Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/K9O_AUAjluDbeKtudj19f-t7EVc.roa
File:                     K9O_AUAjluDbeKtudj19f-t7EVc.roa (raw, json)
Hash identifier:          OU0eez9gPmMhzMQhPUFhmYrJEMpOaT65EQovM9Ubnjo=
Subject key identifier:   2B:D3:BF:01:40:23:96:E0:DB:78:AB:6E:76:3D:7D:7F:EB:7B:11:57
Certificate issuer:       /CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
Certificate serial:       018CC3489BAB0105C818CA1ED7369D4735E3
Authority key identifier: C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/K9O_AUAjluDbeKtudj19f-t7EVc.roa
Signing time:             Mon 01 Jan 2024 04:29:24 +0000
ROA not before:           Mon 01 Jan 2024 04:29:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21246
IP address blocks:        80.80.162.0/24 maxlen: 24
                          80.80.161.0/24 maxlen: 24
                          80.80.160.0/20 maxlen: 20
                          80.80.160.0/24 maxlen: 24
                          80.80.166.0/24 maxlen: 24
                          80.80.164.0/23 maxlen: 23
                          80.80.163.0/24 maxlen: 24
                          80.80.169.0/24 maxlen: 24
                          80.80.168.0/24 maxlen: 24
                          80.80.167.0/24 maxlen: 24
                          80.80.172.0/24 maxlen: 24
                          80.80.171.0/24 maxlen: 24
                          80.80.170.0/24 maxlen: 24
                          80.80.173.0/24 maxlen: 24
                          80.80.175.0/24 maxlen: 24
                          80.80.174.0/24 maxlen: 24
                          46.99.149.0/24 maxlen: 24
                          46.99.148.0/24 maxlen: 24
                          46.99.147.0/24 maxlen: 24
                          46.99.146.0/24 maxlen: 24
                          46.99.152.0/22 maxlen: 22
                          46.99.151.0/24 maxlen: 24
                          46.99.150.0/24 maxlen: 24
                          46.99.156.0/23 maxlen: 23
                          46.99.159.0/24 maxlen: 24
                          46.99.158.0/24 maxlen: 24
                          46.99.163.0/24 maxlen: 24
                          46.99.162.0/24 maxlen: 24
                          46.99.161.0/24 maxlen: 24
                          46.99.160.0/24 maxlen: 24
                          46.99.166.0/24 maxlen: 24
                          46.99.165.0/24 maxlen: 24
                          46.99.164.0/24 maxlen: 24
                          46.99.170.0/24 maxlen: 24
                          46.99.169.0/24 maxlen: 24
                          46.99.168.0/24 maxlen: 24
                          46.99.167.0/24 maxlen: 24
                          46.99.171.0/24 maxlen: 24
                          46.99.179.0/24 maxlen: 24
                          46.99.178.0/24 maxlen: 24
                          46.99.173.0/24 maxlen: 24
                          46.99.177.0/24 maxlen: 24
                          46.99.176.0/24 maxlen: 24
                          46.99.175.0/24 maxlen: 24
                          46.99.174.0/24 maxlen: 24
                          46.99.180.0/24 maxlen: 24
                          46.99.184.0/24 maxlen: 24
                          46.99.183.0/24 maxlen: 24
                          46.99.182.0/24 maxlen: 24
                          46.99.181.0/24 maxlen: 24
                          46.99.186.0/24 maxlen: 24
                          46.99.185.0/24 maxlen: 24
                          46.99.187.0/24 maxlen: 24
                          46.99.190.0/24 maxlen: 24
                          46.99.189.0/24 maxlen: 24
                          46.99.188.0/24 maxlen: 24
                          46.99.192.0/24 maxlen: 24
                          46.99.196.0/24 maxlen: 24
                          46.99.199.0/24 maxlen: 24
                          46.99.128.0/24 maxlen: 24
                          46.99.131.0/24 maxlen: 24
                          46.99.130.0/24 maxlen: 24
