Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/0lfeOytDlBLPdCOobGzHKTJWK-w.roa
File:                     0lfeOytDlBLPdCOobGzHKTJWK-w.roa (raw, json)
Hash identifier:          wXCQ2ZFvv949BzyWQw4qCeIBpstVGx+VlW7fVCevU/4=
Subject key identifier:   D2:57:DE:3B:2B:43:94:12:CF:74:23:A8:6C:6C:C7:29:32:56:2B:EC
Certificate issuer:       /CN=237084712fdebb1bfc5a8c0262d919a8aa440603
Certificate serial:       018CC5DCAA4388FD78D9655033514C4A0D71
Authority key identifier: 23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/0lfeOytDlBLPdCOobGzHKTJWK-w.roa
Signing time:             Mon 01 Jan 2024 16:30:22 +0000
ROA not before:           Mon 01 Jan 2024 16:30:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41201
IP address blocks:        87.199.217.0/24 maxlen: 24
                          87.199.218.0/24 maxlen: 24
                          87.199.219.0/24 maxlen: 24
                          87.199.214.0/24 maxlen: 24
                          87.199.215.0/24 maxlen: 24
                          87.199.216.0/24 maxlen: 24
                          87.199.220.0/24 maxlen: 24
                          87.199.221.0/24 maxlen: 24
                          87.199.222.0/24 maxlen: 24
                          87.199.223.0/24 maxlen: 24
                          87.199.224.0/24 maxlen: 24
                          87.199.225.0/24 maxlen: 24
                          87.199.226.0/24 maxlen: 24
                          87.199.230.0/24 maxlen: 24
                          87.199.231.0/24 maxlen: 24
                          87.199.232.0/24 maxlen: 24
                          87.199.233.0/24 maxlen: 24
                          87.199.227.0/24 maxlen: 24
                          87.199.228.0/24 maxlen: 24
                          87.199.229.0/24 maxlen: 24
                          87.199.234.0/24 maxlen: 24
                          87.199.235.0/24 maxlen: 24
                          87.199.236.0/24 maxlen: 24
                          87.199.237.0/24 maxlen: 24
                          87.199.238.0/24 maxlen: 24
                          87.199.239.0/24 maxlen: 24
                          87.199.240.0/24 maxlen: 24
                          87.199.241.0/24 maxlen: 24
                          87.199.242.0/24 maxlen: 24
                          87.199.243.0/24 maxlen: 24
                          87.199.244.0/24 maxlen: 24
                          87.199.245.0/24 maxlen: 24
                          87.199.246.0/24 maxlen: 24
                          87.199.247.0/24 maxlen: 24
                          87.199.248.0/24 maxlen: 24
                          87.199.249.0/24 maxlen: 24
                          87.199.250.0/24 maxlen: 24
                          87.199.251.0/24 maxlen: 24
                          87.199.252.0/24 maxlen: 24
                          87.199.253.0/24 maxlen: 24
                          87.199.254.0/24 maxlen: 24
                          87.199.255.0/24 maxlen: 24
                          87.199.0.0/24 maxlen: 24
                          87.199.1.0/24 maxlen: 24
                          87.199.2.0/24 maxlen: 24
                          87.199.3.0/24 maxlen: 24
                          87.199.4.0/24 maxlen: 24
                          87.199.8.0/24 maxlen: 24
                          87.199.9.0/24 maxlen: 24
                          87.199.10.0/24 maxlen: 24
                          87.199.11.0/24 maxlen: 24
                          87.199.5.0/24 maxlen: 24
                          87.199.0.0/16 maxlen: 32
                          87.199.6.0/24 maxlen: 24
                          87.199.7.0/24 maxlen: 24
                          87.199.12.0/24 maxlen: 24
                          87.199.13.0/24 maxlen: 24
                          87.199.14.0/24 maxlen: 24
                          87.199.15.0/24 maxlen: 24
                          87.199.16.0/24 maxlen: 24
                          87.199.17.0/24 maxlen: 24
                          87.199.18.0/24 maxlen: 24
                          87.199.19.0/24 maxlen: 24
