Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa
File:                     eVymp_IW2zl70H6prlXkucvVgjo.roa (raw, json)
Hash identifier:          xslcWIvBg++frEa+tV8dn5kdhYSaeRfZAVNu/xZIo9Q=
Subject key identifier:   79:5C:A6:A7:F2:16:DB:39:7B:D0:7E:A9:AE:55:E4:B9:CB:D5:82:3A
Certificate issuer:       /CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Certificate serial:       018CC26D804AAE7DBEA23713800880612BB7
Authority key identifier: 4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa
Signing time:             Mon 01 Jan 2024 00:30:05 +0000
ROA not before:           Mon 01 Jan 2024 00:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8585
IP address blocks:        195.66.189.0/24 maxlen: 24
                          213.149.96.0/19 maxlen: 19
                          46.33.192.0/22 maxlen: 22
                          85.94.96.0/19 maxlen: 19
                          46.33.192.0/19 maxlen: 19
                          109.228.64.0/18 maxlen: 18
                          95.155.0.0/18 maxlen: 18
                          46.33.198.0/24 maxlen: 24
                          46.33.199.0/24 maxlen: 24
                          46.33.196.0/24 maxlen: 24
                          46.33.197.0/24 maxlen: 24
                          195.66.166.0/24 maxlen: 24
                          195.66.164.0/24 maxlen: 24
                          195.66.160.0/19 maxlen: 19
                          195.66.167.0/24 maxlen: 24
                          31.204.192.0/18 maxlen: 18
                          195.66.180.0/24 maxlen: 24
                          78.155.32.0/19 maxlen: 19
                          46.161.64.0/18 maxlen: 18
                          46.161.76.0/22 maxlen: 22
                          37.122.160.0/19 maxlen: 19
                          77.222.0.0/19 maxlen: 19
                          2a00:fe80::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:80:4a:ae:7d:be:a2:37:13:80:08:80:61:2b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
        Validity
            Not Before: Jan  1 00:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=795ca6a7f216db397bd07ea9ae55e4b9cbd5823a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0f:ab:7b:25:a4:89:c5:a5:ef:1f:ee:06:68:
                    3b:cd:90:a4:47:d0:1d:ec:d4:4a:d7:40:64:a1:4e:
                    bc:06:59:12:6e:5e:5e:c4:89:67:dd:e1:85:d1:d2:
                    77:08:d6:d0:9c:ae:e3:28:60:37:2d:b3:b0:5d:40:
                    fa:10:bf:f4:ba:7a:f1:a0:dd:e2:87:aa:56:66:35:
                    0a:81:71:a1:5c:e4:a2:e1:93:60:36:a6:57:17:4e:
                    98:c1:9d:fe:9f:0a:3d:01:66:01:84:a1:ea:92:2a:
                    86:e0:38:8e:f2:5c:41:d7:f7:fb:9a:3b:9c:4b:74:
                    8a:1e:b8:ba:3e:57:07:77:cd:39:fa:1f:f8:95:4b:
                    99:b6:95:e1:8e:60:6e:d7:f2:e7:95:41:e3:ad:d4:
                    9c:70:f3:8d:79:24:01:9c:ce:f0:76:92:59:b2:78:
                    27:fe:98:cc:0e:c0:5c:0c:fe:41:b2:da:28:11:13:
                    cb:68:2b:e3:e7:28:c5:39:02:a8:04:21:9c:12:e3:
                    21:7f:d7:7c:84:f7:c6:be:39:c6:4c:3f:3a:f1:3a:
                    c5:75:b7:c7:ce:fd:44:50:ec:0e:20:75:7c:f7:99:
                    9a:9b:62:de:8e:af:92:20:cc:22:2a:f2:b5:62:ea:
                    c6:02:a6:77:96:97:8c:b2:c3:2c:3a:76:be:18:6f:
