Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-wKbE69ysdFR8m3vDeMsZe10ksc.roa
File:                     1-wKbE69ysdFR8m3vDeMsZe10ksc.roa (raw, json)
Hash identifier:          h3mX9VSrj56K9ZrI0yt3b4ySZS+jDigq5XT9BYpCUpg=
Subject key identifier:   FB:02:9B:13:AF:72:B1:D1:51:F2:6D:EF:0D:E3:2C:65:ED:74:92:C7
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01982DA1F5A50340848193B90232F9610C15
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-wKbE69ysdFR8m3vDeMsZe10ksc.roa
Signing time:             Mon 21 Jul 2025 15:37:25 +0000
ROA not before:           Mon 21 Jul 2025 15:37:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     50113
IP address blocks:        2a04:5200::/29 maxlen: 29
                          2a04:5200::/32 maxlen: 32
                          2a04:5200::/48 maxlen: 48
                          2a04:5200:1::/48 maxlen: 48
                          2a04:5200:a::/48 maxlen: 48
                          2a04:5200:fb01::/48 maxlen: 48
                          2a04:5200:fb02::/48 maxlen: 48
                          2a04:5200:ff00::/48 maxlen: 48
                          2a04:5200:ff10::/48 maxlen: 48
                          2a04:5200:fff1::/48 maxlen: 48
                          2a04:5200:fff2::/48 maxlen: 48
                          2a04:5200:fff3::/48 maxlen: 48
                          2a04:5200:fff4::/48 maxlen: 48
                          2a04:5200:fff5::/48 maxlen: 48
                          2a04:5200:fff6::/48 maxlen: 48
                          2a04:5200:fff7::/48 maxlen: 48
                          2a04:5200:fff8::/48 maxlen: 48
                          2a04:5200:fff9::/48 maxlen: 48
                          2a04:5200:ffff::/48 maxlen: 48
                          2a04:5202::/32 maxlen: 32
                          2a04:5203::/32 maxlen: 32
                          2a04:5204::/32 maxlen: 32
                          2a04:5205::/32 maxlen: 32
                          2a04:5206::/32 maxlen: 32
                          2a04:5207::/32 maxlen: 32
                          2a09:5303::/32 maxlen: 32
                          2a0a:9300::/32 maxlen: 32
                          2a0a:9300::/48 maxlen: 48
                          2a0a:9300:aaaa::/48 maxlen: 48
                          2a0c:aa40::/32 maxlen: 32
                          2a0c:aa41::/32 maxlen: 32
                          2a0c:aa42::/32 maxlen: 32
                          2a0c:aa43::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 15:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:2d:a1:f5:a5:03:40:84:81:93:b9:02:32:f9:61:0c:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jul 21 15:37:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fb029b13af72b1d151f26def0de32c65ed7492c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:14:64:81:7a:3c:f1:79:ef:91:72:2e:18:48:
                    94:e6:fd:8e:2e:cd:57:86:44:7d:de:ec:e7:fa:29:
                    fd:83:1f:e7:45:22:81:56:8b:b8:33:13:82:4b:f2:
                    31:b5:35:4c:fc:53:4c:f0:b3:b6:17:11:ea:9b:33:
                    21:38:52:85:68:50:3f:5c:a3:c3:a2:64:bb:91:83:
                    80:ad:13:14:22:59:a1:4f:76:56:ae:87:76:33:55:
                    23:b7:7a:54:dd:a4:c5:2f:19:61:34:c6:cc:b9:68:
                    e0:a5:b0:e2:c7:b4:ef:c8:d8:97:f7:d0:56:6a:c1:
                    90:10:86:e5:7a:fe:47:95:9c:56:a9:e8:4f:7f:09:
                    a5:65:9e:26:61:99:44:9a:72:4a:5e:2c:a8:f9:ac:
                    f0:c6:fe:6c:c9:6c:14:9e:36:74:cd:64:e5:b4:8f:
                    dc:03:e0:55:8a:eb:6a:b9:ab:02:9d:cc:82:ef:17:
                    ac:f5:07:f0:d2:8f:0c:99:e5:77:a1:9e:0b:ad:96:
                    9f:25:19:63:3e:88:4d:ca:c0:89:21:f4:c2:99:21:
                    e1:55:ea:36:93:e9:91:d3:67:0f:42:e6:56:46:16:
                    51:42:de:af:88:ed:09:26:8f:17:de:46:0b:d3:5a:
                    89:c7:7c:55:24:57:85:46:54:a5:39:58:68:79:ad:
                    29:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:02:9B:13:AF:72:B1:D1:51:F2:6D:EF:0D:E3:2C:65:ED:74:92:C7
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-wKbE69ysdFR8m3vDeMsZe10ksc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a04:5200::/29
                  2a09:5303::/32
                  2a0a:9300::/32
                  2a0c:aa40::/30

    Signature Algorithm: sha256WithRSAEncryption
         6a:5c:f2:7b:69:c7:34:ec:e2:85:7d:ec:cb:f6:27:34:fd:cd:
         28:71:2f:97:8b:fc:e4:e8:7d:ab:60:52:49:13:df:e7:3f:c9:
         6b:84:f5:f1:ed:0a:76:99:16:11:8f:82:6a:95:55:ae:d8:1c:
         da:e4:2c:ca:70:ab:54:af:47:16:88:a0:86:f7:f8:42:b9:43:
         7d:30:60:07:36:ee:b9:ad:d9:ba:e5:d8:26:cb:ff:17:80:79:
         d5:69:1e:02:b4:22:92:5b:b9:70:41:dc:18:29:5a:5f:36:f2:
         7d:6e:a9:6d:dd:f6:14:7d:28:30:0e:3a:18:11:b6:66:ab:a5:
         4c:74:98:b0:94:64:63:11:53:da:df:78:7d:36:d9:18:ed:42:
         35:75:b2:13:32:cb:46:3d:3e:ad:1b:c9:52:36:dc:c9:f0:97:
         10:07:9a:03:78:1d:dc:e6:74:72:c5:0d:82:a4:d0:8c:cc:e8:
         fb:02:09:4e:e2:ab:68:76:c5:ce:7c:7b:7d:b5:78:25:8a:24:
         04:c4:84:7a:1a:c9:5b:cc:6a:46:1b:43:23:49:fe:51:ce:1b:
         c6:9a:7b:54:fe:f6:25:a6:48:0b:08:c2:2c:20:9b:81:66:65:
         ab:ef:53:2c:e6:a6:92:63:ea:87:f1:74:53:84:ae:ea:26:44:
         a1:06:0a:39
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZgtofWlA0CEgZO5AjL5YQwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzIxMTUzNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjAyOWIxM2FmNzJiMWQxNTFmMjZkZWYwZGUzMmM2NWVkNzQ5MmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhRkgXo88XnvkXIuGEiU5v2OLs1X
hkR93uzn+in9gx/nRSKBVou4MxOCS/IxtTVM/FNM8LO2FxHqmzMhOFKFaFA/XKPD
omS7kYOArRMUIlmhT3ZWrod2M1Ujt3pU3aTFLxlhNMbMuWjgpbDix7TvyNiX99BW
asGQEIblev5HlZxWqehPfwmlZZ4mYZlEmnJKXiyo+azwxv5syWwUnjZ0zWTltI/c
A+BViutquasCncyC7xes9Qfw0o8MmeV3oZ4LrZafJRljPohNysCJIfTCmSHhVeo2
k+mR02cPQuZWRhZRQt6viO0JJo8X3kYL01qJx3xVJFeFRlSlOVhoea0pmwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPsCmxOvcrHRUfJt7w3jLGXtdJLHMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS13S2JFNjl5c2RGUjhtM3ZEZU1zWmUxMGtzYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAIwHAMFAyoEUgAD
BQAqCVMDAwUAKgqTAAMFAioMqkAwDQYJKoZIhvcNAQELBQADggEBAGpc8ntpxzTs
4oV97Mv2JzT9zShxL5eL/OTofatgUkkT3+c/yWuE9fHtCnaZFhGPgmqVVa7YHNrk
LMpwq1SvRxaIoIb3+EK5Q30wYAc27rmt2brl2CbL/xeAedVpHgK0IpJbuXBB3Bgp
Wl828n1uqW3d9hR9KDAOOhgRtmarpUx0mLCUZGMRU9rfeH022RjtQjV1shMyy0Y9
Pq0byVI23MnwlxAHmgN4HdzmdHLFDYKk0IzM6PsCCU7iq2h2xc58e321eCWKJATE
hHoayVvMakYbQyNJ/lHOG8aae1T+9iWmSAsIwiwgm4FmZavvUyzmppJj6ofxdFOE
ruomRKEGCjk=
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:25:27 2025 by rpki-client