Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wELnbMzbWnY8YVtoPK0EjsF4__4.roa
File:                     wELnbMzbWnY8YVtoPK0EjsF4__4.roa (raw, json)
Hash identifier:          QD1dbp0kDfXzglph2ce8/EZjVLdMzIXb+00DsZLp7k0=
Subject key identifier:   C0:42:E7:6C:CC:DB:5A:76:3C:61:5B:68:3C:AD:04:8E:C1:78:FF:FE
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       01923D17E45361C72AE8D493499BCBAD8D9D
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wELnbMzbWnY8YVtoPK0EjsF4__4.roa
Signing time:             Sun 29 Sep 2024 09:23:48 +0000
ROA not before:           Sun 29 Sep 2024 09:23:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51026
IP address blocks:        62.220.126.0/24 maxlen: 24
                          62.220.127.0/24 maxlen: 24
                          81.12.24.0/22 maxlen: 24
                          81.12.24.0/24 maxlen: 24
                          81.12.25.0/24 maxlen: 24
                          81.12.26.0/24 maxlen: 24
                          81.12.27.0/24 maxlen: 24
                          81.12.30.0/24 maxlen: 24
                          81.12.31.0/24 maxlen: 24
                          87.107.110.0/23 maxlen: 24
                          87.107.110.0/24 maxlen: 24
                          87.107.111.0/24 maxlen: 24
                          87.107.144.0/24 maxlen: 24
                          87.107.152.0/24 maxlen: 24
                          87.107.153.0/24 maxlen: 24
                          87.107.166.0/24 maxlen: 24
                          87.107.167.0/24 maxlen: 24
                          87.107.174.0/24 maxlen: 24
                          87.107.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:3d:17:e4:53:61:c7:2a:e8:d4:93:49:9b:cb:ad:8d:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Sep 29 09:23:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c042e76cccdb5a763c615b683cad048ec178fffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a1:f0:e3:2a:4c:be:cb:3b:2e:3f:61:9a:2a:
                    bd:23:fc:a9:06:11:7f:2e:c7:32:26:07:76:f8:16:
                    21:e3:3e:fd:3c:28:ff:fa:2a:27:9c:1e:af:ed:96:
                    2a:0e:ad:c7:86:96:72:1c:f6:c1:0c:69:68:2d:5f:
                    11:49:24:65:f5:9f:d6:0b:d9:60:c1:20:53:d7:28:
                    66:c1:80:5b:7e:51:c0:ad:8c:5f:c3:5b:3f:55:f7:
                    5d:32:1b:21:04:d9:45:31:7a:35:04:a2:01:99:d1:
                    ac:4c:86:50:47:08:4c:6d:d2:57:bb:aa:a3:a8:9f:
                    24:fc:28:6d:35:7a:5c:40:be:28:ea:5f:d1:6f:b7:
                    2a:a1:24:12:35:3d:bf:66:d2:29:f3:90:f4:a9:a7:
                    76:8d:e8:2b:1a:2e:57:e1:59:74:af:6f:58:8f:6f:
                    fa:bd:f2:d7:a0:a3:ea:5a:7e:8f:85:10:6e:3f:68:
                    c2:24:31:8c:34:af:35:5f:5b:a9:3c:d5:d8:56:03:
                    b5:55:ff:27:23:8e:e7:90:d1:86:46:4a:3f:e0:55:
                    72:74:67:a0:8b:2b:de:1d:fc:b2:ff:29:98:fb:72:
                    1b:8b:da:85:c5:4b:c4:df:b7:3e:81:be:3a:36:bb:
