Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/W3dyLrC3uMNB6kvwhzK7GCp5Doo.roa
File:                     W3dyLrC3uMNB6kvwhzK7GCp5Doo.roa (raw, json)
Hash identifier:          GIt3HzAOc8cQTEAPvJDwB2agdC8nJXLPBho3nD4bcBM=
Subject key identifier:   5B:77:72:2E:B0:B7:B8:C3:41:EA:4B:F0:87:32:BB:18:2A:79:0E:8A
Certificate issuer:       /CN=265e85f8262888b54a849bdcf4cec50316911a08
Certificate serial:       018F80C37AA83FCCE8E73F9D77FD05480B9F
Authority key identifier: 26:5E:85:F8:26:28:88:B5:4A:84:9B:DC:F4:CE:C5:03:16:91:1A:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/W3dyLrC3uMNB6kvwhzK7GCp5Doo.roa
Signing time:             Thu 16 May 2024 09:37:25 +0000
ROA not before:           Thu 16 May 2024 09:37:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199548
IP address blocks:        185.64.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jul 2024 20:41:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:80:c3:7a:a8:3f:cc:e8:e7:3f:9d:77:fd:05:48:0b:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=265e85f8262888b54a849bdcf4cec50316911a08
        Validity
            Not Before: May 16 09:37:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5b77722eb0b7b8c341ea4bf08732bb182a790e8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7c:bd:0d:10:b3:bc:71:12:5c:29:04:62:cb:
                    0e:8c:91:7e:78:86:9b:ba:57:45:98:3c:09:e0:50:
                    00:ba:0e:cc:b6:f3:fe:d5:48:89:35:30:a1:55:f9:
                    5f:7e:57:09:dc:4d:15:cb:c6:de:4f:2a:ce:f3:af:
                    64:1b:d4:91:80:fb:18:24:f9:92:ef:bd:ab:6a:36:
                    3f:26:25:51:af:81:a8:05:83:6f:30:c1:e8:ef:55:
                    37:ec:67:5d:61:12:04:18:84:c1:30:2a:56:70:6f:
                    2c:dd:e5:a9:82:29:fa:24:df:7e:22:4c:7b:b9:f5:
                    16:93:d7:48:30:b1:fb:63:1d:ec:15:20:c8:df:96:
                    f9:c5:4a:57:9e:38:4b:7d:40:5e:f1:c0:f8:ed:f9:
                    d1:d4:1c:03:2c:ea:ec:d8:0f:97:a1:24:ef:94:77:
                    cf:fe:73:e3:12:37:6f:12:bd:44:e5:33:c1:fe:48:
                    f7:d7:a0:9d:ba:44:6d:0c:bc:19:d9:cd:78:6c:2b:
                    46:9e:9e:0a:7b:ed:6a:24:9c:6b:ea:95:aa:3c:94:
                    e9:44:88:29:e6:d8:7f:6b:3a:52:10:f1:9f:d6:dd:
                    3c:bf:d2:7a:15:73:59:ec:75:7c:b4:32:10:ac:8b:
                    bb:28:a4:72:66:d4:f1:35:07:78:af:ae:46:b5:20:
                    19:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:77:72:2E:B0:B7:B8:C3:41:EA:4B:F0:87:32:BB:18:2A:79:0E:8A
            X509v3 Authority Key Identifier:
