Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/77FUCSalIFDSZxiUq-Bu7J18S2E.roa
File:                     77FUCSalIFDSZxiUq-Bu7J18S2E.roa (raw, json)
Hash identifier:          9NfxSpYxyW1lhr6HAbip0rQlRqUM09DPdBhF3ZEa33U=
Subject key identifier:   EF:B1:54:09:26:A5:20:50:D2:67:18:94:AB:E0:6E:EC:9D:7C:4B:61
Certificate issuer:       /CN=828bbad6f4916842bbe320284fafe10caf59edf0
Certificate serial:       018CC801CA8AD23EDF516EEF82C4DF1545AC
Authority key identifier: 82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/77FUCSalIFDSZxiUq-Bu7J18S2E.roa
Signing time:             Tue 02 Jan 2024 02:30:09 +0000
ROA not before:           Tue 02 Jan 2024 02:30:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51720
IP address blocks:        37.228.124.0/24 maxlen: 24
                          37.228.120.0/24 maxlen: 24
                          37.228.122.0/23 maxlen: 24
                          80.70.162.0/23 maxlen: 24
                          80.70.166.0/23 maxlen: 24
                          31.3.144.0/22 maxlen: 24
                          2a00:d340:ffff::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:ca:8a:d2:3e:df:51:6e:ef:82:c4:df:15:45:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=828bbad6f4916842bbe320284fafe10caf59edf0
        Validity
            Not Before: Jan  2 02:30:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=efb1540926a52050d2671894abe06eec9d7c4b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3c:9d:fa:61:92:19:83:66:eb:41:d7:32:b6:
                    77:47:c7:c4:d6:cb:e8:28:c0:85:ff:c4:28:c6:df:
                    2c:c2:68:1e:61:25:4f:e6:bb:af:82:38:17:f1:b3:
                    1c:6e:68:73:73:88:57:89:2e:c8:6f:63:a8:38:e6:
                    36:f0:68:70:db:07:4b:e4:9b:f3:50:76:97:99:a2:
                    b0:fa:35:ee:e0:d9:c8:87:84:7f:54:4f:7e:09:bb:
                    6b:14:b4:c2:78:c1:3a:b2:23:22:92:dc:74:c8:ad:
                    a5:95:28:98:41:07:99:77:9e:26:e9:1f:b8:3c:8e:
                    6b:f1:d5:2b:ea:a4:c6:24:59:56:d0:f8:2a:ee:78:
                    ea:05:6b:e4:ae:56:6d:9a:f8:61:1d:66:88:70:7d:
                    6a:10:c4:e8:c3:b4:fc:99:6b:9e:61:4f:bd:16:fb:
                    f7:83:29:d3:e1:b5:b0:77:3e:e0:41:41:7b:0f:5e:
                    7b:d0:e1:02:5c:ab:d6:39:2f:72:86:0a:95:92:2c:
                    69:41:20:5c:bf:c5:f0:c4:86:43:5a:c6:55:78:62:
                    c6:c3:44:79:69:b4:13:16:db:e8:f3:d3:0b:f7:99:
                    23:ec:4a:e1:18:f8:e0:12:6a:79:1c:10:02:96:ca:
                    fe:82:ec:3f:7b:63:e7:62:ee:ad:73:4b:5f:7e:fc:
                    0b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:B1:54:09:26:A5:20:50:D2:67:18:94:AB:E0:6E:EC:9D:7C:4B:61
            X509v3 Authority Key Identifier:
                keyid:82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/77FUCSalIFDSZxiUq-Bu7J18S2E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.3.144.0/22
