Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/G5C1ZqYlTLCRRxbHStMwHe3D7Ns.roa
File:                     G5C1ZqYlTLCRRxbHStMwHe3D7Ns.roa (raw, json)
Hash identifier:          LpFTYAOw4TDfnjUrddNXOWvBHb296+OG0h5PcCYbZJE=
Subject key identifier:   1B:90:B5:66:A6:25:4C:B0:91:47:16:C7:4A:D3:30:1D:ED:C3:EC:DB
Certificate issuer:       /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial:       0195DC2FB8B967647E309BB2198C84501B96
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/G5C1ZqYlTLCRRxbHStMwHe3D7Ns.roa
Signing time:             Fri 28 Mar 2025 09:57:49 +0000
ROA not before:           Fri 28 Mar 2025 09:57:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     215224
IP address blocks:        185.177.228.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Apr 2025 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:dc:2f:b8:b9:67:64:7e:30:9b:b2:19:8c:84:50:1b:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
        Validity
            Not Before: Mar 28 09:57:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1b90b566a6254cb0914716c74ad3301dedc3ecdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:c8:45:64:9f:3b:06:c5:92:a2:30:b6:a6:cd:
                    ca:53:f8:67:e1:ee:1b:69:a3:b3:29:1c:ab:28:cd:
                    d0:ce:67:4c:73:19:d8:9a:31:29:42:eb:8e:a1:f0:
                    bb:53:a8:a9:75:d3:4b:b4:0e:38:bd:30:ac:1b:fd:
                    aa:1f:5b:25:ec:a4:cb:3d:ad:e7:23:60:b0:4a:90:
                    c6:e0:5a:d0:b4:12:53:29:58:12:13:1c:09:88:d6:
                    cf:1a:fc:5d:58:ea:7b:1d:40:1a:7c:20:e7:ad:e1:
                    72:d7:49:1a:b6:bc:ae:70:e2:9d:4d:1d:a8:2d:e0:
                    75:60:e8:5f:ef:84:8d:db:c5:24:9f:1b:aa:db:c7:
                    c8:f3:35:5a:e2:e6:34:e0:f9:b0:fb:3c:aa:14:b5:
                    b1:4e:4d:5a:77:ce:bf:49:8a:89:b1:44:a9:d4:13:
                    7a:cd:5d:39:46:cc:e0:15:d4:ec:56:45:70:e5:58:
                    17:a3:1c:6f:dd:35:46:86:0b:b4:30:f5:fb:ba:55:
                    b3:42:3a:d1:6b:05:2f:22:5e:56:a6:29:d5:c3:95:
                    c0:06:87:fb:d4:6f:e3:b9:01:8e:ec:9b:08:81:94:
                    81:97:fd:bd:f2:76:7c:8c:5d:82:91:e5:6c:a0:4c:
                    b9:a0:66:6f:8a:1d:4e:ba:93:c2:79:dc:3e:fa:e3:
                    e1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:90:B5:66:A6:25:4C:B0:91:47:16:C7:4A:D3:30:1D:ED:C3:EC:DB
            X509v3 Authority Key Identifier:
                keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/G5C1ZqYlTLCRRxbHStMwHe3D7Ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:ad:04:f7:67:80:58:f7:68:24:57:9d:aa:12:23:71:b0:b2:
         25:ad:b3:f8:c9:95:b4:3a:ca:c6:48:b9:3c:4a:72:e4:2e:69:
         58:ef:09:9d:75:e4:dd:ea:e3:b0:eb:7d:de:4b:26:0f:12:d2:
         0c:68:cb:d0:35:44:17:5a:52:1c:52:d3:44:d4:56:44:fd:16:
         d8:f6:f4:57:d0:90:d8:9d:8c:4c:00:70:eb:f5:aa:67:78:cc:
         94:a6:d3:8f:f0:5b:32:6d:ee:05:94:ae:bf:81:91:8f:2e:8b:
         f9:27:4d:26:ff:3e:46:66:14:0e:6d:ca:b9:5c:be:a1:dd:de:
         01:7a:0c:6d:c2:55:4a:51:3f:0c:e7:c0:2c:4f:e5:ce:d3:5e:
         55:57:49:90:28:fc:c9:e1:4b:8e:e9:97:e3:82:0e:e5:ee:75:
         b9:38:79:b8:fa:8c:f1:7b:a7:9e:7f:a1:8b:b3:a7:a1:ac:3e:
         53:c9:08:c1:8a:e9:0b:98:28:c6:78:0c:ea:92:51:cb:b6:98:
         a9:fe:b1:45:cc:f8:31:08:1a:23:7c:c4:4c:42:fa:eb:15:df:
         0d:73:22:d5:75:6b:94:a7:54:7e:49:ed:2a:04:c9:a2:5c:1f:
         e5:b6:25:8c:8f:67:81:45:50:d1:78:f2:4e:27:8d:54:35:07:
         0a:cf:26:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXcL7i5Z2R+MJuyGYyEUBuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTRhYzRjN2Y0NTFjNWJiOTM4MmZiY2Q0NmQ3MGM0YzBm
OWRlNTYwHhcNMjUwMzI4MDk1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjkwYjU2NmE2MjU0Y2IwOTE0NzE2Yzc0YWQzMzAxZGVkYzNlY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8hFZJ87BsWSojC2ps3KU/hn4e4b
aaOzKRyrKM3QzmdMcxnYmjEpQuuOofC7U6ipddNLtA44vTCsG/2qH1sl7KTLPa3n
I2CwSpDG4FrQtBJTKVgSExwJiNbPGvxdWOp7HUAafCDnreFy10katryucOKdTR2o
LeB1YOhf74SN28Uknxuq28fI8zVa4uY04Pmw+zyqFLWxTk1ad86/SYqJsUSp1BN6
zV05RszgFdTsVkVw5VgXoxxv3TVGhgu0MPX7ulWzQjrRawUvIl5WpinVw5XABof7
1G/juQGO7JsIgZSBl/298nZ8jF2CkeVsoEy5oGZvih1OupPCedw++uPhUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuQtWamJUywkUcWx0rTMB3tw+zbMB8GA1UdIwQY
MBaAFHVUrEx/RRxbuTgvvNRtcMTA+d5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4Mjgt
ZDkzMzdkYjM5ZDFmLzEvRzVDMVpxWWxUTENSUnhiSFN0TXdIZTNEN05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4MjgtZDkzMzdkYjM5ZDFm
LzEvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubHkMA0G
CSqGSIb3DQEBCwUAA4IBAQBdrQT3Z4BY92gkV52qEiNxsLIlrbP4yZW0OsrGSLk8
SnLkLmlY7wmddeTd6uOw633eSyYPEtIMaMvQNUQXWlIcUtNE1FZE/RbY9vRX0JDY
nYxMAHDr9apneMyUptOP8Fsybe4FlK6/gZGPLov5J00m/z5GZhQObcq5XL6h3d4B
egxtwlVKUT8M58AsT+XO015VV0mQKPzJ4UuO6Zfjgg7l7nW5OHm4+ozxe6eef6GL
s6ehrD5TyQjBiukLmCjGeAzqklHLtpip/rFFzPgxCBojfMRMQvrrFd8NcyLVdWuU
p1R+Se0qBMmiXB/ltiWMj2eBRVDRePJOJ41UNQcKzyZN
-----END CERTIFICATE-----