Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/F85ULovVku1lzD_d-Gb-cnTYqT8.roa
File:                     F85ULovVku1lzD_d-Gb-cnTYqT8.roa (raw, json)
Hash identifier:          o0T21BuHq60UeF2YU+WQyh84uM9EKqlSeS/U8dMTJk4=
Subject key identifier:   17:CE:54:2E:8B:D5:92:ED:65:CC:3F:DD:F8:66:FE:72:74:D8:A9:3F
Certificate issuer:       /CN=a0a154441df9623eeb5a196138d21bef5824b441
Certificate serial:       0190A2080B0A4C55E937C684637EAADF0FD2
Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/F85ULovVku1lzD_d-Gb-cnTYqT8.roa
Signing time:             Thu 11 Jul 2024 13:42:34 +0000
ROA not before:           Thu 11 Jul 2024 13:42:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34049
IP address blocks:        77.240.181.0/24 maxlen: 24
                          81.19.12.0/23 maxlen: 23
                          81.19.14.0/24 maxlen: 24
                          2a02:e98:c000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:a2:08:0b:0a:4c:55:e9:37:c6:84:63:7e:aa:df:0f:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441
        Validity
            Not Before: Jul 11 13:42:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=17ce542e8bd592ed65cc3fddf866fe7274d8a93f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:c6:98:01:0f:b8:ed:da:f5:d9:6e:a8:f9:1b:
                    6e:01:0f:4f:e5:f0:27:6d:1d:8b:6e:98:8e:d7:23:
                    2c:73:58:bb:af:16:4e:11:9f:1f:c1:c1:c8:c5:a7:
                    21:5b:d7:0c:93:ed:32:fa:b2:3b:2e:e1:63:88:80:
                    4f:d6:40:f6:90:83:88:5f:52:77:34:d2:95:5f:69:
                    98:6b:c9:35:b0:b4:e6:ae:b4:ab:5b:a4:ad:a3:e6:
                    47:a9:e1:f5:32:5a:8c:db:82:ac:f3:04:95:45:14:
                    e0:34:f5:6a:c7:7d:a7:16:91:81:d5:d8:0e:1d:27:
                    1e:44:c2:18:7d:1f:3c:32:89:be:4b:93:86:d3:24:
                    a5:1e:36:56:c5:93:03:f4:4c:6a:55:b4:c4:57:9b:
                    c4:b3:8c:09:4e:e9:94:7e:84:ac:51:8c:4f:6f:12:
                    ee:3b:08:be:59:2c:3b:81:1b:17:2e:d2:ad:62:58:
                    bb:f7:0d:85:0c:b6:ba:74:38:ed:6c:7a:dd:d6:34:
                    cf:4c:8e:6a:58:f2:ca:99:e9:86:38:68:04:92:b9:
                    b1:09:50:0d:89:69:63:8c:52:e8:8a:82:32:63:11:
                    f9:c3:41:a6:fa:26:b7:33:23:69:5c:45:ef:dd:0e:
                    bb:c1:3b:a8:be:42:98:e6:36:28:12:25:37:37:d1:
                    c0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:CE:54:2E:8B:D5:92:ED:65:CC:3F:DD:F8:66:FE:72:74:D8:A9:3F
            X509v3 Authority Key Identifier:
                keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/F85ULovVku1lzD_d-Gb-cnTYqT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.240.181.0/24
                  81.19.12.0-81.19.14.255
                IPv6:
                  2a02:e98:c000::/34

    Signature Algorithm: sha256WithRSAEncryption
         98:a8:6b:b2:ae:54:7c:c0:7f:9a:9b:f1:94:74:6f:1b:12:8b:
         16:22:e1:ef:2f:ae:26:04:d4:b1:ea:47:cb:80:5e:e0:c6:ef:
         68:d3:df:91:12:c7:ea:8f:77:d1:a1:34:86:c8:86:73:28:f3:
         37:64:93:c5:01:f8:a5:b0:f9:11:b1:6b:ed:5d:ab:52:2b:a8:
         04:e4:08:eb:48:98:2f:fc:04:6e:19:99:78:f6:7e:d5:7e:87:
         11:6c:47:bf:dd:9c:c1:e2:62:0c:91:ef:f6:8b:d6:65:e4:69:
         54:ee:3f:a7:84:ae:26:8b:c5:48:20:81:6f:55:8c:a0:3a:be:
         d5:52:25:80:3b:04:02:65:5a:13:eb:70:9b:5b:eb:65:82:8b:
         3e:38:f3:7a:b4:fa:ac:74:3e:41:47:2b:31:44:5c:0a:8d:e3:
         44:48:92:ac:f7:cd:89:33:c9:d9:a6:f0:f4:87:63:bf:9d:fe:
         89:0b:c8:09:d4:f3:3e:27:f9:52:d2:a9:7a:9d:fe:fb:13:e4:
         79:8f:7b:c2:3e:ab:9e:1b:6d:eb:25:06:6d:dc:5b:c4:d1:c9:
         d4:4c:a1:23:fc:9b:45:9d:eb:4e:06:09:99:bd:42:42:bd:6a:
         71:ae:80:2c:df:91:8e:ef:84:e1:1f:dd:75:fc:8b:82:1c:c6:
         f4:7f:48:09
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZCiCAsKTFXpN8aEY36q3w/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy
NGI0NDEwHhcNMjQwNzExMTM0MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2NlNTQyZThiZDU5MmVkNjVjYzNmZGRmODY2ZmU3Mjc0ZDhhOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58aYAQ+47dr12W6o+RtuAQ9P5fAn
bR2LbpiO1yMsc1i7rxZOEZ8fwcHIxachW9cMk+0y+rI7LuFjiIBP1kD2kIOIX1J3
NNKVX2mYa8k1sLTmrrSrW6Sto+ZHqeH1MlqM24Ks8wSVRRTgNPVqx32nFpGB1dgO
HSceRMIYfR88Mom+S5OG0ySlHjZWxZMD9ExqVbTEV5vEs4wJTumUfoSsUYxPbxLu
Owi+WSw7gRsXLtKtYli79w2FDLa6dDjtbHrd1jTPTI5qWPLKmemGOGgEkrmxCVAN
iWljjFLoioIyYxH5w0Gm+ia3MyNpXEXv3Q67wTuovkKY5jYoEiU3N9HAWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBfOVC6L1ZLtZcw/3fhm/nJ02Kk/MB8GA1UdIwQY
MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt
OWQ5NDM2NzFhOGEzLzEvRjg1VUxvdlZrdTFsekRfZC1HYi1jblRZcVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz
LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQATfC1MAwD
BAJREwwDBABREw4wDgQCAAIwCAMGBioCDpjAMA0GCSqGSIb3DQEBCwUAA4IBAQCY
qGuyrlR8wH+am/GUdG8bEosWIuHvL64mBNSx6kfLgF7gxu9o09+REsfqj3fRoTSG
yIZzKPM3ZJPFAfilsPkRsWvtXatSK6gE5AjrSJgv/ARuGZl49n7VfocRbEe/3ZzB
4mIMke/2i9Zl5GlU7j+nhK4mi8VIIIFvVYygOr7VUiWAOwQCZVoT63CbW+tlgos+
OPN6tPqsdD5BRysxRFwKjeNESJKs982JM8nZpvD0h2O/nf6JC8gJ1PM+J/lS0ql6
nf77E+R5j3vCPqueG23rJQZt3FvE0cnUTKEj/JtFnetOBgmZvUJCvWpxroAs35GO
74ThH911/IuCHMb0f0gJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:52:06 2024 by rpki-client on console-ams.rpki-client.org