                    4a:88:94:f5:7b:b6:64:08:e4:66:89:06:45:4f:18:
                    b2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:42:E7:6C:CC:DB:5A:76:3C:61:5B:68:3C:AD:04:8E:C1:78:FF:FE
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wELnbMzbWnY8YVtoPK0EjsF4__4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.220.126.0/23
                  81.12.24.0/22
                  81.12.30.0/23
                  87.107.110.0/23
                  87.107.144.0/24
                  87.107.152.0/23
                  87.107.166.0/23
                  87.107.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:cb:a6:db:04:e1:50:79:db:15:92:ec:82:aa:4e:81:a7:38:
         6e:08:80:c2:55:20:0f:95:68:05:fe:5d:19:58:c5:77:72:f7:
         7a:bc:71:f1:92:02:bd:77:54:f0:b6:6b:48:f1:b3:83:2a:39:
         be:a6:33:7c:72:c2:1d:f9:f2:57:2e:b8:bb:f7:06:60:4a:61:
         01:ad:98:d8:8c:f2:f9:cf:f7:e4:91:cd:99:b0:0d:ea:00:58:
         fd:bb:99:d7:60:8b:f0:e4:a4:cf:cf:25:25:73:de:51:4a:73:
         54:0a:4b:47:75:bf:21:11:e4:96:68:3f:50:05:f5:de:8f:d2:
         39:5e:2f:c2:92:8e:4c:82:a1:3b:45:4c:52:48:64:c6:b3:cc:
         cf:1f:9d:fe:89:6b:fa:16:63:36:db:d2:28:d6:02:82:e6:f4:
         b3:9a:25:db:66:ba:b6:6a:eb:ed:a3:f5:18:17:82:93:e2:53:
         70:75:35:82:8a:78:cb:f7:03:2a:c9:3b:3b:c9:89:ad:ee:83:
         3e:f2:40:aa:4c:ca:47:c3:51:37:eb:30:66:fe:76:bd:59:d6:
         19:43:02:c0:59:61:2a:d8:52:1d:a6:9a:1b:74:0d:ad:53:e3:
         0c:9c:42:a0:af:52:43:bc:a0:86:fe:26:b6:d0:d5:05:bd:93:
         73:a7:62:2f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZI9F+RTYccq6NSTSZvLrY2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwOTI5MDkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQyZTc2Y2NjZGI1YTc2M2M2MTViNjgzY2FkMDQ4ZWMxNzhmZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qHw4ypMvss7Lj9hmiq9I/ypBhF/
LscyJgd2+BYh4z79PCj/+ionnB6v7ZYqDq3HhpZyHPbBDGloLV8RSSRl9Z/WC9lg
wSBT1yhmwYBbflHArYxfw1s/VfddMhshBNlFMXo1BKIBmdGsTIZQRwhMbdJXu6qj
qJ8k/ChtNXpcQL4o6l/Rb7cqoSQSNT2/ZtIp85D0qad2jegrGi5X4Vl0r29Yj2/6
vfLXoKPqWn6PhRBuP2jCJDGMNK81X1upPNXYVgO1Vf8nI47nkNGGRko/4FVydGeg
iyveHfyy/ymY+3Ibi9qFxUvE37c+gb46NrtKiJT1e7ZkCORmiQZFTxiyEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMBC52zM21p2PGFbaDytBI7BeP/+MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvd0VMbmJNemJXblk4WVZ0b1BLMEVqc0Y0X180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPtx+AwQC
UQwYAwQBUQweAwQBV2tuAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3
DQEBCwUAA4IBAQAzy6bbBOFQedsVkuyCqk6BpzhuCIDCVSAPlWgF/l0ZWMV3cvd6
vHHxkgK9d1TwtmtI8bODKjm+pjN8csId+fJXLri79wZgSmEBrZjYjPL5z/fkkc2Z
sA3qAFj9u5nXYIvw5KTPzyUlc95RSnNUCktHdb8hEeSWaD9QBfXej9I5Xi/Cko5M
gqE7RUxSSGTGs8zPH53+iWv6FmM229Io1gKC5vSzmiXbZrq2auvto/UYF4KT4lNw
dTWCinjL9wMqyTs7yYmt7oM+8kCqTMpHw1E36zBm/na9WdYZQwLAWWEq2FIdppob
dA2tU+MMnEKgr1JDvKCG/ia20NUFvZNzp2Iv
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:01 2024 by rpki-client on console-fra.rpki-client.org