Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa
File:                     fnKt6utoYVosEbmbHowKK9HvV7o.roa (raw, json)
Hash identifier:          6S/CgN88G2FM75SAwSZ736IwwJzHmPL6fFUdYmu6gj8=
Subject key identifier:   7E:72:AD:EA:EB:68:61:5A:2C:11:B9:9B:1E:8C:0A:2B:D1:EF:57:BA
Certificate issuer:       /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial:       018E84612E7D8F68E5B76B1485EBE21C6242
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa
Signing time:             Thu 28 Mar 2024 09:25:45 +0000
ROA not before:           Thu 28 Mar 2024 09:25:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15557
IP address blocks:        37.64.0.0/13 maxlen: 24
                          46.35.0.0/19 maxlen: 24
                          62.8.0.0/19 maxlen: 19
                          62.39.0.0/16 maxlen: 24
                          62.62.128.0/17 maxlen: 24
                          62.106.128.0/17 maxlen: 24
                          62.129.160.0/19 maxlen: 24
                          62.241.64.0/18 maxlen: 24
                          77.128.0.0/13 maxlen: 24
                          77.134.204.0/24 maxlen: 24
                          77.136.0.0/16 maxlen: 24
                          77.136.172.0/24 maxlen: 24
                          77.136.173.0/24 maxlen: 24
                          77.136.174.0/24 maxlen: 24
                          77.137.196.0/22 maxlen: 24
                          77.137.200.0/21 maxlen: 24
                          77.137.208.0/20 maxlen: 24
                          77.140.0.0/14 maxlen: 24
                          77.144.0.0/12 maxlen: 24
                          77.192.0.0/12 maxlen: 24
                          78.112.0.0/12 maxlen: 24
                          78.155.128.0/19 maxlen: 24
                          79.80.0.0/12 maxlen: 24
                          79.174.192.0/18 maxlen: 24
                          79.174.232.0/21 maxlen: 21
                          80.70.32.0/20 maxlen: 24
                          80.118.0.0/15 maxlen: 24
                          80.118.4.0/24 maxlen: 24
                          80.124.0.0/15 maxlen: 24
                          80.124.0.0/16 maxlen: 24
                          80.125.0.0/16 maxlen: 24
                          80.236.0.0/17 maxlen: 24
                          81.1.0.0/18 maxlen: 24
                          81.64.0.0/14 maxlen: 24
                          81.65.0.0/16 maxlen: 16
                          81.185.0.0/16 maxlen: 24
                          81.185.160.0/20 maxlen: 20
                          81.185.160.0/21 maxlen: 21
                          81.185.168.0/21 maxlen: 21
                          81.220.0.0/16 maxlen: 24
                          82.216.0.0/16 maxlen: 24
                          83.141.128.0/17 maxlen: 24
                          84.4.0.0/14 maxlen: 24
                          84.55.128.0/18 maxlen: 24
                          84.96.0.0/13 maxlen: 24
                          84.205.128.0/19 maxlen: 24
                          84.205.144.0/20 maxlen: 20
                          85.68.0.0/15 maxlen: 24
                          85.168.0.0/14 maxlen: 24
                          86.64.0.0/12 maxlen: 24
                          86.66.127.0/24 maxlen: 24
                          87.231.0.0/16 maxlen: 24
                          88.136.0.0/13 maxlen: 24
