Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa
File:                     TODaCUho62Gehv-2PizceaR7ohg.roa (raw, json)
Hash identifier:          EEJ5eEmNl9HYrtpyde+m1i67aXqJjeNEtfrXMxwcvR8=
Subject key identifier:   4C:E0:DA:09:48:68:EB:61:9E:86:FF:B6:3E:2C:DC:79:A4:7B:A2:18
Certificate issuer:       /CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
Certificate serial:       01981D22A1B41DBF4FA6FDE4B64AD596A332
Authority key identifier: 15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa
Signing time:             Fri 18 Jul 2025 10:44:25 +0000
ROA not before:           Fri 18 Jul 2025 10:44:25 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     14618
IP address blocks:        145.36.0.0/19 maxlen: 19
                          145.36.32.0/19 maxlen: 19
                          145.36.64.0/19 maxlen: 19
                          145.36.96.0/19 maxlen: 19
                          145.36.128.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Jul 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:1d:22:a1:b4:1d:bf:4f:a6:fd:e4:b6:4a:d5:96:a3:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15c181706f61c4b737cd7eb78f7230e34cdfc14c
        Validity
            Not Before: Jul 18 10:44:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4ce0da094868eb619e86ffb63e2cdc79a47ba218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:37:28:ef:9f:97:eb:3b:4a:c1:b1:67:b6:f6:
                    93:8f:f7:a9:a8:f3:18:b3:77:d4:4c:d7:0d:7a:b1:
                    8b:79:76:ce:50:95:c8:34:18:7f:7c:63:d8:47:0b:
                    5e:a4:0a:a9:2d:69:33:4d:35:c7:c1:88:ce:f8:1d:
                    99:00:e9:af:00:dc:5c:0c:c0:1a:63:b2:7d:d4:0c:
                    e2:0a:e3:6e:a7:a6:17:8d:e4:45:67:99:b0:e6:53:
                    6d:e5:fa:07:43:35:be:2d:ba:af:fd:a7:13:3d:5a:
                    5b:ac:26:fa:31:23:40:12:21:12:4d:d5:23:32:55:
                    81:35:ff:d2:61:fe:55:5d:2d:12:89:7d:54:8b:9a:
                    e8:c0:04:55:28:19:e9:1b:99:12:61:e6:6e:5b:26:
                    fc:60:41:a3:d6:06:bc:c5:be:dd:a3:60:2a:f0:79:
                    e5:3e:ab:4a:af:d4:57:cb:13:a4:40:16:8a:e6:ed:
                    e8:d7:ec:32:ea:e7:b5:c0:79:08:16:de:2e:be:51:
                    c7:6a:b1:b8:85:c1:b2:22:71:63:47:c8:6b:69:70:
                    d8:23:33:bf:3a:ff:9e:02:cb:6f:22:af:1f:a0:9b:
                    fe:99:1d:24:27:ce:06:80:f6:9a:91:e4:1c:51:ad:
                    94:dd:c4:0e:01:84:b4:ff:c5:77:63:e0:aa:82:ac:
                    81:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E0:DA:09:48:68:EB:61:9E:86:FF:B6:3E:2C:DC:79:A4:7B:A2:18
            X509v3 Authority Key Identifier:
                keyid:15:C1:81:70:6F:61:C4:B7:37:CD:7E:B7:8F:72:30:E3:4C:DF:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FcGBcG9hxLc3zX63j3Iw40zfwUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/TODaCUho62Gehv-2PizceaR7ohg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/52e0e2-478b-401d-9385-8ff6cd7747c4/1/FcGBcG9hxLc3zX63j3Iw40zfwUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.36.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         58:56:08:e9:41:e1:86:5c:39:2f:bc:83:b0:d6:e6:7d:be:79:
         da:76:ee:be:7f:cc:0b:98:da:9e:b2:ed:c5:e9:3a:b3:f9:d2:
         07:63:60:8f:c9:ce:a8:7a:ca:3a:96:ea:8e:32:80:86:ba:f8:
         ac:6a:44:3c:ed:08:6e:c1:97:63:f4:b0:06:dd:58:e4:5c:bd:
         ef:b7:2a:32:44:ec:f8:2a:47:cf:49:92:f5:d7:a7:61:2c:12:
         1c:19:3f:63:49:cf:3e:28:e6:59:1a:c1:d9:b5:13:1a:05:3a:
         ed:c9:55:f0:3f:54:e5:a5:93:ad:a6:aa:7f:3d:f9:d6:33:50:
         bc:fb:3d:3c:46:4e:3f:6f:52:2a:1f:ab:bd:34:cb:73:9d:ed:
         63:b6:13:62:94:8f:2b:6b:f8:a5:32:46:e6:b5:98:60:aa:59:
         88:4f:a3:0b:c9:b2:51:7e:00:44:9f:71:36:02:fc:8a:bf:dc:
         18:d5:ec:56:90:25:85:f0:9e:2c:cd:be:41:6d:f2:7b:8e:cb:
         5b:1a:ea:1d:81:b4:3c:3c:0a:0d:a3:f9:d9:a5:a6:0c:48:e6:
         78:51:83:dd:7c:f3:a0:06:62:51:44:4e:c8:ad:31:1c:f2:e8:
         df:25:e6:00:b7:7a:48:21:dd:1a:8e:49:27:85:ae:8f:93:59:
         40:89:0b:fb
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZgdIqG0Hb9Ppv3ktkrVlqMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YzE4MTcwNmY2MWM0YjczN2NkN2ViNzhmNzIzMGUzNGNk
ZmMxNGMwHhcNMjUwNzE4MTA0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2UwZGEwOTQ4NjhlYjYxOWU4NmZmYjYzZTJjZGM3OWE0N2JhMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjco75+X6ztKwbFntvaTj/epqPMY
s3fUTNcNerGLeXbOUJXINBh/fGPYRwtepAqpLWkzTTXHwYjO+B2ZAOmvANxcDMAa
Y7J91AziCuNup6YXjeRFZ5mw5lNt5foHQzW+Lbqv/acTPVpbrCb6MSNAEiESTdUj
MlWBNf/SYf5VXS0SiX1Ui5rowARVKBnpG5kSYeZuWyb8YEGj1ga8xb7do2Aq8Hnl
PqtKr9RXyxOkQBaK5u3o1+wy6ue1wHkIFt4uvlHHarG4hcGyInFjR8hraXDYIzO/
Ov+eAstvIq8foJv+mR0kJ84GgPaakeQcUa2U3cQOAYS0/8V3Y+CqgqyB3QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEzg2glIaOthnob/tj4s3Hmke6IYMB8GA1UdIwQY
MBaAFBXBgXBvYcS3N81+t49yMONM38FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUt
OGZmNmNkNzc0N2M0LzEvVE9EYUNVaG82MkdlaHYtMlBpemNlYVI3b2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81MmUwZTItNDc4Yi00MDFkLTkzODUtOGZmNmNkNzc0N2M0
LzEvRmNHQmNHOWh4TGMzelg2M2ozSXc0MHpmd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkSQwDQYJ
KoZIhvcNAQELBQADggEBAFhWCOlB4YZcOS+8g7DW5n2+edp27r5/zAuY2p6y7cXp
OrP50gdjYI/Jzqh6yjqW6o4ygIa6+KxqRDztCG7Bl2P0sAbdWORcve+3KjJE7Pgq
R89JkvXXp2EsEhwZP2NJzz4o5lkawdm1ExoFOu3JVfA/VOWlk62mqn89+dYzULz7
PTxGTj9vUiofq700y3Od7WO2E2KUjytr+KUyRua1mGCqWYhPowvJslF+AESfcTYC
/Iq/3BjV7FaQJYXwnizNvkFt8nuOy1sa6h2BtDw8Cg2j+dmlpgxI5nhRg91886AG
YlFETsitMRzy6N8l5gC3ekgh3RqOSSeFro+TWUCJC/s=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:14:04 2025 by rpki-client