Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Vq1ezg3FfHkaT4BYXvdIW7tJO10.roa
File:                     Vq1ezg3FfHkaT4BYXvdIW7tJO10.roa (raw, json)
Hash identifier:          TIfkNb/9uOxGC+g6ec2m4wlXbFhvZcHVMFIfN7Y5Cz0=
Subject key identifier:   56:AD:5E:CE:0D:C5:7C:79:1A:4F:80:58:5E:F7:48:5B:BB:49:3B:5D
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       018CC56E122A6080DA36A52753B9EC1CE8E6
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Vq1ezg3FfHkaT4BYXvdIW7tJO10.roa
Signing time:             Mon 01 Jan 2024 14:29:34 +0000
ROA not before:           Mon 01 Jan 2024 14:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198961
IP address blocks:        37.221.177.0/24 maxlen: 24
                          37.221.179.0/24 maxlen: 24
                          37.221.176.0/24 maxlen: 24
                          37.221.178.0/24 maxlen: 24
                          37.221.181.0/24 maxlen: 24
                          37.221.183.0/24 maxlen: 24
                          37.221.182.0/24 maxlen: 24
                          188.255.237.0/24 maxlen: 24
                          188.255.132.0/24 maxlen: 24
                          188.255.131.0/24 maxlen: 24
                          212.69.22.0/23 maxlen: 23
                          212.69.24.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:12:2a:60:80:da:36:a5:27:53:b9:ec:1c:e8:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jan  1 14:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=56ad5ece0dc57c791a4f80585ef7485bbb493b5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a7:30:3c:56:4a:64:95:d0:98:28:a0:5a:82:
                    11:03:6d:c6:2d:6e:1b:00:5f:7a:90:13:59:4d:50:
                    41:66:7c:c9:70:76:18:61:7d:39:94:55:62:54:e4:
                    f2:28:e4:a0:4b:f2:b4:b2:fb:c1:68:9c:1a:fa:84:
                    14:28:21:95:d6:51:95:77:72:cd:9a:1b:34:32:14:
                    dd:cb:1c:78:a7:c9:83:54:de:07:46:a8:c9:1b:58:
                    d5:c7:75:71:93:e0:0e:4f:05:67:a1:ee:a8:df:b4:
                    cc:a3:f7:c8:99:3d:db:06:96:43:ca:ee:db:01:62:
                    e2:62:9d:5f:91:32:5e:ee:2d:47:c5:e0:c3:46:13:
                    e4:2a:60:d0:c9:25:f5:a7:71:d8:23:36:0e:d3:99:
                    f1:53:be:3f:a5:2e:f9:10:e7:76:fa:53:45:e6:64:
                    b8:e2:f1:49:72:70:42:61:aa:32:ac:27:96:b2:ff:
                    17:52:65:0c:8c:b7:da:ec:64:d4:a0:a3:51:b8:f4:
                    cc:f0:08:d9:5f:95:cc:c1:2e:af:ca:4c:63:19:c6:
                    ac:08:20:7e:dd:a1:da:82:be:36:82:37:d9:12:5e:
                    ea:ed:9b:c2:7d:ba:75:90:31:3a:a5:67:03:b2:07:
                    9a:8f:27:b2:d5:d4:98:3d:c2:8a:e4:ff:c8:00:83:
