Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HwabblmP_-bP4798sPumLWxC8i0.roa
File:                     HwabblmP_-bP4798sPumLWxC8i0.roa (raw, json)
Hash identifier:          LRAduyhacdB8b1dIB2s60q5BTCiUzcNsx03RJRh8+Kk=
Subject key identifier:   1F:06:9B:6E:59:8F:FF:E6:CF:E3:BF:7C:B0:FB:A6:2D:6C:42:F2:2D
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       019E3AF1F9D1CB76B21FF3D914C8960983A9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HwabblmP_-bP4798sPumLWxC8i0.roa
Signing time:             Mon 18 May 2026 11:56:37 +0000
ROA not before:           Mon 18 May 2026 11:56:37 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     209946
IP address blocks:        45.13.186.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Jun 2026 17:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:3a:f1:f9:d1:cb:76:b2:1f:f3:d9:14:c8:96:09:83:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: May 18 11:56:37 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1f069b6e598fffe6cfe3bf7cb0fba62d6c42f22d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6d:53:97:39:78:d0:f2:d8:70:16:4e:f7:4b:
                    ce:2b:fe:84:1d:9d:0f:c5:21:84:1b:ed:10:0e:ab:
                    95:00:7a:11:53:01:13:60:a3:db:cb:12:ee:33:08:
                    6e:95:e8:05:bb:40:13:8a:62:b5:2b:18:71:47:47:
                    c2:1c:5b:1a:84:6e:b4:a8:cc:70:b1:e0:23:7c:e0:
                    b0:f5:86:bf:86:b0:1d:82:17:e8:51:d4:3b:2a:3c:
                    6a:c2:ec:9f:9e:a1:40:05:2b:58:02:c8:00:d9:b2:
                    76:35:3f:33:37:fd:d9:30:51:86:2d:45:ce:3b:20:
                    8c:f2:28:83:d1:95:52:a9:41:e0:09:62:cc:3f:fd:
                    ca:de:93:9b:b8:40:c7:e4:3e:8e:d3:88:21:43:c1:
                    cc:a5:45:69:d7:bf:57:b2:9a:d1:11:cd:cd:b0:d5:
                    95:61:d9:5d:df:f8:b6:d0:2b:e3:c9:3e:ec:f0:e2:
                    de:08:7b:91:04:ae:4c:59:91:74:ec:0a:4b:c3:b4:
                    62:12:a3:4d:d4:a5:65:80:fc:67:5e:95:33:ce:2b:
                    94:64:a4:b1:e4:72:84:ef:b9:33:a3:aa:9c:ad:27:
                    7d:dc:9b:4e:d2:4e:13:59:37:3c:7d:45:3e:a4:56:
                    c5:77:40:07:96:20:64:35:a7:8b:9b:34:e1:48:81:
                    b8:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:06:9B:6E:59:8F:FF:E6:CF:E3:BF:7C:B0:FB:A6:2D:6C:42:F2:2D
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HwabblmP_-bP4798sPumLWxC8i0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:73:a8:a4:c3:18:45:1b:a3:cb:7c:32:40:af:26:80:d1:23:
         78:b0:2f:8b:25:4b:a6:15:13:f2:35:b3:f0:62:45:9b:f2:bd:
         aa:78:aa:f7:84:9c:7a:10:3f:5d:e9:36:fe:3e:94:b7:f7:90:
         28:0f:ce:50:01:56:ce:0f:92:6e:ea:c0:25:a7:11:58:13:6a:
         65:25:ce:11:f5:e8:c3:ac:58:3e:86:9d:d1:45:cf:e6:44:05:
         4c:6b:94:e1:00:fa:24:3f:67:28:f4:df:22:1f:be:8a:b3:af:
         b9:49:5a:4d:ba:ce:86:1a:e4:3f:76:c2:eb:af:54:4e:ba:83:
         58:b9:48:fe:39:ca:80:d0:1c:18:97:6e:e2:0c:fc:72:09:56:
         2a:97:d0:08:27:2c:79:98:db:e6:b7:ef:4f:c9:a4:3d:fc:d9:
         fa:96:7c:e1:81:aa:bb:fb:bb:de:a8:2c:ee:ec:e3:ac:d4:e2:
         29:a4:18:ca:02:05:70:9d:ef:4f:90:42:25:2d:dd:19:8f:9a:
         98:24:df:70:f2:90:9b:d6:3c:9f:0b:7b:ef:67:61:01:a5:e2:
         7e:e7:9d:3b:43:c8:c7:87:6e:fa:c8:78:a2:f1:cd:de:5e:5d:
         dc:d3:51:59:9b:c4:a4:0c:8b:c6:01:8f:80:af:99:b4:31:a1:
         a3:77:f1:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ468fnRy3ayH/PZFMiWCYOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNTE4MTE1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA2OWI2ZTU5OGZmZmU2Y2ZlM2JmN2NiMGZiYTYyZDZjNDJmMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW1Tlzl40PLYcBZO90vOK/6EHZ0P
xSGEG+0QDquVAHoRUwETYKPbyxLuMwhulegFu0ATimK1KxhxR0fCHFsahG60qMxw
seAjfOCw9Ya/hrAdghfoUdQ7KjxqwuyfnqFABStYAsgA2bJ2NT8zN/3ZMFGGLUXO
OyCM8iiD0ZVSqUHgCWLMP/3K3pObuEDH5D6O04ghQ8HMpUVp179XsprREc3NsNWV
Ydld3/i20CvjyT7s8OLeCHuRBK5MWZF07ApLw7RiEqNN1KVlgPxnXpUzziuUZKSx
5HKE77kzo6qcrSd93JtO0k4TWTc8fUU+pFbFd0AHliBkNaeLmzThSIG4KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8Gm25Zj//mz+O/fLD7pi1sQvItMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSHdhYmJsbVBfLWJQNDc5OHNQdW1MV3hDOGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ26MA0G
CSqGSIb3DQEBCwUAA4IBAQDOc6ikwxhFG6PLfDJAryaA0SN4sC+LJUumFRPyNbPw
YkWb8r2qeKr3hJx6ED9d6Tb+PpS395AoD85QAVbOD5Ju6sAlpxFYE2plJc4R9ejD
rFg+hp3RRc/mRAVMa5ThAPokP2co9N8iH76Ks6+5SVpNus6GGuQ/dsLrr1ROuoNY
uUj+OcqA0BwYl27iDPxyCVYql9AIJyx5mNvmt+9PyaQ9/Nn6lnzhgaq7+7veqCzu
7OOs1OIppBjKAgVwne9PkEIlLd0Zj5qYJN9w8pCb1jyfC3vvZ2EBpeJ+5507Q8jH
h276yHii8c3eXl3c01FZm8SkDIvGAY+Ar5m0MaGjd/FV
-----END CERTIFICATE-----