Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/enacwQjrHGHbnpi7_-gwQ7mFufI.roa
File:                     enacwQjrHGHbnpi7_-gwQ7mFufI.roa (raw, json)
Hash identifier:          Hal2kcsISX9CHUGZ6KCu3tfmEsKWVwE7hN1Orwz+fBM=
Subject key identifier:   7A:76:9C:C1:08:EB:1C:61:DB:9E:98:BB:FF:E8:30:43:B9:85:B9:F2
Certificate issuer:       /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial:       019E5011FD3DBD42D2910C7EA3E2B4DF5C39
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/enacwQjrHGHbnpi7_-gwQ7mFufI.roa
Signing time:             Fri 22 May 2026 14:23:36 +0000
ROA not before:           Fri 22 May 2026 14:23:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     4826
IP address blocks:        9.237.32.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Jun 2026 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:50:11:fd:3d:bd:42:d2:91:0c:7e:a3:e2:b4:df:5c:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
        Validity
            Not Before: May 22 14:23:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7a769cc108eb1c61db9e98bbffe83043b985b9f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7f:05:f3:87:ab:f5:01:03:fb:2e:fc:a4:6c:
                    61:01:14:40:42:de:7e:1c:6f:2f:e3:b0:70:b2:63:
                    88:fd:44:da:ca:66:57:af:d8:c1:c0:b8:67:a3:e5:
                    27:42:b6:04:c1:3f:39:a7:5b:d9:d1:aa:68:1c:8a:
                    a6:2f:2e:a5:e5:67:b4:46:5d:ca:b8:ba:07:ac:51:
                    28:56:d3:ff:b7:d7:81:ce:8e:c8:8f:fd:a8:26:e1:
                    c7:e2:08:19:5f:88:8d:c5:30:cd:f4:b8:e0:04:42:
                    23:d9:fa:7f:09:ac:ba:ae:bf:68:5a:73:08:e0:0b:
                    db:19:9c:6a:ae:0e:65:ed:17:44:e1:35:f1:73:1f:
                    73:e3:21:d7:a0:1b:8a:23:12:6a:5f:76:8a:b8:d4:
                    f0:38:4f:d8:56:c8:22:8e:2b:49:18:da:0c:fb:47:
                    b6:26:cf:1a:0c:2f:d1:99:10:02:4a:e1:8e:97:ef:
                    ea:07:71:a4:cc:c5:c9:5d:d1:0d:71:cb:09:ec:0d:
                    4d:1f:0d:ca:df:2e:de:ae:69:98:ee:fb:a7:78:63:
                    4f:27:2a:c9:8b:d3:9c:36:f2:31:9b:e0:6c:a8:bc:
                    19:9b:94:0f:25:ef:d2:ed:01:fa:66:0c:66:75:db:
                    3a:1d:8e:4b:c9:8f:c6:26:de:12:6b:d9:e0:7b:77:
                    0b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:76:9C:C1:08:EB:1C:61:DB:9E:98:BB:FF:E8:30:43:B9:85:B9:F2
            X509v3 Authority Key Identifier:
                keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/enacwQjrHGHbnpi7_-gwQ7mFufI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  9.237.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         80:83:d2:af:ef:c1:a5:5c:c7:d3:a6:c2:d3:ab:a9:44:e6:c8:
         51:17:fe:5f:6f:b5:d3:70:bb:01:59:4f:2e:d8:1e:0c:ae:10:
         2b:61:72:9d:c5:c4:64:ed:de:9d:17:e0:ed:c1:33:72:5b:80:
         48:ec:6e:4f:49:c3:0a:c2:9b:ab:46:e3:30:23:47:ab:1c:e3:
         5d:b9:b6:13:1e:aa:9d:03:42:9f:08:bb:31:7c:42:58:f4:31:
         f0:49:05:f0:a9:e8:59:17:73:de:b7:9d:3b:2d:0b:db:1a:ba:
         a1:7e:da:74:35:81:a5:8d:57:54:a3:c6:58:0b:45:2d:d3:5b:
         66:eb:8e:2b:54:86:30:f3:b7:e0:c3:99:79:93:68:88:f2:f4:
         09:7d:ee:4e:4d:b5:5f:35:26:46:60:f3:66:1d:ea:5f:8d:4d:
         36:ea:ae:f7:17:d2:da:00:12:24:7a:eb:0b:9a:3c:53:4d:1f:
         0e:af:18:b5:67:85:08:1c:05:d4:80:c6:af:cd:be:42:1c:d2:
         0d:00:93:f4:e9:9d:03:43:d9:71:03:48:dc:6f:9e:52:f9:a9:
         82:7a:45:34:d8:78:53:89:70:1c:84:aa:09:4e:78:a0:3e:20:
         d3:a0:63:06:45:a0:ce:85:74:42:03:72:81:ff:e5:78:46:bb:
         55:e9:b7:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5QEf09vULSkQx+o+K031w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNTIyMTQyMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTc2OWNjMTA4ZWIxYzYxZGI5ZTk4YmJmZmU4MzA0M2I5ODViOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH8F84er9QED+y78pGxhARRAQt5+
HG8v47BwsmOI/UTaymZXr9jBwLhno+UnQrYEwT85p1vZ0apoHIqmLy6l5We0Rl3K
uLoHrFEoVtP/t9eBzo7Ij/2oJuHH4ggZX4iNxTDN9LjgBEIj2fp/Cay6rr9oWnMI
4AvbGZxqrg5l7RdE4TXxcx9z4yHXoBuKIxJqX3aKuNTwOE/YVsgijitJGNoM+0e2
Js8aDC/RmRACSuGOl+/qB3GkzMXJXdENccsJ7A1NHw3K3y7ermmY7vuneGNPJyrJ
i9OcNvIxm+BsqLwZm5QPJe/S7QH6Zgxmdds6HY5LyY/GJt4Sa9nge3cLxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHp2nMEI6xxh256Yu//oMEO5hbnyMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvZW5hY3dRanJIR0hibnBpN18tZ3dRN21GdWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQECe0gMA0G
CSqGSIb3DQEBCwUAA4IBAQCAg9Kv78GlXMfTpsLTq6lE5shRF/5fb7XTcLsBWU8u
2B4MrhArYXKdxcRk7d6dF+DtwTNyW4BI7G5PScMKwpurRuMwI0erHONdubYTHqqd
A0KfCLsxfEJY9DHwSQXwqehZF3Pet507LQvbGrqhftp0NYGljVdUo8ZYC0Ut01tm
644rVIYw87fgw5l5k2iI8vQJfe5OTbVfNSZGYPNmHepfjU026q73F9LaABIkeusL
mjxTTR8Orxi1Z4UIHAXUgMavzb5CHNINAJP06Z0DQ9lxA0jcb55S+amCekU02HhT
iXAchKoJTnigPiDToGMGRaDOhXRCA3KB/+V4RrtV6bc0
-----END CERTIFICATE-----