Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/8zatr0jZ-O-4Pwa7vBxN7_L5rhE.roa
File:                     8zatr0jZ-O-4Pwa7vBxN7_L5rhE.roa (raw, json)
Hash identifier:          JxKiDTf9SqXtOIgl3prjnHkSFx4USwPoKEqAOu8V2tk=
Subject key identifier:   F3:36:AD:AF:48:D9:F8:EF:B8:3F:06:BB:BC:1C:4D:EF:F2:F9:AE:11
Certificate issuer:       /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial:       0196EDE32C22D77CE0095A66C36C846D969A
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/8zatr0jZ-O-4Pwa7vBxN7_L5rhE.roa
Signing time:             Tue 20 May 2025 13:30:10 +0000
ROA not before:           Tue 20 May 2025 13:30:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     3360
IP address blocks:        195.203.156.0/22 maxlen: 22
                          217.27.4.0/24 maxlen: 24
                          217.27.6.0/24 maxlen: 24
                          217.27.7.0/24 maxlen: 24
                          2a03:5000:1::/48 maxlen: 48
                          2a03:5000:2::/48 maxlen: 48
                          2a03:5000:11::/48 maxlen: 48
                          2a03:5000:12::/48 maxlen: 48
                          2a03:5000:20::/48 maxlen: 48
                          2a03:5000:21::/48 maxlen: 48
                          2a03:5000:22::/48 maxlen: 48
                          2a03:5000:30::/48 maxlen: 48
                          2a03:5000:31::/48 maxlen: 48
                          2a03:5000:32::/48 maxlen: 48
                          2a03:5000:41::/48 maxlen: 48
                          2a03:5000:42::/48 maxlen: 48
                          2a03:5000:51::/48 maxlen: 48
                          2a03:5000:52::/48 maxlen: 48
                          2a03:5000:61::/48 maxlen: 48
                          2a03:5000:62::/48 maxlen: 48
                          2a03:5000:71::/48 maxlen: 48
                          2a03:5000:72::/48 maxlen: 48
                          2a03:5000:81::/48 maxlen: 48
                          2a03:5000:82::/48 maxlen: 48
                          2a03:5000:91::/48 maxlen: 48
                          2a03:5000:92::/48 maxlen: 48
                          2a03:5000:101::/48 maxlen: 48
                          2a03:5000:102::/48 maxlen: 48
                          2a03:5000:111::/48 maxlen: 48
                          2a03:5000:112::/48 maxlen: 48
                          2a03:5000:121::/48 maxlen: 48
                          2a03:5000:122::/48 maxlen: 48
                          2a03:5000:131::/48 maxlen: 48
                          2a03:5000:132::/48 maxlen: 48
                          2a03:5000:141::/48 maxlen: 48
                          2a03:5000:142::/48 maxlen: 48
                          2a03:5000:151::/48 maxlen: 48
                          2a03:5000:152::/48 maxlen: 48
                          2a03:5000:161::/48 maxlen: 48
                          2a03:5000:162::/48 maxlen: 48
                          2a03:5000:171::/48 maxlen: 48
                          2a03:5000:172::/48 maxlen: 48
                          2a03:5000:181::/48 maxlen: 48
                          2a03:5000:182::/48 maxlen: 48
                          2a03:5000:191::/48 maxlen: 48
                          2a03:5000:192::/48 maxlen: 48
                          2a03:5000:201::/48 maxlen: 48
                          2a03:5000:202::/48 maxlen: 48
