Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/Jpc9akMn776zSYTD6mXsyRzavLU.roa
File:                     Jpc9akMn776zSYTD6mXsyRzavLU.roa (raw, json)
Hash identifier:          ZfuvokmeEiQYfhhAu6Yv9wBQKPiuHqzkSEN6L6pFYXs=
Subject key identifier:   26:97:3D:6A:43:27:EF:BE:B3:49:84:C3:EA:65:EC:C9:1C:DA:BC:B5
Certificate issuer:       /CN=554c24d437a0d56b9bd0be488a60cfd5ccc8f9bf
Certificate serial:       019C81C3A03F96AE5DA83DD87013ECDC7F09
Authority key identifier: 55:4C:24:D4:37:A0:D5:6B:9B:D0:BE:48:8A:60:CF:D5:CC:C8:F9:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/Jpc9akMn776zSYTD6mXsyRzavLU.roa
Signing time:             Sat 21 Feb 2026 19:53:27 +0000
ROA not before:           Sat 21 Feb 2026 19:53:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     204936
IP address blocks:        2a14:e00::/29 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Feb 2026 15:05:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:81:c3:a0:3f:96:ae:5d:a8:3d:d8:70:13:ec:dc:7f:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=554c24d437a0d56b9bd0be488a60cfd5ccc8f9bf
        Validity
            Not Before: Feb 21 19:53:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=26973d6a4327efbeb34984c3ea65ecc91cdabcb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f1:16:7e:64:9a:77:7d:d1:d6:be:06:d8:e4:
                    3f:70:90:74:54:76:c1:0e:05:af:fe:f8:b1:77:b4:
                    2e:8b:98:3a:94:f2:5d:6a:1f:5b:68:f4:02:e4:a6:
                    f0:04:b6:37:c9:39:a8:aa:8a:9a:9a:6d:9c:39:50:
                    6c:2f:87:fe:b8:61:ee:37:36:6a:63:f1:34:43:d0:
                    f0:93:1a:fc:e2:dc:e1:d0:ba:b7:a9:cb:91:c1:f8:
                    7d:a4:7e:b8:33:30:ee:6f:56:af:46:4c:38:fa:c2:
                    38:a9:d1:66:76:b9:ce:42:5f:6b:11:83:f9:91:38:
                    87:b0:ce:32:f3:a2:e4:74:d3:76:26:40:6a:3c:1f:
                    b6:19:c4:01:52:ba:29:80:94:cd:d4:75:34:9e:0f:
                    cd:41:7c:d2:30:33:7a:47:43:91:ff:7a:d9:68:03:
                    0f:84:6e:3f:ec:1c:79:25:13:39:5e:43:16:a1:3f:
                    8d:95:14:00:ca:eb:b5:ef:e5:89:4e:11:32:f6:1f:
                    14:7c:58:bf:be:7e:c8:8e:58:6f:c4:2b:08:31:8e:
                    f4:1e:2f:db:7f:82:02:79:22:d0:7d:59:55:0f:7f:
                    d6:39:6b:80:15:8f:75:5e:80:b9:72:dd:6a:fc:1d:
                    79:a0:8b:23:6f:82:02:c3:19:54:e6:c5:dc:95:35:
                    21:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:97:3D:6A:43:27:EF:BE:B3:49:84:C3:EA:65:EC:C9:1C:DA:BC:B5
            X509v3 Authority Key Identifier:
                keyid:55:4C:24:D4:37:A0:D5:6B:9B:D0:BE:48:8A:60:CF:D5:CC:C8:F9:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/Jpc9akMn776zSYTD6mXsyRzavLU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         71:2a:22:b1:1c:6d:4a:f1:58:29:18:79:72:05:a1:5d:1a:9d:
         3e:d3:17:7a:71:08:4c:09:f8:10:32:e0:59:5a:cb:20:0c:62:
         3c:9c:50:a6:de:63:1b:b9:c1:af:81:01:48:be:3b:c3:28:a9:
         6a:02:12:4b:a9:a7:32:c2:8d:c6:f9:b2:cc:20:96:eb:97:c7:
         8e:6b:be:18:b0:69:7d:90:11:f0:bd:b4:2f:a9:b1:47:34:14:
         28:40:3b:0b:37:e9:eb:39:65:41:51:f4:52:99:dc:3c:8d:09:
         1e:c6:95:76:3c:ab:52:71:8d:63:3f:01:61:2e:d9:2d:a1:ff:
         33:bc:f8:b3:82:86:06:b6:b9:30:fc:1e:1d:6d:9d:66:2b:8b:
         8e:d5:56:88:48:32:0d:a8:14:6d:a0:23:bf:d1:c9:ad:e5:23:
         ea:6d:38:b4:b2:e7:6a:e9:8f:7d:1e:4a:19:61:2e:63:d2:4f:
         98:2b:9b:bc:37:b8:27:f4:d8:d7:9e:bf:4e:5d:f2:7b:b7:5d:
         8f:5b:a4:95:85:4d:5e:03:52:74:4d:d6:36:8e:1d:2e:3e:3e:
         d1:e2:9b:9b:e9:1c:d1:1b:1b:59:46:e3:34:d6:b5:04:a6:ff:
         30:ad:30:00:53:78:d6:39:89:4c:39:78:89:c4:62:c7:9e:85:
         84:24:36:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyBw6A/lq5dqD3YcBPs3H8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGMyNGQ0MzdhMGQ1NmI5YmQwYmU0ODhhNjBjZmQ1Y2Nj
OGY5YmYwHhcNMjYwMjIxMTk1MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjk3M2Q2YTQzMjdlZmJlYjM0OTg0YzNlYTY1ZWNjOTFjZGFiY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfEWfmSad33R1r4G2OQ/cJB0VHbB
DgWv/vixd7Qui5g6lPJdah9baPQC5KbwBLY3yTmoqoqamm2cOVBsL4f+uGHuNzZq
Y/E0Q9Dwkxr84tzh0Lq3qcuRwfh9pH64MzDub1avRkw4+sI4qdFmdrnOQl9rEYP5
kTiHsM4y86LkdNN2JkBqPB+2GcQBUropgJTN1HU0ng/NQXzSMDN6R0OR/3rZaAMP
hG4/7Bx5JRM5XkMWoT+NlRQAyuu17+WJThEy9h8UfFi/vn7IjlhvxCsIMY70Hi/b
f4ICeSLQfVlVD3/WOWuAFY91XoC5ct1q/B15oIsjb4ICwxlU5sXclTUhhQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCaXPWpDJ+++s0mEw+pl7Mkc2ry1MB8GA1UdIwQY
MBaAFFVMJNQ3oNVrm9C+SIpgz9XMyPm/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlV3azFEZWcxV3ViMEw1SWltRFAxY3pJLWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9lMjgyZTctNGJmMS00Y2I4LWFlNmUt
NjliYWExMWQ1NzhmLzEvSnBjOWFrTW43NzZ6U1lURDZtWHN5UnphdkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9lMjgyZTctNGJmMS00Y2I4LWFlNmUtNjliYWExMWQ1Nzhm
LzEvVlV3azFEZWcxV3ViMEw1SWltRFAxY3pJLWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQOADAN
BgkqhkiG9w0BAQsFAAOCAQEAcSoisRxtSvFYKRh5cgWhXRqdPtMXenEITAn4EDLg
WVrLIAxiPJxQpt5jG7nBr4EBSL47wyipagISS6mnMsKNxvmyzCCW65fHjmu+GLBp
fZAR8L20L6mxRzQUKEA7Czfp6zllQVH0UpncPI0JHsaVdjyrUnGNYz8BYS7ZLaH/
M7z4s4KGBra5MPweHW2dZiuLjtVWiEgyDagUbaAjv9HJreUj6m04tLLnaumPfR5K
GWEuY9JPmCubvDe4J/TY156/Tl3ye7ddj1uklYVNXgNSdE3WNo4dLj4+0eKbm+kc
0RsbWUbjNNa1BKb/MK0wAFN41jmJTDl4icRix56FhCQ2gA==
-----END CERTIFICATE-----