                    83:a1:3a:af:b4:08:af:06:71:75:48:58:e1:29:f4:
                    c9:b3:e1:2a:d2:7d:2f:35:ea:a9:d9:ff:1a:67:67:
                    65:f3:1a:89:95:20:ba:51:eb:a6:c1:0e:a6:9f:8a:
                    80:47:9e:32:2e:8a:1b:4c:84:73:bb:c9:ca:72:aa:
                    f5:54:b0:93:ee:ac:2d:ed:43:df:bb:fd:92:73:77:
                    6e:fa:e3:d0:d2:74:b9:03:a1:a1:81:99:30:01:ca:
                    5a:72:c1:4b:5e:b0:69:05:14:e1:a9:21:54:ec:57:
                    23:9f:46:9f:63:ed:9d:bf:23:9e:43:3c:52:07:dc:
                    79:5a:0d:91:04:d0:3b:04:63:90:d7:b4:d4:c3:cc:
                    0a:c8:19:13:b4:5c:a2:02:03:40:85:f7:16:fb:78:
                    ca:56:52:78:f9:0b:30:2f:33:10:da:0f:f0:99:f7:
                    f1:bf:be:3a:a4:24:c6:34:bb:44:5e:a5:35:74:c0:
                    9b:90:27:bd:83:00:77:ee:27:cb:9e:ec:91:66:e3:
                    92:fe:36:0a:61:7d:2a:8a:c8:d4:b9:89:aa:75:72:
                    2f:95:03:3f:03:21:26:68:59:c7:56:c1:bd:7a:4f:
                    bf:79:b3:c8:35:79:fb:49:2d:7d:ad:07:09:12:08:
                    e5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:EE:43:53:5B:73:12:F2:46:50:D5:70:19:02:F5:C4:46:42:27:2F
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/5-5DU1tzEvJGUNVwGQL1xEZCJy8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.77.164.0/22
                  87.119.64.0/21
                  87.119.100.0-87.119.105.255

    Signature Algorithm: sha256WithRSAEncryption
         20:71:ee:bb:4d:56:7f:3d:df:62:69:90:95:9c:1a:01:70:b3:
         3d:66:c8:16:34:ba:42:f0:24:a9:c2:18:4c:e1:bc:dc:92:e1:
         8b:45:b8:88:b8:c0:98:39:c2:71:c2:01:2f:36:a0:61:f6:19:
         9e:cc:54:6e:db:53:79:4d:58:35:46:ae:68:9c:0a:cc:47:e6:
         2d:a1:17:06:a7:7f:20:56:8a:45:44:f8:d5:2c:3e:03:59:a9:
         57:4d:6f:8b:bb:01:bd:6d:f0:11:80:b9:ef:50:c0:47:8c:0e:
         75:b1:5b:c4:56:15:e1:fe:c3:e7:f9:79:b8:bb:68:36:82:32:
         ad:25:a9:06:ef:10:b4:f0:b3:3a:45:62:b1:f4:05:be:b6:c0:
         4f:0a:ff:98:06:5c:31:0d:60:82:66:ee:8e:92:84:f0:ea:d8:
         a2:9b:7e:35:55:d9:13:0d:0c:9d:c6:e0:e5:16:93:1a:0d:fd:
         32:f5:2e:82:de:56:24:a0:52:01:2a:a2:71:20:ac:ff:1b:d5:
         ec:1f:23:ff:c0:1b:96:bf:01:0c:78:9b:61:49:2e:c0:ae:31:
         33:96:75:39:dc:2f:3d:92:72:d7:2c:a3:aa:f2:02:8a:8c:dd:
         74:79:c6:48:f6:13:76:6a:7e:7d:f7:82:bb:8c:e3:8d:35:41:
         63:76:16:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHlEb15GKdz/oBilG6n6ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VlNDM1MzViNzMxMmYyNDY1MGQ1NzAxOTAyZjVjNDQ2NDIyNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRwnKBWLlZVk+rcL4vuDoTqvtAiv
BnF1SFjhKfTJs+Eq0n0vNeqp2f8aZ2dl8xqJlSC6UeumwQ6mn4qAR54yLoobTIRz
u8nKcqr1VLCT7qwt7UPfu/2Sc3du+uPQ0nS5A6GhgZkwAcpacsFLXrBpBRThqSFU
7Fcjn0afY+2dvyOeQzxSB9x5Wg2RBNA7BGOQ17TUw8wKyBkTtFyiAgNAhfcW+3jK
VlJ4+QswLzMQ2g/wmffxv746pCTGNLtEXqU1dMCbkCe9gwB37ifLnuyRZuOS/jYK
YX0qisjUuYmqdXIvlQM/AyEmaFnHVsG9ek+/ebPINXn7SS19rQcJEgjl8QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOfuQ1NbcxLyRlDVcBkC9cRGQicvMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvNS01RFUxdHpFdkpHVU5Wd0dRTDF4RVpDSnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTU2kAwQD
V3dAMAwDBAJXd2QDBAFXd2gwDQYJKoZIhvcNAQELBQADggEBACBx7rtNVn8932Jp
kJWcGgFwsz1myBY0ukLwJKnCGEzhvNyS4YtFuIi4wJg5wnHCAS82oGH2GZ7MVG7b
U3lNWDVGrmicCsxH5i2hFwanfyBWikVE+NUsPgNZqVdNb4u7Ab1t8BGAue9QwEeM
DnWxW8RWFeH+w+f5ebi7aDaCMq0lqQbvELTwszpFYrH0Bb62wE8K/5gGXDENYIJm
7o6ShPDq2KKbfjVV2RMNDJ3G4OUWkxoN/TL1LoLeViSgUgEqonEgrP8b1ewfI//A
G5a/AQx4m2FJLsCuMTOWdTncLz2Sctcso6ryAoqM3XR5xkj2E3Zqfn33gruM4401
QWN2Fv8=
-----END CERTIFICATE-----
Generated at Tue Jun 11 07:35:29 2024 by rpki-client on console-fra.rpki-client.org