Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/wgT_g79nB0TOJRr-q1rwlPJWs1s.roa
File:                     wgT_g79nB0TOJRr-q1rwlPJWs1s.roa (raw, json)
Hash identifier:          LP6gaCwP2A5ABRHbYQ6G3nZvDulfLXXtDIh7sWzRcSw=
Subject key identifier:   C2:04:FF:83:BF:67:07:44:CE:25:1A:FE:AB:5A:F0:94:F2:56:B3:5B
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       019E5D4C8947242378BEE16BDCF7D59A2A1F
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/wgT_g79nB0TOJRr-q1rwlPJWs1s.roa
Signing time:             Mon 25 May 2026 04:02:37 +0000
ROA not before:           Mon 25 May 2026 04:02:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     20473
IP address blocks:        5.175.190.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Jun 2026 05:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:5d:4c:89:47:24:23:78:be:e1:6b:dc:f7:d5:9a:2a:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: May 25 04:02:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c204ff83bf670744ce251afeab5af094f256b35b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5e:dd:e6:d8:2f:d2:80:86:9b:89:4f:72:a3:
                    01:c9:39:e9:aa:06:5d:99:80:d9:49:e7:dc:8e:d0:
                    1d:f9:ac:c6:4e:61:c9:a9:27:b7:7f:cf:2d:b7:2f:
                    82:a1:a1:43:0a:f7:da:43:88:aa:e6:f1:03:8f:d0:
                    c0:c0:46:b2:0a:34:e5:a3:93:f8:e4:38:0c:cb:26:
                    a1:6b:f4:21:54:8a:d9:19:6c:2d:40:7c:d7:c5:7e:
                    5f:8d:14:cb:6a:48:7a:6d:43:ea:c1:69:0e:d7:d9:
                    1e:4c:52:5b:ab:e4:3d:69:d7:e0:28:6c:76:ee:ce:
                    d4:a9:21:c8:8b:73:06:ad:62:a8:4a:4d:33:74:1f:
                    77:e0:e9:30:d8:67:31:ed:50:8e:07:b7:81:d3:97:
                    7c:20:30:ff:4f:75:1c:4b:46:a8:b5:5c:79:c3:4d:
                    ff:87:ab:8e:47:f6:50:37:f5:b6:38:a4:54:fb:dd:
                    f6:1a:8a:5c:3c:82:77:63:ca:41:77:a3:d1:00:01:
                    e7:5a:dc:a7:64:62:eb:9f:05:3e:e5:6e:db:66:10:
                    3b:3d:82:9c:84:6b:96:bf:39:ff:76:10:43:1c:42:
                    22:ae:bd:3a:b1:5b:d5:a2:9f:81:49:14:9d:23:7b:
                    97:b6:c8:77:4f:c6:a5:90:bc:28:11:8c:52:b0:2a:
                    9b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:04:FF:83:BF:67:07:44:CE:25:1A:FE:AB:5A:F0:94:F2:56:B3:5B
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/wgT_g79nB0TOJRr-q1rwlPJWs1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.175.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ec:36:bb:8f:47:b2:7a:95:e6:5d:c9:0b:62:4b:ed:99:4b:f5:
         57:49:d6:48:f9:38:4b:2d:c5:22:cc:35:c2:a5:c6:4a:f5:a5:
         c0:47:d1:4b:d8:43:74:fb:18:27:a6:95:9e:1c:6e:53:2e:bb:
         a0:fe:ee:34:ef:a1:35:66:b4:43:19:50:8f:3b:ef:01:f5:71:
         a1:cd:c1:1e:ce:82:30:0b:fb:cf:40:4a:16:4a:0a:81:34:33:
         99:a6:f3:05:1f:91:d6:1a:c2:fb:d5:44:58:f4:df:b0:dd:c1:
         bd:23:96:f3:9f:21:ee:56:a5:6b:3a:b1:b9:6d:c7:e1:fc:55:
         cc:4b:2b:9b:af:aa:97:f8:83:48:48:0a:ff:3f:ec:6a:a5:b3:
         49:29:e6:51:0d:67:51:9e:70:84:f4:29:72:85:e3:2b:a4:be:
         36:b5:e5:56:b8:73:ae:3d:c7:02:87:f5:04:f1:dd:a8:c0:64:
         e0:eb:c2:60:9b:0c:e0:30:66:17:bc:ee:39:d2:a3:92:16:f4:
         c1:ef:07:d9:50:6a:84:5e:f3:97:76:53:c7:8c:7a:db:e7:fd:
         87:d4:a1:95:0c:75:b2:6c:80:a4:65:48:00:77:e8:ca:7b:0c:
         15:0e:23:8b:ca:14:e3:1e:e1:ba:a9:78:a0:a2:61:d3:8c:ae:
         a0:8c:f3:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5dTIlHJCN4vuFr3PfVmiofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNTI1MDQwMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA0ZmY4M2JmNjcwNzQ0Y2UyNTFhZmVhYjVhZjA5NGYyNTZiMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl7d5tgv0oCGm4lPcqMByTnpqgZd
mYDZSefcjtAd+azGTmHJqSe3f88tty+CoaFDCvfaQ4iq5vEDj9DAwEayCjTlo5P4
5DgMyyaha/QhVIrZGWwtQHzXxX5fjRTLakh6bUPqwWkO19keTFJbq+Q9adfgKGx2
7s7UqSHIi3MGrWKoSk0zdB934Okw2Gcx7VCOB7eB05d8IDD/T3UcS0aotVx5w03/
h6uOR/ZQN/W2OKRU+932GopcPIJ3Y8pBd6PRAAHnWtynZGLrnwU+5W7bZhA7PYKc
hGuWvzn/dhBDHEIirr06sVvVop+BSRSdI3uXtsh3T8alkLwoEYxSsCqbPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIE/4O/ZwdEziUa/qta8JTyVrNbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvd2dUX2c3OW5CMFRPSlJyLXExcndsUEpXczFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABa++MA0G
CSqGSIb3DQEBCwUAA4IBAQDsNruPR7J6leZdyQtiS+2ZS/VXSdZI+ThLLcUizDXC
pcZK9aXAR9FL2EN0+xgnppWeHG5TLrug/u4076E1ZrRDGVCPO+8B9XGhzcEezoIw
C/vPQEoWSgqBNDOZpvMFH5HWGsL71URY9N+w3cG9I5bznyHuVqVrOrG5bcfh/FXM
Syubr6qX+INISAr/P+xqpbNJKeZRDWdRnnCE9ClyheMrpL42teVWuHOuPccCh/UE
8d2owGTg68JgmwzgMGYXvO450qOSFvTB7wfZUGqEXvOXdlPHjHrb5/2H1KGVDHWy
bICkZUgAd+jKewwVDiOLyhTjHuG6qXigomHTjK6gjPMS
-----END CERTIFICATE-----