Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Jvr3KMTvQ0YEYxKcnURDGn9UVWg.roa
File:                     Jvr3KMTvQ0YEYxKcnURDGn9UVWg.roa (raw, json)
Hash identifier:          oGXoMgdWqD4sVD5eSuUQpnHP8s+Djq9JtkiLnln7bgY=
Subject key identifier:   26:FA:F7:28:C4:EF:43:46:04:63:12:9C:9D:44:43:1A:7F:54:55:68
Certificate issuer:       /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial:       019E831E15830F0B0736E4B52DCAE6EC9D5C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Jvr3KMTvQ0YEYxKcnURDGn9UVWg.roa
Signing time:             Mon 01 Jun 2026 12:17:27 +0000
ROA not before:           Mon 01 Jun 2026 12:17:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     216078
IP address blocks:        193.178.226.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jun 2026 07:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:83:1e:15:83:0f:0b:07:36:e4:b5:2d:ca:e6:ec:9d:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
        Validity
            Not Before: Jun  1 12:17:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=26faf728c4ef43460463129c9d44431a7f545568
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:4b:f2:cb:70:18:32:6a:ba:51:dc:75:94:68:
                    89:26:06:42:77:e5:3d:23:85:db:7c:67:37:43:eb:
                    70:8f:6a:ef:28:be:a6:ea:77:1a:4e:90:f7:f8:74:
                    a0:b3:74:a6:3b:38:dd:22:5d:3f:38:fe:7e:23:5e:
                    ad:1b:ba:bc:ab:69:ac:fb:6d:9c:47:c9:5c:48:c4:
                    57:91:51:b0:b0:ba:32:94:7b:23:4c:86:4e:62:8b:
                    48:7f:f4:ee:ff:7a:90:13:41:57:29:38:d0:26:60:
                    8d:fe:7b:20:73:12:d8:ec:ae:ae:fd:2e:8b:58:bd:
                    a5:14:29:76:99:db:09:32:2a:90:67:f2:69:95:44:
                    f1:00:7c:ba:1a:59:a2:cb:e8:eb:c5:e0:f1:aa:c1:
                    80:17:fe:67:c6:46:f8:11:6f:24:a3:97:24:7b:90:
                    f1:a6:05:5c:1a:1e:2e:bb:54:5c:ad:19:88:0c:be:
                    29:2c:e1:da:f0:37:0d:fa:6b:2d:5c:c8:8b:bb:2d:
                    2d:74:17:dc:93:e3:3c:91:a9:c6:dc:98:2e:7e:0b:
                    fb:46:f5:60:3f:a1:2c:8e:df:cd:25:24:01:da:86:
                    f7:7c:6f:ac:aa:3f:bc:4f:8d:92:e8:89:a6:bd:99:
                    e0:f3:f1:ea:59:4e:b6:18:9e:d9:27:ab:e4:cf:e5:
                    40:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:FA:F7:28:C4:EF:43:46:04:63:12:9C:9D:44:43:1A:7F:54:55:68
            X509v3 Authority Key Identifier:
                keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Jvr3KMTvQ0YEYxKcnURDGn9UVWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:11:76:7e:59:ed:fc:c7:53:a6:83:05:37:af:b7:ed:52:97:
         8d:6b:00:91:3f:99:17:4b:22:b1:03:de:ef:8c:53:7c:3a:a3:
         43:f3:8a:02:02:4a:f5:fd:4b:eb:d3:77:b0:3c:ab:78:88:45:
         91:9f:29:8c:8d:f7:f7:11:22:6c:dc:05:a5:e4:4b:56:65:f6:
         95:a8:22:58:a0:e5:3c:51:db:e1:b7:2d:86:5c:b0:35:e8:e9:
         bb:67:a7:0a:ac:b3:7c:42:54:86:6a:4c:a2:57:e9:d6:ee:9e:
         0e:14:26:5c:42:08:dc:1b:ec:12:80:1b:19:00:f0:d2:a2:90:
         6e:41:95:5a:47:18:44:3e:89:71:99:43:92:fe:52:b8:14:43:
         ef:d2:b0:df:62:51:e4:37:44:ff:34:a7:9c:99:ee:a2:83:09:
         43:2b:81:0d:56:b8:d0:f9:bb:0f:8b:45:97:eb:7f:07:cc:8e:
         bf:b9:28:a9:08:39:db:3e:69:bf:0d:dd:17:8b:c1:51:77:66:
         95:63:82:1b:94:3c:22:8d:2b:a8:04:57:27:8e:74:1d:98:98:
         57:cb:2f:7d:f2:4a:a3:e5:27:ab:95:cc:3b:97:b9:ff:d7:24:
         a4:bf:80:ba:b2:f7:0c:74:a9:41:11:3e:3e:9c:5c:56:07:3e:
         79:db:e0:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6DHhWDDwsHNuS1Lcrm7J1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjAxMTIxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmZhZjcyOGM0ZWY0MzQ2MDQ2MzEyOWM5ZDQ0NDMxYTdmNTQ1NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEvyy3AYMmq6Udx1lGiJJgZCd+U9
I4XbfGc3Q+twj2rvKL6m6ncaTpD3+HSgs3SmOzjdIl0/OP5+I16tG7q8q2ms+22c
R8lcSMRXkVGwsLoylHsjTIZOYotIf/Tu/3qQE0FXKTjQJmCN/nsgcxLY7K6u/S6L
WL2lFCl2mdsJMiqQZ/JplUTxAHy6Glmiy+jrxeDxqsGAF/5nxkb4EW8ko5cke5Dx
pgVcGh4uu1RcrRmIDL4pLOHa8DcN+mstXMiLuy0tdBfck+M8kanG3Jgufgv7RvVg
P6Esjt/NJSQB2ob3fG+sqj+8T42S6ImmvZng8/HqWU62GJ7ZJ6vkz+VApwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCb69yjE70NGBGMSnJ1EQxp/VFVoMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvSnZyM0tNVHZRMFlFWXhLY25VUkRHbjlVVldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbLiMA0G
CSqGSIb3DQEBCwUAA4IBAQC8EXZ+We38x1OmgwU3r7ftUpeNawCRP5kXSyKxA97v
jFN8OqND84oCAkr1/Uvr03ewPKt4iEWRnymMjff3ESJs3AWl5EtWZfaVqCJYoOU8
Udvhty2GXLA16Om7Z6cKrLN8QlSGakyiV+nW7p4OFCZcQgjcG+wSgBsZAPDSopBu
QZVaRxhEPolxmUOS/lK4FEPv0rDfYlHkN0T/NKecme6igwlDK4ENVrjQ+bsPi0WX
638HzI6/uSipCDnbPmm/Dd0Xi8FRd2aVY4IblDwijSuoBFcnjnQdmJhXyy998kqj
5Serlcw7l7n/1ySkv4C6svcMdKlBET4+nFxWBz552+B+
-----END CERTIFICATE-----