Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-aa7uyRFAIdvMT9eWUgnLLGKJoM.roa
File:                     1-aa7uyRFAIdvMT9eWUgnLLGKJoM.roa (raw, json)
Hash identifier:          GA/1zpail7t77dj0tP1pvS6vlun/yQ9tpw+w1dVGKSY=
Subject key identifier:   F9:A6:BB:BB:24:45:00:87:6F:31:3F:5E:59:48:27:2C:B1:8A:26:83
Certificate issuer:       /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial:       018F4C5AE9696EEFFB60704AB58CC5259EC9
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-aa7uyRFAIdvMT9eWUgnLLGKJoM.roa
Signing time:             Mon 06 May 2024 05:22:57 +0000
ROA not before:           Mon 06 May 2024 05:22:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57858
IP address blocks:        5.34.240.0/24 maxlen: 24
                          5.34.241.0/24 maxlen: 24
                          5.34.242.0/24 maxlen: 24
                          5.34.243.0/24 maxlen: 24
                          5.34.244.0/24 maxlen: 24
                          5.34.245.0/24 maxlen: 24
                          5.34.246.0/24 maxlen: 24
                          5.34.247.0/24 maxlen: 24
                          5.153.233.0/24 maxlen: 24
                          5.153.234.0/24 maxlen: 24
                          5.153.235.0/24 maxlen: 24
                          5.153.237.0/24 maxlen: 24
                          5.153.238.0/24 maxlen: 24
                          5.157.0.0/24 maxlen: 24
                          5.157.1.0/24 maxlen: 24
                          5.157.5.0/24 maxlen: 24
                          5.157.7.0/24 maxlen: 24
                          5.157.9.0/24 maxlen: 24
                          5.157.10.0/24 maxlen: 24
                          5.157.12.0/24 maxlen: 24
                          5.157.15.0/24 maxlen: 24
                          5.157.16.0/24 maxlen: 24
                          5.157.18.0/24 maxlen: 24
                          5.157.20.0/24 maxlen: 24
                          5.157.25.0/24 maxlen: 24
                          5.157.28.0/24 maxlen: 24
                          5.157.35.0/24 maxlen: 24
                          5.157.36.0/24 maxlen: 24
                          5.157.39.0/24 maxlen: 24
                          5.157.40.0/24 maxlen: 24
                          5.157.44.0/24 maxlen: 24
                          5.157.46.0/24 maxlen: 24
                          5.157.47.0/24 maxlen: 24
                          5.157.48.0/24 maxlen: 24
                          5.157.49.0/24 maxlen: 24
                          5.157.50.0/24 maxlen: 24
                          5.157.52.0/24 maxlen: 24
                          5.157.54.0/24 maxlen: 24
                          37.72.187.0/24 maxlen: 24
                          37.72.188.0/24 maxlen: 24
                          37.72.189.0/24 maxlen: 24
                          37.72.190.0/24 maxlen: 24
                          37.72.191.0/24 maxlen: 24
                          37.203.208.0/24 maxlen: 24
                          37.203.210.0/24 maxlen: 24
                          37.203.211.0/24 maxlen: 24
                          37.203.212.0/24 maxlen: 24
                          37.203.213.0/24 maxlen: 24
                          37.203.214.0/24 maxlen: 24
                          46.29.248.0/23 maxlen: 23
                          46.29.250.0/23 maxlen: 23
                          46.29.252.0/24 maxlen: 24
                          46.29.253.0/24 maxlen: 24
                          46.29.254.0/24 maxlen: 24
                          46.29.255.0/24 maxlen: 24
                          91.108.176.0/24 maxlen: 24
                          91.108.177.0/24 maxlen: 24
                          91.108.178.0/24 maxlen: 24
                          91.108.179.0/24 maxlen: 24
                          91.108.180.0/24 maxlen: 24
                          91.108.181.0/24 maxlen: 24
                          91.108.182.0/24 maxlen: 24
                          130.185.152.0/24 maxlen: 24