                keyid:26:5E:85:F8:26:28:88:B5:4A:84:9B:DC:F4:CE:C5:03:16:91:1A:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/W3dyLrC3uMNB6kvwhzK7GCp5Doo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/491925-df90-4014-8caf-5aa367d6ab6e/1/Jl6F-CYoiLVKhJvc9M7FAxaRGgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.64.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:26:fd:f0:93:52:ba:ef:b8:14:ba:89:cf:7a:3d:87:4b:d7:
         51:90:8b:91:82:81:44:16:dc:a6:4e:ad:f9:6f:cf:d5:76:85:
         23:4d:8a:2c:a7:6a:78:02:41:4d:c5:ec:50:5e:6b:fe:56:63:
         d2:f2:e2:f9:a0:7f:14:3e:27:14:a5:04:5b:93:8e:c7:40:f1:
         4d:4d:06:39:96:12:4b:25:3a:88:1c:8e:8e:f7:34:44:dc:17:
         cc:8c:58:a6:33:8e:40:58:24:e3:99:67:ff:3c:c0:ec:1e:14:
         7a:65:80:e8:1d:41:dc:12:53:9f:2a:7e:69:d8:9a:82:93:c5:
         96:d6:9a:5b:8d:96:d2:c4:db:ad:65:08:5d:26:de:ee:44:a5:
         58:6e:70:08:e3:4a:18:ae:51:80:a3:43:ba:12:41:74:5b:11:
         75:da:38:cf:32:06:43:25:6d:6d:f3:c4:a7:d9:97:ca:ed:a3:
         e6:a3:da:3f:9b:cd:b8:81:b6:1c:28:9c:d9:3d:2a:2b:39:6f:
         50:61:79:9f:1e:84:36:74:79:d5:21:06:c4:b0:a4:f7:f9:d9:
         9e:4c:58:81:43:a7:e8:58:eb:88:83:52:e3:4d:6a:0c:0b:cb:
         17:50:e8:17:78:00:ed:31:c6:80:3f:d6:ee:43:07:1a:15:97:
         c5:54:d0:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+Aw3qoP8zo5z+dd/0FSAufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NWU4NWY4MjYyODg4YjU0YTg0OWJkY2Y0Y2VjNTAzMTY5
MTFhMDgwHhcNMjQwNTE2MDkzNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc3NzIyZWIwYjdiOGMzNDFlYTRiZjA4NzMyYmIxODJhNzkwZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXy9DRCzvHESXCkEYssOjJF+eIab
uldFmDwJ4FAAug7MtvP+1UiJNTChVflfflcJ3E0Vy8beTyrO869kG9SRgPsYJPmS
772rajY/JiVRr4GoBYNvMMHo71U37GddYRIEGITBMCpWcG8s3eWpgin6JN9+Ikx7
ufUWk9dIMLH7Yx3sFSDI35b5xUpXnjhLfUBe8cD47fnR1BwDLOrs2A+XoSTvlHfP
/nPjEjdvEr1E5TPB/kj316CdukRtDLwZ2c14bCtGnp4Ke+1qJJxr6pWqPJTpRIgp
5th/azpSEPGf1t08v9J6FXNZ7HV8tDIQrIu7KKRyZtTxNQd4r65GtSAZCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFt3ci6wt7jDQepL8IcyuxgqeQ6KMB8GA1UdIwQY
MBaAFCZehfgmKIi1SoSb3PTOxQMWkRoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmw2Ri1DWW9pTFZLaEp2YzlNN0ZBeGFSR2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80OTE5MjUtZGY5MC00MDE0LThjYWYt
NWFhMzY3ZDZhYjZlLzEvVzNkeUxyQzN1TU5CNmt2d2h6SzdHQ3A1RG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80OTE5MjUtZGY5MC00MDE0LThjYWYtNWFhMzY3ZDZhYjZl
LzEvSmw2Ri1DWW9pTFZLaEp2YzlNN0ZBeGFSR2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUBNMA0G
CSqGSIb3DQEBCwUAA4IBAQCpJv3wk1K677gUuonPej2HS9dRkIuRgoFEFtymTq35
b8/VdoUjTYosp2p4AkFNxexQXmv+VmPS8uL5oH8UPicUpQRbk47HQPFNTQY5lhJL
JTqIHI6O9zRE3BfMjFimM45AWCTjmWf/PMDsHhR6ZYDoHUHcElOfKn5p2JqCk8WW
1ppbjZbSxNutZQhdJt7uRKVYbnAI40oYrlGAo0O6EkF0WxF12jjPMgZDJW1t88Sn
2ZfK7aPmo9o/m824gbYcKJzZPSorOW9QYXmfHoQ2dHnVIQbEsKT3+dmeTFiBQ6fo
WOuIg1LjTWoMC8sXUOgXeADtMcaAP9buQwcaFZfFVNAM
-----END CERTIFICATE-----