Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/E4RjmySUEMtDa8UTvS1XG2UgMj8.roa
File:                     E4RjmySUEMtDa8UTvS1XG2UgMj8.roa (raw, json)
Hash identifier:          /fYLjECTC9znHdZwCwfCWQl13tiXQzwkX5JJdFkLkG4=
Subject key identifier:   13:84:63:9B:24:94:10:CB:43:6B:C5:13:BD:2D:57:1B:65:20:32:3F
Certificate issuer:       /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial:       018CC94DB1159CDA05D0476427B710C82BE2
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/E4RjmySUEMtDa8UTvS1XG2UgMj8.roa
Signing time:             Tue 02 Jan 2024 08:32:41 +0000
ROA not before:           Tue 02 Jan 2024 08:32:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199738
IP address blocks:        176.227.146.0/24 maxlen: 24
                          5.154.58.0/24 maxlen: 24
                          5.154.56.0/24 maxlen: 24
                          5.154.57.0/24 maxlen: 24
                          5.154.56.0/22 maxlen: 22
                          5.154.59.0/24 maxlen: 24
                          109.167.92.0/24 maxlen: 24
                          84.232.55.0/24 maxlen: 24
                          109.167.92.0/23 maxlen: 23
                          109.167.93.0/24 maxlen: 24
                          93.114.252.0/23 maxlen: 23
                          93.114.252.0/24 maxlen: 24
                          93.114.253.0/24 maxlen: 24
                          109.167.58.0/23 maxlen: 23
                          109.167.58.0/24 maxlen: 24
                          109.167.64.0/24 maxlen: 24
                          109.167.64.0/23 maxlen: 23
                          109.167.59.0/24 maxlen: 24
                          109.167.65.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:b1:15:9c:da:05:d0:47:64:27:b7:10:c8:2b:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
        Validity
            Not Before: Jan  2 08:32:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1384639b249410cb436bc513bd2d571b6520323f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:85:79:29:51:6c:d5:93:c4:aa:95:41:53:bc:
                    3c:a9:f8:84:f1:62:5b:a0:0e:d5:eb:46:86:a9:fa:
                    82:de:02:61:58:e6:f5:aa:10:01:65:f9:e4:6b:26:
                    8a:3e:16:60:3c:71:8d:19:a9:15:85:c7:b5:4c:00:
                    3e:23:0c:dd:e6:14:0e:9c:5f:a7:bd:c8:c4:44:bd:
                    f8:bb:f5:d5:34:8c:70:b2:3f:eb:3a:12:d1:d4:16:
                    b9:33:ea:03:07:48:07:b3:27:2e:47:14:2c:39:be:
                    5c:5d:85:89:00:f9:3b:c0:42:d8:61:ab:16:fd:b5:
                    38:a1:ea:01:a7:b2:9e:cd:ac:89:8f:88:62:33:aa:
                    25:fa:e4:32:f3:13:0e:70:c6:40:51:1e:e9:65:30:
                    2f:c9:bf:1f:5a:2d:f7:95:6b:5e:07:0b:51:f2:2a:
                    b1:2f:34:4a:fe:0e:1b:ec:85:7c:7a:c5:94:da:5c:
                    e0:77:d3:39:bc:57:e4:d7:71:9a:16:92:1a:16:c7:
                    ef:5d:d9:51:dc:cc:8d:14:e6:25:e6:fa:d6:ed:de:
                    50:cf:61:d3:46:f7:8a:f0:d0:ca:fa:72:a1:82:a3:
                    8f:5a:55:b6:6f:c5:ec:e7:ff:04:45:28:1d:c7:ac:
                    1c:65:20:4d:c8:23:38:15:65:34:2a:eb:9a:5c:cd:
                    b8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:84:63:9B:24:94:10:CB:43:6B:C5:13:BD:2D:57:1B:65:20:32:3F
            X509v3 Authority Key Identifier:
                keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/E4RjmySUEMtDa8UTvS1XG2UgMj8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.56.0/22
                  84.232.55.0/24
                  93.114.252.0/23
                  109.167.58.0/23
                  109.167.64.0/23
                  109.167.92.0/23
                  176.227.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:85:51:96:73:4a:57:8d:b6:9f:ef:2b:0a:3e:17:df:c6:4f:
         c7:15:c1:30:d5:33:c2:15:64:72:a2:45:32:ce:49:bf:a3:42:
         9e:86:bc:7d:11:06:27:26:a5:39:dd:a1:c1:90:37:39:29:fe:
         10:3d:3e:e3:b6:16:1c:7a:55:23:02:54:e6:fb:64:ea:47:5e:
         13:93:e3:e7:fe:7e:b2:f1:d5:5e:8b:f4:f1:b6:15:05:9d:3c:
         d0:18:dc:c5:97:19:b0:b8:4e:a9:52:0f:b9:7b:e6:75:9e:b0:
         46:a1:e6:b3:8e:51:ba:3e:08:1b:60:8c:c2:ba:51:b7:88:c6:
         ec:00:09:5a:1b:cd:62:6d:2b:0f:5d:30:a6:b3:12:2c:1f:96:
         76:c7:38:40:fa:fa:e1:99:fb:89:22:ec:c1:a9:5e:17:69:96:
         6e:a5:3c:18:0f:24:b1:bb:d7:56:00:fd:1b:1e:60:d6:65:12:
         13:7b:81:4f:a1:63:97:87:f9:b3:ac:20:29:ff:61:28:07:16:
         bb:49:58:e6:54:44:95:7e:97:c1:bc:3e:0b:a6:18:df:27:55:
         15:a1:a8:72:84:55:6a:87:b5:53:82:93:e1:e2:7b:70:b8:f9:
         58:4f:6f:b0:45:e6:1a:6e:13:7e:24:1f:af:ac:a6:30:ce:c2:
         64:0c:01:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzJTbEVnNoF0EdkJ7cQyCviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg0NjM5YjI0OTQxMGNiNDM2YmM1MTNiZDJkNTcxYjY1MjAzMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4V5KVFs1ZPEqpVBU7w8qfiE8WJb
oA7V60aGqfqC3gJhWOb1qhABZfnkayaKPhZgPHGNGakVhce1TAA+Iwzd5hQOnF+n
vcjERL34u/XVNIxwsj/rOhLR1Ba5M+oDB0gHsycuRxQsOb5cXYWJAPk7wELYYasW
/bU4oeoBp7KezayJj4hiM6ol+uQy8xMOcMZAUR7pZTAvyb8fWi33lWteBwtR8iqx
LzRK/g4b7IV8esWU2lzgd9M5vFfk13GaFpIaFsfvXdlR3MyNFOYl5vrW7d5Qz2HT
RveK8NDK+nKhgqOPWlW2b8Xs5/8ERSgdx6wcZSBNyCM4FWU0KuuaXM24BQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBOEY5sklBDLQ2vFE70tVxtlIDI/MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvRTRSam15U1VFTXREYThVVHZTMVhHMlVnTWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBZo4AwQA
VOg3AwQBXXL8AwQBbac6AwQBbadAAwQBbadcAwQAsOOSMA0GCSqGSIb3DQEBCwUA
A4IBAQBehVGWc0pXjbaf7ysKPhffxk/HFcEw1TPCFWRyokUyzkm/o0Kehrx9EQYn
JqU53aHBkDc5Kf4QPT7jthYcelUjAlTm+2TqR14Tk+Pn/n6y8dVei/TxthUFnTzQ
GNzFlxmwuE6pUg+5e+Z1nrBGoeazjlG6PggbYIzCulG3iMbsAAlaG81ibSsPXTCm
sxIsH5Z2xzhA+vrhmfuJIuzBqV4XaZZupTwYDySxu9dWAP0bHmDWZRITe4FPoWOX
h/mzrCAp/2EoBxa7SVjmVESVfpfBvD4LphjfJ1UVoahyhFVqh7VTgpPh4ntwuPlY
T2+wReYabhN+JB+vrKYwzsJkDAH2
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:55 2024 by rpki-client on console-ams.rpki-client.org