Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/e0eOhv2UQ_WUF5JLxyu3WtwVadI.roa
File:                     e0eOhv2UQ_WUF5JLxyu3WtwVadI.roa (raw, json)
Hash identifier:          +MEuiVZGCck/cRV1iXddP/QNjO9dZfyAYvi58H4HDbo=
Subject key identifier:   7B:47:8E:86:FD:94:43:F5:94:17:92:4B:C7:2B:B7:5A:DC:15:69:D2
Certificate issuer:       /CN=eee573084100b41d7cc1e447295ba71d019d5192
Certificate serial:       018CC79350929201401654AE380E4FD2C179
Authority key identifier: EE:E5:73:08:41:00:B4:1D:7C:C1:E4:47:29:5B:A7:1D:01:9D:51:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7uVzCEEAtB18weRHKVunHQGdUZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/e0eOhv2UQ_WUF5JLxyu3WtwVadI.roa
Signing time:             Tue 02 Jan 2024 00:29:29 +0000
ROA not before:           Tue 02 Jan 2024 00:29:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12637
IP address blocks:        185.47.108.0/22 maxlen: 24
                          185.220.244.0/22 maxlen: 24
                          217.194.0.0/20 maxlen: 24
                          212.66.224.0/19 maxlen: 24
                          212.35.192.0/19 maxlen: 24
                          212.25.160.0/19 maxlen: 24
                          5.144.160.0/20 maxlen: 24
                          46.16.168.0/21 maxlen: 24
                          37.9.239.0/24 maxlen: 24
                          213.171.160.0/19 maxlen: 24
                          217.64.192.0/20 maxlen: 24
                          185.222.68.0/22 maxlen: 24
                          185.24.104.0/22 maxlen: 24
                          85.94.192.0/19 maxlen: 24
                          217.168.224.0/20 maxlen: 24
                          85.94.208.0/20 maxlen: 24
                          95.174.0.0/19 maxlen: 24
                          37.9.224.0/20 maxlen: 24
                          2001:4b78::/32 maxlen: 48
                          2a0d:b000::/29 maxlen: 48
                          2001:4b78::/29 maxlen: 48
                          2a05:b6c0::/29 maxlen: 48
                          2a04:2700::/29 maxlen: 48
                          2a0b:fd40::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/7uVzCEEAtB18weRHKVunHQGdUZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/7uVzCEEAtB18weRHKVunHQGdUZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7uVzCEEAtB18weRHKVunHQGdUZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:50:92:92:01:40:16:54:ae:38:0e:4f:d2:c1:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eee573084100b41d7cc1e447295ba71d019d5192
        Validity
            Not Before: Jan  2 00:29:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b478e86fd9443f59417924bc72bb75adc1569d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e4:40:20:df:de:52:1d:cf:14:1e:20:66:ad:
                    61:22:4a:a2:cb:3c:27:be:d9:69:8d:8b:66:1d:5b:
                    e3:39:12:be:c5:7b:dd:ec:cf:a5:ac:70:40:03:0a:
                    4c:43:b7:02:25:1d:6b:e1:cb:c9:34:75:8c:11:7b:
                    dd:d8:23:7c:ac:d4:69:68:e0:58:07:ed:fb:ce:44:
                    08:9b:c0:91:d0:d3:fe:6e:e6:0a:53:22:09:d5:70:
                    3c:93:e2:f9:f6:42:ba:fd:21:c7:17:8b:73:2b:69:
                    c1:27:e4:0b:01:5a:f1:65:84:13:06:e4:09:37:99:
                    0c:46:b1:31:37:b8:74:28:db:90:56:ba:bc:36:88:
                    72:16:c1:0a:a6:2d:96:be:c4:3c:f2:04:b3:08:89:
                    4b:b2:9b:e3:a2:a1:ec:13:bb:39:f1:47:63:4d:65:
                    a4:5d:66:ac:24:ef:2e:53:38:78:fb:dc:f1:de:6a:
                    32:8b:10:46:58:db:b6:7d:b3:64:da:34:40:11:f2:
                    64:85:67:6c:b4:05:48:75:14:09:38:e3:2d:72:06:
                    1f:18:ac:7b:47:8d:a5:a4:53:d5:4c:e2:ad:c3:b8:
                    84:88:fe:72:e3:ab:70:e6:d7:fb:87:d7:79:3b:71:
                    8c:cf:c4:6d:19:da:47:59:61:20:19:aa:0b:88:a2:
                    8f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:47:8E:86:FD:94:43:F5:94:17:92:4B:C7:2B:B7:5A:DC:15:69:D2
            X509v3 Authority Key Identifier:
                keyid:EE:E5:73:08:41:00:B4:1D:7C:C1:E4:47:29:5B:A7:1D:01:9D:51:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7uVzCEEAtB18weRHKVunHQGdUZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/e0eOhv2UQ_WUF5JLxyu3WtwVadI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11a864-d1cb-4000-b2bc-19ee3d8b577e/1/7uVzCEEAtB18weRHKVunHQGdUZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.160.0/20
                  37.9.224.0/20
                  46.16.168.0/21
                  85.94.192.0/19
                  95.174.0.0/19
                  185.24.104.0/22
                  185.47.108.0/22
                  185.220.244.0/22
                  185.222.68.0/22
                  212.25.160.0/19
                  212.35.192.0/19
                  212.66.224.0/19
                  213.171.160.0/19
                  217.64.192.0/20
                  217.168.224.0/20
                  217.194.0.0/20
                IPv6:
                  2001:4b78::/29
                  2a04:2700::/29
                  2a05:b6c0::/29
                  2a0b:fd40::/29
                  2a0d:b000::/29

    Signature Algorithm: sha256WithRSAEncryption
         3d:25:e8:6e:8c:cd:6f:7a:1d:18:a7:d9:97:24:1d:30:dc:24:
         af:4e:a0:b1:93:ba:72:6e:11:35:55:13:c4:e0:ab:c2:c5:76:
         9d:58:cd:02:f5:d4:3a:81:0c:e7:e6:19:07:5d:82:38:ad:dd:
         42:a1:6b:de:81:85:a8:25:20:3f:31:86:88:52:f3:39:4c:24:
         e6:8e:42:49:ba:1d:f5:26:67:13:1f:36:4e:1d:8d:af:3d:0c:
         15:cf:0c:4a:0b:60:a4:9c:7c:5e:c9:0f:1f:1a:24:07:0c:95:
         b8:6c:24:2f:67:c5:3c:f9:89:26:e5:7d:2f:dd:8b:e7:bd:66:
         d0:bc:d9:fe:df:cb:13:3c:ca:77:0a:ce:b6:f2:18:de:75:30:
         fd:b5:6c:09:d4:56:ba:bc:62:2a:84:f7:25:a5:92:cc:ba:31:
         79:b1:08:68:c8:79:61:d0:9d:fe:14:83:b9:31:3c:c8:07:25:
         a0:21:d5:dc:08:ed:e1:a1:f0:e6:05:2b:e7:2b:20:44:91:b0:
         83:53:4d:83:07:70:70:f7:b8:f9:7f:f9:99:89:5a:fc:10:30:
         90:78:7c:29:55:7c:3d:08:39:2f:52:ba:02:fe:c2:cf:8a:63:
         ad:67:56:8e:03:26:b6:e1:2a:07:0c:b7:44:52:08:90:1b:1c:
         e3:29:d8:38
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYzHk1CSkgFAFlSuOA5P0sF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZTU3MzA4NDEwMGI0MWQ3Y2MxZTQ0NzI5NWJhNzFkMDE5
ZDUxOTIwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQ3OGU4NmZkOTQ0M2Y1OTQxNzkyNGJjNzJiYjc1YWRjMTU2OWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwORAIN/eUh3PFB4gZq1hIkqiyzwn
vtlpjYtmHVvjORK+xXvd7M+lrHBAAwpMQ7cCJR1r4cvJNHWMEXvd2CN8rNRpaOBY
B+37zkQIm8CR0NP+buYKUyIJ1XA8k+L59kK6/SHHF4tzK2nBJ+QLAVrxZYQTBuQJ
N5kMRrExN7h0KNuQVrq8NohyFsEKpi2WvsQ88gSzCIlLspvjoqHsE7s58UdjTWWk
XWasJO8uUzh4+9zx3moyixBGWNu2fbNk2jRAEfJkhWdstAVIdRQJOOMtcgYfGKx7
R42lpFPVTOKtw7iEiP5y46tw5tf7h9d5O3GMz8RtGdpHWWEgGaoLiKKPBwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFHtHjob9lEP1lBeSS8crt1rcFWnSMB8GA1UdIwQY
MBaAFO7lcwhBALQdfMHkRylbpx0BnVGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3VWekNFRUF0QjE4d2VSSEtWdW5IUUdkVVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMWE4NjQtZDFjYi00MDAwLWIyYmMt
MTllZTNkOGI1NzdlLzEvZTBlT2h2MlVRX1dVRjVKTHh5dTNXdHdWYWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMWE4NjQtZDFjYi00MDAwLWIyYmMtMTllZTNkOGI1Nzdl
LzEvN3VWekNFRUF0QjE4d2VSSEtWdW5IUUdkVVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBmBAIAATBgAwQEBZCg
AwQEJQngAwQDLhCoAwQFVV7AAwQFX64AAwQCuRhoAwQCuS9sAwQCudz0AwQCud5E
AwQF1BmgAwQF1CPAAwQF1ELgAwQF1augAwQE2UDAAwQE2ajgAwQE2cIAMCkEAgAC
MCMDBQMgAUt4AwUDKgQnAAMFAyoFtsADBQMqC/1AAwUDKg2wADANBgkqhkiG9w0B
AQsFAAOCAQEAPSXobozNb3odGKfZlyQdMNwkr06gsZO6cm4RNVUTxOCrwsV2nVjN
AvXUOoEM5+YZB12COK3dQqFr3oGFqCUgPzGGiFLzOUwk5o5CSbod9SZnEx82Th2N
rz0MFc8MSgtgpJx8XskPHxokBwyVuGwkL2fFPPmJJuV9L92L571m0LzZ/t/LEzzK
dwrOtvIY3nUw/bVsCdRWurxiKoT3JaWSzLoxebEIaMh5YdCd/hSDuTE8yAcloCHV
3Ajt4aHw5gUr5ysgRJGwg1NNgwdwcPe4+X/5mYla/BAwkHh8KVV8PQg5L1K6Av7C
z4pjrWdWjgMmtuEqBwy3RFIIkBsc4ynYOA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:32 2024 by rpki-client on console-fra.rpki-client.org