Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/TW37JhQR8T8FQ1AJ7Yi1EqdK14E.roa
File:                     TW37JhQR8T8FQ1AJ7Yi1EqdK14E.roa (raw, json)
Hash identifier:          oyXAcVSjB/hUccI4NqgZ37tiT/JQ73rrkpY/YH2I14M=
Subject key identifier:   4D:6D:FB:26:14:11:F1:3F:05:43:50:09:ED:88:B5:12:A7:4A:D7:81
Certificate issuer:       /CN=1639ddbe0ff3a1870cdb455098dc42facfd549f5
Certificate serial:       019CB3052D244BD64A0F94591BBFC6D68305
Authority key identifier: 16:39:DD:BE:0F:F3:A1:87:0C:DB:45:50:98:DC:42:FA:CF:D5:49:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fjndvg_zoYcM20VQmNxC-s_VSfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/TW37JhQR8T8FQ1AJ7Yi1EqdK14E.roa
Signing time:             Tue 03 Mar 2026 09:26:26 +0000
ROA not before:           Tue 03 Mar 2026 09:26:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     212087
IP address blocks:        188.93.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/Fjndvg_zoYcM20VQmNxC-s_VSfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/Fjndvg_zoYcM20VQmNxC-s_VSfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fjndvg_zoYcM20VQmNxC-s_VSfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Mar 2026 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:b3:05:2d:24:4b:d6:4a:0f:94:59:1b:bf:c6:d6:83:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1639ddbe0ff3a1870cdb455098dc42facfd549f5
        Validity
            Not Before: Mar  3 09:26:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4d6dfb261411f13f05435009ed88b512a74ad781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:20:df:51:49:84:71:46:98:83:fa:7a:3a:90:
                    56:74:d9:af:0e:0c:33:8a:bb:28:6f:4c:28:8e:10:
                    af:7a:7f:91:80:9f:35:8b:7a:36:a1:57:15:fe:96:
                    e2:2a:22:61:ed:13:de:3f:a7:6f:38:cf:64:c0:9b:
                    2a:7a:a1:1d:73:e7:ff:51:63:65:94:80:17:bc:61:
                    54:0e:db:c4:d5:04:3d:71:34:9c:09:76:d6:78:32:
                    a7:dd:29:25:95:b8:47:17:9b:0f:90:8c:0c:87:44:
                    33:95:b5:2f:b8:0a:a9:b1:af:d0:67:44:da:94:ab:
                    e4:27:d1:bf:84:a8:36:ec:6c:83:47:03:50:0d:a9:
                    a2:bd:25:ac:64:fd:d8:37:86:46:26:ee:58:b4:56:
                    83:72:dc:dc:a0:f3:73:69:77:01:c9:ec:87:89:3c:
                    d8:98:b7:ff:75:04:79:d3:88:bb:ae:b3:fb:75:91:
                    a1:68:d3:ef:11:70:36:51:f6:14:37:87:23:0c:21:
                    ce:e3:83:7d:0e:68:06:4c:18:99:7b:fc:bc:35:88:
                    de:f6:ae:a3:84:a6:40:90:61:c5:00:a6:f5:bc:7a:
                    4f:a6:33:3b:c0:59:12:69:b6:14:a1:97:40:24:e0:
                    4b:c7:6b:10:19:d8:cc:b1:b3:41:38:15:94:1d:29:
                    08:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:6D:FB:26:14:11:F1:3F:05:43:50:09:ED:88:B5:12:A7:4A:D7:81
            X509v3 Authority Key Identifier:
