Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22773.roa
File:                     AS22773.roa (raw, json)
Hash identifier:          lzCBJ5H/rkPjZV5EjOgk46upnBHG5t0bim6tyEttqKY=
Subject key identifier:   6B:B8:9C:50:9E:D5:C0:7A:E2:CB:E9:16:07:E1:AF:ED:EE:6E:E8:C0
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       1505329DCDB1CB9CEFDBD16EFBFD8A16EEFBF5CB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22773.roa
Signing time:             Fri 18 Jul 2025 13:18:18 +0000
ROA not before:           Fri 18 Jul 2025 13:13:18 +0000
ROA not after:            Fri 17 Jul 2026 13:18:18 +0000
asID:                     22773
IP address blocks:        95.134.32.0/22 maxlen: 24
                          95.135.204.0/22 maxlen: 24
                          178.94.224.0/22 maxlen: 24
                          178.95.180.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:05:32:9d:cd:b1:cb:9c:ef:db:d1:6e:fb:fd:8a:16:ee:fb:f5:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jul 18 13:13:18 2025 GMT
            Not After : Jul 17 13:18:18 2026 GMT
        Subject: CN=6BB89C509ED5C07AE2CBE91607E1AFEDEE6EE8C0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:58:1d:bf:05:07:5a:df:4e:46:1c:c6:9d:8f:
                    cb:cf:f9:85:c6:2b:eb:cc:70:b5:f6:44:70:45:f5:
                    0a:e6:b3:77:b7:8e:09:4f:f4:32:d2:c2:45:95:d2:
                    8c:9d:0a:17:00:f8:54:9d:cd:99:35:49:35:3f:c0:
                    00:fa:33:e4:08:d0:b1:22:62:27:14:69:09:09:6f:
                    3d:a4:25:a5:f8:e2:e2:7f:8e:72:71:2c:15:69:9b:
                    7a:0d:d4:0f:1b:fb:5c:21:79:f8:40:c7:03:58:21:
                    9e:34:e8:f0:9f:f1:7b:3c:6b:50:28:dd:99:7c:95:
                    e7:e4:7b:b6:be:e1:24:d2:d6:c9:17:59:d6:2d:f6:
                    7e:9c:86:a3:71:9a:c3:45:f9:ee:e8:b9:4b:4c:6c:
                    c9:d2:2f:5f:c7:cd:52:6a:1b:1d:78:c7:f4:76:4a:
                    dc:c5:e8:4c:ec:7c:6c:67:bb:41:15:4c:6f:4b:62:
                    ee:ed:46:61:89:b1:f7:67:f0:79:b4:05:c3:aa:4f:
                    61:b0:44:01:a7:bf:68:97:84:83:4e:51:72:fd:4c:
                    c1:2b:2e:c4:0e:f1:4c:5a:23:7e:78:98:6a:35:40:
                    90:a3:e9:9d:77:02:1c:b5:21:ee:bc:2f:8a:ad:d2:
                    84:e8:4c:0b:37:62:c9:55:d3:1e:15:f0:d0:59:90:
                    0a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:B8:9C:50:9E:D5:C0:7A:E2:CB:E9:16:07:E1:AF:ED:EE:6E:E8:C0
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22773.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.134.32.0/22
                  95.135.204.0/22
                  178.94.224.0/22
                  178.95.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a8:6d:f1:f0:54:5c:18:3e:1e:a6:46:58:0f:3f:8e:5f:5e:6d:
         4a:97:78:76:db:ba:56:a3:47:79:9a:8c:ff:ee:0b:ef:31:d9:
         df:45:7f:be:13:29:96:03:d1:bc:60:d5:ad:ec:81:f4:83:d9:
         12:8e:8c:57:b4:d1:c8:00:67:4f:fe:09:3f:c2:02:f3:d9:d6:
         65:09:a3:d5:a2:52:dc:32:21:a4:f0:07:0c:4f:f6:63:11:b0:
         55:1c:7f:04:91:e0:18:fe:89:b4:20:65:c2:73:9b:18:e1:98:
         b6:20:22:e6:7f:97:82:b8:39:51:a9:04:77:f9:dc:0f:75:2a:
         75:a6:bc:5f:bb:dc:b7:1f:95:bf:d9:d4:41:88:86:8e:9e:9c:
         9c:9d:e1:b2:bb:d3:53:0a:73:e0:d9:03:d9:f4:c9:3f:b5:2d:
         da:d5:68:7c:6e:c2:9c:b9:94:16:41:79:7b:bd:c1:19:40:bc:
         40:21:8b:5c:51:8e:07:79:b3:2f:72:80:c9:19:7b:91:7a:f4:
         77:90:f6:a3:24:5b:70:eb:88:b3:ad:d4:3e:5e:05:df:05:88:
         f5:5b:ba:c8:31:57:7b:34:e0:0c:8f:b3:40:a1:4b:6f:ab:31:
         19:64:0a:c2:5e:99:4a:a5:11:c6:c2:84:b6:31:58:ed:b6:69:
         82:a8:35:df
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUFQUync2xy5zv29Fu+/2KFu779cswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MTgxMzEzMThaFw0yNjA3MTcxMzE4MThaMDMxMTAvBgNV
BAMTKDZCQjg5QzUwOUVENUMwN0FFMkNCRTkxNjA3RTFBRkVERUU2RUU4QzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyWB2/BQda305GHMadj8vP+YXG
K+vMcLX2RHBF9Qrms3e3jglP9DLSwkWV0oydChcA+FSdzZk1STU/wAD6M+QI0LEi
YicUaQkJbz2kJaX44uJ/jnJxLBVpm3oN1A8b+1whefhAxwNYIZ406PCf8Xs8a1Ao
3Zl8lefke7a+4STS1skXWdYt9n6chqNxmsNF+e7ouUtMbMnSL1/HzVJqGx14x/R2
StzF6EzsfGxnu0EVTG9LYu7tRmGJsfdn8Hm0BcOqT2GwRAGnv2iXhINOUXL9TMEr
LsQO8UxaI354mGo1QJCj6Z13Ahy1Ie68L4qt0oToTAs3YslV0x4V8NBZkAqPAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUa7icUJ7VwHriy+kWB+Gv7e5u6MAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjI3NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJfhiAD
BAJfh8wDBAKyXuADBAKyX7QwDQYJKoZIhvcNAQELBQADggEBAKht8fBUXBg+HqZG
WA8/jl9ebUqXeHbbulajR3majP/uC+8x2d9Ff74TKZYD0bxg1a3sgfSD2RKOjFe0
0cgAZ0/+CT/CAvPZ1mUJo9WiUtwyIaTwBwxP9mMRsFUcfwSR4Bj+ibQgZcJzmxjh
mLYgIuZ/l4K4OVGpBHf53A91KnWmvF+73Lcflb/Z1EGIho6enJyd4bK701MKc+DZ
A9n0yT+1LdrVaHxuwpy5lBZBeXu9wRlAvEAhi1xRjgd5sy9ygMkZe5F69HeQ9qMk
W3DriLOt1D5eBd8FiPVbusgxV3s04AyPs0ChS2+rMRlkCsJemUqlEcbChLYxWO22
aYKoNd8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:27 2025 by rpki-client