Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GkUtLcxfORX55YGzoc9EBhy-ADU.roa
File:                     GkUtLcxfORX55YGzoc9EBhy-ADU.roa (raw, json)
Hash identifier:          RlyzYN5bLWyN3G+33T0MMpM7n/+10BEiGNUCveMVI7E=
Subject key identifier:   1A:45:2D:2D:CC:5F:39:15:F9:E5:81:B3:A1:CF:44:06:1C:BE:00:35
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       0199EDD4EF9596A6E20C9FFA104439BF2065
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GkUtLcxfORX55YGzoc9EBhy-ADU.roa
Signing time:             Thu 16 Oct 2025 16:22:59 +0000
ROA not before:           Thu 16 Oct 2025 16:22:59 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     26548
IP address blocks:        80.71.154.0/24 maxlen: 24
                          91.198.230.0/24 maxlen: 24
                          91.199.3.0/24 maxlen: 24
                          94.103.178.0/24 maxlen: 24
                          94.103.189.0/24 maxlen: 24
                          94.103.191.0/24 maxlen: 24
                          193.33.66.0/24 maxlen: 24
                          193.37.133.0/24 maxlen: 24
                          193.109.221.0/24 maxlen: 24
                          193.135.13.0/24 maxlen: 24
                          193.176.237.0/24 maxlen: 24
                          193.193.164.0/24 maxlen: 24
                          194.56.255.0/24 maxlen: 24
                          194.107.125.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ed:d4:ef:95:96:a6:e2:0c:9f:fa:10:44:39:bf:20:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Oct 16 16:22:59 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1a452d2dcc5f3915f9e581b3a1cf44061cbe0035
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:4c:a1:8f:3a:22:8e:eb:f7:86:bb:a1:b2:bd:
                    2e:33:5c:d3:bd:fc:da:ac:ea:08:8d:31:22:16:85:
                    1a:5a:58:66:f0:04:b0:9f:61:1c:94:90:3e:42:e4:
                    d6:64:cc:d1:fe:4d:f0:4f:d0:b7:05:86:98:05:b1:
                    5d:2a:3d:7f:e7:d5:78:91:57:af:99:56:e4:67:0d:
                    15:6c:9f:cd:8b:2e:2d:cc:a6:ab:1c:56:16:37:0f:
                    c9:0e:0f:e0:f2:95:90:fa:65:fb:3a:dd:f2:7c:4c:
                    54:0d:8a:6a:61:8c:a5:b8:e3:ac:09:41:48:ef:36:
                    b6:e1:23:a0:1d:e0:bd:68:06:e4:97:84:40:7a:6f:
                    f5:18:16:64:7e:3a:6a:20:57:40:8e:28:16:0c:a2:
                    48:94:52:35:db:9d:07:0c:ac:7c:24:2a:9b:f8:4b:
                    af:0c:a8:57:63:ae:28:2a:15:05:6d:01:51:ef:d1:
                    8c:73:3d:76:96:41:b9:05:c8:d6:23:2a:ac:bf:1c:
                    f3:75:d2:e2:6c:af:5a:01:b5:65:e4:d4:b7:51:fa:
                    e0:5e:03:ee:4b:32:fd:c1:78:08:19:51:b6:4e:c4:
                    6b:4f:75:cb:99:0c:2c:75:ce:e7:b1:45:b5:30:62:
                    58:7a:46:34:65:d6:b1:71:e4:26:c2:f0:08:ed:40:
                    c4:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:45:2D:2D:CC:5F:39:15:F9:E5:81:B3:A1:CF:44:06:1C:BE:00:35
