Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/md4O3DBwBwXkA2dF7lLHxpyitGE.roa
File:                     md4O3DBwBwXkA2dF7lLHxpyitGE.roa (raw, json)
Hash identifier:          bX+HxZTGlsVQLtgD1XX3vnpjpa+8M8EPtH4HbkvWiH4=
Subject key identifier:   99:DE:0E:DC:30:70:07:05:E4:03:67:45:EE:52:C7:C6:9C:A2:B4:61
Certificate issuer:       /CN=36f6ee6d32790e498950d63877b0321232a7f833
Certificate serial:       019E3EFB995476AE8E1FC0B2C4183D9C1B24
Authority key identifier: 36:F6:EE:6D:32:79:0E:49:89:50:D6:38:77:B0:32:12:32:A7:F8:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NvbubTJ5DkmJUNY4d7AyEjKn-DM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/md4O3DBwBwXkA2dF7lLHxpyitGE.roa
Signing time:             Tue 19 May 2026 06:45:36 +0000
ROA not before:           Tue 19 May 2026 06:45:36 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     8075
IP address blocks:        137.44.127.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/NvbubTJ5DkmJUNY4d7AyEjKn-DM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/NvbubTJ5DkmJUNY4d7AyEjKn-DM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NvbubTJ5DkmJUNY4d7AyEjKn-DM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 04 Jun 2026 09:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:3e:fb:99:54:76:ae:8e:1f:c0:b2:c4:18:3d:9c:1b:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36f6ee6d32790e498950d63877b0321232a7f833
        Validity
            Not Before: May 19 06:45:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=99de0edc30700705e4036745ee52c7c69ca2b461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ce:ea:16:97:44:7e:98:33:f2:f5:af:a1:ee:
                    8b:7f:fe:00:04:4f:9f:4b:e1:05:94:7b:2a:87:d6:
                    c0:16:b8:65:f5:44:b7:72:ba:90:a7:8f:f7:0f:e8:
                    aa:b5:a8:95:61:68:1d:67:a6:80:70:25:d6:d8:e5:
                    ce:76:4b:3d:96:c2:cc:14:29:5c:b5:17:78:a0:64:
                    44:92:c4:a5:a8:6b:d7:6a:26:76:a7:05:7c:48:14:
                    b4:77:d1:90:ea:7e:28:99:cb:be:c9:53:82:2e:e7:
                    94:6b:98:75:47:d4:fe:ec:b7:3f:0b:ec:bf:0b:cf:
                    27:18:a9:ef:b8:44:51:12:40:65:a8:fa:c3:e4:c6:
                    8e:9a:0e:96:be:48:06:2e:c4:81:9b:4c:53:41:61:
                    78:72:3b:7b:db:be:cf:1b:47:94:3d:24:34:7f:18:
                    ea:56:cb:dd:cd:6d:2a:b6:d8:41:de:8e:dd:33:c6:
                    8d:cf:54:f4:ef:99:2d:f9:11:2f:ec:c2:23:45:2f:
                    35:e5:45:6e:c3:b7:d4:4c:9e:c8:8a:09:c2:8c:71:
                    05:21:9e:0e:3c:42:26:19:5e:3b:11:e9:70:6b:ef:
                    70:70:91:6b:0b:83:79:85:ef:32:c2:c2:eb:8e:4d:
                    c9:25:a1:d1:20:17:03:88:3e:92:ef:ea:18:d4:7d:
                    e6:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:DE:0E:DC:30:70:07:05:E4:03:67:45:EE:52:C7:C6:9C:A2:B4:61
            X509v3 Authority Key Identifier:
                keyid:36:F6:EE:6D:32:79:0E:49:89:50:D6:38:77:B0:32:12:32:A7:F8:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NvbubTJ5DkmJUNY4d7AyEjKn-DM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/md4O3DBwBwXkA2dF7lLHxpyitGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07f907-f796-4d7b-b1cc-72b8d6dd37b3/1/NvbubTJ5DkmJUNY4d7AyEjKn-DM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.44.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:81:df:b2:30:a9:8d:fc:03:74:2b:00:06:97:03:a7:d5:fe:
         00:9e:d7:ee:f4:db:9f:4e:62:f9:be:33:03:8a:5b:4a:30:52:
         1c:b6:67:ad:8c:c5:b2:3a:ff:3b:f4:e4:54:a7:6e:02:27:96:
         ce:75:e1:d8:bf:cf:5a:31:d0:2c:7f:9e:99:fc:83:a2:c8:f1:
         44:6a:29:ae:1f:6e:7d:eb:8b:5e:93:0f:ff:1e:0d:ea:26:5b:
         d2:85:08:64:06:fa:07:e3:cf:c7:89:cf:99:9a:91:43:70:88:
         cd:ed:4a:c0:60:f1:5b:73:5a:56:e2:b3:85:ec:a2:15:92:00:
         2b:e4:d8:51:d4:0f:d4:97:01:79:39:e4:69:c7:6d:75:54:b6:
         87:bc:31:84:9b:2e:65:47:62:0d:05:6b:86:e9:09:09:af:4f:
         89:b0:9d:6b:6f:c5:c6:ad:14:1c:d7:90:a7:b1:07:c8:ac:fd:
         9d:98:a5:8d:d2:01:1b:ef:60:44:2f:33:98:e0:5b:b9:04:b9:
         f9:da:92:f8:04:c3:90:4b:c9:65:f6:f4:58:f6:bc:33:9f:46:
         96:30:59:61:a9:b7:01:e1:1f:ea:ba:b5:35:f8:c0:a9:9a:43:
         57:16:8d:f0:48:d2:5a:ba:91:4b:8b:ee:a2:b7:16:d6:84:cb:
         8b:71:c7:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4++5lUdq6OH8CyxBg9nBskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZjZlZTZkMzI3OTBlNDk4OTUwZDYzODc3YjAzMjEyMzJh
N2Y4MzMwHhcNMjYwNTE5MDY0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRlMGVkYzMwNzAwNzA1ZTQwMzY3NDVlZTUyYzdjNjljYTJiNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM7qFpdEfpgz8vWvoe6Lf/4ABE+f
S+EFlHsqh9bAFrhl9US3crqQp4/3D+iqtaiVYWgdZ6aAcCXW2OXOdks9lsLMFClc
tRd4oGREksSlqGvXaiZ2pwV8SBS0d9GQ6n4omcu+yVOCLueUa5h1R9T+7Lc/C+y/
C88nGKnvuERREkBlqPrD5MaOmg6WvkgGLsSBm0xTQWF4cjt7277PG0eUPSQ0fxjq
VsvdzW0qtthB3o7dM8aNz1T075kt+REv7MIjRS815UVuw7fUTJ7IignCjHEFIZ4O
PEImGV47Eelwa+9wcJFrC4N5he8ywsLrjk3JJaHRIBcDiD6S7+oY1H3mzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJneDtwwcAcF5ANnRe5Sx8acorRhMB8GA1UdIwQY
MBaAFDb27m0yeQ5JiVDWOHewMhIyp/gzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnZidWJUSjVEa21KVU5ZNGQ3QXlFaktuLURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wN2Y5MDctZjc5Ni00ZDdiLWIxY2Mt
NzJiOGQ2ZGQzN2IzLzEvbWQ0TzNEQndCd1hrQTJkRjdsTEh4cHlpdEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wN2Y5MDctZjc5Ni00ZDdiLWIxY2MtNzJiOGQ2ZGQzN2Iz
LzEvTnZidWJUSjVEa21KVU5ZNGQ3QXlFaktuLURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiSx/MA0G
CSqGSIb3DQEBCwUAA4IBAQBtgd+yMKmN/AN0KwAGlwOn1f4Antfu9NufTmL5vjMD
iltKMFIctmetjMWyOv879ORUp24CJ5bOdeHYv89aMdAsf56Z/IOiyPFEaimuH259
64tekw//Hg3qJlvShQhkBvoH48/Hic+ZmpFDcIjN7UrAYPFbc1pW4rOF7KIVkgAr
5NhR1A/UlwF5OeRpx211VLaHvDGEmy5lR2INBWuG6QkJr0+JsJ1rb8XGrRQc15Cn
sQfIrP2dmKWN0gEb72BELzOY4Fu5BLn52pL4BMOQS8ll9vRY9rwzn0aWMFlhqbcB
4R/qurU1+MCpmkNXFo3wSNJaupFLi+6itxbWhMuLccdJ
-----END CERTIFICATE-----