                          88.136.0.0/14 maxlen: 24
                          88.140.0.0/16 maxlen: 24
                          88.141.0.0/16 maxlen: 24
                          88.142.0.0/16 maxlen: 24
                          88.143.252.0/24 maxlen: 24
                          88.143.253.0/24 maxlen: 24
                          88.143.254.0/24 maxlen: 24
                          88.143.255.0/24 maxlen: 24
                          89.2.0.0/15 maxlen: 24
                          89.156.0.0/14 maxlen: 24
                          91.68.0.0/14 maxlen: 24
                          91.68.0.0/22 maxlen: 22
                          91.151.112.0/20 maxlen: 24
                          92.88.0.0/13 maxlen: 24
                          93.0.0.0/11 maxlen: 24
                          109.0.0.0/11 maxlen: 24
                          141.170.216.0/21 maxlen: 24
                          185.147.204.0/22 maxlen: 24
                          194.6.128.0/19 maxlen: 19
                          194.183.192.0/19 maxlen: 19
                          194.242.176.0/20 maxlen: 20
                          195.3.0.0/18 maxlen: 24
                          195.7.96.0/19 maxlen: 24
                          195.98.96.0/19 maxlen: 24
                          195.115.0.0/16 maxlen: 24
                          195.132.0.0/16 maxlen: 24
                          195.146.192.0/19 maxlen: 24
                          212.30.96.0/19 maxlen: 24
                          212.39.128.0/19 maxlen: 24
                          212.94.160.0/19 maxlen: 24
                          212.198.0.0/16 maxlen: 24
                          213.128.32.0/19 maxlen: 24
                          213.144.192.0/19 maxlen: 24
                          213.169.160.0/19 maxlen: 24
                          213.203.64.0/18 maxlen: 24
                          213.223.0.0/16 maxlen: 24
                          213.245.0.0/16 maxlen: 24
                          217.19.192.0/20 maxlen: 24
                          217.70.80.0/20 maxlen: 24
                          217.112.224.0/20 maxlen: 24
                          2a00:6200::/29 maxlen: 48
                          2a00:7180::/32 maxlen: 32
                          2a00:8380::/32 maxlen: 32
                          2a00:8d80::/32 maxlen: 32
                          2a00:9380::/32 maxlen: 32
                          2a00:ec80::/32 maxlen: 32
                          2a02:8400::/25 maxlen: 48
                          2a02:8400::/48 maxlen: 48
                          2a02:8400:11::/48 maxlen: 48
                          2a02:8400:12::/48 maxlen: 48
                          2a02:8400:13::/48 maxlen: 48
                          2a02:8400:14::/48 maxlen: 48
                          2a02:8440:5000::/36 maxlen: 36
                          2a04:800::/29 maxlen: 29
                          2a04:807::/48 maxlen: 48
                          2a04:807:1::/48 maxlen: 48
                          2a04:807:2::/48 maxlen: 48
                          2a04:807:3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:84:61:2e:7d:8f:68:e5:b7:6b:14:85:eb:e2:1c:62:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
        Validity
            Not Before: Mar 28 09:25:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7e72adeaeb68615a2c11b99b1e8c0a2bd1ef57ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ed:9e:2a:a0:db:82:09:82:ef:c8:da:97:7f:
                    5e:7b:a0:44:48:b1:f7:51:f8:88:f7:59:ae:a7:ea:
                    d6:02:b0:c7:8e:85:47:ec:1a:87:53:99:36:b9:ca:
                    16:ec:23:9b:21:3c:f2:d5:b7:ef:42:48:e0:87:28:
                    f2:5a:9c:9e:d2:8f:33:f2:7c:5c:fe:b9:16:50:31:
                    e0:0b:dd:66:d6:4b:8a:ba:c2:8d:27:19:4c:90:73:
                    78:13:8d:b6:c9:7e:03:64:5d:b2:d7:d7:d0:90:6b:
                    32:c7:40:41:a0:20:c0:33:e4:bd:bb:cd:c0:1c:40:
                    cb:0c:58:41:bb:7c:7a:af:eb:12:fd:c3:73:14:78:
                    a1:02:d5:51:71:f5:f9:a6:e4:b3:ae:62:f2:d9:5d:
                    1f:48:7b:0f:ee:7e:da:27:1a:32:6f:df:78:bf:8d:
                    8e:fe:27:c6:20:f2:c0:d3:ec:21:2f:55:a7:af:80:
                    45:3c:33:74:ad:cb:57:61:98:bd:d3:ea:0a:eb:30:
                    b1:61:de:54:a2:1d:86:78:04:20:b6:d2:1d:33:7b:
                    27:04:e3:a0:88:1d:0e:44:54:db:db:fc:7e:7a:1f:
                    fb:c3:6d:d5:cc:06:0d:65:fd:7c:a9:f5:96:f2:ed:
                    7d:cd:e3:ac:df:8f:29:6b:f3:dd:40:89:39:60:eb:
                    7f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:72:AD:EA:EB:68:61:5A:2C:11:B9:9B:1E:8C:0A:2B:D1:EF:57:BA
            X509v3 Authority Key Identifier:
                keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/fnKt6utoYVosEbmbHowKK9HvV7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.64.0.0/13
                  46.35.0.0/19
                  62.8.0.0/19
                  62.39.0.0/16
                  62.62.128.0/17
                  62.106.128.0/17
                  62.129.160.0/19
                  62.241.64.0/18
                  77.128.0.0-77.136.255.255
                  77.137.196.0-77.137.223.255
                  77.140.0.0-77.159.255.255
                  77.192.0.0/12
                  78.112.0.0/12
                  78.155.128.0/19
                  79.80.0.0/12
                  79.174.192.0/18
                  80.70.32.0/20
                  80.118.0.0/15
                  80.124.0.0/15
                  80.236.0.0/17
                  81.1.0.0/18
                  81.64.0.0/14
                  81.185.0.0/16
                  81.220.0.0/16
                  82.216.0.0/16
                  83.141.128.0/17
                  84.4.0.0/14
                  84.55.128.0/18
                  84.96.0.0/13
                  84.205.128.0/19
                  85.68.0.0/15
                  85.168.0.0/14
                  86.64.0.0/12
                  87.231.0.0/16
                  88.136.0.0/13
                  89.2.0.0/15
                  89.156.0.0/14
                  91.68.0.0/14
                  91.151.112.0/20
                  92.88.0.0/13
                  93.0.0.0/11
                  109.0.0.0/11
                  141.170.216.0/21
                  185.147.204.0/22
                  194.6.128.0/19
                  194.183.192.0/19
                  194.242.176.0/20
                  195.3.0.0/18
                  195.7.96.0/19
                  195.98.96.0/19
                  195.115.0.0/16
                  195.132.0.0/16
                  195.146.192.0/19
                  212.30.96.0/19
                  212.39.128.0/19
                  212.94.160.0/19
                  212.198.0.0/16
