Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa
File:                     guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa (raw, json)
Hash identifier:          /jWxp+cpyQYE76iwfcsMXO9EOc4zH55O4XGOYSxH71I=
Subject key identifier:   82:E2:D2:0B:92:93:23:DC:33:10:9D:97:B3:4A:7F:A1:0B:97:B5:9B
Certificate issuer:       /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial:       018DF47C122EF12A6887236E539582F62942
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa
Signing time:             Thu 29 Feb 2024 10:49:48 +0000
ROA not before:           Thu 29 Feb 2024 10:49:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39020
IP address blocks:        5.145.168.0/24 maxlen: 24
                          5.145.169.0/24 maxlen: 24
                          5.145.170.0/24 maxlen: 24
                          5.145.171.0/24 maxlen: 24
                          5.145.172.0/24 maxlen: 24
                          5.145.173.0/24 maxlen: 24
                          5.145.174.0/24 maxlen: 24
                          5.145.175.0/24 maxlen: 24
                          45.80.12.0/24 maxlen: 24
                          45.80.14.0/24 maxlen: 24
                          45.80.15.0/24 maxlen: 24
                          77.81.112.0/24 maxlen: 24
                          77.81.113.0/24 maxlen: 24
                          77.81.114.0/24 maxlen: 24
                          77.81.115.0/24 maxlen: 24
                          77.81.116.0/24 maxlen: 24
                          77.81.117.0/24 maxlen: 24
                          77.81.118.0/24 maxlen: 24
                          77.81.119.0/24 maxlen: 24
                          91.192.108.0/24 maxlen: 24
                          91.192.109.0/24 maxlen: 24
                          91.192.110.0/24 maxlen: 24
                          91.192.111.0/24 maxlen: 24
                          93.93.64.0/24 maxlen: 24
                          93.93.65.0/24 maxlen: 24
                          93.93.66.0/24 maxlen: 24
                          93.93.67.0/24 maxlen: 24
                          93.93.68.0/24 maxlen: 24
                          93.93.69.0/24 maxlen: 24
                          93.93.70.0/24 maxlen: 24
                          93.93.71.0/24 maxlen: 24
                          93.113.160.0/24 maxlen: 24
                          93.113.161.0/24 maxlen: 24
                          93.113.162.0/24 maxlen: 24
                          93.113.163.0/24 maxlen: 24
                          185.50.196.0/22 maxlen: 22
                          185.50.196.0/24 maxlen: 24
                          185.50.197.0/24 maxlen: 24
                          185.50.198.0/24 maxlen: 24
                          185.50.199.0/24 maxlen: 24
                          195.78.228.0/24 maxlen: 24
                          195.78.229.0/24 maxlen: 24
                          195.78.230.0/24 maxlen: 24
                          195.78.231.0/24 maxlen: 24
                          217.61.128.0/24 maxlen: 24
                          217.61.129.0/24 maxlen: 24
                          217.61.130.0/24 maxlen: 24
                          217.61.131.0/24 maxlen: 24
                          217.61.133.0/24 maxlen: 24
                          217.61.134.0/24 maxlen: 24
                          217.61.135.0/24 maxlen: 24
                          217.61.136.0/24 maxlen: 24
                          217.61.137.0/24 maxlen: 24
                          217.61.138.0/24 maxlen: 24
                          217.61.139.0/24 maxlen: 24
                          217.61.140.0/24 maxlen: 24
                          217.61.141.0/24 maxlen: 24
                          217.61.142.0/24 maxlen: 24
                          217.61.143.0/24 maxlen: 24
                          2a00:1d70::/33 maxlen: 33
                          2a00:1d70:1ac1::/48 maxlen: 48
                          2a00:1d70:8000::/33 maxlen: 33

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:f4:7c:12:2e:f1:2a:68:87:23:6e:53:95:82:f6:29:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
        Validity
            Not Before: Feb 29 10:49:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=82e2d20b929323dc33109d97b34a7fa10b97b59b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:57:7e:a1:30:f2:fe:2e:fb:8b:73:01:05:cf:
                    67:a6:14:27:81:27:40:5a:06:92:0e:cb:9c:34:a7:
                    80:19:3a:03:20:f1:da:be:9c:bd:c1:be:7f:a4:8e:
                    48:96:33:22:05:6e:48:34:9f:70:7b:50:d1:ff:f4:
                    aa:d9:97:06:a3:c2:00:5f:2f:39:46:12:9f:56:be:
                    c6:c7:2f:fd:86:be:2c:63:61:8f:be:4a:5b:52:c4:
                    75:9d:9b:62:f5:9d:63:72:ce:8c:6b:3a:a6:04:a6:
                    5e:9f:47:16:42:4f:ff:de:0c:02:66:38:44:0f:78:
                    ee:cd:ee:8e:eb:f2:35:8c:b6:47:0d:85:f0:71:10:
                    8f:4b:ff:7a:85:37:5b:39:be:d9:13:52:32:bc:7d:
                    b0:05:79:11:9c:32:eb:9a:3d:83:7d:0d:94:47:8c:
                    d1:97:ad:81:98:98:06:b0:e6:d9:9a:db:42:95:be:
                    87:2f:55:63:21:9a:ae:5c:44:39:e4:4b:9b:e0:4f:
                    78:0d:03:83:08:82:79:6f:98:5e:34:d9:57:1c:dd:
                    9d:df:21:73:98:a0:8a:26:11:55:9e:25:85:33:ea:
                    e1:59:14:61:c9:19:9f:c6:22:c8:d9:f1:3f:31:17:
                    4c:4c:c9:94:cb:99:7e:f1:fb:99:9a:ec:46:eb:64:
                    d1:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:E2:D2:0B:92:93:23:DC:33:10:9D:97:B3:4A:7F:A1:0B:97:B5:9B
            X509v3 Authority Key Identifier:
                keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/guLSC5KTI9wzEJ2Xs0p_oQuXtZs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.145.168.0/21
                  45.80.12.0/24
                  45.80.14.0/23
                  77.81.112.0/21
                  91.192.108.0/22
                  93.93.64.0/21
                  93.113.160.0/22
                  185.50.196.0/22
                  195.78.228.0/22
                  217.61.128.0/22
                  217.61.133.0-217.61.143.255
                IPv6:
                  2a00:1d70::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:0b:42:81:61:1e:e5:9a:0f:fc:6f:c7:34:df:cd:83:cc:91:
         28:7e:ef:07:71:c8:c8:df:cb:3f:1e:43:0d:26:09:0b:bd:d1:
         eb:e1:9f:b3:96:56:c6:72:26:56:36:bc:35:41:cd:e2:9f:df:
         2e:28:df:5f:0e:ac:f4:ef:09:80:10:92:eb:28:99:69:cd:06:
         f2:d2:09:5d:07:37:2c:d0:fe:32:1b:d6:70:7c:f5:6a:70:a1:
         57:39:96:ba:05:3c:cd:d1:e2:a4:9f:9b:42:29:47:be:3d:bf:
         54:84:e2:ff:53:07:76:ce:83:f5:8c:d2:84:ec:87:4e:34:ee:
         40:2e:79:a9:4c:b6:80:b5:f8:11:82:51:66:b8:da:81:b0:ae:
         d6:cd:b9:90:98:e1:65:94:d3:f9:df:5b:1a:a8:88:1c:5a:37:
         3c:03:b4:4a:98:72:1e:8a:dc:52:18:e6:9d:13:5b:3d:26:41:
         bb:9a:ef:ff:d2:e9:1a:57:15:80:34:ec:55:49:45:5d:1d:0d:
         68:7f:b9:6c:24:7a:18:40:b3:bd:10:cc:5c:f9:9b:d7:21:65:
         c0:a8:e5:c4:79:01:43:0f:90:92:a4:a2:62:19:57:32:3b:8d:
         81:ed:6a:03:3c:cb:c5:69:12:69:1b:84:9a:dd:4b:a5:40:92:
         35:5d:cb:a6
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY30fBIu8SpohyNuU5WC9ilCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjQwMjI5MTA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUyZDIwYjkyOTMyM2RjMzMxMDlkOTdiMzRhN2ZhMTBiOTdiNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwld+oTDy/i77i3MBBc9nphQngSdA
WgaSDsucNKeAGToDIPHavpy9wb5/pI5IljMiBW5INJ9we1DR//Sq2ZcGo8IAXy85
RhKfVr7Gxy/9hr4sY2GPvkpbUsR1nZti9Z1jcs6MazqmBKZen0cWQk//3gwCZjhE
D3juze6O6/I1jLZHDYXwcRCPS/96hTdbOb7ZE1IyvH2wBXkRnDLrmj2DfQ2UR4zR
l62BmJgGsObZmttClb6HL1VjIZquXEQ55Eub4E94DQODCIJ5b5heNNlXHN2d3yFz
mKCKJhFVniWFM+rhWRRhyRmfxiLI2fE/MRdMTMmUy5l+8fuZmuxG62TRiwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFILi0guSkyPcMxCdl7NKf6ELl7WbMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvZ3VMU0M1S1RJOXd6RUoyWHMwcF9vUXVYdFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQDBZGoAwQA
LVAMAwQBLVAOAwQDTVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC
2T2AMAwDBADZPYUDBATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQAD
ggEBADULQoFhHuWaD/xvxzTfzYPMkSh+7wdxyMjfyz8eQw0mCQu90evhn7OWVsZy
JlY2vDVBzeKf3y4o318OrPTvCYAQkusomWnNBvLSCV0HNyzQ/jIb1nB89WpwoVc5
lroFPM3R4qSfm0IpR749v1SE4v9TB3bOg/WM0oTsh0407kAuealMtoC1+BGCUWa4
2oGwrtbNuZCY4WWU0/nfWxqoiBxaNzwDtEqYch6K3FIY5p0TWz0mQbua7//S6RpX
FYA07FVJRV0dDWh/uWwkehhAs70QzFz5m9chZcCo5cR5AUMPkJKkomIZVzI7jYHt
agM8y8VpEmkbhJrdS6VAkjVdy6Y=
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:58:27 2024 by rpki-client on console-ams.rpki-client.org