                    2c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:5C:A6:A7:F2:16:DB:39:7B:D0:7E:A9:AE:55:E4:B9:CB:D5:82:3A
            X509v3 Authority Key Identifier:
                keyid:4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.204.192.0/18
                  37.122.160.0/19
                  46.33.192.0/19
                  46.161.64.0/18
                  77.222.0.0/19
                  78.155.32.0/19
                  85.94.96.0/19
                  95.155.0.0/18
                  109.228.64.0/18
                  195.66.160.0/19
                  213.149.96.0/19
                IPv6:
                  2a00:fe80::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:ab:8d:b2:02:b0:57:bf:79:a8:44:35:ad:97:6b:36:ef:b2:
         e9:f1:26:3e:96:79:59:16:3b:32:a1:37:0e:81:6f:a6:d5:37:
         4e:ba:b3:0b:0d:3b:9c:38:58:87:78:4c:1a:af:5e:14:f2:d2:
         13:87:b2:4a:d9:82:0e:90:0c:06:cc:a4:e8:ea:86:ec:eb:5e:
         98:10:4b:69:2e:78:5b:a4:87:8f:2c:3f:72:f6:26:56:17:ba:
         bd:bb:e5:68:b8:dc:90:73:fe:56:60:20:6c:d4:97:27:cf:c2:
         de:31:62:ce:97:a2:12:5d:de:72:69:5c:02:18:6d:ae:10:cf:
         93:8a:5f:5d:83:84:54:44:11:c5:66:2d:13:25:5b:8e:86:3f:
         b1:3e:51:10:39:70:5b:75:8b:ee:c9:b2:f3:c5:4b:0c:49:8e:
         cf:44:18:49:e1:e0:c2:a8:c4:ef:1a:11:c8:d1:21:71:eb:06:
         9b:ab:9d:b6:20:0a:8a:f2:0e:a0:9b:15:5f:d5:54:eb:cd:71:
         b1:53:52:66:4e:a5:7a:0c:5c:1b:04:bd:ea:3c:9e:75:3e:9d:
         89:20:68:d6:18:b7:61:ec:8d:eb:36:29:6d:f9:cd:ea:22:fe:
         9b:bc:4b:11:57:97:61:50:b8:1e:6b:d2:d7:d9:53:f9:db:e4:
         4a:0f:4b:bd
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzCbYBKrn2+ojcTgAiAYSu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2E5MTdkZGNmYzI2ZThjODdiMzA4NThiNmYwN2YyOWEz
ZGI0M2UwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVjYTZhN2YyMTZkYjM5N2JkMDdlYTlhZTU1ZTRiOWNiZDU4MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+reyWkicWl7x/uBmg7zZCkR9Ad
7NRK10BkoU68BlkSbl5exIln3eGF0dJ3CNbQnK7jKGA3LbOwXUD6EL/0unrxoN3i
h6pWZjUKgXGhXOSi4ZNgNqZXF06YwZ3+nwo9AWYBhKHqkiqG4DiO8lxB1/f7mjuc
S3SKHri6PlcHd805+h/4lUuZtpXhjmBu1/LnlUHjrdSccPONeSQBnM7wdpJZsngn
/pjMDsBcDP5BstooERPLaCvj5yjFOQKoBCGcEuMhf9d8hPfGvjnGTD868TrFdbfH
zv1EUOwOIHV895mam2Lejq+SIMwiKvK1YurGAqZ3lpeMssMsOna+GG8sEwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFHlcpqfyFts5e9B+qa5V5LnL1YI6MB8GA1UdIwQY
MBaAFEp6kX3c/CboyHswhYtvB/KaPbQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODIt
ODIwMTZkZTQyMjEyLzEvZVZ5bXBfSVcyemw3MEg2cHJsWGt1Y3ZWZ2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODItODIwMTZkZTQyMjEy
LzEvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQGH8zAAwQF
JXqgAwQFLiHAAwQGLqFAAwQFTd4AAwQFTpsgAwQFVV5gAwQGX5sAAwQGbeRAAwQF
w0KgAwQF1ZVgMA0EAgACMAcDBQAqAP6AMA0GCSqGSIb3DQEBCwUAA4IBAQBlq42y
ArBXv3moRDWtl2s277Lp8SY+lnlZFjsyoTcOgW+m1TdOurMLDTucOFiHeEwar14U
8tITh7JK2YIOkAwGzKTo6obs616YEEtpLnhbpIePLD9y9iZWF7q9u+VouNyQc/5W
YCBs1Jcnz8LeMWLOl6ISXd5yaVwCGG2uEM+Til9dg4RURBHFZi0TJVuOhj+xPlEQ
OXBbdYvuybLzxUsMSY7PRBhJ4eDCqMTvGhHI0SFx6wabq522IAqK8g6gmxVf1VTr
zXGxU1JmTqV6DFwbBL3qPJ51Pp2JIGjWGLdh7I3rNilt+c3qIv6bvEsRV5dhULge
a9LX2VP52+RKD0u9
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:29 2024 by rpki-client on console-ams.rpki-client.org