                          130.185.154.0/24 maxlen: 24
                          130.185.155.0/24 maxlen: 24
                          130.185.156.0/24 maxlen: 24
                          130.185.157.0/24 maxlen: 24
                          130.185.158.0/24 maxlen: 24
                          130.185.159.0/24 maxlen: 24
                          151.237.176.0/24 maxlen: 24
                          151.237.177.0/24 maxlen: 24
                          151.237.178.0/24 maxlen: 24
                          151.237.179.0/24 maxlen: 24
                          151.237.180.0/24 maxlen: 24
                          151.237.181.0/24 maxlen: 24
                          151.237.182.0/24 maxlen: 24
                          151.237.183.0/24 maxlen: 24
                          151.237.184.0/24 maxlen: 24
                          151.237.185.0/24 maxlen: 24
                          151.237.187.0/24 maxlen: 24
                          151.237.189.0/24 maxlen: 24
                          151.237.190.0/24 maxlen: 24
                          151.237.191.0/24 maxlen: 24
                          176.61.136.0/24 maxlen: 24
                          176.61.137.0/24 maxlen: 24
                          176.61.138.0/24 maxlen: 24
                          176.61.139.0/24 maxlen: 24
                          176.61.140.0/24 maxlen: 24
                          176.61.141.0/24 maxlen: 24
                          176.61.142.0/24 maxlen: 24
                          176.61.143.0/24 maxlen: 24
                          178.216.48.0/24 maxlen: 24
                          178.216.49.0/24 maxlen: 24
                          178.216.50.0/24 maxlen: 24
                          178.216.51.0/24 maxlen: 24
                          178.216.52.0/24 maxlen: 24
                          178.216.53.0/24 maxlen: 24
                          178.216.54.0/24 maxlen: 24
                          178.216.55.0/24 maxlen: 24
                          185.3.132.0/24 maxlen: 24
                          185.3.133.0/24 maxlen: 24
                          185.3.134.0/24 maxlen: 24
                          185.3.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4c:5a:e9:69:6e:ef:fb:60:70:4a:b5:8c:c5:25:9e:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
        Validity
            Not Before: May  6 05:22:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f9a6bbbb244500876f313f5e5948272cb18a2683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:be:a0:2f:b8:fd:cc:fb:34:62:8b:ac:0a:f9:
                    af:91:db:9e:2b:50:58:bc:1c:fe:5a:ab:d2:3b:d8:
                    79:15:aa:29:31:c3:8a:b2:36:6f:5e:f3:01:9b:d5:
                    74:11:68:0e:ed:b8:60:8c:ad:fc:ee:de:85:88:83:
                    b1:bb:79:cd:76:82:02:43:58:b3:55:67:18:67:c7:
                    d9:35:f6:07:6f:58:49:a6:4b:71:91:79:eb:43:8b:
                    6d:c6:49:49:61:43:79:2c:ae:9c:f8:86:9f:1f:b2:
                    a6:98:27:93:a0:d5:7b:86:66:5d:4c:2a:86:df:52:
                    b3:4f:2c:06:ba:ad:3c:cf:d5:0c:e1:d4:a7:e7:36:
                    0d:da:a3:c7:aa:87:bc:f3:60:43:ba:32:51:2b:ef:
                    0f:1b:bf:7c:23:8e:b4:96:8f:54:c4:47:12:6e:ce:
                    7f:56:ee:74:ee:dd:2f:7a:64:70:ed:6b:ea:47:85:
                    50:38:f1:bd:aa:1a:c3:a3:22:23:b7:72:4a:51:fc:
                    e4:ee:25:97:09:31:8f:35:e6:1d:9a:f5:40:32:11:
                    24:68:ef:36:28:4c:44:d5:2f:04:5c:14:0b:5f:b3:
                    95:9f:e7:e2:f7:b2:79:55:8f:78:28:15:2a:aa:42:
                    31:d3:4a:dd:c3:56:98:45:72:ef:a1:7e:eb:97:72:
                    29:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:A6:BB:BB:24:45:00:87:6F:31:3F:5E:59:48:27:2C:B1:8A:26:83
            X509v3 Authority Key Identifier:
                keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-aa7uyRFAIdvMT9eWUgnLLGKJoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.34.240.0/21
                  5.153.233.0-5.153.235.255
