Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa
File:                     AS29802.roa (raw, json)
Hash identifier:          4YE7Lsw39/6pVCkAaJk/1r4v10Qs9BiXMGD1HcTF/tk=
Subject key identifier:   9C:72:F0:74:EB:98:18:C0:AD:D5:C5:D4:9B:3D:6D:7F:5A:A1:15:0E
Certificate issuer:       /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial:       0773C1AE235E2872F0F660FF20DCBF0B6FC2B9BD
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa
Signing time:             Mon 04 Aug 2025 14:01:04 +0000
ROA not before:           Mon 04 Aug 2025 13:56:04 +0000
ROA not after:            Mon 03 Aug 2026 14:01:04 +0000
asID:                     29802
IP address blocks:        45.154.106.0/24 maxlen: 24
                          193.176.129.0/24 maxlen: 24
                          194.147.6.0/24 maxlen: 24
                          194.147.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Aug 2025 08:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:73:c1:ae:23:5e:28:72:f0:f6:60:ff:20:dc:bf:0b:6f:c2:b9:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
        Validity
            Not Before: Aug  4 13:56:04 2025 GMT
            Not After : Aug  3 14:01:04 2026 GMT
        Subject: CN=9C72F074EB9818C0ADD5C5D49B3D6D7F5AA1150E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:a6:46:85:12:b8:13:c6:dd:78:55:fe:43:ff:
                    52:00:bc:fa:6e:09:14:9a:68:61:c4:e6:c3:66:e9:
                    1d:ed:a6:bc:01:18:bb:64:c7:27:b8:b5:a3:2d:26:
                    03:70:c0:25:6e:b1:ed:0d:dc:21:2c:7a:78:36:0d:
                    ac:b2:b6:64:0a:34:49:ec:eb:82:10:3d:d0:3c:15:
                    16:07:ae:34:a2:ad:44:43:8c:53:3c:45:e6:49:8f:
                    02:12:00:f5:18:6c:96:cc:e4:cd:e9:11:58:5f:06:
                    db:89:8a:2f:64:f5:15:f7:b9:45:f4:18:98:7c:2c:
                    98:6c:99:7b:83:65:84:6b:1e:8d:0f:8d:cb:a3:14:
                    8f:10:e7:cd:5f:c7:a4:ad:fa:49:83:b9:e2:f0:68:
                    68:65:8b:b9:35:16:fe:31:8a:0f:11:18:c5:57:34:
                    7c:ab:8d:c2:8b:8d:4e:64:80:e5:65:36:b9:32:f9:
                    e9:a7:d1:2d:89:69:2c:ed:23:9b:0a:b0:d6:9a:0b:
                    89:a0:cc:90:d6:4f:a3:c1:63:4c:8c:ca:cd:47:3e:
                    61:c1:d4:43:6f:43:83:1e:8a:3b:48:f2:a3:01:13:
                    de:1c:17:f5:68:e8:77:49:78:ca:80:b9:1f:9a:98:
                    13:e1:a5:df:73:9d:38:32:19:0a:34:48:e1:17:2d:
                    2b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:72:F0:74:EB:98:18:C0:AD:D5:C5:D4:9B:3D:6D:7F:5A:A1:15:0E
            X509v3 Authority Key Identifier:
                keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS29802.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.106.0/24
                  193.176.129.0/24
                  194.147.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         aa:43:9d:ae:ec:eb:7b:33:a9:29:15:b8:20:ad:bd:91:ea:c3:
         e5:57:3e:98:b1:90:db:de:03:18:82:5d:af:57:4d:6a:ca:9d:
         3a:56:46:71:48:95:44:44:cd:ca:55:a5:6b:f0:23:3d:0f:c1:
         99:93:d5:5e:c3:2f:1a:5c:40:16:2f:e4:f3:12:3c:62:77:4f:
         a1:1a:ac:48:96:9c:34:1c:71:b3:24:01:44:f2:70:0e:a0:be:
         b9:ba:84:04:93:0f:65:10:d9:fc:61:7f:a8:e0:97:15:b9:f4:
         76:f5:6f:7a:1a:5c:4a:49:5c:3a:79:4b:18:02:97:33:c6:95:
         67:7b:c8:3f:29:c8:48:0e:b9:30:cf:a8:df:df:65:c3:f4:32:
         24:82:3d:bb:fe:37:a3:a0:41:e2:e7:ca:ad:ee:a8:49:6b:ab:
         81:91:bf:90:32:3e:24:a6:f9:de:0a:aa:f8:86:d5:36:53:f1:
         fa:32:0f:d0:a3:a3:a0:09:54:c2:3b:9e:7a:65:87:d4:ae:14:
         df:5a:35:3b:4c:0f:d6:4b:a1:48:93:3b:04:ec:f6:77:ac:66:
         df:33:88:d3:03:f5:19:64:b2:7e:d4:0d:f1:83:a1:7d:a9:fa:
         02:72:d2:3e:bc:96:38:ba:be:f5:ba:1c:51:48:62:26:73:ff:
         65:78:74:50
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUB3PBriNeKHLw9mD/INy/C2/Cub0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA4MDQxMzU2MDRaFw0yNjA4MDMxNDAxMDRaMDMxMTAvBgNV
BAMTKDlDNzJGMDc0RUI5ODE4QzBBREQ1QzVENDlCM0Q2RDdGNUFBMTE1MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLpkaFErgTxt14Vf5D/1IAvPpu
CRSaaGHE5sNm6R3tprwBGLtkxye4taMtJgNwwCVuse0N3CEseng2DayytmQKNEns
64IQPdA8FRYHrjSirURDjFM8ReZJjwISAPUYbJbM5M3pEVhfBtuJii9k9RX3uUX0
GJh8LJhsmXuDZYRrHo0PjcujFI8Q581fx6St+kmDueLwaGhli7k1Fv4xig8RGMVX
NHyrjcKLjU5kgOVlNrky+emn0S2JaSztI5sKsNaaC4mgzJDWT6PBY0yMys1HPmHB
1ENvQ4MeijtI8qMBE94cF/Vo6HdJeMqAuR+amBPhpd9znTgyGQo0SOEXLSufAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUnHLwdOuYGMCt1cXUmz1tf1qhFQ4wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAtmmoD
BADBsIEDBAHCkwYwDQYJKoZIhvcNAQELBQADggEBAKpDna7s63szqSkVuCCtvZHq
w+VXPpixkNveAxiCXa9XTWrKnTpWRnFIlUREzcpVpWvwIz0PwZmT1V7DLxpcQBYv
5PMSPGJ3T6EarEiWnDQccbMkAUTycA6gvrm6hASTD2UQ2fxhf6jglxW59Hb1b3oa
XEpJXDp5SxgClzPGlWd7yD8pyEgOuTDPqN/fZcP0MiSCPbv+N6OgQeLnyq3uqElr
q4GRv5AyPiSm+d4KqviG1TZT8foyD9Cjo6AJVMI7nnplh9SuFN9aNTtMD9ZLoUiT
OwTs9nesZt8ziNMD9Rlksn7UDfGDoX2p+gJy0j68lji6vvW6HFFIYiZz/2V4dFA=
-----END CERTIFICATE-----