Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa
File:                     REcGuo92b1DY8T4ANyCVgkFrnZo.roa (raw, json)
Hash identifier:          T3jB7dTvEm92KYKX7S2GWrFjgYef5PEnqJNsMjzWJ/Y=
Subject key identifier:   44:47:06:BA:8F:76:6F:50:D8:F1:3E:00:37:20:95:82:41:6B:9D:9A
Certificate issuer:       /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial:       0197B664B65B1E5B1761CBE45AF167B0662D
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa
Signing time:             Sat 28 Jun 2025 11:55:42 +0000
ROA not before:           Sat 28 Jun 2025 11:55:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     205647
IP address blocks:        37.148.0.0/19 maxlen: 24
                          37.148.32.0/20 maxlen: 24
                          37.148.48.0/23 maxlen: 24
                          37.148.50.0/23 maxlen: 24
                          37.148.52.0/22 maxlen: 24
                          37.148.56.0/21 maxlen: 24
                          37.148.64.0/21 maxlen: 24
                          37.148.72.0/21 maxlen: 24
                          37.148.80.0/22 maxlen: 24
                          37.148.84.0/22 maxlen: 24
                          37.148.84.0/23 maxlen: 24
                          37.148.86.0/23 maxlen: 24
                          37.148.88.0/22 maxlen: 24
                          37.148.88.0/24 maxlen: 24
                          37.148.89.0/24 maxlen: 24
                          37.148.90.0/24 maxlen: 24
                          37.148.91.0/24 maxlen: 24
                          37.148.92.0/23 maxlen: 24
                          37.148.92.0/24 maxlen: 24
                          37.148.120.0/21 maxlen: 24
                          37.202.128.0/21 maxlen: 21
                          37.202.136.0/21 maxlen: 21
                          37.202.144.0/21 maxlen: 21
                          37.202.144.0/22 maxlen: 22
                          37.202.148.0/23 maxlen: 23
                          37.202.150.0/23 maxlen: 23
                          37.202.152.0/21 maxlen: 21
                          37.202.160.0/21 maxlen: 21
                          37.202.168.0/21 maxlen: 21
                          37.202.176.0/22 maxlen: 22
                          37.202.180.0/22 maxlen: 22
                          37.202.184.0/21 maxlen: 24
                          37.202.184.0/22 maxlen: 24
                          37.202.188.0/22 maxlen: 24
                          85.15.48.0/24 maxlen: 24
                          85.15.49.0/24 maxlen: 24
                          94.182.0.0/18 maxlen: 18
                          94.182.8.0/23 maxlen: 23
                          94.182.12.0/23 maxlen: 23
                          94.182.14.0/24 maxlen: 24
                          94.182.17.0/24 maxlen: 24
                          94.182.30.0/23 maxlen: 23
                          94.182.41.0/24 maxlen: 24
                          94.182.48.0/24 maxlen: 24
                          94.182.56.0/22 maxlen: 24
                          94.182.60.0/22 maxlen: 24
                          94.182.64.0/18 maxlen: 18
                          94.182.64.0/20 maxlen: 20
                          94.182.72.0/21 maxlen: 21
