Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/jzbflPe7WNG9dfD4SGlYsxkJvKM.roa
File:                     jzbflPe7WNG9dfD4SGlYsxkJvKM.roa (raw, json)
Hash identifier:          FLTHl+2EL5349nJt6ynKHL4OkcOD6UDI/ahauEBCqrQ=
Subject key identifier:   8F:36:DF:94:F7:BB:58:D1:BD:75:F0:F8:48:69:58:B3:19:09:BC:A3
Certificate issuer:       /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial:       018CC3B736C4183A75CF09B4E863FB455DCA
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/jzbflPe7WNG9dfD4SGlYsxkJvKM.roa
Signing time:             Mon 01 Jan 2024 06:30:13 +0000
ROA not before:           Mon 01 Jan 2024 06:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197328
IP address blocks:        176.53.112.0/24 maxlen: 24
                          176.53.118.0/24 maxlen: 24
                          176.53.117.0/24 maxlen: 24
                          176.53.116.0/24 maxlen: 24
                          176.53.115.0/24 maxlen: 24
                          176.53.114.0/24 maxlen: 24
                          176.53.113.0/24 maxlen: 24
                          176.53.17.0/24 maxlen: 24
                          176.53.16.0/24 maxlen: 24
                          176.53.21.0/24 maxlen: 24
                          176.53.20.0/24 maxlen: 24
                          176.53.19.0/24 maxlen: 24
                          176.53.18.0/24 maxlen: 24
                          176.53.24.0/24 maxlen: 24
                          176.53.23.0/24 maxlen: 24
                          176.53.22.0/24 maxlen: 24
                          176.53.31.0/24 maxlen: 24
                          176.53.30.0/24 maxlen: 24
                          176.53.29.0/24 maxlen: 24
                          176.53.28.0/24 maxlen: 24
                          176.53.27.0/24 maxlen: 24
                          176.53.26.0/24 maxlen: 24
                          176.53.25.0/24 maxlen: 24
                          176.53.119.0/24 maxlen: 24
                          176.53.125.0/24 maxlen: 24
                          176.53.124.0/24 maxlen: 24
                          176.53.123.0/24 maxlen: 24
                          176.53.122.0/24 maxlen: 24
                          176.53.121.0/24 maxlen: 24
                          176.53.120.0/24 maxlen: 24
                          176.53.126.0/24 maxlen: 24
                          176.53.127.0/24 maxlen: 24
                          46.45.178.0/24 maxlen: 24
                          46.45.177.0/24 maxlen: 24
                          46.45.176.0/24 maxlen: 24
                          46.45.175.0/24 maxlen: 24
                          46.45.174.0/24 maxlen: 24
                          46.45.173.0/24 maxlen: 24
                          46.45.179.0/24 maxlen: 24
                          46.45.183.0/24 maxlen: 24
                          46.45.182.0/24 maxlen: 24
                          46.45.181.0/24 maxlen: 24
                          46.45.180.0/24 maxlen: 24
                          46.45.128.0/24 maxlen: 24
                          46.45.136.0/24 maxlen: 24
                          46.45.139.0/24 maxlen: 24
                          46.45.138.0/24 maxlen: 24
                          46.45.137.0/24 maxlen: 24
                          46.45.143.0/24 maxlen: 24
                          46.45.142.0/24 maxlen: 24
                          46.45.141.0/24 maxlen: 24
                          46.45.140.0/24 maxlen: 24
                          46.45.171.0/24 maxlen: 24
                          46.45.170.0/24 maxlen: 24
                          46.45.169.0/24 maxlen: 24
                          46.45.168.0/24 maxlen: 24
                          46.45.172.0/24 maxlen: 24