                  37.228.120.0/24
                  37.228.122.0-37.228.124.255
                  80.70.162.0/23
                  80.70.166.0/23
                IPv6:
                  2a00:d340:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:02:ff:ff:19:1d:8f:aa:fa:da:63:65:b7:b1:81:a1:9f:bb:
         d3:db:05:3d:6f:69:fc:56:ee:ae:41:3b:fb:55:d7:fd:d3:4a:
         8e:42:9e:fa:9d:5a:b5:a0:08:ae:d6:76:92:4b:59:78:06:38:
         be:d3:7d:7d:57:92:31:75:3b:b6:1d:8d:b3:af:f9:a0:e2:30:
         d0:00:29:a2:ce:5e:c6:c3:b2:56:f1:e6:14:06:9a:96:73:8e:
         29:d5:0c:57:1b:5a:b9:d9:66:ee:e7:0e:c9:5d:99:87:de:20:
         f8:24:71:cb:62:9e:ea:5f:18:13:9c:06:fe:bc:7d:c7:67:c1:
         36:ec:78:0a:20:7f:04:3b:f8:c4:a7:db:62:fc:e9:90:95:cf:
         49:7c:a0:a8:69:34:ca:69:07:e2:45:b7:84:6c:38:65:b1:47:
         0a:15:bb:8e:d0:62:d2:20:ff:16:5c:32:04:67:ed:57:6b:d8:
         f6:c8:8c:f5:df:47:49:99:09:2d:98:e4:36:0a:3a:16:02:9b:
         2e:c2:63:74:13:97:1e:68:54:1b:20:5c:c2:7b:ec:dd:92:6c:
         a7:10:aa:3a:7b:cb:01:b7:5e:30:d3:f8:1a:9c:25:8f:a7:06:
         37:b2:86:9b:98:76:ab:49:6a:3d:88:6d:66:85:7d:de:64:c4:
         3f:ca:8c:83
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzIAcqK0j7fUW7vgsTfFUWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOGJiYWQ2ZjQ5MTY4NDJiYmUzMjAyODRmYWZlMTBjYWY1
OWVkZjAwHhcNMjQwMTAyMDIzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmIxNTQwOTI2YTUyMDUwZDI2NzE4OTRhYmUwNmVlYzlkN2M0YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDyd+mGSGYNm60HXMrZ3R8fE1svo
KMCF/8Qoxt8swmgeYSVP5ruvgjgX8bMcbmhzc4hXiS7Ib2OoOOY28Ghw2wdL5Jvz
UHaXmaKw+jXu4NnIh4R/VE9+CbtrFLTCeME6siMiktx0yK2llSiYQQeZd54m6R+4
PI5r8dUr6qTGJFlW0Pgq7njqBWvkrlZtmvhhHWaIcH1qEMTow7T8mWueYU+9Fvv3
gynT4bWwdz7gQUF7D1570OECXKvWOS9yhgqVkixpQSBcv8XwxIZDWsZVeGLGw0R5
abQTFtvo89ML95kj7ErhGPjgEmp5HBAClsr+guw/e2PnYu6tc0tffvwLswIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFO+xVAkmpSBQ0mcYlKvgbuydfEthMB8GA1UdIwQY
MBaAFIKLutb0kWhCu+MgKE+v4QyvWe3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgt
MTg5NjU1NWEyZjBlLzEvNzdGVUNTYWxJRkRTWnhpVXEtQnU3SjE4UzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgtMTg5NjU1NWEyZjBl
LzEvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQCHwOQAwQA
JeR4MAwDBAEl5HoDBAAl5HwDBAFQRqIDBAFQRqYwDwQCAAIwCQMHACoA00D//zAN
BgkqhkiG9w0BAQsFAAOCAQEANAL//xkdj6r62mNlt7GBoZ+709sFPW9p/FburkE7
+1XX/dNKjkKe+p1ataAIrtZ2kktZeAY4vtN9fVeSMXU7th2Ns6/5oOIw0AApos5e
xsOyVvHmFAaalnOOKdUMVxtaudlm7ucOyV2Zh94g+CRxy2Ke6l8YE5wG/rx9x2fB
Nux4CiB/BDv4xKfbYvzpkJXPSXygqGk0ymkH4kW3hGw4ZbFHChW7jtBi0iD/Flwy
BGftV2vY9siM9d9HSZkJLZjkNgo6FgKbLsJjdBOXHmhUGyBcwnvs3ZJspxCqOnvL
AbdeMNP4Gpwlj6cGN7KGm5h2q0lqPYhtZoV93mTEP8qMgw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 22:58:36 2024 by rpki-client on console-fra.rpki-client.org