                  213.128.32.0/19
                  213.144.192.0/19
                  213.169.160.0/19
                  213.203.64.0/18
                  213.223.0.0/16
                  213.245.0.0/16
                  217.19.192.0/20
                  217.70.80.0/20
                  217.112.224.0/20
                IPv6:
                  2a00:6200::/29
                  2a00:7180::/32
                  2a00:8380::/32
                  2a00:8d80::/32
                  2a00:9380::/32
                  2a00:ec80::/32
                  2a02:8400::/25
                  2a04:800::/29

    Signature Algorithm: sha256WithRSAEncryption
         b2:e7:53:97:bb:41:4f:52:99:01:c3:12:6f:74:bd:cb:3d:65:
         1c:c8:aa:74:ba:31:d7:95:72:6f:53:ab:fc:8f:39:38:70:16:
         a8:7c:d3:a3:ad:de:ba:a4:0b:ab:c3:55:3a:2c:a3:3a:3b:d8:
         e6:09:d0:6e:9f:7c:93:6d:9c:87:7f:96:78:07:de:1e:ad:19:
         01:c3:63:dc:54:0d:36:dd:91:7a:e2:a7:d0:d2:34:a4:2f:cb:
         27:38:2a:02:07:14:09:e9:fe:17:1d:6f:30:f6:b0:c3:d5:15:
         db:96:b7:ce:88:81:89:6e:65:ca:f2:ca:4a:a6:0c:18:ed:83:
         bd:6b:68:0b:c0:d2:72:19:5a:c9:35:f3:34:19:ef:8d:ae:b5:
         e4:31:32:53:95:d8:98:6b:17:da:b5:3e:2c:a7:fb:f3:4c:e2:
         04:29:32:7f:16:bf:87:b2:f4:98:4d:49:d7:6c:74:d5:b0:d3:
         78:87:4a:bf:87:ee:cf:4b:06:36:bc:2d:fe:f8:be:e1:f6:16:
         c4:31:89:86:04:a9:19:af:b6:b3:13:d5:61:56:85:25:42:c5:
         77:8f:2a:19:3f:18:9f:61:c4:d8:a1:d4:a7:53:ae:c8:0a:bc:
         4b:0a:56:9b:db:1f:30:f7:b1:49:ca:dd:3c:9d:bb:4c:87:ab:
         37:70:a7:23
-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgISAY6EYS59j2jlt2sUheviHGJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMzI4MDkyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTcyYWRlYWViNjg2MTVhMmMxMWI5OWIxZThjMGEyYmQxZWY1N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe2eKqDbggmC78jal39ee6BESLH3
UfiI91mup+rWArDHjoVH7BqHU5k2ucoW7CObITzy1bfvQkjghyjyWpye0o8z8nxc
/rkWUDHgC91m1kuKusKNJxlMkHN4E422yX4DZF2y19fQkGsyx0BBoCDAM+S9u83A
HEDLDFhBu3x6r+sS/cNzFHihAtVRcfX5puSzrmLy2V0fSHsP7n7aJxoyb994v42O
/ifGIPLA0+whL1Wnr4BFPDN0rctXYZi90+oK6zCxYd5Uoh2GeAQgttIdM3snBOOg
iB0ORFTb2/x+eh/7w23VzAYNZf18qfWW8u19zeOs348pa/PdQIk5YOt/nwIDAQAB
o4ID0DCCA8wwHQYDVR0OBBYEFH5yrerraGFaLBG5mx6MCivR71e6MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvZm5LdDZ1dG9ZVm9zRWJtYkhvd0tLOUh2VjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5AYIKwYBBQUHAQcBAf8EggHTMIIBzzCCAYsEAgABMIIB
gwMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMBWQIDAwJZnAMDAltEAwQEW5dwAwMDXFgD
AwVdAAMDBW0AAwQDjarYAwQCuZPMAwQFwgaAAwQFwrfAAwQEwvKwAwQGwwMAAwQF
wwdgAwQFw2JgAwMAw3MDAwDDhAMEBcOSwAMEBdQeYAMEBdQngAMEBdReoAMDANTG
AwQF1YAgAwQF1ZDAAwQF1amgAwQG1ctAAwMA1d8DAwDV9QMEBNkTwAMEBNlGUAME
BNlw4DA+BAIAAjA4AwUDKgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4AD
BQAqAOyAAwUHKgKEAAMFAyoECAAwDQYJKoZIhvcNAQELBQADggEBALLnU5e7QU9S
mQHDEm90vcs9ZRzIqnS6MdeVcm9Tq/yPOThwFqh806Ot3rqkC6vDVTosozo72OYJ
0G6ffJNtnId/lngH3h6tGQHDY9xUDTbdkXrip9DSNKQvyyc4KgIHFAnp/hcdbzD2
sMPVFduWt86IgYluZcryykqmDBjtg71raAvA0nIZWsk18zQZ742uteQxMlOV2Jhr
F9q1Piyn+/NM4gQpMn8Wv4ey9JhNSddsdNWw03iHSr+H7s9LBja8Lf74vuH2FsQx
iYYEqRmvtrMT1WFWhSVCxXePKhk/GJ9hxNih1KdTrsgKvEsKVpvbHzD3sUnK3Tyd
u0yHqzdwpyM=
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:03:07 2024 by rpki-client on console-ams.rpki-client.org