Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/6DlgWAr1pze2xwhzVuH9SH83sUI.roa
File:                     6DlgWAr1pze2xwhzVuH9SH83sUI.roa (raw, json)
Hash identifier:          gbVO2/E/cSyLnCFbipnzOKJO3cIbi/OYiOvNNgSS+Wk=
Subject key identifier:   E8:39:60:58:0A:F5:A7:37:B6:C7:08:73:56:E1:FD:48:7F:37:B1:42
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       019E3126576E8914383A2090B39BB83C78A3
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/6DlgWAr1pze2xwhzVuH9SH83sUI.roa
Signing time:             Sat 16 May 2026 14:17:36 +0000
ROA not before:           Sat 16 May 2026 14:17:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     197576
IP address blocks:        153.56.150.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 10:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:26:57:6e:89:14:38:3a:20:90:b3:9b:b8:3c:78:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: May 16 14:17:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e83960580af5a737b6c7087356e1fd487f37b142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:19:e0:e8:a3:b6:a0:d5:e4:10:1d:b6:26:31:
                    d3:76:d3:10:cd:a8:0e:cd:36:9a:e0:36:9e:e9:6c:
                    c5:bf:e3:40:0a:8a:5b:9f:d8:5c:e7:9f:61:a9:65:
                    39:d6:e2:a2:15:8b:3a:c7:65:c6:6e:07:b6:98:fb:
                    84:48:59:d4:d7:15:7c:b7:ee:2f:69:69:ff:91:17:
                    b9:de:34:ab:2e:29:fc:6c:d4:a5:05:a2:94:50:92:
                    34:db:7e:e2:6d:7b:16:31:26:7f:96:13:bc:1d:ef:
                    6d:cf:50:66:3e:72:ab:8f:0e:cb:1b:89:82:30:3d:
                    98:5f:6e:bd:45:29:ee:7b:18:81:c2:89:d3:30:fd:
                    cb:52:55:41:24:d0:6e:6f:6e:f4:71:1d:fd:10:54:
                    bb:6e:a6:d7:ab:65:e7:0d:bb:74:6b:af:68:bd:74:
                    c9:96:1e:a4:b6:45:74:d6:3a:13:6b:d1:74:97:e9:
                    f3:30:94:16:b8:73:2a:d8:09:a3:cf:38:ba:82:95:
                    3f:34:9a:76:99:1b:79:d9:e5:ee:1a:f4:a3:44:0e:
                    a4:29:8b:af:e7:64:1f:b1:13:b3:32:cd:5d:57:11:
                    37:47:95:1e:0e:cf:e7:05:23:eb:7c:86:b9:24:26:
                    28:08:ba:4c:6d:eb:84:7d:51:1f:bb:c1:17:28:5c:
                    0b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:39:60:58:0A:F5:A7:37:B6:C7:08:73:56:E1:FD:48:7F:37:B1:42
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/6DlgWAr1pze2xwhzVuH9SH83sUI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  153.56.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:7e:d2:82:94:5a:dd:5f:4d:b0:ca:aa:f5:f7:16:ba:67:b7:
         7b:9b:db:f4:42:04:af:16:8c:46:63:c7:20:c7:6f:75:5e:9d:
         a3:0f:7b:fc:2f:f0:ea:aa:58:69:00:f9:0b:39:93:10:f0:72:
         c3:ae:7e:2a:28:c9:67:f4:97:12:0d:a7:46:89:02:b9:3d:b0:
         e7:9a:05:c2:cc:25:09:9b:d0:0c:fb:80:c4:35:ea:c2:a0:03:
         8e:c8:9e:65:f4:e2:b8:7f:28:ef:8f:92:b3:ea:bd:58:a8:01:
         bb:0f:ed:08:43:83:21:bd:24:20:f3:df:a3:28:33:35:10:e8:
         86:7b:10:80:80:94:7e:37:b3:3b:60:34:d7:3b:de:1b:20:f5:
         d4:b8:5e:d2:72:40:93:af:07:56:10:87:30:a0:e1:58:11:be:
         df:9c:c1:78:ff:46:bd:8c:75:cf:15:5e:da:ad:35:3b:56:60:
         c4:33:48:3d:a6:a1:67:0b:e6:1c:c0:87:ae:7f:cc:de:05:35:
         a1:1a:f8:b2:ca:5f:73:1f:87:d4:f1:c0:e4:00:ad:45:6a:fa:
         80:cd:fd:34:31:67:f0:ee:ca:5a:b4:87:67:09:68:e4:2a:cf:
         ce:1c:2a:0b:e9:d8:95:0e:03:7e:85:04:38:d5:28:89:71:d4:
         d6:11:58:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4xJlduiRQ4OiCQs5u4PHijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwNTE2MTQxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM5NjA1ODBhZjVhNzM3YjZjNzA4NzM1NmUxZmQ0ODdmMzdiMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRng6KO2oNXkEB22JjHTdtMQzagO
zTaa4Dae6WzFv+NACopbn9hc559hqWU51uKiFYs6x2XGbge2mPuESFnU1xV8t+4v
aWn/kRe53jSrLin8bNSlBaKUUJI0237ibXsWMSZ/lhO8He9tz1BmPnKrjw7LG4mC
MD2YX269RSnuexiBwonTMP3LUlVBJNBub270cR39EFS7bqbXq2XnDbt0a69ovXTJ
lh6ktkV01joTa9F0l+nzMJQWuHMq2Amjzzi6gpU/NJp2mRt52eXuGvSjRA6kKYuv
52QfsROzMs1dVxE3R5UeDs/nBSPrfIa5JCYoCLpMbeuEfVEfu8EXKFwLvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOg5YFgK9ac3tscIc1bh/Uh/N7FCMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvNkRsZ1dBcjFwemUyeHdoelZ1SDlTSDgzc1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmTiWMA0G
CSqGSIb3DQEBCwUAA4IBAQAqftKClFrdX02wyqr19xa6Z7d7m9v0QgSvFoxGY8cg
x291Xp2jD3v8L/DqqlhpAPkLOZMQ8HLDrn4qKMln9JcSDadGiQK5PbDnmgXCzCUJ
m9AM+4DENerCoAOOyJ5l9OK4fyjvj5Kz6r1YqAG7D+0IQ4MhvSQg89+jKDM1EOiG
exCAgJR+N7M7YDTXO94bIPXUuF7SckCTrwdWEIcwoOFYEb7fnMF4/0a9jHXPFV7a
rTU7VmDEM0g9pqFnC+YcwIeuf8zeBTWhGviyyl9zH4fU8cDkAK1FavqAzf00MWfw
7spatIdnCWjkKs/OHCoL6diVDgN+hQQ41SiJcdTWEViJ
-----END CERTIFICATE-----