                          46.99.129.0/24 maxlen: 24
                          46.99.132.0/24 maxlen: 24
                          46.99.135.0/24 maxlen: 24
                          46.99.134.0/24 maxlen: 24
                          46.99.133.0/24 maxlen: 24
                          46.99.138.0/24 maxlen: 24
                          46.99.137.0/24 maxlen: 24
                          46.99.136.0/24 maxlen: 24
                          46.99.139.0/24 maxlen: 24
                          46.99.142.0/24 maxlen: 24
                          46.99.141.0/24 maxlen: 24
                          46.99.140.0/24 maxlen: 24
                          46.99.145.0/24 maxlen: 24
                          46.99.144.0/24 maxlen: 24
                          46.99.143.0/24 maxlen: 24
                          46.99.254.0/23 maxlen: 23
                          91.187.97.0/24 maxlen: 24
                          91.187.96.0/19 maxlen: 19
                          91.187.96.0/24 maxlen: 24
                          46.99.203.0/24 maxlen: 24
                          46.99.202.0/23 maxlen: 23
                          46.99.202.0/24 maxlen: 24
                          91.187.98.0/24 maxlen: 24
                          91.187.100.0/24 maxlen: 24
                          91.187.99.0/24 maxlen: 24
                          91.187.104.0/24 maxlen: 24
                          91.187.104.0/23 maxlen: 23
                          91.187.103.0/24 maxlen: 24
                          91.187.102.0/24 maxlen: 24
                          91.187.101.0/24 maxlen: 24
                          91.187.107.0/24 maxlen: 24
                          91.187.106.0/24 maxlen: 24
                          91.187.111.0/24 maxlen: 24
                          91.187.110.0/24 maxlen: 24
                          91.187.109.0/24 maxlen: 24
                          91.187.108.0/24 maxlen: 24
                          91.187.112.0/24 maxlen: 24
                          91.187.114.0/24 maxlen: 24
                          91.187.113.0/24 maxlen: 24
                          46.99.224.0/20 maxlen: 20
                          91.187.117.0/24 maxlen: 24
                          91.187.116.0/24 maxlen: 24
                          91.187.115.0/24 maxlen: 24
                          91.187.118.0/24 maxlen: 24
                          91.187.125.0/24 maxlen: 24
                          91.187.121.0/24 maxlen: 24
                          91.187.120.0/24 maxlen: 24
                          91.187.119.0/24 maxlen: 24
                          91.187.124.0/24 maxlen: 24
                          91.187.123.0/24 maxlen: 24
                          91.187.122.0/24 maxlen: 24
                          91.187.127.0/24 maxlen: 24
                          91.187.126.0/24 maxlen: 24
                          46.99.239.0/24 maxlen: 24
                          46.99.250.0/24 maxlen: 24
                          46.99.249.0/24 maxlen: 24
                          46.99.252.0/23 maxlen: 23
                          46.99.251.0/24 maxlen: 24
                          46.99.64.0/19 maxlen: 19
                          46.99.64.0/18 maxlen: 18
                          46.99.0.0/18 maxlen: 18
                          46.99.0.0/16 maxlen: 16
                          185.78.224.0/22 maxlen: 22
                          46.99.32.0/19 maxlen: 19
                          2a03:4b80::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:9b:ab:01:05:c8:18:ca:1e:d7:36:9d:47:35:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
        Validity
            Not Before: Jan  1 04:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2bd3bf01402396e0db78ab6e763d7d7feb7b1157
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f5:95:5a:35:32:3d:54:a0:d1:53:ad:3f:14:
                    67:6c:57:1f:45:5d:42:70:20:ef:1a:68:5c:26:b9:
                    38:cc:08:5a:4c:dd:6b:ff:65:9f:8d:62:99:63:45:
                    38:43:d4:50:e2:2a:5f:40:64:b3:85:f2:84:c7:8b:
                    72:36:8b:f5:1f:55:56:ac:c7:34:b7:32:1c:9d:33:
                    86:71:25:8e:13:2c:0b:94:b7:76:15:18:58:bb:b2:
                    2d:13:d5:97:e3:d3:08:1b:8e:22:86:35:9b:47:2e:
                    ef:24:6b:bd:bd:35:4c:6b:28:0d:51:ef:ac:79:d3:
                    1c:fc:0d:87:14:b7:a6:47:a7:3b:fa:61:32:a9:db:
                    78:d7:54:e4:3b:b9:b1:c2:ba:3d:3b:88:d9:8c:bd:
                    c9:2f:5d:6c:e1:21:56:7c:3f:7d:fa:6a:85:60:ab:
                    e9:41:6f:c4:28:e7:d0:a1:c1:17:3a:51:38:cd:7d:
                    19:94:a8:19:cf:02:ca:a7:bf:de:b5:5b:e4:97:3a:
                    57:5d:fe:c2:d5:ce:6b:bf:44:4b:fc:68:47:57:0d:
                    30:1e:b5:9b:d8:47:42:9c:a3:10:88:08:1c:0e:df:
                    05:ab:4e:46:10:36:e8:9e:91:5c:34:fb:9f:b3:23:
                    59:34:68:b5:e4:51:39:a4:db:29:d9:ce:64:80:0e:
                    c2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:D3:BF:01:40:23:96:E0:DB:78:AB:6E:76:3D:7D:7F:EB:7B:11:57
            X509v3 Authority Key Identifier:
                keyid:C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/K9O_AUAjluDbeKtudj19f-t7EVc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.99.0.0/16
                  80.80.160.0/20
                  91.187.96.0/19
                  185.78.224.0/22
                IPv6:
                  2a03:4b80::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:85:d8:cb:e6:b5:4f:0d:da:86:ba:fd:a9:09:c2:53:45:28:
         9b:13:d5:fc:9c:68:d4:20:2d:ef:1e:aa:03:74:58:d5:85:dd:
         4d:05:f6:c3:03:d9:9d:cb:2d:41:01:ca:ba:28:62:28:0d:fa:
         97:60:80:a7:2e:42:64:84:fc:31:b7:e4:21:fb:15:e8:29:a4:
         35:c8:bd:10:30:0f:a2:58:75:28:06:40:e3:9f:c3:2b:47:52:
         99:1d:c5:8e:c5:cc:70:00:33:44:9f:92:ac:10:05:94:83:49:
         02:d3:c3:77:ac:64:66:db:f1:09:e2:ec:1c:1d:f1:9c:4d:d9:
         4f:d9:83:19:7f:55:13:36:11:a5:b9:41:c6:a2:92:98:85:3d:
         ae:e4:04:71:a6:6b:d0:2d:bc:ff:40:61:8d:a6:b8:f1:a7:1b:
         2b:87:cd:f9:b4:91:48:2e:87:ab:36:45:cc:b5:8e:f0:a5:c2:
         ec:89:b6:9b:a4:c0:21:cd:a8:98:55:5b:f7:9f:21:f7:13:9d:
         6b:98:44:1d:20:39:5d:f6:9a:25:6a:25:77:f6:74:eb:5f:c0:
         97:be:6e:7e:d6:77:a2:b4:b0:34:b8:ac:c5:c2:04:69:37:a9:
         e1:99:b1:06:e2:58:53:03:b7:fb:f7:19:77:3c:ba:c5:4a:57:
         cf:14:9b:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSJurAQXIGMoe1zadRzXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDFjNWJjMDkxNWEyZjdjYjE2NWIwYjdkNzEzMjEyZmE1
NzMzMmQwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQzYmYwMTQwMjM5NmUwZGI3OGFiNmU3NjNkN2Q3ZmViN2IxMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/WVWjUyPVSg0VOtPxRnbFcfRV1C
cCDvGmhcJrk4zAhaTN1r/2WfjWKZY0U4Q9RQ4ipfQGSzhfKEx4tyNov1H1VWrMc0
tzIcnTOGcSWOEywLlLd2FRhYu7ItE9WX49MIG44ihjWbRy7vJGu9vTVMaygNUe+s
edMc/A2HFLemR6c7+mEyqdt411TkO7mxwro9O4jZjL3JL11s4SFWfD99+mqFYKvp
QW/EKOfQocEXOlE4zX0ZlKgZzwLKp7/etVvklzpXXf7C1c5rv0RL/GhHVw0wHrWb
2EdCnKMQiAgcDt8Fq05GEDbonpFcNPufsyNZNGi15FE5pNsp2c5kgA7CCQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCvTvwFAI5bg23irbnY9fX/rexFXMB8GA1UdIwQY
MBaAFMEBxbwJFaL3yxZbC31xMhL6VzMtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4Zjct
OTI4ZDkxNzkxOTA3LzEvSzlPX0FVQWpsdURiZUt0dWRqMTlmLXQ3RVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4ZjctOTI4ZDkxNzkxOTA3
LzEvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMALmMDBARQ
UKADBAVbu2ADBAK5TuAwDQQCAAIwBwMFACoDS4AwDQYJKoZIhvcNAQELBQADggEB
ADWF2MvmtU8N2oa6/akJwlNFKJsT1fycaNQgLe8eqgN0WNWF3U0F9sMD2Z3LLUEB
yrooYigN+pdggKcuQmSE/DG35CH7FegppDXIvRAwD6JYdSgGQOOfwytHUpkdxY7F
zHAAM0SfkqwQBZSDSQLTw3esZGbb8Qni7Bwd8ZxN2U/Zgxl/VRM2EaW5QcaikpiF
Pa7kBHGma9AtvP9AYY2muPGnGyuHzfm0kUguh6s2Rcy1jvClwuyJtpukwCHNqJhV
W/efIfcTnWuYRB0gOV32miVqJXf2dOtfwJe+bn7Wd6K0sDS4rMXCBGk3qeGZsQbi
WFMDt/v3GXc8usVKV88Um+c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:27 2024 by rpki-client on console-fra.rpki-client.org