                          87.199.20.0/24 maxlen: 24
                          87.199.21.0/24 maxlen: 24
                          87.199.22.0/24 maxlen: 24
                          87.199.23.0/24 maxlen: 24
                          87.199.24.0/24 maxlen: 24
                          87.199.25.0/24 maxlen: 24
                          87.199.26.0/24 maxlen: 24
                          87.199.27.0/24 maxlen: 24
                          87.199.28.0/24 maxlen: 24
                          87.199.29.0/24 maxlen: 24
                          87.199.30.0/24 maxlen: 24
                          87.199.31.0/24 maxlen: 24
                          87.199.36.0/24 maxlen: 24
                          87.199.37.0/24 maxlen: 24
                          87.199.38.0/24 maxlen: 24
                          87.199.32.0/24 maxlen: 24
                          87.199.33.0/24 maxlen: 24
                          87.199.34.0/24 maxlen: 24
                          87.199.35.0/24 maxlen: 24
                          87.199.39.0/24 maxlen: 24
                          87.199.40.0/24 maxlen: 24
                          87.199.41.0/24 maxlen: 24
                          87.199.42.0/24 maxlen: 24
                          87.199.43.0/24 maxlen: 24
                          87.199.44.0/24 maxlen: 24
                          87.199.50.0/24 maxlen: 24
                          87.199.51.0/24 maxlen: 24
                          87.199.45.0/24 maxlen: 24
                          87.199.46.0/24 maxlen: 24
                          87.199.47.0/24 maxlen: 24
                          87.199.48.0/24 maxlen: 24
                          87.199.49.0/24 maxlen: 24
                          87.199.52.0/24 maxlen: 24
                          87.199.53.0/24 maxlen: 24
                          87.199.54.0/24 maxlen: 24
                          87.199.55.0/24 maxlen: 24
                          87.199.56.0/24 maxlen: 24
                          87.199.57.0/24 maxlen: 24
                          87.199.58.0/24 maxlen: 24
                          87.199.64.0/24 maxlen: 24
                          87.199.59.0/24 maxlen: 24
                          87.199.60.0/24 maxlen: 24
                          87.199.61.0/24 maxlen: 24
                          87.199.62.0/24 maxlen: 24
                          87.199.63.0/24 maxlen: 24
                          87.199.65.0/24 maxlen: 24
                          87.199.66.0/24 maxlen: 24
                          87.199.67.0/24 maxlen: 24
                          87.199.68.0/24 maxlen: 24
                          87.199.69.0/24 maxlen: 24
                          87.199.70.0/24 maxlen: 24
                          87.199.71.0/24 maxlen: 24
                          87.199.72.0/24 maxlen: 24
                          87.199.73.0/24 maxlen: 24
                          87.199.74.0/24 maxlen: 24
                          87.199.75.0/24 maxlen: 24
                          87.199.76.0/24 maxlen: 24
                          87.199.77.0/24 maxlen: 24
                          87.199.78.0/24 maxlen: 24
                          87.199.79.0/24 maxlen: 24
                          87.199.80.0/24 maxlen: 24
                          87.199.81.0/24 maxlen: 24
                          87.199.82.0/24 maxlen: 24
                          87.199.83.0/24 maxlen: 24
                          87.199.84.0/24 maxlen: 24
                          87.199.85.0/24 maxlen: 24
                          87.199.86.0/24 maxlen: 24
                          87.199.87.0/24 maxlen: 24
                          87.199.88.0/24 maxlen: 24
                          87.199.89.0/24 maxlen: 24
                          87.199.90.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:aa:43:88:fd:78:d9:65:50:33:51:4c:4a:0d:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237084712fdebb1bfc5a8c0262d919a8aa440603
        Validity
            Not Before: Jan  1 16:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d257de3b2b439412cf7423a86c6cc72932562bec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:36:6f:71:76:81:8a:f8:88:30:8d:c3:3c:88:
                    50:de:e5:e5:65:8f:0e:e6:86:57:d3:88:34:da:89:
                    a6:70:f2:60:60:20:2e:5f:aa:6b:ca:32:fd:87:5f:
                    91:ee:24:75:1a:fb:b2:3b:66:4c:b8:9c:86:38:86:
                    e8:ce:19:9b:43:99:f0:8d:a5:18:d9:04:22:60:83:
                    38:e7:cc:d7:85:cf:53:42:49:81:42:94:7c:17:11:
                    07:89:15:52:f9:6d:f4:55:67:0e:85:00:ef:f5:a0:
                    fb:0c:2e:2e:41:83:a7:ac:f8:fd:5b:55:04:0e:0a:
                    17:80:ab:95:01:d3:0a:ea:9d:9f:0f:7a:87:56:c7:
                    5b:df:73:01:d3:94:e2:b2:4a:b3:09:7d:65:57:a7:
                    f5:5e:17:bb:74:b8:63:94:22:8f:08:53:b6:cd:f6:
                    57:d0:30:cb:29:d5:7e:af:57:80:fa:8c:5b:c4:27:
                    1e:b1:f6:ed:c8:20:11:d2:c8:69:58:b1:91:2a:63:
                    a4:78:01:f0:7f:55:6a:1d:2e:ed:91:81:1b:ec:d1:
                    99:da:7e:6d:21:9e:11:7f:3b:d0:07:90:24:71:fd:
                    dd:73:7b:99:b7:94:d6:d5:0d:0d:8c:20:3b:c5:e1:
                    b4:04:94:3b:bc:a4:c1:13:7d:a4:5f:26:22:de:b6:
                    1a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:57:DE:3B:2B:43:94:12:CF:74:23:A8:6C:6C:C7:29:32:56:2B:EC
            X509v3 Authority Key Identifier:
                keyid:23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/0lfeOytDlBLPdCOobGzHKTJWK-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.199.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         38:b6:b7:8b:26:ee:8f:05:5b:d3:e0:ef:a3:72:2e:6a:d5:26:
         1b:57:be:a5:6a:89:62:a2:8b:bc:aa:d2:ff:ec:75:f6:e4:f2:
         80:74:5f:0d:55:c1:2d:bf:57:56:fa:9d:c7:e2:25:0c:8e:aa:
         98:ec:42:ce:5c:ca:60:78:08:1c:e5:d7:d5:aa:51:3e:18:25:
         d9:69:39:b4:86:1b:d0:e4:40:43:9c:8f:97:41:dc:72:f0:b7:
         2e:30:5d:0f:4a:d1:de:46:8c:b4:aa:a8:b6:38:32:64:76:82:
         50:7d:52:61:e4:0e:72:85:f7:f0:02:23:c0:55:53:88:69:1e:
         da:19:bc:a1:49:af:d6:ca:66:c3:29:8c:c1:d6:ca:e8:e8:d3:
         b7:33:f4:a5:03:6a:4a:fa:8d:77:9c:9e:3f:37:f2:a7:ab:7b:
         64:32:75:59:64:68:a7:16:ea:2e:48:1a:5e:a2:34:ac:d4:9b:
         a1:62:82:02:22:d6:09:cf:93:ed:14:95:06:b8:56:20:0e:34:
         fb:82:73:a7:3f:50:24:c0:da:c5:fb:12:d4:3c:0e:1e:00:41:
         31:ef:cd:13:38:6d:41:2e:0f:cb:06:3f:f7:f3:cd:ab:60:04:
         38:ad:44:8c:c2:62:30:78:77:87:53:cf:fe:7d:ab:8a:e2:2e:
         6a:7d:09:ab
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzF3KpDiP142WVQM1FMSg1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzA4NDcxMmZkZWJiMWJmYzVhOGMwMjYyZDkxOWE4YWE0
NDA2MDMwHhcNMjQwMTAxMTYzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU3ZGUzYjJiNDM5NDEyY2Y3NDIzYTg2YzZjYzcyOTMyNTYyYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzZvcXaBiviIMI3DPIhQ3uXlZY8O
5oZX04g02ommcPJgYCAuX6pryjL9h1+R7iR1GvuyO2ZMuJyGOIbozhmbQ5nwjaUY
2QQiYIM458zXhc9TQkmBQpR8FxEHiRVS+W30VWcOhQDv9aD7DC4uQYOnrPj9W1UE
DgoXgKuVAdMK6p2fD3qHVsdb33MB05TiskqzCX1lV6f1Xhe7dLhjlCKPCFO2zfZX
0DDLKdV+r1eA+oxbxCcesfbtyCAR0shpWLGRKmOkeAHwf1VqHS7tkYEb7NGZ2n5t
IZ4RfzvQB5Akcf3dc3uZt5TW1Q0NjCA7xeG0BJQ7vKTBE32kXyYi3rYaJwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNJX3jsrQ5QSz3QjqGxsxykyVivsMB8GA1UdIwQY
MBaAFCNwhHEv3rsb/FqMAmLZGaiqRAYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgt
N2UxMzI5ZTA1ZmY0LzEvMGxmZU95dERsQkxQZENPb2JHekhLVEpXSy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgtN2UxMzI5ZTA1ZmY0
LzEvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAV8cwDQYJ
KoZIhvcNAQELBQADggEBADi2t4sm7o8FW9Pg76NyLmrVJhtXvqVqiWKii7yq0v/s
dfbk8oB0Xw1VwS2/V1b6ncfiJQyOqpjsQs5cymB4CBzl19WqUT4YJdlpObSGG9Dk
QEOcj5dB3HLwty4wXQ9K0d5GjLSqqLY4MmR2glB9UmHkDnKF9/ACI8BVU4hpHtoZ
vKFJr9bKZsMpjMHWyujo07cz9KUDakr6jXecnj838qere2QydVlkaKcW6i5IGl6i
NKzUm6FiggIi1gnPk+0UlQa4ViAONPuCc6c/UCTA2sX7EtQ8Dh4AQTHvzRM4bUEu
D8sGP/fzzatgBDitRIzCYjB4d4dTz/59q4riLmp9Cas=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:49:19 2024 by rpki-client on console-fra.rpki-client.org