Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa
File:                     ZZyXIBIZGuwnYQZXdTQa56lga_0.roa (raw, json)
Hash identifier:          tnnKUFdSdCe4mgWINoPGC2C7VMnBAatMxCqZQGJ/vks=
Subject key identifier:   65:9C:97:20:12:19:1A:EC:27:61:06:57:75:34:1A:E7:A9:60:6B:FD
Certificate issuer:       /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial:       018E4BF3149536082F9BB433A364D54FA5E6
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa
Signing time:             Sun 17 Mar 2024 10:26:45 +0000
ROA not before:           Sun 17 Mar 2024 10:26:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204383
IP address blocks:        77.78.78.0/23 maxlen: 23
                          77.78.112.0/22 maxlen: 22
                          77.78.116.0/23 maxlen: 23
                          82.208.32.0/23 maxlen: 23
                          82.208.60.0/22 maxlen: 22
                          109.123.206.0/23 maxlen: 23
                          217.11.232.0/23 maxlen: 23
                          217.11.246.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:4b:f3:14:95:36:08:2f:9b:b4:33:a3:64:d5:4f:a5:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
        Validity
            Not Before: Mar 17 10:26:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=659c972012191aec2761065775341ae7a9606bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:73:fb:0c:78:36:28:01:23:ea:1a:62:be:a3:
                    24:c3:fc:e5:3f:e4:0b:54:2c:ef:be:7c:a9:25:4f:
                    42:0f:5a:3e:f0:92:61:f4:09:0b:28:fb:a3:b1:a0:
                    36:9f:8e:72:20:ca:e3:9b:c6:f4:67:96:9a:f0:47:
                    bc:be:26:d0:ef:fa:4a:9d:d1:ea:01:c4:98:ba:4a:
                    84:57:85:c4:92:66:00:13:c6:43:02:2b:9a:7d:08:
                    d6:1f:1b:93:51:05:53:16:56:c7:17:a6:5f:ac:27:
                    d7:14:24:17:c8:e7:eb:00:e1:63:30:8f:8c:f7:69:
                    7f:25:73:a0:55:40:c3:86:8a:ca:8e:e8:58:1d:89:
                    29:98:56:df:62:5a:e9:34:28:c8:8d:66:06:f0:09:
                    04:17:92:7e:b0:4c:ab:74:cc:86:a3:41:e6:c8:30:
                    8e:f8:d4:c3:d2:85:93:db:9e:9e:05:fc:86:7f:1f:
                    6b:0d:e2:cd:9a:7c:7a:f1:f1:2a:4a:96:a4:13:44:
                    2e:ef:a8:b1:c2:ed:61:ea:b9:36:11:ff:94:c7:32:
                    7d:b9:37:d1:fe:af:7f:59:fd:e8:48:30:3b:e4:1e:
                    0b:be:0c:f3:70:14:44:07:ac:6a:37:61:e5:29:0e:
                    00:ba:45:68:34:75:da:9f:49:ed:5d:bd:7d:2e:93:
                    d9:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:9C:97:20:12:19:1A:EC:27:61:06:57:75:34:1A:E7:A9:60:6B:FD
            X509v3 Authority Key Identifier:
                keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.78.78.0/23
                  77.78.112.0-77.78.117.255
                  82.208.32.0/23
                  82.208.60.0/22
                  109.123.206.0/23
                  217.11.232.0/23
                  217.11.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:c5:0d:6b:56:83:d9:92:be:4f:64:3b:e5:88:8b:21:8f:df:
         49:1f:9d:c3:36:44:e0:a0:13:b8:c4:62:ce:31:c8:45:6d:d7:
         c6:09:04:5a:f7:44:34:b6:0f:b2:b6:d3:6c:63:6b:b9:2f:2d:
         32:bb:62:9c:60:e5:3d:78:3f:55:09:0e:5e:fd:99:40:f5:e7:
         4f:db:10:d8:2c:5f:6c:2e:3d:ac:d3:be:70:ea:1d:24:96:a8:
         f6:43:51:13:6f:df:a5:c7:b4:86:67:1a:da:f2:21:84:25:db:
         36:b8:3d:c6:dc:b0:ca:1e:3b:19:18:51:de:01:b6:02:4e:4c:
         45:23:2f:1b:42:2e:92:9a:7a:c4:37:2b:6a:35:16:3c:27:db:
         b6:09:c3:3b:2c:49:92:cc:e7:8b:de:1a:4d:f0:db:7a:2f:cd:
         01:5a:55:f5:57:59:f5:25:ae:48:0d:09:17:2a:99:7a:ba:30:
         b3:e6:2b:95:10:fe:66:d7:6c:ae:5a:2a:c4:55:66:66:35:1f:
         25:0d:e3:4e:2a:72:a2:c0:7b:87:21:8d:a0:53:6f:fe:b0:2c:
         b0:eb:49:6b:91:06:be:1b:61:58:0f:af:02:e9:10:1f:93:a2:
         20:2d:d8:d9:f7:d8:80:d0:c1:55:51:21:e4:b6:95:db:54:17:
         b3:33:d2:9c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY5L8xSVNggvm7Qzo2TVT6XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjQwMzE3MTAyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTljOTcyMDEyMTkxYWVjMjc2MTA2NTc3NTM0MWFlN2E5NjA2YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnP7DHg2KAEj6hpivqMkw/zlP+QL
VCzvvnypJU9CD1o+8JJh9AkLKPujsaA2n45yIMrjm8b0Z5aa8Ee8vibQ7/pKndHq
AcSYukqEV4XEkmYAE8ZDAiuafQjWHxuTUQVTFlbHF6ZfrCfXFCQXyOfrAOFjMI+M
92l/JXOgVUDDhorKjuhYHYkpmFbfYlrpNCjIjWYG8AkEF5J+sEyrdMyGo0HmyDCO
+NTD0oWT256eBfyGfx9rDeLNmnx68fEqSpakE0Qu76ixwu1h6rk2Ef+UxzJ9uTfR
/q9/Wf3oSDA75B4LvgzzcBREB6xqN2HlKQ4AukVoNHXan0ntXb19LpPZvwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGWclyASGRrsJ2EGV3U0GuepYGv9MB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvWlp5WElCSVpHdXduWVFaWGRUUWE1NmxnYV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBTU5OMAwD
BARNTnADBAFNTnQDBAFS0CADBAJS0DwDBAFte84DBAHZC+gDBAHZC/YwDQYJKoZI
hvcNAQELBQADggEBAAzFDWtWg9mSvk9kO+WIiyGP30kfncM2ROCgE7jEYs4xyEVt
18YJBFr3RDS2D7K202xja7kvLTK7Ypxg5T14P1UJDl79mUD150/bENgsX2wuPazT
vnDqHSSWqPZDURNv36XHtIZnGtryIYQl2za4PcbcsMoeOxkYUd4BtgJOTEUjLxtC
LpKaesQ3K2o1Fjwn27YJwzssSZLM54veGk3w23ovzQFaVfVXWfUlrkgNCRcqmXq6
MLPmK5UQ/mbXbK5aKsRVZmY1HyUN404qcqLAe4chjaBTb/6wLLDrSWuRBr4bYVgP
rwLpEB+ToiAt2Nn32IDQwVVRIeS2ldtUF7Mz0pw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:21 2024 by rpki-client on console-ams.rpki-client.org