                  5.153.237.0-5.153.238.255
                  5.157.0.0/23
                  5.157.5.0/24
                  5.157.7.0/24
                  5.157.9.0-5.157.10.255
                  5.157.12.0/24
                  5.157.15.0-5.157.16.255
                  5.157.18.0/24
                  5.157.20.0/24
                  5.157.25.0/24
                  5.157.28.0/24
                  5.157.35.0-5.157.36.255
                  5.157.39.0-5.157.40.255
                  5.157.44.0/24
                  5.157.46.0-5.157.50.255
                  5.157.52.0/24
                  5.157.54.0/24
                  37.72.187.0-37.72.191.255
                  37.203.208.0/24
                  37.203.210.0-37.203.214.255
                  46.29.248.0/21
                  91.108.176.0-91.108.182.255
                  130.185.152.0/24
                  130.185.154.0-130.185.159.255
                  151.237.176.0-151.237.185.255
                  151.237.187.0/24
                  151.237.189.0-151.237.191.255
                  176.61.136.0/21
                  178.216.48.0/21
                  185.3.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:b3:7a:ca:49:86:8d:37:f8:03:eb:0b:26:38:e9:f9:2b:4c:
         da:57:a2:7d:b1:ce:fc:bf:0b:8b:3d:40:66:0d:29:47:71:98:
         74:54:89:73:dd:15:95:f2:1a:19:66:2a:99:e1:bb:fe:be:54:
         4b:b7:6a:fe:c8:b9:6f:5c:43:31:70:bb:ee:a8:cb:90:d7:f3:
         5b:f9:e3:a9:57:a4:d7:b3:76:a1:a1:c4:30:d0:01:c4:e2:5c:
         17:24:a7:25:d7:c1:0f:0f:00:89:2a:e7:04:10:0d:df:85:3f:
         33:9c:75:04:12:f7:90:18:1f:19:e4:7f:7c:d2:db:67:6f:21:
         f1:ae:0d:42:9b:ab:9a:ca:62:d4:9f:75:cd:fb:98:76:53:ec:
         c6:a2:44:1a:4e:33:85:42:12:41:cd:b6:c5:72:2b:ba:ef:f1:
         51:db:29:42:a7:cb:94:98:66:71:f7:2d:e1:c2:39:7e:ac:e7:
         5a:68:e8:12:10:cf:3c:b2:6d:6b:d7:cf:73:e5:2b:59:fd:3f:
         4c:47:01:20:4d:2e:d3:27:3b:00:ca:7d:37:f9:86:18:be:79:
         ba:24:b9:a0:83:03:98:68:6b:db:55:ca:cd:3b:8f:51:16:87:
         59:32:21:20:12:cc:8b:64:5d:e9:ec:80:0b:23:48:ab:e0:d2:
         7b:67:46:7b
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgISAY9MWulpbu/7YHBKtYzFJZ7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE2YmJiYjI0NDUwMDg3NmYzMTNmNWU1OTQ4MjcyY2IxOGEyNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob6gL7j9zPs0YousCvmvkdueK1BY
vBz+WqvSO9h5FaopMcOKsjZvXvMBm9V0EWgO7bhgjK387t6FiIOxu3nNdoICQ1iz
VWcYZ8fZNfYHb1hJpktxkXnrQ4ttxklJYUN5LK6c+IafH7KmmCeToNV7hmZdTCqG
31KzTywGuq08z9UM4dSn5zYN2qPHqoe882BDujJRK+8PG798I460lo9UxEcSbs5/
Vu507t0vemRw7WvqR4VQOPG9qhrDoyIjt3JKUfzk7iWXCTGPNeYdmvVAMhEkaO82
KExE1S8EXBQLX7OVn+fi97J5VY94KBUqqkIx00rdw1aYRXLvoX7rl3IpZQIDAQAB
o4IDNjCCAzIwHQYDVR0OBBYEFPmmu7skRQCHbzE/XllIJyyxiiaDMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvMS1hYTd1eVJGQUlkdk1UOWVXVWduTExHS0pvTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvM2I1MWI4LTEwYzYtNDM4Yi1hMTIwLTE1ZjEzZTNmN2Q4
NS8xLzJDeTBQS1BBeFhnV3p1TmdSNDBNLUlJZ2Y5SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAUkGCCsGAQUFBwEHAQH/BIIBODCCATQwggEwBAIAATCC
ASgDBAMFIvAwDAMEAAWZ6QMEAgWZ6DAMAwQABZntAwQABZnuAwQBBZ0AAwQABZ0F
AwQABZ0HMAwDBAAFnQkDBAAFnQoDBAAFnQwwDAMEAAWdDwMEAAWdEAMEAAWdEgME
AAWdFAMEAAWdGQMEAAWdHDAMAwQABZ0jAwQABZ0kMAwDBAAFnScDBAAFnSgDBAAF
nSwwDAMEAQWdLgMEAAWdMgMEAAWdNAMEAAWdNjAMAwQAJUi7AwQGJUiAAwQAJcvQ
MAwDBAEly9IDBAAly9YDBAMuHfgwDAMEBFtssAMEAFtstgMEAIK5mDAMAwQBgrma
AwQFgrmAMAwDBASX7bADBAGX7bgDBACX7bswDAMEAJftvQMEBpftgAMEA7A9iAME
A7LYMAMEArkDhDANBgkqhkiG9w0BAQsFAAOCAQEASrN6ykmGjTf4A+sLJjjp+StM
2leifbHO/L8Liz1AZg0pR3GYdFSJc90VlfIaGWYqmeG7/r5US7dq/si5b1xDMXC7
7qjLkNfzW/njqVek17N2oaHEMNABxOJcFySnJdfBDw8AiSrnBBAN34U/M5x1BBL3
kBgfGeR/fNLbZ28h8a4NQpurmspi1J91zfuYdlPsxqJEGk4zhUISQc22xXIruu/x
UdspQqfLlJhmcfct4cI5fqznWmjoEhDPPLJta9fPc+UrWf0/TEcBIE0u0yc7AMp9
N/mGGL55uiS5oIMDmGhr21XKzTuPURaHWTIhIBLMi2Rd6eyACyNIq+DSe2dGew==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:19 2024 by rpki-client on console-ams.rpki-client.org