Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/5-irY-ld8vOhHwaBIrACtloCuss.roa
File:                     5-irY-ld8vOhHwaBIrACtloCuss.roa (raw, json)
Hash identifier:          fQG9xD7ouiTDWgaX+rmv0YxgxIwMmTyeQjWgchuUxVA=
Subject key identifier:   E7:E8:AB:63:E9:5D:F2:F3:A1:1F:06:81:22:B0:02:B6:5A:02:BA:CB
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       019E990399A07F2D8526B4F06318F087B460
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/5-irY-ld8vOhHwaBIrACtloCuss.roa
Signing time:             Fri 05 Jun 2026 18:20:10 +0000
ROA not before:           Fri 05 Jun 2026 18:20:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     274947
IP address blocks:        91.132.30.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 11 Jun 2026 23:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:99:03:99:a0:7f:2d:85:26:b4:f0:63:18:f0:87:b4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jun  5 18:20:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e7e8ab63e95df2f3a11f068122b002b65a02bacb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:40:6f:b7:78:87:f7:87:a8:56:52:91:21:b2:
                    76:84:4c:e2:db:ce:49:74:e9:42:a0:5f:a2:a1:e5:
                    c8:70:d4:2f:0d:ad:5b:35:ea:5c:7d:f4:10:0e:90:
                    36:ac:56:18:db:06:ff:5f:a7:e1:7c:67:51:b2:75:
                    b4:28:f3:35:42:c0:38:39:a7:30:cb:02:64:f1:72:
                    d5:4c:de:df:e7:7a:37:e3:04:b3:12:e9:94:5d:2f:
                    18:fb:b9:f5:58:22:bb:3d:20:3c:28:90:76:fa:88:
                    7f:f4:e5:5e:cc:f7:7a:95:e0:a5:39:3b:1b:ab:ec:
                    95:42:2d:0e:cf:dd:5f:10:65:29:87:4f:01:ea:ee:
                    f6:35:61:1b:7c:de:07:a5:e2:6c:34:64:26:60:68:
                    68:fc:25:6e:60:2c:0c:77:7c:5c:02:43:3a:7d:42:
                    e0:95:6a:47:13:b0:7d:0a:af:8d:ba:ae:84:15:c9:
                    5c:25:41:f9:f1:1c:2e:bd:65:f9:50:47:6a:d3:52:
                    f4:35:c4:2b:e5:57:2b:aa:43:07:fe:91:d0:53:1d:
                    2d:81:cd:3f:53:b9:c4:07:68:c1:5c:1f:eb:7e:56:
                    9b:9c:75:70:d8:ab:d5:31:d1:00:81:d6:d2:20:78:
                    42:ba:ec:0c:e5:a1:14:a0:f9:ac:18:b8:6b:82:8f:
                    96:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:E8:AB:63:E9:5D:F2:F3:A1:1F:06:81:22:B0:02:B6:5A:02:BA:CB
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/5-irY-ld8vOhHwaBIrACtloCuss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.132.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:61:ea:cd:9b:c7:bc:99:d5:9a:00:8c:74:e0:82:f2:e3:4a:
         6b:9e:1e:59:88:a0:13:32:49:b3:68:78:5f:1e:d3:04:6b:2a:
         af:d6:87:b2:98:12:45:71:21:33:54:91:b7:f9:f6:78:8f:bf:
         8c:a8:93:d4:99:c6:9a:de:69:e4:d0:de:13:d6:da:ba:05:92:
         74:bd:a1:be:37:9e:9e:d5:78:0c:11:43:de:bc:d3:e9:c3:a4:
         e2:02:40:ee:f6:54:63:0e:93:34:71:78:b4:30:44:2a:2b:e5:
         5c:fa:53:06:d5:f4:e1:fe:5b:06:c7:41:8d:03:62:5a:35:5b:
         8c:9f:a0:35:e0:ed:64:08:fa:15:b6:4d:db:a3:c8:3c:3e:3f:
         b6:b6:4f:a6:7e:de:14:70:35:fe:b1:a7:db:14:8f:64:5f:f0:
         0c:42:13:0d:41:ed:05:43:90:84:e3:e1:06:75:1c:1f:3a:6f:
         80:26:9a:c3:12:1d:de:e2:37:7e:57:cb:24:ef:bb:74:35:15:
         5c:41:fe:8c:30:24:dd:80:62:02:6c:9e:82:d1:6f:26:92:9a:
         13:bd:b3:51:61:ba:b8:24:b0:91:cb:e0:c4:d0:41:15:b3:3d:
         50:a9:30:df:ec:c7:6a:d1:7c:cb:13:5e:89:61:75:d1:c3:6e:
         71:ff:fd:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6ZA5mgfy2FJrTwYxjwh7RgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNjA1MTgyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U4YWI2M2U5NWRmMmYzYTExZjA2ODEyMmIwMDJiNjVhMDJiYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUBvt3iH94eoVlKRIbJ2hEzi285J
dOlCoF+ioeXIcNQvDa1bNepcffQQDpA2rFYY2wb/X6fhfGdRsnW0KPM1QsA4Oacw
ywJk8XLVTN7f53o34wSzEumUXS8Y+7n1WCK7PSA8KJB2+oh/9OVezPd6leClOTsb
q+yVQi0Oz91fEGUph08B6u72NWEbfN4HpeJsNGQmYGho/CVuYCwMd3xcAkM6fULg
lWpHE7B9Cq+Nuq6EFclcJUH58RwuvWX5UEdq01L0NcQr5VcrqkMH/pHQUx0tgc0/
U7nEB2jBXB/rflabnHVw2KvVMdEAgdbSIHhCuuwM5aEUoPmsGLhrgo+WGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOfoq2PpXfLzoR8GgSKwArZaArrLMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNS1pclktbGQ4dk9oSHdhQklyQUN0bG9DdXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW4QeMA0G
CSqGSIb3DQEBCwUAA4IBAQAWYerNm8e8mdWaAIx04ILy40prnh5ZiKATMkmzaHhf
HtMEayqv1oeymBJFcSEzVJG3+fZ4j7+MqJPUmcaa3mnk0N4T1tq6BZJ0vaG+N56e
1XgMEUPevNPpw6TiAkDu9lRjDpM0cXi0MEQqK+Vc+lMG1fTh/lsGx0GNA2JaNVuM
n6A14O1kCPoVtk3bo8g8Pj+2tk+mft4UcDX+safbFI9kX/AMQhMNQe0FQ5CE4+EG
dRwfOm+AJprDEh3e4jd+V8sk77t0NRVcQf6MMCTdgGICbJ6C0W8mkpoTvbNRYbq4
JLCRy+DE0EEVsz1QqTDf7Mdq0XzLE16JYXXRw25x//14
-----END CERTIFICATE-----