                keyid:16:39:DD:BE:0F:F3:A1:87:0C:DB:45:50:98:DC:42:FA:CF:D5:49:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fjndvg_zoYcM20VQmNxC-s_VSfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/TW37JhQR8T8FQ1AJ7Yi1EqdK14E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/19c888-a2bb-4b6c-822e-c00a646d8031/1/Fjndvg_zoYcM20VQmNxC-s_VSfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.93.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:5b:a5:eb:68:53:58:83:1b:44:bc:ae:bd:61:00:6d:d3:37:
         1f:d6:65:6c:2a:92:2f:1a:2b:b4:d9:59:8f:0a:d3:0b:e0:bb:
         a4:28:e6:ec:80:f6:8b:ee:0d:c9:48:d7:39:b0:ae:bc:88:2c:
         91:5f:1d:72:6e:ca:6d:53:e9:0d:36:ee:d7:55:be:19:54:12:
         84:7f:0e:72:8c:87:bf:70:df:ec:d9:2f:46:2e:6a:bf:a7:67:
         c5:49:31:f8:3a:9a:de:bc:bf:f3:ab:7c:af:cd:6c:fc:88:a2:
         2b:2f:58:91:c3:08:de:79:1a:e7:3c:1a:a0:ad:2c:6a:8b:85:
         07:c6:39:13:ba:2c:49:a7:ea:15:76:d4:7a:da:04:3a:fd:97:
         5b:73:a3:33:5e:83:fd:1c:81:03:4c:38:7a:8e:8f:0e:76:dd:
         33:c5:99:bd:b7:97:b5:3a:b6:b9:b0:64:70:33:3a:83:4d:74:
         5c:8c:5c:f6:3a:5b:58:b4:9e:25:30:b3:98:fb:e2:8f:65:00:
         9f:c6:aa:78:5f:76:84:69:eb:a1:39:75:bd:36:4f:4d:1c:57:
         bb:c4:73:4a:58:3a:bc:3e:0d:0c:e8:8d:29:29:9f:57:13:bb:
         5b:be:23:54:aa:fc:ec:3a:34:ed:4f:0f:1d:99:2c:60:d9:f0:
         97:9b:05:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyzBS0kS9ZKD5RZG7/G1oMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzlkZGJlMGZmM2ExODcwY2RiNDU1MDk4ZGM0MmZhY2Zk
NTQ5ZjUwHhcNMjYwMzAzMDkyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZkZmIyNjE0MTFmMTNmMDU0MzUwMDllZDg4YjUxMmE3NGFkNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iDfUUmEcUaYg/p6OpBWdNmvDgwz
irsob0wojhCven+RgJ81i3o2oVcV/pbiKiJh7RPeP6dvOM9kwJsqeqEdc+f/UWNl
lIAXvGFUDtvE1QQ9cTScCXbWeDKn3SkllbhHF5sPkIwMh0QzlbUvuAqpsa/QZ0Ta
lKvkJ9G/hKg27GyDRwNQDamivSWsZP3YN4ZGJu5YtFaDctzcoPNzaXcByeyHiTzY
mLf/dQR504i7rrP7dZGhaNPvEXA2UfYUN4cjDCHO44N9DmgGTBiZe/y8NYje9q6j
hKZAkGHFAKb1vHpPpjM7wFkSabYUoZdAJOBLx2sQGdjMsbNBOBWUHSkIbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1t+yYUEfE/BUNQCe2ItRKnSteBMB8GA1UdIwQY
MBaAFBY53b4P86GHDNtFUJjcQvrP1Un1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpuZHZnX3pvWWNNMjBWUW1OeEMtc19WU2ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xOWM4ODgtYTJiYi00YjZjLTgyMmUt
YzAwYTY0NmQ4MDMxLzEvVFczN0poUVI4VDhGUTFBSjdZaTFFcWRLMTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xOWM4ODgtYTJiYi00YjZjLTgyMmUtYzAwYTY0NmQ4MDMx
LzEvRmpuZHZnX3pvWWNNMjBWUW1OeEMtc19WU2ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF2OMA0G
CSqGSIb3DQEBCwUAA4IBAQBQW6XraFNYgxtEvK69YQBt0zcf1mVsKpIvGiu02VmP
CtML4LukKObsgPaL7g3JSNc5sK68iCyRXx1ybsptU+kNNu7XVb4ZVBKEfw5yjIe/
cN/s2S9GLmq/p2fFSTH4OprevL/zq3yvzWz8iKIrL1iRwwjeeRrnPBqgrSxqi4UH
xjkTuixJp+oVdtR62gQ6/Zdbc6MzXoP9HIEDTDh6jo8Odt0zxZm9t5e1Ora5sGRw
MzqDTXRcjFz2OltYtJ4lMLOY++KPZQCfxqp4X3aEaeuhOXW9Nk9NHFe7xHNKWDq8
Pg0M6I0pKZ9XE7tbviNUqvzsOjTtTw8dmSxg2fCXmwUL
-----END CERTIFICATE-----