Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dwxVTJjwRdmFY55JH2yvjXmSVts.roa
File:                     dwxVTJjwRdmFY55JH2yvjXmSVts.roa (raw, json)
Hash identifier:          Lh23QBiX92su9UHZMQr+EOFIPCcgDPrhS+6BAN9DBAs=
Subject key identifier:   77:0C:55:4C:98:F0:45:D9:85:63:9E:49:1F:6C:AF:8D:79:92:56:DB
Certificate issuer:       /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial:       0199962618C5A9D194A3AF940D1DABF9DD3A
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dwxVTJjwRdmFY55JH2yvjXmSVts.roa
Signing time:             Mon 29 Sep 2025 15:45:03 +0000
ROA not before:           Mon 29 Sep 2025 15:45:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     154049
IP address blocks:        144.56.15.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 Oct 2025 21:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:96:26:18:c5:a9:d1:94:a3:af:94:0d:1d:ab:f9:dd:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
        Validity
            Not Before: Sep 29 15:45:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=770c554c98f045d985639e491f6caf8d799256db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f0:8b:5b:fc:f9:1b:03:12:30:78:44:26:ca:
                    cb:2f:1d:52:64:63:71:96:f5:e0:d5:fd:f1:fe:b5:
                    9f:6a:67:cd:02:8b:2d:86:ce:f0:b7:76:bc:31:9f:
                    c7:ca:81:9b:53:5e:9c:2f:8c:21:2e:b2:32:f3:23:
                    88:c0:1b:e6:d1:93:6e:cd:9a:be:62:7c:59:04:e0:
                    fa:e2:d1:39:b0:36:c8:60:b2:a2:3d:a7:d9:14:71:
                    69:d4:55:24:07:cd:1d:ab:b5:08:03:97:f2:14:30:
                    2a:4b:ae:90:06:a3:38:df:0f:19:39:f4:01:67:5e:
                    a2:af:6a:74:94:44:86:6f:91:09:e2:26:fb:0e:38:
                    08:6a:0e:e6:64:2c:b6:83:4a:ae:81:7f:d8:88:7f:
                    55:ae:67:86:88:ac:57:22:af:68:6b:b0:04:68:aa:
                    8a:7a:df:71:c0:54:fc:f6:80:8c:52:a2:25:1b:f3:
                    13:00:6f:cf:ec:75:d4:38:ad:10:a3:61:de:08:4b:
                    6f:a2:4d:f2:6c:0d:97:50:f8:d3:87:02:ed:91:12:
                    6c:cf:80:b1:96:b1:a2:a1:3c:c0:c3:5e:b2:fe:cb:
                    0f:b3:5e:b8:49:bd:8d:2a:6f:52:f9:9b:e0:1f:b8:
                    94:37:d6:6d:05:d4:db:d4:9f:49:db:81:82:f4:d0:
                    76:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:0C:55:4C:98:F0:45:D9:85:63:9E:49:1F:6C:AF:8D:79:92:56:DB
            X509v3 Authority Key Identifier:
                keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/dwxVTJjwRdmFY55JH2yvjXmSVts.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.56.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:72:d0:8d:59:3b:d3:ef:db:fb:45:12:3c:fe:02:4e:9e:7f:
         3a:42:3c:3f:6f:da:43:11:fc:17:9a:ad:f5:11:d0:bd:61:2f:
         88:dd:b1:e0:99:f9:1b:04:96:af:71:9c:f0:2a:71:fc:7e:2c:
         e3:c2:c4:79:bc:68:8f:5d:47:6f:72:e4:f4:4a:76:0e:a4:bc:
         1e:cc:bb:ef:c3:5e:1c:da:e6:e0:fd:93:95:2a:41:2b:6c:47:
         f4:0e:b3:12:80:50:ce:a2:03:c5:b7:af:66:04:53:b1:64:20:
         64:a7:fd:50:28:8c:d4:f4:58:99:40:ee:9e:85:6b:0b:eb:4e:
         f5:2d:ec:71:87:f1:22:1c:69:6a:86:f7:be:14:fa:5c:73:b3:
         7e:4e:b0:bc:31:36:1e:f4:d7:f0:90:52:cb:c3:cd:da:50:56:
         39:2d:6c:42:7b:c1:79:16:98:a1:8c:b2:cf:95:e1:4a:7b:8f:
         02:fd:f8:4e:6d:a1:b2:00:e4:59:00:42:f7:62:a4:03:f9:3b:
         92:5d:05:6d:25:8a:32:fa:4f:be:36:a7:19:de:9b:b6:99:92:
         25:f7:76:dd:e4:2f:10:5f:20:72:ab:a1:43:73:dc:ab:4f:17:
         61:c5:5e:44:97:f2:14:59:43:df:bf:bf:6d:ec:ef:cd:3a:ac:
         81:93:e8:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmWJhjFqdGUo6+UDR2r+d06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTI5MTU0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzBjNTU0Yzk4ZjA0NWQ5ODU2MzllNDkxZjZjYWY4ZDc5OTI1NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/CLW/z5GwMSMHhEJsrLLx1SZGNx
lvXg1f3x/rWfamfNAosths7wt3a8MZ/HyoGbU16cL4whLrIy8yOIwBvm0ZNuzZq+
YnxZBOD64tE5sDbIYLKiPafZFHFp1FUkB80dq7UIA5fyFDAqS66QBqM43w8ZOfQB
Z16ir2p0lESGb5EJ4ib7DjgIag7mZCy2g0qugX/YiH9VrmeGiKxXIq9oa7AEaKqK
et9xwFT89oCMUqIlG/MTAG/P7HXUOK0Qo2HeCEtvok3ybA2XUPjThwLtkRJsz4Cx
lrGioTzAw16y/ssPs164Sb2NKm9S+ZvgH7iUN9ZtBdTb1J9J24GC9NB2yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcMVUyY8EXZhWOeSR9sr415klbbMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvZHd4VlRKandSZG1GWTU1SkgyeXZqWG1TVnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkDgPMA0G
CSqGSIb3DQEBCwUAA4IBAQCFctCNWTvT79v7RRI8/gJOnn86Qjw/b9pDEfwXmq31
EdC9YS+I3bHgmfkbBJavcZzwKnH8fizjwsR5vGiPXUdvcuT0SnYOpLwezLvvw14c
2ubg/ZOVKkErbEf0DrMSgFDOogPFt69mBFOxZCBkp/1QKIzU9FiZQO6ehWsL6071
Lexxh/EiHGlqhve+FPpcc7N+TrC8MTYe9NfwkFLLw83aUFY5LWxCe8F5FpihjLLP
leFKe48C/fhObaGyAORZAEL3YqQD+TuSXQVtJYoy+k++NqcZ3pu2mZIl93bd5C8Q
XyByq6FDc9yrTxdhxV5El/IUWUPfv79t7O/NOqyBk+h/
-----END CERTIFICATE-----