                          2a03:5000:211::/48 maxlen: 48
                          2a03:5000:212::/48 maxlen: 48
                          2a03:5000:221::/48 maxlen: 48
                          2a03:5000:222::/48 maxlen: 48
                          2a03:5000:231::/48 maxlen: 48
                          2a03:5000:232::/48 maxlen: 48
                          2a03:5000:241::/48 maxlen: 48
                          2a03:5000:242::/48 maxlen: 48
                          2a03:5000:251::/48 maxlen: 48
                          2a03:5000:252::/48 maxlen: 48
                          2a03:5000:271::/48 maxlen: 48
                          2a03:5000:272::/48 maxlen: 48
                          2a03:5000:291::/48 maxlen: 48
                          2a03:5000:292::/48 maxlen: 48
                          2a03:5000:311::/48 maxlen: 48
                          2a03:5000:312::/48 maxlen: 48
                          2a03:5000:421::/48 maxlen: 48
                          2a03:5000:431::/48 maxlen: 48
                          2a03:5000:441::/48 maxlen: 48
                          2a03:5000:442::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 10:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ed:e3:2c:22:d7:7c:e0:09:5a:66:c3:6c:84:6d:96:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
        Validity
            Not Before: May 20 13:30:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f336adaf48d9f8efb83f06bbbc1c4deff2f9ae11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:17:65:75:1b:44:ee:c6:25:ac:02:90:0a:71:
                    12:83:b7:1c:3c:1c:be:09:c6:9b:09:cc:84:43:06:
                    ee:b1:37:65:e2:41:35:9a:a4:16:a0:72:20:5b:02:
                    97:9e:48:ed:90:7a:14:db:00:0b:78:21:14:ea:d2:
                    d6:9b:75:c8:a2:d5:05:71:e4:42:68:2a:ff:2b:1b:
                    b2:58:85:0d:e9:72:55:7a:3e:15:f8:6c:21:92:b4:
                    ec:aa:b5:58:45:37:bb:56:ac:d9:54:f7:eb:b4:48:
                    1d:64:a0:90:86:d2:1e:fe:d3:b1:b8:52:64:b8:64:
                    0f:65:f5:5b:05:81:d5:71:17:2a:4c:62:59:44:5e:
                    a8:c2:a0:fd:9c:e1:32:e9:56:12:79:06:b9:1e:d0:
                    d1:c5:b7:3b:3c:28:e6:d8:70:95:69:e0:c5:49:2f:
                    4b:3b:63:9c:a9:5b:5a:8b:ff:4e:9e:7d:3d:b8:5d:
                    e6:74:4d:b6:c0:b1:78:9f:56:7f:fb:5e:a8:26:26:
                    a4:03:03:af:9a:0e:3f:cb:88:51:fb:fd:5f:08:12:
                    ba:e0:b7:1b:ff:33:65:3f:f5:b6:a7:91:c4:86:78:
                    a9:2c:c3:34:53:6a:ca:a1:9d:31:5e:c2:a8:8a:98:
                    64:82:e2:29:83:ce:f4:41:2e:a1:ff:fa:75:e8:a0:
                    af:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:36:AD:AF:48:D9:F8:EF:B8:3F:06:BB:BC:1C:4D:EF:F2:F9:AE:11
            X509v3 Authority Key Identifier:
                keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/8zatr0jZ-O-4Pwa7vBxN7_L5rhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.203.156.0/22
                  217.27.4.0/24
                  217.27.6.0/23
                IPv6:
                  2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:271::-2a03:5000:272:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:291::-2a03:5000:292:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:311::-2a03:5000:312:ffff:ffff:ffff:ffff:ffff