                          178.211.44.0/24 maxlen: 24
                          178.211.43.0/24 maxlen: 24
                          178.211.41.0/24 maxlen: 24
                          178.211.40.0/24 maxlen: 24
                          178.211.39.0/24 maxlen: 24
                          178.211.47.0/24 maxlen: 24
                          178.211.46.0/24 maxlen: 24
                          178.211.45.0/24 maxlen: 24
                          178.211.33.0/24 maxlen: 24
                          178.211.32.0/24 maxlen: 24
                          178.211.38.0/24 maxlen: 24
                          178.211.37.0/24 maxlen: 24
                          178.211.36.0/24 maxlen: 24
                          178.211.35.0/24 maxlen: 24
                          178.211.34.0/24 maxlen: 24
                          31.210.98.0/24 maxlen: 24
                          31.210.97.0/24 maxlen: 24
                          31.210.96.0/24 maxlen: 24
                          31.210.101.0/24 maxlen: 24
                          31.210.100.0/24 maxlen: 24
                          31.210.99.0/24 maxlen: 24
                          31.210.105.0/24 maxlen: 24
                          31.210.104.0/24 maxlen: 24
                          31.210.103.0/24 maxlen: 24
                          31.210.102.0/24 maxlen: 24
                          31.210.108.0/24 maxlen: 24
                          31.210.107.0/24 maxlen: 24
                          31.210.106.0/24 maxlen: 24
                          31.210.112.0/24 maxlen: 24
                          31.210.111.0/24 maxlen: 24
                          31.210.110.0/24 maxlen: 24
                          31.210.109.0/24 maxlen: 24
                          31.210.118.0/24 maxlen: 24
                          31.210.117.0/24 maxlen: 24
                          31.210.116.0/24 maxlen: 24
                          31.210.115.0/24 maxlen: 24
                          31.210.114.0/24 maxlen: 24
                          31.210.113.0/24 maxlen: 24
                          31.210.122.0/24 maxlen: 24
                          31.210.121.0/24 maxlen: 24
                          31.210.120.0/24 maxlen: 24
                          31.210.119.0/24 maxlen: 24
                          31.210.125.0/24 maxlen: 24
                          31.210.124.0/24 maxlen: 24
                          31.210.123.0/24 maxlen: 24
                          31.210.127.0/24 maxlen: 24
                          31.210.126.0/24 maxlen: 24
                          213.128.84.0/24 maxlen: 24
                          213.128.83.0/24 maxlen: 24
                          213.128.82.0/24 maxlen: 24
                          213.128.81.0/24 maxlen: 24
                          213.128.80.0/24 maxlen: 24
                          213.128.85.0/24 maxlen: 24
                          213.128.87.0/24 maxlen: 24
                          213.128.86.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 13 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:36:c4:18:3a:75:cf:09:b4:e8:63:fb:45:5d:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
        Validity
            Not Before: Jan  1 06:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f36df94f7bb58d1bd75f0f8486958b31909bca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3b:79:c2:02:65:e8:00:29:db:b8:fe:21:4b:
                    ef:54:b9:90:7a:74:1e:2e:d0:e2:f8:4a:7f:67:96:
                    19:0c:ea:53:63:39:7a:d8:e8:b0:09:39:db:a2:90:
                    2e:5e:65:ec:ab:5b:72:f6:0d:a1:cc:76:f2:2f:3d:
                    2a:06:4a:d8:00:ba:52:ea:ba:77:c6:0b:b7:ae:57:
                    2e:91:77:46:40:41:10:fb:7b:6a:f8:98:6a:0e:a0:
                    3a:7c:90:22:af:0b:d2:7a:0c:1f:03:3a:a9:ff:ba:
                    bc:f0:18:c1:6a:12:10:aa:7b:d2:67:e7:a9:84:2f:
                    d5:2d:2d:92:1e:a1:f8:de:3f:e9:d7:65:5a:c6:1e:
                    d1:43:77:59:73:63:72:6c:32:e0:26:03:9b:ac:9a:
                    19:ca:28:ff:8d:7d:8b:ce:4a:e1:6d:51:76:36:24:
                    43:d2:c5:57:45:a6:c5:54:02:5a:de:ad:36:a6:6d:
                    a4:68:83:2d:de:2d:bf:4a:8d:22:a8:0d:8c:e7:94:
                    a4:77:fb:b4:9c:aa:4e:f2:a2:e5:3e:3d:37:e8:63:
                    45:fe:28:3c:ea:b8:7e:71:61:8c:dd:2d:3e:3b:f7:
                    87:55:c1:e0:b9:91:d2:70:3b:c1:88:13:db:b4:d9:
                    2b:65:b2:2f:8b:e9:84:d8:3a:de:83:ee:de:e8:63:
                    29:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:36:DF:94:F7:BB:58:D1:BD:75:F0:F8:48:69:58:B3:19:09:BC:A3
            X509v3 Authority Key Identifier:
                keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/jzbflPe7WNG9dfD4SGlYsxkJvKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.96.0/19
                  46.45.128.0/24
                  46.45.136.0/21
                  46.45.168.0-46.45.183.255
                  176.53.16.0/20
                  176.53.112.0/20
                  178.211.32.0-178.211.41.255
                  178.211.43.0-178.211.47.255
                  213.128.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         55:84:cb:2a:bf:b4:26:da:94:9b:33:dd:7a:65:89:5f:cb:f9:
         5d:ad:a4:2e:51:85:bb:07:b1:41:83:64:2d:19:22:7a:77:c0:
         89:f6:9b:b3:74:53:52:83:be:68:59:06:0f:99:ce:61:2e:1b:
         9e:74:c1:a7:19:07:ef:93:bc:2e:9d:69:cc:7a:b9:28:d2:51:
         ee:11:80:d9:26:3d:ed:b3:a1:3d:15:18:3f:ce:e8:9e:c7:a4:
         37:26:26:99:8c:1a:1d:5f:df:10:6f:d8:bf:d2:ce:41:a9:f5:
         61:a5:8c:6b:2f:79:02:58:6a:31:6f:6a:c6:6a:1f:92:92:15:
         de:8b:1c:ad:2d:31:74:4d:12:31:28:8a:c3:2f:0c:f3:94:43:
         ba:b1:e5:fc:d4:02:58:0a:20:12:e4:47:85:ba:79:4e:bb:33:
         5d:8d:91:04:4b:7d:6e:a1:33:c0:2a:cc:3c:30:5f:1b:b1:2c:
         0f:82:af:8f:e3:c6:65:10:2c:41:3e:80:e8:c1:95:4a:0e:a9:
         37:7f:bd:06:48:12:e6:ad:8a:f5:28:0b:b5:01:d4:9d:9f:32:
         a2:02:bc:2c:fc:1b:d3:93:e4:c5:5f:40:67:64:82:ce:7f:a8:
         1f:66:2f:54:8f:b9:76:8d:e8:22:7d:e3:3a:a3:7d:8a:ce:48:
         c0:a6:f1:62
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzDtzbEGDp1zwm06GP7RV3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM2ZGY5NGY3YmI1OGQxYmQ3NWYwZjg0ODY5NThiMzE5MDliY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jt5wgJl6AAp27j+IUvvVLmQenQe
LtDi+Ep/Z5YZDOpTYzl62OiwCTnbopAuXmXsq1ty9g2hzHbyLz0qBkrYALpS6rp3
xgu3rlcukXdGQEEQ+3tq+JhqDqA6fJAirwvSegwfAzqp/7q88BjBahIQqnvSZ+ep
hC/VLS2SHqH43j/p12Vaxh7RQ3dZc2NybDLgJgObrJoZyij/jX2LzkrhbVF2NiRD
0sVXRabFVAJa3q02pm2kaIMt3i2/So0iqA2M55Skd/u0nKpO8qLlPj036GNF/ig8
6rh+cWGM3S0+O/eHVcHguZHScDvBiBPbtNkrZbIvi+mE2Dreg+7e6GMpQwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFI8235T3u1jRvXXw+EhpWLMZCbyjMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvanpiZmxQZTdXTkc5ZGZENFNHbFlzeGtKdktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQFH9JgAwQA
Li2AAwQDLi2IMAwDBAMuLagDBAMuLbADBASwNRADBASwNXAwDAMEBbLTIAMEAbLT
KDAMAwQAstMrAwQEstMgAwQD1YBQMA0GCSqGSIb3DQEBCwUAA4IBAQBVhMsqv7Qm
2pSbM916ZYlfy/ldraQuUYW7B7FBg2QtGSJ6d8CJ9puzdFNSg75oWQYPmc5hLhue
dMGnGQfvk7wunWnMerko0lHuEYDZJj3ts6E9FRg/zuiex6Q3JiaZjBodX98Qb9i/
0s5BqfVhpYxrL3kCWGoxb2rGah+SkhXeixytLTF0TRIxKIrDLwzzlEO6seX81AJY
CiAS5EeFunlOuzNdjZEES31uoTPAKsw8MF8bsSwPgq+P48ZlECxBPoDowZVKDqk3
f70GSBLmrYr1KAu1AdSdnzKiArws/BvTk+TFX0BnZILOf6gfZi9Uj7l2jegifeM6
o32KzkjApvFi
-----END CERTIFICATE-----
Generated at Sun May 12 21:21:18 2024 by rpki-client on console-ams.rpki-client.org