                          94.182.80.0/20 maxlen: 20
                          94.182.82.0/24 maxlen: 24
                          94.182.96.0/20 maxlen: 20
                          94.182.97.192/28 maxlen: 28
                          94.182.112.0/20 maxlen: 20
                          94.182.114.0/23 maxlen: 23
                          94.182.116.0/22 maxlen: 22
                          94.182.120.0/21 maxlen: 21
                          94.182.128.0/18 maxlen: 18
                          94.182.128.0/20 maxlen: 20
                          94.182.144.0/20 maxlen: 20
                          94.182.160.0/20 maxlen: 20
                          94.182.176.0/20 maxlen: 20
                          94.182.192.0/18 maxlen: 18
                          94.182.196.0/24 maxlen: 24
                          94.182.199.0/24 maxlen: 24
                          94.182.204.0/22 maxlen: 22
                          94.182.204.0/24 maxlen: 24
                          94.182.205.0/24 maxlen: 24
                          94.182.206.0/24 maxlen: 24
                          94.182.207.0/24 maxlen: 24
                          94.182.208.0/24 maxlen: 24
                          94.182.212.0/23 maxlen: 23
                          94.182.217.0/24 maxlen: 24
                          94.182.222.0/23 maxlen: 23
                          94.182.226.0/24 maxlen: 24
                          94.182.228.0/22 maxlen: 22
                          94.182.232.0/23 maxlen: 24
                          94.182.234.0/23 maxlen: 23
                          94.182.238.0/24 maxlen: 24
                          94.182.240.0/23 maxlen: 24
                          94.182.244.0/22 maxlen: 24
                          94.182.244.0/23 maxlen: 23
                          94.182.248.0/22 maxlen: 24
                          94.182.248.0/23 maxlen: 23
                          94.182.252.0/24 maxlen: 24
                          94.182.254.0/24 maxlen: 24
                          94.183.0.0/18 maxlen: 18
                          94.183.64.0/18 maxlen: 18
                          94.183.128.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 04 Jul 2025 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:64:b6:5b:1e:5b:17:61:cb:e4:5a:f1:67:b0:66:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
        Validity
            Not Before: Jun 28 11:55:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=444706ba8f766f50d8f13e0037209582416b9d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:b8:f1:4a:fb:89:26:03:5e:4c:35:ef:29:8f:
                    7c:ac:7a:9b:70:cf:04:fc:f2:71:a6:2d:f2:22:59:
                    94:b6:d7:fb:cc:96:b6:c7:d9:8d:61:f0:4e:e2:6a:
                    5a:43:25:5d:bb:a2:ee:a1:82:94:30:6b:fe:db:8a:
                    31:81:00:2e:e3:20:e1:b3:96:33:13:5d:6e:43:c2:
                    1d:a2:60:3f:a5:37:0d:be:5d:fc:82:fd:4e:e5:8a:
                    39:b9:65:85:ca:be:e4:0e:57:02:4b:2c:f3:a8:3d:
                    31:57:8b:aa:e2:7e:74:ff:e6:44:fc:86:98:9b:5d:
                    45:28:27:4b:03:0b:69:af:63:cf:5d:64:39:e0:27:
                    7c:0b:9a:d7:27:c1:d5:b7:d2:7d:63:bf:c3:0e:65:
                    0d:39:1f:2e:62:51:99:85:0b:2b:c3:e4:2c:17:69:
                    d4:da:83:bb:45:fb:d0:f3:19:08:4f:92:5e:f4:43:
                    cd:52:9e:c2:71:12:f3:70:7b:d4:17:e1:6f:32:3b:
                    1f:80:08:04:90:9f:b5:fe:5f:6f:c3:09:d9:8a:b5:
                    e6:77:b7:eb:ea:1c:da:8e:7f:25:aa:aa:5b:a1:1b:
                    bf:2a:d8:df:3b:43:5f:01:f2:f0:9e:cd:0e:e4:bd:
                    a8:f9:b6:8a:8b:4d:bf:de:0e:c3:95:af:91:3b:70:
                    7c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:47:06:BA:8F:76:6F:50:D8:F1:3E:00:37:20:95:82:41:6B:9D:9A
            X509v3 Authority Key Identifier:
                keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.148.0.0-37.148.93.255
                  37.148.120.0/21
                  37.202.128.0/18
                  85.15.48.0/23
                  94.182.0.0-94.183.191.255

    Signature Algorithm: sha256WithRSAEncryption
         32:36:d2:9c:ca:c2:3c:c8:b7:27:36:91:7c:63:a6:ea:55:67:
         72:43:97:fc:7d:be:b7:85:b5:f1:b1:1c:a4:c5:2c:36:e3:8b:
         90:7f:6a:67:63:4d:8a:ad:e7:89:3b:fb:c6:2c:8d:ef:e1:ee:
         af:b8:be:e3:f4:85:c8:27:b6:d8:57:ad:60:87:70:f2:b2:8a:
         7a:bd:21:a9:cd:29:b6:fa:71:49:8e:49:6f:70:7d:8a:c3:7d:
         49:bd:aa:77:19:fe:39:5a:41:ca:ad:81:a9:7c:f4:02:4e:9d:
         87:e0:35:5e:64:a5:03:be:7e:6b:64:55:fd:f3:e7:94:a5:a2:
         a5:fa:74:75:5d:59:1d:bb:c8:d5:df:c1:cd:0c:c5:3a:ea:a0:
         c1:f8:e8:27:08:0f:16:02:3e:38:c2:d8:53:e8:9d:f2:28:55:
         b4:1a:89:cf:b8:51:bb:20:bf:35:a6:45:2f:9c:96:73:6b:bf:
         11:45:e4:b8:ed:5c:7d:a0:ae:54:de:be:25:1f:42:50:ce:3b:
         90:96:ea:00:08:88:6b:2b:9a:4f:71:5f:f1:a5:fd:94:70:53:
         02:d3:8b:99:bd:95:0e:91:19:31:fd:55:81:70:65:52:ea:3d:
         34:a0:30:05:17:ee:8e:d5:88:cf:38:63:5f:4e:1e:c9:b5:b7:
         7e:a9:9f:e5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZe2ZLZbHlsXYcvkWvFnsGYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNjI4MTE1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQ3MDZiYThmNzY2ZjUwZDhmMTNlMDAzNzIwOTU4MjQxNmI5ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bjxSvuJJgNeTDXvKY98rHqbcM8E
/PJxpi3yIlmUttf7zJa2x9mNYfBO4mpaQyVdu6LuoYKUMGv+24oxgQAu4yDhs5Yz
E11uQ8IdomA/pTcNvl38gv1O5Yo5uWWFyr7kDlcCSyzzqD0xV4uq4n50/+ZE/IaY
m11FKCdLAwtpr2PPXWQ54Cd8C5rXJ8HVt9J9Y7/DDmUNOR8uYlGZhQsrw+QsF2nU
2oO7RfvQ8xkIT5Je9EPNUp7CcRLzcHvUF+FvMjsfgAgEkJ+1/l9vwwnZirXmd7fr
6hzajn8lqqpboRu/KtjfO0NfAfLwns0O5L2o+baKi02/3g7Dla+RO3B8OwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFERHBrqPdm9Q2PE+ADcglYJBa52aMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvUkVjR3VvOTJiMURZOFQ0QU55Q1Zna0ZyblpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAsDAwIllAME
ASWUXAMEAyWUeAMEBiXKgAMEAVUPMDALAwMBXrYDBAZet4AwDQYJKoZIhvcNAQEL
BQADggEBADI20pzKwjzItyc2kXxjpupVZ3JDl/x9vreFtfGxHKTFLDbji5B/amdj
TYqt54k7+8Ysje/h7q+4vuP0hcgntthXrWCHcPKyinq9IanNKbb6cUmOSW9wfYrD
fUm9qncZ/jlaQcqtgal89AJOnYfgNV5kpQO+fmtkVf3z55SloqX6dHVdWR27yNXf
wc0MxTrqoMH46CcIDxYCPjjC2FPonfIoVbQaic+4UbsgvzWmRS+clnNrvxFF5Ljt
XH2grlTeviUfQlDOO5CW6gAIiGsrmk9xX/Gl/ZRwUwLTi5m9lQ6RGTH9VYFwZVLq
PTSgMAUX7o7ViM84Y19OHsm1t36pn+U=
-----END CERTIFICATE-----
Generated at Fri Jul 4 07:14:55 2025 by rpki-client