Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Re37Ja-G7J0N9Ay2eCZ6qY8gvik.roa
File:                     Re37Ja-G7J0N9Ay2eCZ6qY8gvik.roa (raw, json)
Hash identifier:          z5TsLpHb6KLUfsCQW7AKalpKIJngPwM3kIpXNuAM5qo=
Subject key identifier:   45:ED:FB:25:AF:86:EC:9D:0D:F4:0C:B6:78:26:7A:A9:8F:20:BE:29
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       019A4A953571429B70DD1F4B20A6FDFD8529
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Re37Ja-G7J0N9Ay2eCZ6qY8gvik.roa
Signing time:             Mon 03 Nov 2025 16:38:03 +0000
ROA not before:           Mon 03 Nov 2025 16:38:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     208485
IP address blocks:        77.47.178.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4a:95:35:71:42:9b:70:dd:1f:4b:20:a6:fd:fd:85:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Nov  3 16:38:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=45edfb25af86ec9d0df40cb678267aa98f20be29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f9:c6:2a:f0:c0:98:bc:a2:0d:c0:00:cf:ac:
                    50:3a:f4:42:bb:f1:1e:ad:e4:db:29:a2:59:e0:94:
                    d9:f9:40:b0:34:81:f2:e8:fc:6e:bb:ec:29:2b:f7:
                    6f:a6:9e:9c:ce:b0:bf:a6:5d:31:5f:19:aa:6b:04:
                    38:45:b9:ee:c2:06:9d:82:14:c6:26:ee:63:5d:49:
                    5f:ad:85:a0:e8:1b:c6:3a:06:7b:71:61:c0:c1:52:
                    15:e0:ee:85:82:04:64:8a:27:d2:c8:6b:30:89:a5:
                    88:bb:8a:19:8c:59:fc:e0:2d:6e:c6:4f:84:99:e4:
                    51:7a:1a:25:4a:c8:3f:f8:94:d2:eb:48:0c:39:f3:
                    1f:95:90:29:f7:35:55:37:e5:73:20:74:a3:74:82:
                    6e:05:34:60:4b:7a:c5:9e:08:97:42:3e:66:67:2f:
                    37:ad:70:8e:ee:ce:22:61:29:6e:17:10:6b:29:f8:
                    b4:9b:4b:0b:23:d1:b8:00:ac:20:81:98:8d:ee:9a:
                    99:54:e3:29:3e:6c:d4:91:64:be:9e:c4:9c:f8:0f:
                    0c:a5:90:44:79:e4:99:3b:73:a7:a6:82:69:98:a4:
                    b3:fb:b4:08:49:8f:6b:1a:5a:3a:20:94:69:58:21:
                    d9:9b:90:fa:74:58:58:9a:a3:9b:f6:0d:a5:e8:d6:
                    b0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:ED:FB:25:AF:86:EC:9D:0D:F4:0C:B6:78:26:7A:A9:8F:20:BE:29
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/Re37Ja-G7J0N9Ay2eCZ6qY8gvik.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:db:64:77:d7:0f:da:d5:41:8e:0d:79:59:fb:3d:2f:77:15:
         dc:d7:ee:a0:4a:6d:d0:72:4e:d3:18:67:69:a1:73:b0:32:9e:
         12:53:11:c3:b4:cb:f5:a8:d2:f0:7d:0d:e5:1d:1d:66:72:88:
         e2:36:21:9e:ed:1a:31:92:70:0e:e6:ca:33:1b:76:ba:14:65:
         77:cd:b0:46:d6:85:7e:4b:48:d2:13:93:3a:39:35:38:93:03:
         63:5d:09:21:61:0a:b8:85:34:68:63:d1:28:50:21:33:f2:56:
         ed:13:0a:a9:d2:b8:21:65:3e:8a:9f:6d:f6:c4:93:c0:64:5d:
         dc:45:f2:d9:c6:6a:a0:05:02:1d:35:d3:1f:23:c3:52:83:e8:
         35:d4:6d:1d:65:fa:a2:29:db:77:50:c9:3d:c9:13:56:6e:35:
         11:8c:32:93:6f:2f:3f:0a:a2:1a:9f:24:c6:1d:aa:79:38:6a:
         6b:52:5d:e6:ef:88:b0:a9:62:1e:cd:1d:a1:9c:79:1f:81:e4:
         2a:7b:1d:1d:9d:ba:c9:f1:ef:90:7a:6e:26:03:41:4f:1d:3f:
         59:15:02:c5:51:2c:37:2e:2c:69:43:cf:9d:91:11:02:8d:95:
         4b:f3:15:1e:db:6b:91:01:ab:50:25:56:38:34:29:50:0f:6f:
         94:23:05:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpKlTVxQptw3R9LIKb9/YUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUxMTAzMTYzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWVkZmIyNWFmODZlYzlkMGRmNDBjYjY3ODI2N2FhOThmMjBiZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvnGKvDAmLyiDcAAz6xQOvRCu/Ee
reTbKaJZ4JTZ+UCwNIHy6Pxuu+wpK/dvpp6czrC/pl0xXxmqawQ4RbnuwgadghTG
Ju5jXUlfrYWg6BvGOgZ7cWHAwVIV4O6FggRkiifSyGswiaWIu4oZjFn84C1uxk+E
meRReholSsg/+JTS60gMOfMflZAp9zVVN+VzIHSjdIJuBTRgS3rFngiXQj5mZy83
rXCO7s4iYSluFxBrKfi0m0sLI9G4AKwggZiN7pqZVOMpPmzUkWS+nsSc+A8MpZBE
eeSZO3OnpoJpmKSz+7QISY9rGlo6IJRpWCHZm5D6dFhYmqOb9g2l6NawaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXt+yWvhuydDfQMtngmeqmPIL4pMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvUmUzN0phLUc3SjBOOUF5MmVDWjZxWThndmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATS+yMA0G
CSqGSIb3DQEBCwUAA4IBAQCr22R31w/a1UGODXlZ+z0vdxXc1+6gSm3Qck7TGGdp
oXOwMp4SUxHDtMv1qNLwfQ3lHR1mcojiNiGe7RoxknAO5sozG3a6FGV3zbBG1oV+
S0jSE5M6OTU4kwNjXQkhYQq4hTRoY9EoUCEz8lbtEwqp0rghZT6Kn232xJPAZF3c
RfLZxmqgBQIdNdMfI8NSg+g11G0dZfqiKdt3UMk9yRNWbjURjDKTby8/CqIanyTG
Hap5OGprUl3m74iwqWIezR2hnHkfgeQqex0dnbrJ8e+Qem4mA0FPHT9ZFQLFUSw3
LixpQ8+dkRECjZVL8xUe22uRAatQJVY4NClQD2+UIwVd
-----END CERTIFICATE-----