Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa
File:                     megyW4U_lL8RTz9E0KvaPBh1Ow4.roa (raw, json)
Hash identifier:          slCglNmExux2MjDSrCc4xKZ3bgDlhaC9sZ2n2FnWPz0=
Subject key identifier:   99:E8:32:5B:85:3F:94:BF:11:4F:3F:44:D0:AB:DA:3C:18:75:3B:0E
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018CC8DFA9755A4AB79AE2FCDCB417D58E4D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa
Signing time:             Tue 02 Jan 2024 06:32:30 +0000
ROA not before:           Tue 02 Jan 2024 06:32:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205090
IP address blocks:        185.112.102.0/24 maxlen: 24
                          185.112.101.0/24 maxlen: 24
                          185.112.103.0/24 maxlen: 24
                          45.9.73.0/24 maxlen: 24
                          45.9.75.0/24 maxlen: 24
                          193.162.143.0/24 maxlen: 24
                          185.233.83.0/24 maxlen: 24
                          185.105.90.0/24 maxlen: 24
                          185.105.88.0/24 maxlen: 24
                          185.105.91.0/24 maxlen: 24
                          185.105.89.0/24 maxlen: 24
                          185.221.162.0/24 maxlen: 24
                          45.95.202.0/24 maxlen: 24
                          185.102.139.0/24 maxlen: 24
                          45.95.203.0/24 maxlen: 24
                          45.90.216.0/24 maxlen: 24
                          45.90.218.0/24 maxlen: 24
                          45.90.217.0/24 maxlen: 24
                          45.90.219.0/24 maxlen: 24
                          84.252.73.0/24 maxlen: 24
                          84.252.75.0/24 maxlen: 24
                          84.252.74.0/24 maxlen: 24
                          185.233.200.0/24 maxlen: 24
                          185.232.169.0/24 maxlen: 24
                          185.128.105.0/24 maxlen: 24
                          45.89.65.0/24 maxlen: 24
                          85.209.2.0/24 maxlen: 24
                          185.103.109.0/24 maxlen: 24
                          185.128.107.0/24 maxlen: 24
                          185.128.106.0/24 maxlen: 24
                          193.168.227.0/24 maxlen: 24
                          185.217.198.0/24 maxlen: 24
                          185.217.199.0/24 maxlen: 24
                          185.104.251.0/24 maxlen: 24
                          2a09:5302:ffff::/48 maxlen: 48
                          2a09:5302::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:a9:75:5a:4a:b7:9a:e2:fc:dc:b4:17:d5:8e:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 06:32:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99e8325b853f94bf114f3f44d0abda3c18753b0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9a:14:a8:1c:ff:df:dd:ea:73:76:c7:48:93:
                    d3:df:d1:3c:9e:e7:53:21:0e:04:d9:09:80:65:8c:
                    b4:f2:77:65:ed:b8:3f:ff:75:2d:af:ca:56:bf:30:
                    82:44:bf:18:38:dd:85:3d:65:a8:7b:aa:ba:0a:8c:
                    54:2c:83:b5:74:a1:da:df:ae:bf:cb:55:b3:3f:ff:
                    dd:9c:ad:74:85:57:a1:0a:28:21:05:31:f9:47:f8:
                    d2:69:ea:89:6f:ad:7e:e3:09:14:3d:32:c5:9c:65:
                    fe:79:10:0c:50:a3:e8:15:89:fe:0b:00:e0:ae:f3:
                    c8:40:d5:6f:47:d6:dc:58:54:5e:9a:ea:f5:a2:d9:
                    70:0e:1c:eb:86:ae:fd:fd:da:3c:61:50:ee:a3:69:
                    58:6f:4c:c1:91:5b:0d:ad:70:e4:5b:14:9b:e0:da:
                    fb:b7:49:dc:b3:8f:43:5d:1c:fa:25:1f:c0:48:fc:
                    ae:ab:b0:d1:f5:74:6b:a7:b9:00:98:83:e8:0e:e8:
                    af:e0:aa:0d:7e:c0:de:ad:ae:84:b1:04:6e:bb:8e:
                    0f:82:7c:d7:9b:f2:ba:7b:6b:2c:eb:32:49:ed:50:
                    73:98:e3:5b:6e:f6:ed:37:91:c8:72:5f:64:90:27:
                    21:21:09:e8:a2:e5:bb:42:b2:87:40:92:46:8c:1a:
                    c0:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:E8:32:5B:85:3F:94:BF:11:4F:3F:44:D0:AB:DA:3C:18:75:3B:0E
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/megyW4U_lL8RTz9E0KvaPBh1Ow4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.73.0/24
                  45.9.75.0/24
                  45.89.65.0/24
                  45.90.216.0/22
                  45.95.202.0/23
                  84.252.73.0-84.252.75.255
                  85.209.2.0/24
                  185.102.139.0/24
                  185.103.109.0/24
                  185.104.251.0/24
                  185.105.88.0/22
                  185.112.101.0-185.112.103.255
                  185.128.105.0-185.128.107.255
                  185.217.198.0/23
                  185.221.162.0/24
                  185.232.169.0/24
                  185.233.83.0/24
                  185.233.200.0/24
                  193.162.143.0/24
                  193.168.227.0/24
                IPv6:
                  2a09:5302::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:06:0d:1d:ea:e6:f6:72:2e:f8:76:8f:16:c5:79:af:5a:fd:
         ae:d2:25:f5:5d:16:11:68:f5:51:cc:9b:80:d0:d1:c1:04:7b:
         aa:32:94:e8:63:df:e7:97:bb:b6:b5:38:ce:39:5a:f2:18:9c:
         2a:5d:cc:9b:fe:69:43:05:82:c0:24:6e:41:82:02:e4:a0:a1:
         59:4e:a5:53:de:ec:4a:a3:c3:44:c6:d3:e8:58:38:2b:6a:0a:
         35:7f:b7:7b:12:4c:f8:75:09:30:bd:1b:1a:90:ab:86:bb:7f:
         70:c6:cc:8a:05:40:cd:7d:92:38:41:87:9a:76:62:49:98:b5:
         56:3f:90:3b:cb:74:3f:d8:62:59:fd:17:63:76:21:ca:7e:4e:
         fe:72:c9:38:a9:16:bf:ba:3f:5d:11:ad:fb:79:06:34:a1:45:
         11:b8:09:0f:2f:ec:57:78:9a:24:bc:92:13:7b:45:86:f4:f2:
         36:63:d6:64:58:89:92:1b:c4:c3:af:16:1b:67:63:4c:9f:3c:
         06:27:67:49:51:db:01:dd:cc:e2:46:d0:57:f2:16:91:cd:c3:
         ef:b0:95:d9:48:cb:ac:b6:48:07:f5:03:46:76:aa:b3:de:95:
         76:b8:2d:dc:12:b7:22:3c:29:80:5a:4d:7a:58:28:73:68:07:
         4e:e6:82:46
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYzI36l1Wkq3muL83LQX1Y5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU4MzI1Yjg1M2Y5NGJmMTE0ZjNmNDRkMGFiZGEzYzE4NzUzYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZoUqBz/393qc3bHSJPT39E8nudT
IQ4E2QmAZYy08ndl7bg//3Utr8pWvzCCRL8YON2FPWWoe6q6CoxULIO1dKHa366/
y1WzP//dnK10hVehCighBTH5R/jSaeqJb61+4wkUPTLFnGX+eRAMUKPoFYn+CwDg
rvPIQNVvR9bcWFRemur1otlwDhzrhq79/do8YVDuo2lYb0zBkVsNrXDkWxSb4Nr7
t0ncs49DXRz6JR/ASPyuq7DR9XRrp7kAmIPoDuiv4KoNfsDera6EsQRuu44PgnzX
m/K6e2ss6zJJ7VBzmONbbvbtN5HIcl9kkCchIQnoouW7QrKHQJJGjBrAmwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFJnoMluFP5S/EU8/RNCr2jwYdTsOMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbWVneVc0VV9sTDhSVHo5RTBLdmFQQmgxT3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8owDAMEAFT8SQMEAlT8SAMEAFXRAgME
ALlmiwMEALlnbQMEALlo+wMEArlpWDAMAwQAuXBlAwQDuXBgMAwDBAC5gGkDBAK5
gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADBqOMwDQQC
AAIwBwMFACoJUwIwDQYJKoZIhvcNAQELBQADggEBABMGDR3q5vZyLvh2jxbFea9a
/a7SJfVdFhFo9VHMm4DQ0cEEe6oylOhj3+eXu7a1OM45WvIYnCpdzJv+aUMFgsAk
bkGCAuSgoVlOpVPe7Eqjw0TG0+hYOCtqCjV/t3sSTPh1CTC9GxqQq4a7f3DGzIoF
QM19kjhBh5p2YkmYtVY/kDvLdD/YYln9F2N2Icp+Tv5yyTipFr+6P10Rrft5BjSh
RRG4CQ8v7Fd4miS8khN7RYb08jZj1mRYiZIbxMOvFhtnY0yfPAYnZ0lR2wHdzOJG
0FfyFpHNw++wldlIy6y2SAf1A0Z2qrPelXa4LdwStyI8KYBaTXpYKHNoB07mgkY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:52 2024 by rpki-client on console-fra.rpki-client.org