Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wLoUUdSvg4mybpd990iExJeHUJs.roa
File:                     wLoUUdSvg4mybpd990iExJeHUJs.roa (raw, json)
Hash identifier:          eK4QhV/Upj6LcnsWEPnxaYJD29t58deZI0lM+T3uQOg=
Subject key identifier:   C0:BA:14:51:D4:AF:83:89:B2:6E:97:7D:F7:48:84:C4:97:87:50:9B
Certificate issuer:       /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial:       0196E4B7C333D09F6301AB77A8A14369DDAF
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wLoUUdSvg4mybpd990iExJeHUJs.roa
Signing time:             Sun 18 May 2025 18:46:10 +0000
ROA not before:           Sun 18 May 2025 18:46:10 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     19905
IP address blocks:        62.72.167.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 06 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:e4:b7:c3:33:d0:9f:63:01:ab:77:a8:a1:43:69:dd:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
        Validity
            Not Before: May 18 18:46:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c0ba1451d4af8389b26e977df74884c49787509b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fe:b8:ac:bb:c0:91:ac:40:f8:3c:be:c3:2d:
                    6d:f9:eb:03:8b:19:06:08:ce:1f:e2:81:8c:a3:7b:
                    c1:6a:5d:74:28:a1:d2:7f:4d:76:b1:be:aa:fa:72:
                    0c:db:24:7d:44:07:44:cc:4c:e1:ac:57:8d:c0:50:
                    32:22:57:8a:43:dc:58:58:b4:06:70:cb:dc:55:8d:
                    e9:1d:0c:4e:79:65:ba:f7:07:ec:6b:46:9b:b8:88:
                    c9:8e:3a:c3:1a:34:02:0f:40:e9:cc:3b:28:5e:6c:
                    0e:a4:35:93:ca:b5:83:73:72:96:cb:49:09:33:fc:
                    ee:a5:fd:12:b3:bf:b0:2c:0a:8a:b5:66:f9:82:4b:
                    f4:b0:9f:ee:f7:1d:fe:1c:67:7c:f8:4a:20:48:23:
                    f2:b3:00:c8:44:40:bc:3e:5e:a5:5d:00:48:06:03:
                    a6:71:13:90:13:98:72:81:0a:cc:28:8e:87:70:cf:
                    22:2f:be:98:10:8a:8b:78:f9:37:5a:51:c5:98:fe:
                    06:69:f7:78:a2:d7:21:22:28:3c:f1:42:e9:20:64:
                    8b:bf:46:7c:2d:96:7c:c6:ae:79:d1:b6:4a:b3:64:
                    1b:42:8f:6e:3a:71:d1:dc:16:6c:94:64:6b:b6:77:
                    db:a3:b4:d2:e0:a4:9c:59:b7:3a:a4:6e:16:d8:09:
                    00:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:BA:14:51:D4:AF:83:89:B2:6E:97:7D:F7:48:84:C4:97:87:50:9B
            X509v3 Authority Key Identifier:
                keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wLoUUdSvg4mybpd990iExJeHUJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.72.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:8f:3f:9d:b9:72:fe:4f:0b:e5:3f:be:84:68:6a:54:53:e6:
         e9:81:77:1e:93:2e:74:78:0a:a4:eb:96:6f:0b:76:9d:78:fc:
         f5:ea:65:c0:55:71:c8:32:06:6a:82:7d:6f:d1:63:c4:cc:7f:
         3a:a2:b6:6e:6a:bd:4c:fc:99:42:3b:6e:96:85:26:78:e4:0c:
         57:bf:21:14:d8:fe:36:43:63:a0:cf:63:1c:8b:f7:ec:c2:46:
         fb:64:35:9c:24:3d:78:f3:eb:f8:63:85:1e:07:b9:99:cf:4f:
         af:97:db:1f:90:30:a7:39:a3:77:27:af:4b:67:e0:49:44:81:
         59:7c:de:8a:69:4c:6a:b7:87:e7:18:e4:68:3a:a3:3b:65:a4:
         fd:dd:e0:67:db:70:2b:15:14:b8:f9:5c:93:5d:73:76:bf:f3:
         6c:e2:37:20:a1:55:c7:79:2d:eb:0d:21:95:13:65:3c:8d:66:
         2b:92:83:c8:41:3b:dd:06:fe:13:08:0a:35:4e:4b:89:82:08:
         dd:83:91:7e:ea:7b:13:f4:5e:2c:72:25:46:2b:df:42:5a:e6:
         bd:a2:44:44:ca:03:19:41:97:b4:9a:de:dd:7c:b0:a8:92:79:
         c5:1c:cf:24:93:bd:e2:b1:53:ae:79:46:da:77:5e:c0:0c:eb:
         d8:4b:6b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbkt8Mz0J9jAat3qKFDad2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNTE4MTg0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJhMTQ1MWQ0YWY4Mzg5YjI2ZTk3N2RmNzQ4ODRjNDk3ODc1MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv64rLvAkaxA+Dy+wy1t+esDixkG
CM4f4oGMo3vBal10KKHSf012sb6q+nIM2yR9RAdEzEzhrFeNwFAyIleKQ9xYWLQG
cMvcVY3pHQxOeWW69wfsa0abuIjJjjrDGjQCD0DpzDsoXmwOpDWTyrWDc3KWy0kJ
M/zupf0Ss7+wLAqKtWb5gkv0sJ/u9x3+HGd8+EogSCPyswDIREC8Pl6lXQBIBgOm
cROQE5hygQrMKI6HcM8iL76YEIqLePk3WlHFmP4Gafd4otchIig88ULpIGSLv0Z8
LZZ8xq550bZKs2QbQo9uOnHR3BZslGRrtnfbo7TS4KScWbc6pG4W2AkADQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMC6FFHUr4OJsm6XffdIhMSXh1CbMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvd0xvVVVkU3ZnNG15YnBkOTkwaUV4SmVIVUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkinMA0G
CSqGSIb3DQEBCwUAA4IBAQBsjz+duXL+TwvlP76EaGpUU+bpgXceky50eAqk65Zv
C3adePz16mXAVXHIMgZqgn1v0WPEzH86orZuar1M/JlCO26WhSZ45AxXvyEU2P42
Q2Ogz2Mci/fswkb7ZDWcJD148+v4Y4UeB7mZz0+vl9sfkDCnOaN3J69LZ+BJRIFZ
fN6KaUxqt4fnGORoOqM7ZaT93eBn23ArFRS4+VyTXXN2v/Ns4jcgoVXHeS3rDSGV
E2U8jWYrkoPIQTvdBv4TCAo1TkuJggjdg5F+6nsT9F4sciVGK99CWua9okREygMZ
QZe0mt7dfLCoknnFHM8kk73isVOueUbad17ADOvYS2si
-----END CERTIFICATE-----