Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/B_e19coIg2ZPlZzaQF-9m1-QwLU.roa
File:                     B_e19coIg2ZPlZzaQF-9m1-QwLU.roa (raw, json)
Hash identifier:          vQnwXu4cxPKUUnoTTytbDJOvkrr8yUuTI5QXZNww4CY=
Subject key identifier:   07:F7:B5:F5:CA:08:83:66:4F:95:9C:DA:40:5F:BD:9B:5F:90:C0:B5
Certificate issuer:       /CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
Certificate serial:       018CC492F669093DBD52D1DB3928D6D4561E
Authority key identifier: 59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/B_e19coIg2ZPlZzaQF-9m1-QwLU.roa
Signing time:             Mon 01 Jan 2024 10:30:14 +0000
ROA not before:           Mon 01 Jan 2024 10:30:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44869
IP address blocks:        5.103.0.0/16 maxlen: 16
                          80.208.0.0/17 maxlen: 17
                          37.122.240.0/21 maxlen: 21
                          46.21.32.0/20 maxlen: 20
                          212.178.160.0/19 maxlen: 19
                          78.143.64.0/18 maxlen: 18
                          80.209.0.0/17 maxlen: 17
                          77.33.0.0/16 maxlen: 16
                          5.186.0.0/16 maxlen: 16
                          185.202.8.0/22 maxlen: 22
                          87.104.0.0/18 maxlen: 18
                          80.71.64.0/19 maxlen: 19
                          89.239.192.0/18 maxlen: 18
                          2a02:17c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/WRoP7x77ru2z0o1Dnz1cz639iHM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/WRoP7x77ru2z0o1Dnz1cz639iHM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:f6:69:09:3d:bd:52:d1:db:39:28:d6:d4:56:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=591a0fef1efbaeedb3d28d439f3d5ccfadfd8873
        Validity
            Not Before: Jan  1 10:30:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07f7b5f5ca0883664f959cda405fbd9b5f90c0b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:18:f1:e7:5c:bf:42:45:3e:83:70:b6:8d:17:
                    f7:16:36:2f:bc:15:6d:bc:d4:51:8b:c5:a8:74:89:
                    7b:54:c6:fd:05:8c:56:4d:d2:ff:e1:af:a9:8e:a9:
                    25:e6:00:fa:e1:52:07:f1:4c:0e:a8:38:f8:80:63:
                    f5:a5:e4:38:f4:3c:33:e3:65:2e:25:34:36:9f:dd:
                    4d:b0:55:b8:e9:9a:03:ff:b4:b0:2d:d9:4c:db:97:
                    5b:90:df:a2:42:4b:fa:48:2f:0f:cd:b6:a4:66:06:
                    1a:21:68:a7:13:53:6a:c9:be:0d:c7:5e:1a:33:07:
                    5e:97:3e:95:34:4b:5d:ae:c7:3c:6b:a7:ab:15:27:
                    6d:9c:fc:15:9a:05:6f:07:2c:f9:14:f6:49:fc:eb:
                    99:55:57:68:86:9d:58:6a:d1:88:d4:b8:2f:2c:06:
                    e3:80:e2:32:81:9c:37:10:8f:cc:6d:35:25:5b:de:
                    ad:48:c1:c7:40:4a:43:ab:b1:08:d3:e0:42:a6:7f:
                    cb:fa:a2:7a:ec:d1:ca:a9:a1:75:d8:75:6b:3f:e9:
                    ea:26:c3:cf:6b:cf:0a:21:0e:56:d6:64:4a:a8:0a:
                    ab:50:fd:52:f1:3b:dd:bb:e7:fb:1e:1b:df:2d:82:
                    52:28:5b:48:a4:39:ec:d3:a4:fa:fd:7f:e8:7f:ba:
                    86:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F7:B5:F5:CA:08:83:66:4F:95:9C:DA:40:5F:BD:9B:5F:90:C0:B5
            X509v3 Authority Key Identifier:
