Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa
File:                     H2t_LGWoc00CKhQcmzUP8qnKjDg.roa (raw, json)
Hash identifier:          RdFvQ9nOqZRgaqmpT7plYco9SfkeSrngEoWynELM46c=
Subject key identifier:   1F:6B:7F:2C:65:A8:73:4D:02:2A:14:1C:9B:35:0F:F2:A9:CA:8C:38
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       018F76DE37E1ED873E8C453E609D5B77AC77
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa
Signing time:             Tue 14 May 2024 11:30:25 +0000
ROA not before:           Tue 14 May 2024 11:30:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61071
IP address blocks:        77.78.25.0/24 maxlen: 24
                          77.78.39.0/24 maxlen: 24
                          77.78.40.0/24 maxlen: 24
                          77.78.41.0/24 maxlen: 24
                          77.78.50.0/24 maxlen: 24
                          77.78.52.0/24 maxlen: 24
                          77.78.53.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:76:de:37:e1:ed:87:3e:8c:45:3e:60:9d:5b:77:ac:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: May 14 11:30:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1f6b7f2c65a8734d022a141c9b350ff2a9ca8c38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a8:1b:c8:92:e9:cd:c8:dc:37:1a:11:43:4d:
                    d6:90:5d:27:5a:c8:4d:db:81:c9:62:25:a0:89:8a:
                    cb:82:45:da:cb:f0:7a:23:19:21:85:41:83:05:7a:
                    b8:d7:55:b3:ac:08:5c:49:cd:12:f4:77:4d:79:82:
                    15:64:a6:70:d5:98:7a:82:59:f2:89:97:19:57:2e:
                    79:4b:18:5a:9f:90:fb:bd:de:c8:6d:e5:7a:6f:68:
                    eb:37:a8:96:bf:47:ae:85:2c:20:e9:e8:1b:07:ed:
                    20:cc:16:6e:ba:91:24:78:e0:ff:95:ee:32:ff:cd:
                    88:32:33:bd:75:fb:fb:c1:98:bd:1a:32:c8:30:6c:
                    e0:83:e3:30:3f:77:7f:d1:3d:2d:53:ac:9f:2d:64:
                    26:60:0e:76:a0:9e:96:0a:47:ae:16:64:1e:49:59:
                    fc:aa:4b:f5:35:54:b9:4d:b0:e3:ea:ec:2b:9a:53:
                    50:97:44:12:f2:78:1e:74:68:18:b1:be:15:c5:27:
                    f1:7e:48:ed:cc:72:af:92:a1:42:d0:e7:0a:79:6b:
                    51:23:79:dd:61:e0:a2:dd:f9:9d:ec:79:e6:50:89:
                    1d:4e:17:57:60:3f:d0:1c:ec:d9:f5:3d:57:d4:c7:
                    86:58:e5:85:62:f3:ae:74:d9:7d:93:46:44:6c:2d:
                    45:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:6B:7F:2C:65:A8:73:4D:02:2A:14:1C:9B:35:0F:F2:A9:CA:8C:38
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.78.25.0/24
                  77.78.39.0-77.78.41.255
                  77.78.50.0/24
                  77.78.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:38:46:9e:5b:00:87:6f:28:b2:67:1b:df:88:81:8f:46:a1:
         80:3b:e9:ed:32:c2:61:88:3a:65:5d:ee:1c:fd:4a:d4:39:91:
         35:6b:ad:04:ab:ad:1f:3a:2f:b5:40:49:df:be:28:88:8f:77:
         ae:47:cc:1c:10:34:53:48:70:0d:48:f3:41:39:65:9b:b0:17:
         33:e3:60:b4:1b:42:f2:dd:2c:6b:84:25:1e:17:19:68:ac:45:
         81:7b:0c:43:a4:4a:14:8f:04:f6:24:6c:32:b3:87:8e:10:56:
         4e:87:28:51:23:a6:45:f1:79:fb:35:31:e8:07:02:bd:09:f8:
         a5:0d:6f:86:61:78:bd:b8:55:01:8c:c8:03:d2:78:a3:77:a9:
         20:71:3a:43:56:8f:2d:06:0b:9c:31:9f:b0:9a:c7:7f:7e:95:
         6b:f5:1c:e8:01:fc:f3:c1:16:65:cf:37:1a:ff:0d:7a:ac:28:
         76:3b:59:3a:4d:8c:8f:9e:f9:07:a1:7d:0b:86:49:43:38:a2:
         ca:fc:e2:8a:d8:07:58:d7:57:7f:07:25:dc:7c:d2:7f:27:50:
         72:8f:ae:17:6d:f6:44:b7:58:1c:9d:87:f7:40:43:d0:ac:d2:
         68:f1:de:f6:14:f9:eb:71:2d:f0:fb:71:17:48:83:f1:81:3d:
         a0:a2:51:15
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY923jfh7Yc+jEU+YJ1bd6x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwNTE0MTEzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZiN2YyYzY1YTg3MzRkMDIyYTE0MWM5YjM1MGZmMmE5Y2E4YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagbyJLpzcjcNxoRQ03WkF0nWshN
24HJYiWgiYrLgkXay/B6IxkhhUGDBXq411WzrAhcSc0S9HdNeYIVZKZw1Zh6glny
iZcZVy55Sxhan5D7vd7IbeV6b2jrN6iWv0euhSwg6egbB+0gzBZuupEkeOD/le4y
/82IMjO9dfv7wZi9GjLIMGzgg+MwP3d/0T0tU6yfLWQmYA52oJ6WCkeuFmQeSVn8
qkv1NVS5TbDj6uwrmlNQl0QS8ngedGgYsb4VxSfxfkjtzHKvkqFC0OcKeWtRI3nd
YeCi3fmd7HnmUIkdThdXYD/QHOzZ9T1X1MeGWOWFYvOudNl9k0ZEbC1FRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB9rfyxlqHNNAioUHJs1D/Kpyow4MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvSDJ0X0xHV29jMDBDS2hRY216VVA4cW5LakRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATU4ZMAwD
BABNTicDBAFNTigDBABNTjIDBAFNTjQwDQYJKoZIhvcNAQELBQADggEBAG04Rp5b
AIdvKLJnG9+IgY9GoYA76e0ywmGIOmVd7hz9StQ5kTVrrQSrrR86L7VASd++KIiP
d65HzBwQNFNIcA1I80E5ZZuwFzPjYLQbQvLdLGuEJR4XGWisRYF7DEOkShSPBPYk
bDKzh44QVk6HKFEjpkXxefs1MegHAr0J+KUNb4ZheL24VQGMyAPSeKN3qSBxOkNW
jy0GC5wxn7Cax39+lWv1HOgB/PPBFmXPNxr/DXqsKHY7WTpNjI+e+QehfQuGSUM4
osr84orYB1jXV38HJdx80n8nUHKPrhdt9kS3WBydh/dAQ9Cs0mjx3vYU+etxLfD7
cRdIg/GBPaCiURU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:56 2024 by rpki-client on console-ams.rpki-client.org