Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Uauk17H3N5hQ4ASFi_r634G5m68.roa
File:                     Uauk17H3N5hQ4ASFi_r634G5m68.roa (raw, json)
Hash identifier:          s/DCeCtXLf0Zl22vhC2EMyiIStepTELwGOFi+jJqK0k=
Subject key identifier:   51:AB:A4:D7:B1:F7:37:98:50:E0:04:85:8B:FA:FA:DF:81:B9:9B:AF
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       01983C50D06C1A6E88B24CBA8451D8709137
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Uauk17H3N5hQ4ASFi_r634G5m68.roa
Signing time:             Thu 24 Jul 2025 12:03:05 +0000
ROA not before:           Thu 24 Jul 2025 12:03:05 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214078
IP address blocks:        94.183.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 05:56:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:3c:50:d0:6c:1a:6e:88:b2:4c:ba:84:51:d8:70:91:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jul 24 12:03:05 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=51aba4d7b1f7379850e004858bfafadf81b99baf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f9:a8:17:d6:f3:a8:74:3b:7e:ed:61:0a:56:
                    f4:61:84:22:f7:6a:ff:a8:c5:3e:d3:bf:79:00:32:
                    70:d7:5f:9e:78:ae:06:1f:0e:18:37:12:d7:74:d0:
                    30:7f:71:17:eb:2e:05:3a:fc:f7:ce:1d:6b:79:8d:
                    62:df:4a:38:ca:14:b3:94:7d:14:2e:51:6f:b6:47:
                    b3:4f:e9:e1:93:94:ad:35:40:a2:60:c7:9e:7f:4a:
                    62:34:00:33:4e:08:6b:70:c5:8b:f2:54:f2:80:1d:
                    c4:d1:b8:fc:bf:e1:63:a9:ca:c6:99:fb:71:44:77:
                    66:18:4a:8d:30:7e:d0:a5:09:ed:9c:6e:c7:47:9a:
                    1c:f4:dc:de:b6:87:3c:cd:c6:c6:b7:04:59:96:bf:
                    c0:c9:8c:d0:11:59:f3:bc:b2:a8:12:eb:ff:58:06:
                    57:1a:ed:f4:63:10:93:a6:5b:af:59:a6:72:9c:94:
                    08:16:ee:0e:4c:95:67:99:aa:5f:7d:7d:9d:d4:61:
                    fc:45:a6:39:85:3c:d8:42:77:48:13:38:95:81:07:
                    9e:4a:03:eb:d6:40:07:da:60:cd:f7:30:38:c3:0f:
                    ee:56:46:37:9e:fc:ae:fb:d5:a3:2a:cc:76:42:32:
                    ad:8f:8b:86:20:12:18:77:46:02:52:cc:e5:ab:76:
                    aa:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AB:A4:D7:B1:F7:37:98:50:E0:04:85:8B:FA:FA:DF:81:B9:9B:AF
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Uauk17H3N5hQ4ASFi_r634G5m68.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.183.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:60:b9:43:6c:03:6a:ad:e8:4c:e8:2d:4e:34:cd:d2:4f:64:
         e8:15:53:e4:2a:51:38:fd:03:0d:02:a5:45:e8:20:7a:7b:7c:
         4e:a4:be:27:0d:c8:0b:45:cf:aa:07:ba:b3:00:54:cb:b0:34:
         c6:d5:4a:7f:31:b5:93:31:64:16:95:e4:93:4c:43:0d:15:91:
         4a:74:90:a8:93:b7:a9:d9:85:26:97:ad:79:26:3d:3b:73:8b:
         3c:a9:2d:ad:00:f4:9a:b3:51:36:de:6d:c3:56:14:ef:53:08:
         07:3d:8b:c2:2d:53:4c:10:86:7c:33:1c:d3:90:29:0a:ad:66:
         a8:82:59:d6:ae:8e:6b:4f:0d:79:f1:06:b9:37:c1:72:bf:e2:
         46:f3:b6:4f:4c:5f:25:48:8b:5f:5c:d4:51:34:c3:5d:86:4b:
         ea:71:75:b2:df:f9:94:17:3e:ec:c0:c8:a0:8c:e8:9c:05:b2:
         07:4c:ad:03:13:9c:b5:bf:f7:01:84:ec:38:64:13:72:4f:cb:
         73:b7:a7:07:bd:b7:6d:d2:8c:35:8c:e7:5d:8f:d6:55:a4:48:
         ee:fb:5c:66:1f:f0:55:ee:b0:53:97:cd:f8:ea:38:34:8a:a5:
         59:af:17:cf:ed:08:4a:b0:60:16:df:99:9b:3d:8d:46:7f:cd:
         6d:5e:f4:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZg8UNBsGm6Isky6hFHYcJE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI0MTIwMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWFiYTRkN2IxZjczNzk4NTBlMDA0ODU4YmZhZmFkZjgxYjk5YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPmoF9bzqHQ7fu1hClb0YYQi92r/
qMU+0795ADJw11+eeK4GHw4YNxLXdNAwf3EX6y4FOvz3zh1reY1i30o4yhSzlH0U
LlFvtkezT+nhk5StNUCiYMeef0piNAAzTghrcMWL8lTygB3E0bj8v+FjqcrGmftx
RHdmGEqNMH7QpQntnG7HR5oc9Nzetoc8zcbGtwRZlr/AyYzQEVnzvLKoEuv/WAZX
Gu30YxCTpluvWaZynJQIFu4OTJVnmapffX2d1GH8RaY5hTzYQndIEziVgQeeSgPr
1kAH2mDN9zA4ww/uVkY3nvyu+9WjKsx2QjKtj4uGIBIYd0YCUszlq3aq9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGrpNex9zeYUOAEhYv6+t+BuZuvMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVWF1azE3SDNONWhRNEFTRmlfcjYzNEc1bTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrexMA0G
CSqGSIb3DQEBCwUAA4IBAQB9YLlDbANqrehM6C1ONM3ST2ToFVPkKlE4/QMNAqVF
6CB6e3xOpL4nDcgLRc+qB7qzAFTLsDTG1Up/MbWTMWQWleSTTEMNFZFKdJCok7ep
2YUml615Jj07c4s8qS2tAPSas1E23m3DVhTvUwgHPYvCLVNMEIZ8MxzTkCkKrWao
glnWro5rTw158Qa5N8Fyv+JG87ZPTF8lSItfXNRRNMNdhkvqcXWy3/mUFz7swMig
jOicBbIHTK0DE5y1v/cBhOw4ZBNyT8tzt6cHvbdt0ow1jOddj9ZVpEju+1xmH/BV
7rBTl8346jg0iqVZrxfP7QhKsGAW35mbPY1Gf81tXvQc
-----END CERTIFICATE-----