Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gWpyVPXkmHarLq6ILw1lKSFFaUY.roa
File:                     gWpyVPXkmHarLq6ILw1lKSFFaUY.roa (raw, json)
Hash identifier:          AxXKpz6r7cvG1JclpGjpJgQ5hswEucEqErXm5Ihwbp0=
Subject key identifier:   81:6A:72:54:F5:E4:98:76:AB:2E:AE:88:2F:0D:65:29:21:45:69:46
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019EF073BB075D873D7BD1117146FF95B71A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gWpyVPXkmHarLq6ILw1lKSFFaUY.roa
Signing time:             Mon 22 Jun 2026 17:49:36 +0000
ROA not before:           Mon 22 Jun 2026 17:49:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     213636
IP address blocks:        217.60.76.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 27 Jun 2026 11:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:f0:73:bb:07:5d:87:3d:7b:d1:11:71:46:ff:95:b7:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jun 22 17:49:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=816a7254f5e49876ab2eae882f0d652921456946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:43:13:88:c6:b9:03:a9:bf:19:a0:ad:86:c0:
                    97:d9:d6:50:b7:9a:50:ba:52:42:f7:11:c3:6a:cc:
                    ac:c6:92:d4:27:47:a9:59:b5:96:b7:e8:79:94:c4:
                    ba:e2:36:51:60:25:21:a8:d6:7d:05:f3:83:c4:db:
                    ff:64:58:c6:80:76:7a:42:ec:56:9b:68:4e:8f:b6:
                    d3:b6:14:4c:98:b5:36:0a:e6:5d:c0:5f:be:c7:3c:
                    90:59:cc:79:a7:80:7a:05:20:30:36:b7:87:7f:62:
                    80:11:1b:b4:0c:ad:28:b6:6b:e3:2e:f8:ed:64:f3:
                    f9:b2:d2:21:ad:12:b1:d9:3e:8f:c8:80:86:8c:63:
                    5b:83:c9:c0:0a:11:e2:ed:eb:3f:b6:37:b5:b6:88:
                    84:ca:62:4d:f8:0d:38:e7:6d:a1:d2:6a:8e:bf:5a:
                    03:30:32:f2:86:d8:de:1f:7b:2c:4b:58:28:5c:3f:
                    90:15:ea:e9:bc:ec:0c:f4:fc:c3:f3:f3:3c:c3:17:
                    51:a9:eb:54:c4:6d:7f:6e:73:ca:55:e1:ec:8a:c9:
                    a5:da:7e:ab:98:39:0d:3f:da:83:5f:38:db:fd:f8:
                    06:79:b4:b4:99:e8:54:87:7a:66:92:68:73:69:7d:
                    61:e1:9a:61:ff:f8:33:39:06:22:d7:e6:ca:29:42:
                    83:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:6A:72:54:F5:E4:98:76:AB:2E:AE:88:2F:0D:65:29:21:45:69:46
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/gWpyVPXkmHarLq6ILw1lKSFFaUY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.60.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:93:97:ce:68:b4:aa:f2:a4:6c:63:ad:35:a9:1b:a5:48:1b:
         a1:37:fc:9c:64:ff:82:f5:19:5a:76:fa:86:8c:54:9b:52:6f:
         08:91:d0:b6:e0:b4:c0:5a:01:e3:08:16:1d:7f:51:d5:3f:21:
         f7:37:12:00:05:70:cd:39:cc:2f:af:99:64:05:35:f8:02:20:
         34:39:1c:0f:15:96:c3:b2:a6:cb:7e:0a:c5:76:cd:f1:31:f3:
         18:2f:8e:e8:41:b5:e3:e4:4d:ab:53:7f:d4:93:c5:d1:ce:9d:
         01:43:20:b6:f4:21:3a:67:73:02:10:64:c4:39:5e:83:01:5a:
         08:6e:f2:29:fb:23:13:91:b4:2e:0c:22:89:d7:73:c4:4f:8e:
         58:f5:d7:8a:b7:9b:2c:36:5d:00:07:cb:a4:e5:80:45:2b:ef:
         ad:0c:c8:01:df:4b:fb:f4:17:5a:ba:24:73:80:23:a5:6e:d5:
         66:c5:05:3d:a9:e7:73:2b:bb:28:0a:16:85:50:d4:54:e4:ed:
         4c:df:91:cd:12:9c:e2:0f:22:cb:da:76:90:41:74:1f:8a:df:
         8c:49:a3:ef:0a:fe:b1:ba:b9:0a:02:66:39:b4:46:f5:ea:93:
         c7:4b:cc:69:c5:e8:36:14:c0:be:0c:95:bf:a8:ef:0b:6d:f8:
         5d:dc:47:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ7wc7sHXYc9e9ERcUb/lbcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjIyMTc0OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTZhNzI1NGY1ZTQ5ODc2YWIyZWFlODgyZjBkNjUyOTIxNDU2OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UMTiMa5A6m/GaCthsCX2dZQt5pQ
ulJC9xHDasysxpLUJ0epWbWWt+h5lMS64jZRYCUhqNZ9BfODxNv/ZFjGgHZ6QuxW
m2hOj7bTthRMmLU2CuZdwF++xzyQWcx5p4B6BSAwNreHf2KAERu0DK0otmvjLvjt
ZPP5stIhrRKx2T6PyICGjGNbg8nAChHi7es/tje1toiEymJN+A04522h0mqOv1oD
MDLyhtjeH3ssS1goXD+QFerpvOwM9PzD8/M8wxdRqetUxG1/bnPKVeHsisml2n6r
mDkNP9qDXzjb/fgGebS0mehUh3pmkmhzaX1h4Zph//gzOQYi1+bKKUKDVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFqclT15Jh2qy6uiC8NZSkhRWlGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZ1dweVZQWGttSGFyTHE2SUx3MWxLU0ZGYVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2TxMMA0G
CSqGSIb3DQEBCwUAA4IBAQBrk5fOaLSq8qRsY601qRulSBuhN/ycZP+C9RladvqG
jFSbUm8IkdC24LTAWgHjCBYdf1HVPyH3NxIABXDNOcwvr5lkBTX4AiA0ORwPFZbD
sqbLfgrFds3xMfMYL47oQbXj5E2rU3/Uk8XRzp0BQyC29CE6Z3MCEGTEOV6DAVoI
bvIp+yMTkbQuDCKJ13PET45Y9deKt5ssNl0AB8uk5YBFK++tDMgB30v79BdauiRz
gCOlbtVmxQU9qedzK7soChaFUNRU5O1M35HNEpziDyLL2naQQXQfit+MSaPvCv6x
urkKAmY5tEb16pPHS8xpxeg2FMC+DJW/qO8Lbfhd3EcM
-----END CERTIFICATE-----