Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GLCmkwBmlbaa5jYjEpuitsneC4E.roa
File:                     GLCmkwBmlbaa5jYjEpuitsneC4E.roa (raw, json)
Hash identifier:          ZD/uNog71g646DIdSuoBtZG9JvOdJOQqqLsLgMxmNjk=
Subject key identifier:   18:B0:A6:93:00:66:95:B6:9A:E6:36:23:12:9B:A2:B6:C9:DE:0B:81
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       01981CF5C6CDD326D8DB5E7441F065FCD48A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GLCmkwBmlbaa5jYjEpuitsneC4E.roa
Signing time:             Fri 18 Jul 2025 09:55:25 +0000
ROA not before:           Fri 18 Jul 2025 09:55:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     211056
IP address blocks:        94.183.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 24 Jul 2025 12:37:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:1c:f5:c6:cd:d3:26:d8:db:5e:74:41:f0:65:fc:d4:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jul 18 09:55:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=18b0a693006695b69ae63623129ba2b6c9de0b81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b0:b3:ee:7b:d7:bf:18:5a:c1:5f:dc:62:97:
                    08:02:5f:24:99:86:db:94:a7:00:dd:45:3e:c0:fb:
                    bb:91:31:b7:06:c0:52:c6:c6:c7:48:61:a8:df:5c:
                    89:2d:54:8f:30:68:2e:7c:d9:fb:02:1b:f4:3a:6d:
                    1d:ff:6a:7b:65:75:56:95:b7:af:ad:c4:6a:9c:61:
                    59:06:e3:ba:d2:49:71:3e:04:8d:21:a6:6b:75:b6:
                    42:3a:95:e4:c7:ea:f7:bc:2b:5b:45:46:32:49:87:
                    5a:03:e3:c8:aa:72:3b:b3:24:67:9f:83:4a:ad:65:
                    94:8d:27:d1:c9:b3:f0:63:0b:c0:e0:f8:a8:a3:bd:
                    b6:22:3f:17:9d:ce:28:b7:bc:6d:68:59:90:7f:df:
                    a0:22:75:d8:eb:26:1b:98:e0:bf:72:c0:dd:21:e9:
                    46:1a:e2:18:77:9c:55:ad:51:8b:fa:9f:a2:73:a9:
                    81:8e:db:99:80:2f:44:06:2b:af:8c:60:79:54:bd:
                    81:3a:8d:e4:9f:8a:08:6c:76:ff:9b:50:56:3b:f2:
                    d3:5d:78:dc:46:2e:90:a7:43:bf:e9:be:b0:0e:a6:
                    bb:ba:3d:3e:52:1c:56:a7:fb:d4:a7:24:27:6c:c8:
                    43:26:af:1b:a6:dd:c2:95:ba:83:2d:4f:3c:16:ba:
                    08:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:B0:A6:93:00:66:95:B6:9A:E6:36:23:12:9B:A2:B6:C9:DE:0B:81
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/GLCmkwBmlbaa5jYjEpuitsneC4E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.183.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:52:ab:23:a3:d9:17:02:25:25:66:54:c4:a7:40:64:84:26:
         98:26:b0:a4:09:0c:35:e2:a7:d9:f5:38:ce:e8:26:bd:32:11:
         3b:09:ae:de:60:61:c8:a5:27:97:56:35:2f:41:90:dd:14:88:
         94:f1:8a:f4:3e:fd:1a:31:95:88:ee:65:56:33:e9:16:6a:b0:
         46:ee:66:77:62:cc:17:40:4c:f0:81:c2:a0:57:ca:22:ce:b2:
         b8:32:13:77:62:f0:15:d1:b9:12:03:1f:9d:a6:1f:8e:28:ee:
         df:a9:ec:ab:f1:1b:d0:f5:2d:fc:40:f9:0e:79:7c:d1:e7:55:
         24:99:ed:ee:18:36:ee:9d:c3:a8:00:b7:dc:4e:d0:ea:65:ce:
         06:6b:c8:e4:be:e8:d4:e9:d6:0c:99:ca:0a:32:4a:12:16:b5:
         98:3e:d8:b7:1f:2e:ef:53:32:69:0f:7c:d6:42:dc:66:1a:7b:
         df:da:bc:18:ff:48:d4:59:aa:9b:23:e4:07:0f:ea:d6:8b:f0:
         89:c0:d2:29:11:46:e7:d8:d0:84:d5:5c:bd:e9:03:94:2a:c7:
         e7:48:80:9a:5a:f4:44:8e:d8:7b:49:38:61:27:75:6a:da:3f:
         a2:f6:c5:12:a6:ed:9d:13:cb:45:2d:11:d1:35:e4:6e:e8:f9:
         05:74:7a:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgc9cbN0ybY2150QfBl/NSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzE4MDk1NTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGIwYTY5MzAwNjY5NWI2OWFlNjM2MjMxMjliYTJiNmM5ZGUwYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bCz7nvXvxhawV/cYpcIAl8kmYbb
lKcA3UU+wPu7kTG3BsBSxsbHSGGo31yJLVSPMGgufNn7Ahv0Om0d/2p7ZXVWlbev
rcRqnGFZBuO60klxPgSNIaZrdbZCOpXkx+r3vCtbRUYySYdaA+PIqnI7syRnn4NK
rWWUjSfRybPwYwvA4Pioo722Ij8Xnc4ot7xtaFmQf9+gInXY6yYbmOC/csDdIelG
GuIYd5xVrVGL+p+ic6mBjtuZgC9EBiuvjGB5VL2BOo3kn4oIbHb/m1BWO/LTXXjc
Ri6Qp0O/6b6wDqa7uj0+UhxWp/vUpyQnbMhDJq8bpt3ClbqDLU88FroIBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiwppMAZpW2muY2IxKborbJ3guBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvR0xDbWt3Qm1sYmFhNWpZakVwdWl0c25lQzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrevMA0G
CSqGSIb3DQEBCwUAA4IBAQBzUqsjo9kXAiUlZlTEp0BkhCaYJrCkCQw14qfZ9TjO
6Ca9MhE7Ca7eYGHIpSeXVjUvQZDdFIiU8Yr0Pv0aMZWI7mVWM+kWarBG7mZ3YswX
QEzwgcKgV8oizrK4MhN3YvAV0bkSAx+dph+OKO7fqeyr8RvQ9S38QPkOeXzR51Uk
me3uGDbuncOoALfcTtDqZc4Ga8jkvujU6dYMmcoKMkoSFrWYPti3Hy7vUzJpD3zW
QtxmGnvf2rwY/0jUWaqbI+QHD+rWi/CJwNIpEUbn2NCE1Vy96QOUKsfnSICaWvRE
jth7SThhJ3Vq2j+i9sUSpu2dE8tFLRHRNeRu6PkFdHqb
-----END CERTIFICATE-----