Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rtZ4z4VIUE6AGqC28Z0-sdhBbc4.roa
File:                     rtZ4z4VIUE6AGqC28Z0-sdhBbc4.roa (raw, json)
Hash identifier:          IqsHa7pX0ZgO7sJ6iQiHcy01n1SFlB/FJ9k6LLrSVpc=
Subject key identifier:   AE:D6:78:CF:85:48:50:4E:80:1A:A0:B6:F1:9D:3E:B1:D8:41:6D:CE
Certificate issuer:       /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial:       018CC72746814E8D59BBBAEC4F0C0D2A6CB2
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rtZ4z4VIUE6AGqC28Z0-sdhBbc4.roa
Signing time:             Mon 01 Jan 2024 22:31:29 +0000
ROA not before:           Mon 01 Jan 2024 22:31:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35680
IP address blocks:        77.120.112.0/22 maxlen: 22
                          77.120.108.0/22 maxlen: 22
                          82.144.220.0/22 maxlen: 22
                          77.120.116.0/22 maxlen: 22
                          77.120.124.0/22 maxlen: 22
                          77.120.120.0/22 maxlen: 22
                          77.123.152.0/22 maxlen: 22
                          77.123.148.0/22 maxlen: 22
                          77.123.156.0/22 maxlen: 22
                          77.120.96.0/22 maxlen: 22
                          77.120.104.0/22 maxlen: 22
                          77.120.100.0/22 maxlen: 22
                          77.123.128.0/22 maxlen: 22
                          77.123.132.0/22 maxlen: 22
                          77.123.136.0/22 maxlen: 22
                          77.123.144.0/22 maxlen: 22
                          77.123.140.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:46:81:4e:8d:59:bb:ba:ec:4f:0c:0d:2a:6c:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
        Validity
            Not Before: Jan  1 22:31:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aed678cf8548504e801aa0b6f19d3eb1d8416dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e0:c1:ae:de:f4:51:c5:e2:31:13:c3:5c:cf:
                    ee:69:89:1d:36:0c:3d:b8:90:e5:ce:76:ef:33:c2:
                    8c:1a:c0:1c:3d:24:08:fb:e9:a3:49:46:2c:8b:93:
                    18:2b:07:76:1c:fe:66:5f:e7:9d:30:6a:4b:04:2a:
                    4b:68:85:ab:24:8e:2d:d6:16:4e:ec:d0:ac:c4:e4:
                    04:c0:1f:f4:e4:99:83:a6:ee:ec:de:41:1c:aa:b2:
                    61:ae:67:a3:4d:53:5d:f5:16:13:d3:5a:67:db:f5:
                    7e:5b:db:75:74:10:32:f1:a2:a6:3a:2f:79:48:a6:
                    df:94:b8:d3:eb:69:27:28:85:c2:fc:06:f1:5a:a9:
                    92:ff:bd:a3:06:4c:3e:af:db:3d:47:78:7e:4c:40:
                    b3:3d:bd:01:e7:39:34:17:a8:7c:91:f3:ba:bd:3d:
                    76:4d:bb:3d:55:2b:06:98:01:b3:ac:67:92:2d:a8:
                    a6:cb:06:04:a2:18:5a:66:38:19:c9:92:4c:e2:56:
                    76:13:38:f8:44:73:e2:23:59:bf:f5:26:5e:67:c8:
                    14:49:5f:04:5d:d4:57:46:b5:6a:9a:9a:b7:51:dc:
                    7e:69:29:ec:8e:4b:f3:bd:57:59:80:29:21:a6:89:
                    1b:fc:75:82:ff:33:a9:d7:e5:3e:67:74:18:2c:9d:
                    b7:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D6:78:CF:85:48:50:4E:80:1A:A0:B6:F1:9D:3E:B1:D8:41:6D:CE
            X509v3 Authority Key Identifier:
                keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rtZ4z4VIUE6AGqC28Z0-sdhBbc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.120.96.0/19
                  77.123.128.0/19
                  82.144.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:09:0a:41:05:c2:c5:a8:36:12:42:4b:c1:02:21:d4:3c:d2:
         46:96:41:cf:f5:6d:59:eb:ae:b3:16:92:d8:41:00:3a:88:d4:
         30:ca:af:44:e2:e9:cd:9f:41:cd:79:8e:4a:f2:c1:ea:bf:3f:
         97:6a:6f:a1:fa:6f:51:ee:61:bd:f3:37:ff:13:1d:cf:fd:41:
         8e:e0:dd:0a:cd:d3:df:ec:39:85:0d:9d:9c:c3:ff:49:87:a4:
         18:17:ce:b4:60:b7:4d:af:2e:02:f5:88:00:06:80:9c:98:27:
         c3:8d:3f:49:4d:40:5c:35:e8:0b:fb:fa:e6:df:e2:c2:71:cb:
         50:6a:d5:c9:5a:99:6f:8f:28:fe:3d:5a:fa:68:c7:49:8a:79:
         21:f8:00:44:69:22:eb:af:7b:55:6b:c7:e7:0d:5f:1e:3d:7d:
         fa:f7:c0:9e:19:95:4c:6e:db:2d:db:e5:31:d1:3a:e6:40:1a:
         69:e8:cd:f1:4b:43:b2:a2:c7:14:bc:ff:fd:85:f3:00:96:f0:
         89:b0:bc:0d:d4:e6:20:8d:f7:1d:02:36:9c:fa:90:80:cb:1e:
         13:ce:59:cf:c1:3b:7d:ed:68:74:41:ae:33:43:fb:75:ec:36:
         c3:dc:bf:39:8d:be:87:68:9c:27:93:08:c0:24:2a:d2:73:79:
         62:fb:82:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJ0aBTo1Zu7rsTwwNKmyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ2NzhjZjg1NDg1MDRlODAxYWEwYjZmMTlkM2ViMWQ4NDE2ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeDBrt70UcXiMRPDXM/uaYkdNgw9
uJDlznbvM8KMGsAcPSQI++mjSUYsi5MYKwd2HP5mX+edMGpLBCpLaIWrJI4t1hZO
7NCsxOQEwB/05JmDpu7s3kEcqrJhrmejTVNd9RYT01pn2/V+W9t1dBAy8aKmOi95
SKbflLjT62knKIXC/AbxWqmS/72jBkw+r9s9R3h+TECzPb0B5zk0F6h8kfO6vT12
Tbs9VSsGmAGzrGeSLaimywYEohhaZjgZyZJM4lZ2Ezj4RHPiI1m/9SZeZ8gUSV8E
XdRXRrVqmpq3Udx+aSnsjkvzvVdZgCkhpokb/HWC/zOp1+U+Z3QYLJ23BwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK7WeM+FSFBOgBqgtvGdPrHYQW3OMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvcnRaNHo0VklVRTZBR3FDMjhaMC1zZGhCYmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTXhgAwQF
TXuAAwQCUpDcMA0GCSqGSIb3DQEBCwUAA4IBAQBPCQpBBcLFqDYSQkvBAiHUPNJG
lkHP9W1Z666zFpLYQQA6iNQwyq9E4unNn0HNeY5K8sHqvz+Xam+h+m9R7mG98zf/
Ex3P/UGO4N0KzdPf7DmFDZ2cw/9Jh6QYF860YLdNry4C9YgABoCcmCfDjT9JTUBc
NegL+/rm3+LCcctQatXJWplvjyj+PVr6aMdJinkh+ABEaSLrr3tVa8fnDV8ePX36
98CeGZVMbtst2+Ux0TrmQBpp6M3xS0OyoscUvP/9hfMAlvCJsLwN1OYgjfcdAjac
+pCAyx4TzlnPwTt97Wh0Qa4zQ/t17DbD3L85jb6HaJwnkwjAJCrSc3li+4Kd
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:08 2024 by rpki-client on console-fra.rpki-client.org