                keyid:59:1A:0F:EF:1E:FB:AE:ED:B3:D2:8D:43:9F:3D:5C:CF:AD:FD:88:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WRoP7x77ru2z0o1Dnz1cz639iHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/B_e19coIg2ZPlZzaQF-9m1-QwLU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/217bee-cab6-422f-88cc-c2664e37c327/1/WRoP7x77ru2z0o1Dnz1cz639iHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.103.0.0/16
                  5.186.0.0/16
                  37.122.240.0/21
                  46.21.32.0/20
                  77.33.0.0/16
                  78.143.64.0/18
                  80.71.64.0/19
                  80.208.0.0/17
                  80.209.0.0/17
                  87.104.0.0/18
                  89.239.192.0/18
                  185.202.8.0/22
                  212.178.160.0/19
                IPv6:
                  2a02:17c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:86:91:5e:97:79:5c:0a:b1:8b:22:96:39:b0:83:cb:bc:02:
         d9:85:91:a0:6e:5a:20:36:1f:9d:fb:5c:ab:7e:90:81:92:cb:
         58:85:e8:61:a9:2c:0b:16:7d:f2:8b:ab:98:ac:34:86:bc:9d:
         68:4b:16:98:f4:7b:2f:50:91:62:fb:ac:18:19:8c:69:72:fb:
         66:f7:c1:f2:9a:59:ea:01:32:ac:7b:20:87:38:f5:86:0f:fb:
         d9:e1:7c:d2:4b:c1:52:2f:4f:ee:b1:f4:14:4a:8f:e7:66:8b:
         61:0e:2e:19:45:25:e9:22:d3:a3:51:3f:d2:fd:4d:5a:9b:7f:
         0c:b5:8a:8f:d7:01:2d:23:59:82:15:91:8a:37:bf:96:eb:cb:
         91:de:e1:9b:6c:8e:e8:e7:d3:d9:67:ba:f9:ce:4a:c7:5a:e6:
         e9:e7:e5:04:f4:44:6d:66:da:f2:ae:94:00:eb:61:b4:ec:85:
         c0:c6:d9:b7:3c:48:3f:fb:a0:09:eb:d8:6c:21:b0:0e:ba:8a:
         c3:da:1c:8b:bf:af:50:0a:bf:e5:cc:f1:15:27:67:19:f5:46:
         92:6a:d8:92:d4:1f:30:46:7d:27:43:ad:6a:e2:19:d3:c8:31:
         00:37:ee:1f:7a:09:83:66:96:24:9b:4f:a2:bf:48:09:b3:13:
         98:9b:f8:dd
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzEkvZpCT29UtHbOSjW1FYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MWEwZmVmMWVmYmFlZWRiM2QyOGQ0MzlmM2Q1Y2NmYWRm
ZDg4NzMwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y3YjVmNWNhMDg4MzY2NGY5NTljZGE0MDVmYmQ5YjVmOTBjMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBjx51y/QkU+g3C2jRf3FjYvvBVt
vNRRi8WodIl7VMb9BYxWTdL/4a+pjqkl5gD64VIH8UwOqDj4gGP1peQ49Dwz42Uu
JTQ2n91NsFW46ZoD/7SwLdlM25dbkN+iQkv6SC8PzbakZgYaIWinE1Nqyb4Nx14a
Mwdelz6VNEtdrsc8a6erFSdtnPwVmgVvByz5FPZJ/OuZVVdohp1YatGI1LgvLAbj
gOIygZw3EI/MbTUlW96tSMHHQEpDq7EI0+BCpn/L+qJ67NHKqaF12HVrP+nqJsPP
a88KIQ5W1mRKqAqrUP1S8Tvdu+f7HhvfLYJSKFtIpDns06T6/X/of7qG6wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAf3tfXKCINmT5Wc2kBfvZtfkMC1MB8GA1UdIwQY
MBaAFFkaD+8e+67ts9KNQ589XM+t/YhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2Mt
YzI2NjRlMzdjMzI3LzEvQl9lMTljb0lnMlpQbFp6YVFGLTltMS1Rd0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMTdiZWUtY2FiNi00MjJmLTg4Y2MtYzI2NjRlMzdjMzI3
LzEvV1JvUDd4NzdydTJ6MG8xRG56MWN6NjM5aUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwMABWcDAwAF
ugMEAyV68AMEBC4VIAMDAE0hAwQGTo9AAwQFUEdAAwQHUNAAAwQHUNEAAwQGV2gA
AwQGWe/AAwQCucoIAwQF1LKgMA0EAgACMAcDBQAqAhfAMA0GCSqGSIb3DQEBCwUA
A4IBAQB4hpFel3lcCrGLIpY5sIPLvALZhZGgblogNh+d+1yrfpCBkstYhehhqSwL
Fn3yi6uYrDSGvJ1oSxaY9HsvUJFi+6wYGYxpcvtm98HymlnqATKseyCHOPWGD/vZ
4XzSS8FSL0/usfQUSo/nZothDi4ZRSXpItOjUT/S/U1am38MtYqP1wEtI1mCFZGK
N7+W68uR3uGbbI7o59PZZ7r5zkrHWubp5+UE9ERtZtryrpQA62G07IXAxtm3PEg/
+6AJ69hsIbAOuorD2hyLv69QCr/lzPEVJ2cZ9UaSatiS1B8wRn0nQ61q4hnTyDEA
N+4fegmDZpYkm0+iv0gJsxOYm/jd
-----END CERTIFICATE-----
Generated at Sat Jun 15 22:52:11 2024 by rpki-client on console-fra.rpki-client.org