                  2a03:5000:421::/48
                  2a03:5000:431::/48
                  2a03:5000:441::-2a03:5000:442:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         7f:6f:8f:10:da:76:c8:29:14:76:82:8d:24:6b:48:99:df:bb:
         c3:04:6a:24:35:eb:cb:ff:f0:8e:60:22:91:3e:42:95:04:12:
         27:42:5a:e4:3b:18:b6:f4:d2:d2:a0:e4:90:3f:b4:65:7a:64:
         bc:0b:ab:d5:85:4c:8d:f1:4c:aa:d4:f6:c8:5c:ec:66:72:06:
         33:23:33:db:1c:dd:25:d0:76:c4:65:40:a9:8c:5a:e6:8e:a2:
         fe:8f:df:44:8b:9d:16:f7:e0:71:17:52:a5:8b:01:87:cd:79:
         2c:42:a9:de:99:ed:86:97:3e:c1:bc:98:42:29:c0:1d:38:34:
         c9:46:8d:32:93:41:73:46:99:55:69:d0:e0:13:d2:0a:7d:39:
         46:3b:d0:8e:27:b0:32:12:ab:00:4b:a8:93:30:c2:8e:11:1b:
         4c:77:ff:1d:70:07:4a:75:d7:25:c4:13:57:59:e1:25:62:20:
         87:64:58:0c:6a:5f:81:16:ac:9e:4f:1b:5c:4b:c1:df:6b:31:
         1c:18:c7:be:81:24:4a:98:e1:8a:02:c5:b1:bc:65:d7:e6:df:
         76:25:e2:87:21:22:67:59:83:ee:e1:1a:80:5c:ff:73:22:6c:
         43:87:dd:a1:0b:65:ce:42:a2:24:93:37:07:27:27:d0:49:ef:
         fa:2b:2f:60
-----BEGIN CERTIFICATE-----
MIIHhTCCBm2gAwIBAgISAZbt4ywi13zgCVpmw2yEbZaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwNTIwMTMzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM2YWRhZjQ4ZDlmOGVmYjgzZjA2YmJiYzFjNGRlZmYyZjlhZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRdldRtE7sYlrAKQCnESg7ccPBy+
CcabCcyEQwbusTdl4kE1mqQWoHIgWwKXnkjtkHoU2wALeCEU6tLWm3XIotUFceRC
aCr/KxuyWIUN6XJVej4V+GwhkrTsqrVYRTe7VqzZVPfrtEgdZKCQhtIe/tOxuFJk
uGQPZfVbBYHVcRcqTGJZRF6owqD9nOEy6VYSeQa5HtDRxbc7PCjm2HCVaeDFSS9L
O2OcqVtai/9Onn09uF3mdE22wLF4n1Z/+16oJiakAwOvmg4/y4hR+/1fCBK64Lcb
/zNlP/W2p5HEhnipLMM0U2rKoZ0xXsKoiphkguIpg870QS6h//p16KCvjwIDAQAB
o4IEkTCCBI0wHQYDVR0OBBYEFPM2ra9I2fjvuD8Gu7wcTe/y+a4RMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvOHphdHIwalotTy00UHdhN3ZCeE43X0w1cmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICpQYIKwYBBQUHAQcBAf8EggKUMIICkDAYBAIAATASAwQC
w8ucAwQA2RsEAwQB2RsGMIICcgQCAAIwggJqMBIDBwAqA1AAAAEDBwAqA1AAAAIw
EgMHACoDUAAAEQMHACoDUAAAEjASAwcFKgNQAAAgAwcAKgNQAAAiMBIDBwQqA1AA
ADADBwAqA1AAADIwEgMHACoDUAAAQQMHACoDUAAAQjASAwcAKgNQAABRAwcAKgNQ
AABSMBIDBwAqA1AAAGEDBwAqA1AAAGIwEgMHACoDUAAAcQMHACoDUAAAcjASAwcA
KgNQAACBAwcAKgNQAACCMBIDBwAqA1AAAJEDBwAqA1AAAJIwEgMHACoDUAABAQMH
ACoDUAABAjASAwcAKgNQAAERAwcAKgNQAAESMBIDBwAqA1AAASEDBwAqA1AAASIw
EgMHACoDUAABMQMHACoDUAABMjASAwcAKgNQAAFBAwcAKgNQAAFCMBIDBwAqA1AA
AVEDBwAqA1AAAVIwEgMHACoDUAABYQMHACoDUAABYjASAwcAKgNQAAFxAwcAKgNQ
AAFyMBIDBwAqA1AAAYEDBwAqA1AAAYIwEgMHACoDUAABkQMHACoDUAABkjASAwcA
KgNQAAIBAwcAKgNQAAICMBIDBwAqA1AAAhEDBwAqA1AAAhIwEgMHACoDUAACIQMH
ACoDUAACIjASAwcAKgNQAAIxAwcAKgNQAAIyMBIDBwAqA1AAAkEDBwAqA1AAAkIw
EgMHACoDUAACUQMHACoDUAACUjASAwcAKgNQAAJxAwcAKgNQAAJyMBIDBwAqA1AA
ApEDBwAqA1AAApIwEgMHACoDUAADEQMHACoDUAADEgMHACoDUAAEIQMHACoDUAAE
MTASAwcAKgNQAARBAwcAKgNQAARCMA0GCSqGSIb3DQEBCwUAA4IBAQB/b48Q2nbI
KRR2go0ka0iZ37vDBGokNevL//COYCKRPkKVBBInQlrkOxi29NLSoOSQP7RlemS8
C6vVhUyN8Uyq1PbIXOxmcgYzIzPbHN0l0HbEZUCpjFrmjqL+j99Ei50W9+BxF1Kl
iwGHzXksQqneme2Glz7BvJhCKcAdODTJRo0yk0FzRplVadDgE9IKfTlGO9COJ7Ay
EqsAS6iTMMKOERtMd/8dcAdKddclxBNXWeElYiCHZFgMal+BFqyeTxtcS8HfazEc
GMe+gSRKmOGKAsWxvGXX5t92JeKHISJnWYPu4RqAXP9zImxDh92hC2XOQqIkkzcH
JyfQSe/6Ky9g
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:38:03 2025 by rpki-client