Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/L27R15PpwOrseUIl0bvCnFwws2s.roa
File:                     L27R15PpwOrseUIl0bvCnFwws2s.roa (raw, json)
Hash identifier:          D/qY8BujaGg4Lgye4hDMzpmCE3IJ8h3XVyZtL65ycpQ=
Subject key identifier:   2F:6E:D1:D7:93:E9:C0:EA:EC:79:42:25:D1:BB:C2:9C:5C:30:B3:6B
Certificate issuer:       /CN=50399d4435bb85fae910abe38e68533204dfd60b
Certificate serial:       019731E9884C481A33D5EA3939CFCCC2848C
Authority key identifier: 50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/L27R15PpwOrseUIl0bvCnFwws2s.roa
Signing time:             Mon 02 Jun 2025 18:31:17 +0000
ROA not before:           Mon 02 Jun 2025 18:31:17 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     4826
IP address blocks:        185.167.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 06 Jun 2025 09:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:31:e9:88:4c:48:1a:33:d5:ea:39:39:cf:cc:c2:84:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50399d4435bb85fae910abe38e68533204dfd60b
        Validity
            Not Before: Jun  2 18:31:17 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2f6ed1d793e9c0eaec794225d1bbc29c5c30b36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:b6:46:6d:67:df:0f:3d:d3:2a:a5:ea:14:69:
                    9a:01:1b:4c:5f:ca:ab:d7:c2:8c:a4:37:28:f7:c6:
                    42:94:7c:f7:1f:d4:f6:b9:19:24:e6:9b:ca:b8:8a:
                    b7:b7:44:a5:8d:48:13:c7:b2:7f:d1:1b:7b:85:99:
                    b2:a9:eb:40:6a:e5:26:3f:10:25:21:63:db:84:40:
                    64:c1:80:5a:cb:8f:0b:df:3c:a7:3c:33:83:31:8d:
                    e7:1b:07:78:d4:40:a9:94:c7:b4:4b:cc:3a:b3:2e:
                    ed:0e:7c:44:a4:1b:a4:89:dc:8f:23:ca:0f:6f:aa:
                    79:4e:c2:d7:0e:c4:e7:e7:c0:dd:36:e9:25:89:5f:
                    2e:03:0f:58:f9:44:d8:03:56:9a:03:07:5d:d7:00:
                    05:da:d9:3d:2b:a7:83:67:18:f0:19:9b:ee:a9:c1:
                    3a:2c:6d:7a:37:5d:50:14:7d:1f:0e:72:b7:4f:c6:
                    36:af:a1:31:6b:98:27:0b:cb:6d:3c:f7:ea:ce:0b:
                    b2:21:2e:5e:ba:a3:ec:ff:c0:6b:aa:95:a8:5a:c3:
                    70:64:8f:e8:17:54:d3:8e:e3:64:02:0b:e2:f7:31:
                    cd:d3:e2:2e:03:9e:a0:61:0a:9f:b7:b8:92:38:e5:
                    0d:6e:58:36:97:3a:fc:46:0e:ae:dc:ac:4c:2b:f7:
                    db:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:6E:D1:D7:93:E9:C0:EA:EC:79:42:25:D1:BB:C2:9C:5C:30:B3:6B
            X509v3 Authority Key Identifier:
                keyid:50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/L27R15PpwOrseUIl0bvCnFwws2s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:7a:ea:83:85:c0:3d:44:fb:bf:97:a9:43:d5:a9:fb:f6:01:
         48:74:a9:af:f8:c0:31:e6:8d:52:0f:69:ff:12:d2:02:03:14:
         f6:6c:3a:30:4f:50:5a:ab:3d:ca:f1:43:15:51:d2:9b:15:68:
         26:18:77:ab:a9:11:36:41:ce:9f:ce:35:da:6c:4c:03:f1:95:
         0e:60:9b:12:54:7c:ab:bf:ca:68:83:97:83:ec:18:bc:55:18:
         a0:2b:aa:2b:ea:1d:8b:ec:f4:25:ac:b4:52:21:74:40:70:13:
         00:5c:ae:df:1e:4a:57:c8:6e:0c:0c:ed:41:21:39:9c:d9:63:
         0a:3d:48:7c:f7:90:cb:3a:cb:72:aa:d4:c0:dd:84:48:e4:b3:
         8c:35:e6:1f:89:67:01:64:e4:d3:03:c5:53:0a:a7:44:c8:5c:
         1e:c0:68:d1:ee:8d:af:00:e6:8c:8e:06:dd:72:6d:3d:d4:b6:
         63:ac:0a:90:5c:7b:10:c8:78:16:00:84:0f:fc:9d:61:8b:15:
         e2:b3:72:25:7f:91:52:6e:a3:ab:a9:45:be:d9:de:09:b2:b1:
         80:f3:dd:7f:ce:69:bc:b9:7d:6e:5a:6c:9b:9e:44:01:9b:ec:
         fa:3f:65:06:84:4b:12:81:aa:e3:52:62:34:d4:18:95:33:8a:
         65:c2:66:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcx6YhMSBoz1eo5Oc/MwoSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzk5ZDQ0MzViYjg1ZmFlOTEwYWJlMzhlNjg1MzMyMDRk
ZmQ2MGIwHhcNMjUwNjAyMTgzMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZlZDFkNzkzZTljMGVhZWM3OTQyMjVkMWJiYzI5YzVjMzBiMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77ZGbWffDz3TKqXqFGmaARtMX8qr
18KMpDco98ZClHz3H9T2uRkk5pvKuIq3t0SljUgTx7J/0Rt7hZmyqetAauUmPxAl
IWPbhEBkwYBay48L3zynPDODMY3nGwd41ECplMe0S8w6sy7tDnxEpBukidyPI8oP
b6p5TsLXDsTn58DdNukliV8uAw9Y+UTYA1aaAwdd1wAF2tk9K6eDZxjwGZvuqcE6
LG16N11QFH0fDnK3T8Y2r6Exa5gnC8ttPPfqzguyIS5euqPs/8BrqpWoWsNwZI/o
F1TTjuNkAgvi9zHN0+IuA56gYQqft7iSOOUNblg2lzr8Rg6u3KxMK/fbSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9u0deT6cDq7HlCJdG7wpxcMLNrMB8GA1UdIwQY
MBaAFFA5nUQ1u4X66RCr445oUzIE39YLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURtZFJEVzdoZnJwRUt2amptaFRNZ1RmMWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi80ZjNmMDgtOTg2Yi00OGU0LTg1ZGQt
MzRmZmRiNDQyMTEzLzEvTDI3UjE1UHB3T3JzZVVJbDBidkNuRnd3czJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi80ZjNmMDgtOTg2Yi00OGU0LTg1ZGQtMzRmZmRiNDQyMTEz
LzEvVURtZFJEVzdoZnJwRUt2amptaFRNZ1RmMWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuae/MA0G
CSqGSIb3DQEBCwUAA4IBAQC1euqDhcA9RPu/l6lD1an79gFIdKmv+MAx5o1SD2n/
EtICAxT2bDowT1Baqz3K8UMVUdKbFWgmGHerqRE2Qc6fzjXabEwD8ZUOYJsSVHyr
v8pog5eD7Bi8VRigK6or6h2L7PQlrLRSIXRAcBMAXK7fHkpXyG4MDO1BITmc2WMK
PUh895DLOstyqtTA3YRI5LOMNeYfiWcBZOTTA8VTCqdEyFwewGjR7o2vAOaMjgbd
cm091LZjrAqQXHsQyHgWAIQP/J1hixXis3Ilf5FSbqOrqUW+2d4JsrGA891/zmm8
uX1uWmybnkQBm+z6P2UGhEsSgarjUmI01BiVM4plwmZj
-----END CERTIFICATE-----