Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0m4ltZUMLMH5EW1WAYFmLMh9R24.roa
File:                     0m4ltZUMLMH5EW1WAYFmLMh9R24.roa (raw, json)
Hash identifier:          oN/H4oIS0TOP5inExJtWMH4xNu20yAkjIU6XDFSb2wo=
Subject key identifier:   D2:6E:25:B5:95:0C:2C:C1:F9:11:6D:56:01:81:66:2C:C8:7D:47:6E
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       019C3C488B3909FAC4D79BBFF3C6F8A3D043
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0m4ltZUMLMH5EW1WAYFmLMh9R24.roa
Signing time:             Sun 08 Feb 2026 08:05:13 +0000
ROA not before:           Sun 08 Feb 2026 08:05:13 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     44436
IP address blocks:        87.107.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 22 Feb 2026 20:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:3c:48:8b:39:09:fa:c4:d7:9b:bf:f3:c6:f8:a3:d0:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Feb  8 08:05:13 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d26e25b5950c2cc1f9116d560181662cc87d476e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:db:18:c9:55:2d:a9:23:c3:e0:6b:ec:dc:52:
                    7b:54:b8:49:98:8f:45:ae:1a:2e:1a:9f:07:4a:4a:
                    9a:bf:ad:eb:a4:e4:e4:0a:a0:8a:4e:75:ec:14:69:
                    58:e8:f1:d3:de:df:21:5a:43:9c:20:c1:35:f4:0e:
                    a5:a6:b3:51:60:c3:fa:c0:d4:eb:c0:4d:3e:33:02:
                    d4:4b:f3:f2:00:f9:47:ba:0b:f0:01:39:c9:55:fe:
                    6f:96:91:99:e0:f2:d6:58:26:69:ed:ae:b1:2f:0b:
                    29:8d:1f:ee:f5:ee:e0:95:85:d9:fb:24:63:75:a7:
                    b6:a2:03:ff:74:06:c5:76:32:6a:ae:a3:2f:59:74:
                    fc:26:cc:43:be:db:e3:b5:1a:93:7c:5c:0b:47:c6:
                    11:dc:fa:06:32:8c:57:10:db:84:19:62:be:6f:d8:
                    c1:1b:97:5b:2e:53:7f:8f:91:ea:57:ed:95:11:7b:
                    7c:1b:5e:7e:eb:76:b8:f3:e4:9f:c1:62:c9:ee:c5:
                    b4:72:7e:47:da:73:9d:aa:5e:fd:f0:2f:3b:02:4b:
                    5b:c0:e3:ec:70:dc:bc:f6:ab:e6:e6:af:70:a6:40:
                    6a:35:ff:a3:32:fa:cd:98:06:39:02:24:61:95:12:
                    7c:f0:01:e8:1a:15:96:9b:3d:91:f8:a5:61:9a:a9:
                    45:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:6E:25:B5:95:0C:2C:C1:F9:11:6D:56:01:81:66:2C:C8:7D:47:6E
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/0m4ltZUMLMH5EW1WAYFmLMh9R24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:24:20:5f:d2:b3:04:ce:7c:70:8f:d3:b3:11:a2:cf:fb:82:
         57:af:42:a8:9c:98:a4:6f:2b:02:bf:c2:1b:79:2a:2a:a6:a6:
         e7:88:48:22:8f:0c:c0:b0:bf:f3:74:40:f6:02:21:43:2f:4e:
         3d:bd:f1:c9:67:da:c1:09:10:7f:63:5d:21:97:79:c1:f7:ea:
         64:53:97:31:ce:e0:e1:55:80:26:b8:6a:42:95:84:93:c6:35:
         28:1a:b6:62:59:ed:19:a5:18:d5:4e:78:bc:64:ed:c4:32:d1:
         81:60:4e:d2:8f:ac:dd:4d:77:06:6d:a3:d8:ea:9a:87:cc:7c:
         8f:6b:64:5a:05:c6:d3:4e:f5:6c:8a:03:d0:8a:b4:07:a6:9a:
         f9:cd:86:2f:bd:2e:5b:c3:90:52:fd:e0:73:27:6d:64:ca:6d:
         83:87:51:43:1c:6a:a3:44:71:f1:a7:e7:41:12:68:51:5d:15:
         5c:c8:4a:cf:d9:89:bd:45:96:14:c3:1a:9d:79:f6:53:8c:35:
         cf:2d:b4:ce:68:be:13:00:b6:0c:d6:ce:8f:71:fa:b2:4c:2b:
         80:a8:1c:61:01:c2:d8:93:4d:3c:16:88:bb:58:23:c7:9c:da:
         c8:fd:60:e5:3c:f6:54:10:ae:73:c7:8e:83:ca:fd:29:64:ea:
         d1:58:75:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZw8SIs5CfrE15u/88b4o9BDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwMjA4MDgwNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZlMjViNTk1MGMyY2MxZjkxMTZkNTYwMTgxNjYyY2M4N2Q0NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9sYyVUtqSPD4Gvs3FJ7VLhJmI9F
rhouGp8HSkqav63rpOTkCqCKTnXsFGlY6PHT3t8hWkOcIME19A6lprNRYMP6wNTr
wE0+MwLUS/PyAPlHugvwATnJVf5vlpGZ4PLWWCZp7a6xLwspjR/u9e7glYXZ+yRj
dae2ogP/dAbFdjJqrqMvWXT8JsxDvtvjtRqTfFwLR8YR3PoGMoxXENuEGWK+b9jB
G5dbLlN/j5HqV+2VEXt8G15+63a48+SfwWLJ7sW0cn5H2nOdql798C87AktbwOPs
cNy89qvm5q9wpkBqNf+jMvrNmAY5AiRhlRJ88AHoGhWWmz2R+KVhmqlF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJuJbWVDCzB+RFtVgGBZizIfUduMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMG00bHRaVU1MTUg1RVcxV0FZRm1MTWg5UjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV2u/MA0G
CSqGSIb3DQEBCwUAA4IBAQBTJCBf0rMEznxwj9OzEaLP+4JXr0KonJikbysCv8Ib
eSoqpqbniEgijwzAsL/zdED2AiFDL049vfHJZ9rBCRB/Y10hl3nB9+pkU5cxzuDh
VYAmuGpClYSTxjUoGrZiWe0ZpRjVTni8ZO3EMtGBYE7Sj6zdTXcGbaPY6pqHzHyP
a2RaBcbTTvVsigPQirQHppr5zYYvvS5bw5BS/eBzJ21kym2Dh1FDHGqjRHHxp+dB
EmhRXRVcyErP2Ym9RZYUwxqdefZTjDXPLbTOaL4TALYM1s6PcfqyTCuAqBxhAcLY
k008Foi7WCPHnNrI/WDlPPZUEK5zx46Dyv0pZOrRWHUp
-----END CERTIFICATE-----