                    46:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:AD:5E:CE:0D:C5:7C:79:1A:4F:80:58:5E:F7:48:5B:BB:49:3B:5D
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Vq1ezg3FfHkaT4BYXvdIW7tJO10.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.176.0/22
                  37.221.181.0-37.221.183.255
                  188.255.131.0-188.255.132.255
                  188.255.237.0/24
                  212.69.22.0-212.69.27.255

    Signature Algorithm: sha256WithRSAEncryption
         a1:69:cc:6a:f8:e1:98:4d:72:3c:c4:e6:72:06:58:6a:01:69:
         37:ea:e1:4e:c5:75:c4:c2:1d:6a:1e:30:b4:2a:c5:55:03:5d:
         83:6b:6d:a1:3e:ec:83:a1:27:41:10:54:c1:09:aa:80:c6:98:
         b1:64:f5:5d:f9:21:01:bd:57:cf:95:9e:b9:3a:d5:84:53:55:
         20:22:9e:52:c5:1a:d5:2e:66:3e:9e:6b:e0:85:c3:ab:dd:3f:
         6c:75:e2:5e:a8:2a:a2:5d:8f:bd:38:8a:5b:fa:d5:9d:67:31:
         3d:dd:57:af:dd:d5:3e:03:46:a1:fe:ed:b3:5a:d3:cd:a0:12:
         43:25:d7:ad:f2:e9:1c:4c:7b:72:23:e7:0a:69:7f:95:31:c5:
         f8:bc:55:05:26:7a:d1:2e:23:f6:28:64:48:f9:6f:9c:f2:25:
         a3:dc:42:63:78:64:cf:f4:be:5f:c5:7d:c2:bb:15:33:2b:73:
         1e:9e:ca:9c:67:e9:f1:c7:43:fa:94:6f:ba:8a:62:d0:c4:f9:
         1c:68:d1:03:f0:1a:62:01:07:52:e6:de:88:11:2d:d6:45:65:
         f2:bd:58:a5:96:0d:fe:08:24:7d:78:6b:02:a9:b3:12:11:a5:
         1f:2e:92:0b:0c:16:76:7f:35:bf:3f:42:c5:1f:bf:27:00:c4:
         5a:37:bb:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFbhIqYIDaNqUnU7nsHOjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmFkNWVjZTBkYzU3Yzc5MWE0ZjgwNTg1ZWY3NDg1YmJiNDkzYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyacwPFZKZJXQmCigWoIRA23GLW4b
AF96kBNZTVBBZnzJcHYYYX05lFViVOTyKOSgS/K0svvBaJwa+oQUKCGV1lGVd3LN
mhs0MhTdyxx4p8mDVN4HRqjJG1jVx3Vxk+AOTwVnoe6o37TMo/fImT3bBpZDyu7b
AWLiYp1fkTJe7i1HxeDDRhPkKmDQySX1p3HYIzYO05nxU74/pS75EOd2+lNF5mS4
4vFJcnBCYaoyrCeWsv8XUmUMjLfa7GTUoKNRuPTM8AjZX5XMwS6vykxjGcasCCB+
3aHagr42gjfZEl7q7ZvCfbp1kDE6pWcDsgeajyey1dSYPcKK5P/IAINGRwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFatXs4NxXx5Gk+AWF73SFu7STtdMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvVnExZXpnM0ZmSGthVDRCWVh2ZElXN3RKTzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCJd2wMAwD
BAAl3bUDBAMl3bAwDAMEALz/gwMEALz/hAMEALz/7TAMAwQB1EUWAwQC1EUYMA0G
CSqGSIb3DQEBCwUAA4IBAQChacxq+OGYTXI8xOZyBlhqAWk36uFOxXXEwh1qHjC0
KsVVA12Da22hPuyDoSdBEFTBCaqAxpixZPVd+SEBvVfPlZ65OtWEU1UgIp5SxRrV
LmY+nmvghcOr3T9sdeJeqCqiXY+9OIpb+tWdZzE93Vev3dU+A0ah/u2zWtPNoBJD
Jdet8ukcTHtyI+cKaX+VMcX4vFUFJnrRLiP2KGRI+W+c8iWj3EJjeGTP9L5fxX3C
uxUzK3MensqcZ+nxx0P6lG+6imLQxPkcaNED8BpiAQdS5t6IES3WRWXyvVillg3+
CCR9eGsCqbMSEaUfLpILDBZ2fzW/P0LFH78nAMRaN7sD
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:33 2024 by rpki-client on console-ams.rpki-client.org