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/GkUtLcxfORX55YGzoc9EBhy-ADU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.71.154.0/24
                  91.198.230.0/24
                  91.199.3.0/24
                  94.103.178.0/24
                  94.103.189.0/24
                  94.103.191.0/24
                  193.33.66.0/24
                  193.37.133.0/24
                  193.109.221.0/24
                  193.135.13.0/24
                  193.176.237.0/24
                  193.193.164.0/24
                  194.56.255.0/24
                  194.107.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:0d:3e:e0:db:09:e2:d3:8c:c9:21:ef:cc:1f:bd:e4:af:dd:
         4e:9c:15:47:39:67:a8:10:b5:ef:f8:89:74:a2:2b:b1:50:77:
         bd:66:cd:97:1d:25:f9:6a:71:01:6b:2d:54:cf:b6:89:a8:4b:
         9d:61:4c:f2:e2:e2:d2:25:42:21:e3:29:31:d0:8f:89:b5:06:
         26:59:84:7e:fb:6d:b0:b2:1e:93:84:6c:cc:be:65:ac:63:a0:
         64:17:93:4a:b5:0e:a1:d9:0b:51:5c:db:f2:93:b8:dd:de:b4:
         d9:33:b0:42:4b:3c:8e:d3:83:2e:f3:60:32:07:fa:c0:80:c4:
         8e:65:3d:68:d0:4b:f6:bb:b4:56:35:e2:9c:49:e1:e5:ad:c1:
         03:b9:53:a4:18:4c:bd:ef:22:c2:15:07:0a:c0:e6:8b:ae:1e:
         c1:33:aa:af:cc:73:1e:bb:79:4d:71:cd:0b:43:a6:51:89:d3:
         01:8a:e1:ed:c6:f2:25:fa:76:59:e5:9f:88:02:86:34:4e:2b:
         ca:3d:c1:00:89:ab:48:ce:bb:8a:89:c2:75:48:55:fb:7e:e6:
         ca:91:1b:8a:3a:86:97:7c:47:c9:86:fc:20:ea:2e:bb:72:fc:
         35:78:1d:53:0b:16:13:d6:54:fa:8a:aa:d3:62:f6:0b:fb:bf:
         19:03:18:dc
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZnt1O+VlqbiDJ/6EEQ5vyBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMDE2MTYyMjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ1MmQyZGNjNWYzOTE1ZjllNTgxYjNhMWNmNDQwNjFjYmUwMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Uyhjzoijuv3hruhsr0uM1zTvfza
rOoIjTEiFoUaWlhm8ASwn2EclJA+QuTWZMzR/k3wT9C3BYaYBbFdKj1/59V4kVev
mVbkZw0VbJ/Niy4tzKarHFYWNw/JDg/g8pWQ+mX7Ot3yfExUDYpqYYyluOOsCUFI
7za24SOgHeC9aAbkl4RAem/1GBZkfjpqIFdAjigWDKJIlFI1250HDKx8JCqb+Euv
DKhXY64oKhUFbQFR79GMcz12lkG5BcjWIyqsvxzzddLibK9aAbVl5NS3UfrgXgPu
SzL9wXgIGVG2TsRrT3XLmQwsdc7nsUW1MGJYekY0ZdaxceQmwvAI7UDEywIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBpFLS3MXzkV+eWBs6HPRAYcvgA1MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvR2tVdExjeGZPUlg1NVlHem9jOUVCaHktQURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAUEeaAwQA
W8bmAwQAW8cDAwQAXmeyAwQAXme9AwQAXme/AwQAwSFCAwQAwSWFAwQAwW3dAwQA
wYcNAwQAwbDtAwQAwcGkAwQAwjj/AwQAwmt9MA0GCSqGSIb3DQEBCwUAA4IBAQBR
DT7g2wni04zJIe/MH73kr91OnBVHOWeoELXv+Il0oiuxUHe9Zs2XHSX5anEBay1U
z7aJqEudYUzy4uLSJUIh4ykx0I+JtQYmWYR++22wsh6ThGzMvmWsY6BkF5NKtQ6h
2QtRXNvyk7jd3rTZM7BCSzyO04Mu82AyB/rAgMSOZT1o0Ev2u7RWNeKcSeHlrcED
uVOkGEy97yLCFQcKwOaLrh7BM6qvzHMeu3lNcc0LQ6ZRidMBiuHtxvIl+nZZ5Z+I
AoY0TivKPcEAiatIzruKicJ1SFX7fubKkRuKOoaXfEfJhvwg6i67cvw1eB1TCxYT
1lT6iqrTYvYL+78ZAxjc
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:10:14 2025 by rpki-client