Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/h-V-4FE12OraV7R1R893Lwwmi7A.roa
File:                     h-V-4FE12OraV7R1R893Lwwmi7A.roa (raw, json)
Hash identifier:          cDjd9VGzZaJZvW3GIxpQMcoEnPlbQsRiLYaJomeJhTA=
Subject key identifier:   87:E5:7E:E0:51:35:D8:EA:DA:57:B4:75:47:CF:77:2F:0C:26:8B:B0
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       0198260FCAFF114C26BE78BB62E0C64EF438
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/h-V-4FE12OraV7R1R893Lwwmi7A.roa
Signing time:             Sun 20 Jul 2025 04:20:25 +0000
ROA not before:           Sun 20 Jul 2025 04:20:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214790
IP address blocks:        5.8.44.0/24 maxlen: 24
                          5.188.51.0/24 maxlen: 24
                          5.188.200.0/24 maxlen: 24
                          5.189.219.0/24 maxlen: 24
                          5.189.254.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 19:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:26:0f:ca:ff:11:4c:26:be:78:bb:62:e0:c6:4e:f4:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jul 20 04:20:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=87e57ee05135d8eada57b47547cf772f0c268bb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d2:c5:48:22:58:93:56:57:d2:d9:ed:36:15:
                    b4:d8:78:0d:db:89:04:a4:f2:3a:d7:e6:e5:00:aa:
                    72:5d:e6:94:e7:82:6a:13:f3:db:6a:ee:ec:06:51:
                    8e:7a:ab:17:65:8b:e7:54:be:c1:c8:1e:78:fa:d3:
                    40:d1:81:0c:f5:ef:ea:0d:fb:cf:30:b5:de:5f:a2:
                    bb:a6:9c:53:76:aa:63:f9:a1:2e:aa:b2:ff:5f:ec:
                    ac:7f:97:0b:80:98:40:d3:d8:22:7e:87:83:51:b0:
                    f3:66:73:4b:0f:95:9f:54:71:f3:c7:a6:ff:c7:87:
                    13:f4:13:8b:38:54:ac:e2:d6:6e:a8:4b:c4:f7:ef:
                    6f:56:20:80:e9:25:f3:18:08:1d:01:bc:44:6d:b1:
                    7f:36:90:4a:ee:c4:ba:9d:fd:ef:67:0e:db:b5:62:
                    e8:37:35:1a:26:a1:8f:08:3d:7d:cb:98:3f:cf:9e:
                    bf:83:da:08:42:ee:64:24:a2:03:31:83:6e:4b:1d:
                    61:c4:03:8f:ff:bf:66:f8:41:ea:23:f9:d8:0e:d1:
                    5a:99:08:61:c3:91:ac:91:89:51:59:4a:6b:ef:ee:
                    f8:72:5e:e2:08:d7:17:43:e9:3b:f6:bf:01:20:8b:
                    b6:0d:a1:ad:1d:4a:9f:2e:57:18:55:53:df:d6:e1:
                    bf:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:E5:7E:E0:51:35:D8:EA:DA:57:B4:75:47:CF:77:2F:0C:26:8B:B0
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/h-V-4FE12OraV7R1R893Lwwmi7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.44.0/24
                  5.188.51.0/24
                  5.188.200.0/24
                  5.189.219.0/24
                  5.189.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:83:53:b1:16:6a:57:42:ee:f0:48:8e:4a:13:5a:f0:ca:0f:
         0f:25:60:f9:aa:25:13:56:8e:34:fc:91:57:7c:18:5f:7d:15:
         52:32:41:22:b6:86:b6:5f:71:cd:aa:08:bf:94:fc:49:c7:d0:
         d1:2b:b6:e5:60:60:9b:9f:99:da:94:1a:56:12:07:4a:4b:1c:
         bd:94:af:66:9f:6d:0a:f6:22:f6:15:50:dc:ed:3c:7f:28:9d:
         14:09:cf:7b:76:13:26:85:d0:47:d6:07:20:ff:fb:b1:50:50:
         d7:1e:49:83:c3:4a:e6:8a:81:1f:c8:91:38:af:27:65:d5:30:
         27:82:2b:c4:5b:d3:e6:f1:c1:bf:21:db:be:7c:76:85:96:c8:
         f5:ac:4a:d1:79:5e:75:65:f8:ef:0c:42:91:0e:ef:21:01:0f:
         e5:85:94:da:d5:17:83:2c:cc:b9:02:d9:07:99:93:a4:79:48:
         f1:39:3b:ad:34:76:98:97:c0:5f:68:79:0d:92:e4:dc:79:cb:
         a3:7b:f4:95:dd:d9:78:fe:a9:88:07:c9:ba:12:6b:90:fd:d3:
         bf:83:20:4a:f2:1f:f8:f0:ba:c8:71:e7:5e:68:74:c8:98:99:
         85:8a:f4:f0:dd:aa:0c:c5:cf:a9:e5:77:58:8a:47:54:f9:e4:
         6a:35:80:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgmD8r/EUwmvni7YuDGTvQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNzIwMDQyMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U1N2VlMDUxMzVkOGVhZGE1N2I0NzU0N2NmNzcyZjBjMjY4YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLFSCJYk1ZX0tntNhW02HgN24kE
pPI61+blAKpyXeaU54JqE/Pbau7sBlGOeqsXZYvnVL7ByB54+tNA0YEM9e/qDfvP
MLXeX6K7ppxTdqpj+aEuqrL/X+ysf5cLgJhA09gifoeDUbDzZnNLD5WfVHHzx6b/
x4cT9BOLOFSs4tZuqEvE9+9vViCA6SXzGAgdAbxEbbF/NpBK7sS6nf3vZw7btWLo
NzUaJqGPCD19y5g/z56/g9oIQu5kJKIDMYNuSx1hxAOP/79m+EHqI/nYDtFamQhh
w5GskYlRWUpr7+74cl7iCNcXQ+k79r8BIIu2DaGtHUqfLlcYVVPf1uG/xQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIflfuBRNdjq2le0dUfPdy8MJouwMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvaC1WLTRGRTEyT3JhVjdSMVI4OTNMd3dtaTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABQgsAwQA
BbwzAwQABbzIAwQABb3bAwQABb3+MA0GCSqGSIb3DQEBCwUAA4IBAQAyg1OxFmpX
Qu7wSI5KE1rwyg8PJWD5qiUTVo40/JFXfBhffRVSMkEitoa2X3HNqgi/lPxJx9DR
K7blYGCbn5nalBpWEgdKSxy9lK9mn20K9iL2FVDc7Tx/KJ0UCc97dhMmhdBH1gcg
//uxUFDXHkmDw0rmioEfyJE4rydl1TAngivEW9Pm8cG/Idu+fHaFlsj1rErReV51
ZfjvDEKRDu8hAQ/lhZTa1ReDLMy5AtkHmZOkeUjxOTutNHaYl8BfaHkNkuTcecuj
e/SV3dl4/qmIB8m6EmuQ/dO/gyBK8h/48LrIcedeaHTImJmFivTw3aoMxc+p5XdY
ikdU+eRqNYAK
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:57:32 2025 by rpki-client