Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197359.roa
File:                     AS197359.roa (raw, json)
Hash identifier:          by7wAM9CQhGurfUVKOMNTr7tG7ck0eQSNt9TfuWALi8=
Subject key identifier:   4D:63:59:76:4E:A8:DA:CB:1F:36:C3:90:9A:D6:AC:C6:3D:11:CB:B4
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       66684E285C5242413CFB19B7BA3D9AF010301327
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197359.roa
Signing time:             Sun 24 May 2026 01:27:04 +0000
ROA not before:           Sun 24 May 2026 01:22:04 +0000
ROA not after:            Sun 23 May 2027 01:27:04 +0000
asID:                     197359
IP address blocks:        178.93.164.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:68:4e:28:5c:52:42:41:3c:fb:19:b7:ba:3d:9a:f0:10:30:13:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: May 24 01:22:04 2026 GMT
            Not After : May 23 01:27:04 2027 GMT
        Subject: CN=4D6359764EA8DACB1F36C3909AD6ACC63D11CBB4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:74:30:0f:c2:89:cc:7d:52:c2:7d:55:63:d8:
                    47:a8:85:01:c0:dc:27:29:25:8d:20:44:6c:41:4b:
                    8e:f1:1a:3e:4d:3d:29:55:76:f1:a7:f4:f8:ce:9e:
                    23:64:e9:9b:b5:e9:94:38:4a:b7:7d:83:d0:44:6d:
                    91:3b:28:64:d6:f8:32:21:a1:98:16:3e:fc:19:8b:
                    83:e4:49:85:cb:71:3b:ab:c6:d3:e4:4e:ea:85:d1:
                    0f:d9:57:65:48:d9:62:74:bc:6e:4f:40:04:b0:85:
                    47:8f:95:e1:1e:fe:e2:1d:c4:7f:13:ef:d6:69:93:
                    28:89:51:54:cf:d0:79:35:1f:7a:ec:9e:ba:8f:14:
                    98:5f:c9:8b:27:76:1e:77:38:e8:34:2f:8f:ca:5c:
                    31:27:bc:51:8f:77:53:9a:58:ef:fe:07:02:65:14:
                    41:80:f9:0f:a6:20:90:ed:e6:89:b1:68:d9:80:8f:
                    6f:15:53:13:ce:07:ac:5f:dc:6c:e9:4a:e5:52:57:
                    86:eb:4e:ab:e1:ed:ee:37:18:eb:2b:d4:b3:a3:08:
                    a1:27:16:95:a8:ab:c3:e5:f7:7c:3a:dd:cc:cc:c4:
                    a4:51:b6:53:ad:06:99:94:31:a4:b8:30:95:cf:8d:
                    ce:61:05:d4:33:54:37:a6:86:af:37:56:72:4e:d8:
                    36:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:63:59:76:4E:A8:DA:CB:1F:36:C3:90:9A:D6:AC:C6:3D:11:CB:B4
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS197359.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.93.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:79:b3:91:41:66:96:33:17:0f:96:25:32:2c:d8:bd:c9:db:
         cf:71:bc:48:34:b9:fa:bc:49:f9:99:d9:6a:7d:53:d5:09:3c:
         ce:e3:7a:40:41:37:2c:50:30:d0:0b:6e:a2:8e:a8:05:98:ac:
         4f:3a:f2:1b:57:d1:1d:1f:75:21:a1:35:3f:fb:10:d2:57:2d:
         82:0e:56:d6:bc:91:10:72:c7:69:a4:07:0a:95:6b:42:80:27:
         2e:5e:75:32:d5:47:d9:dd:c3:78:ff:05:60:3c:1a:2c:e2:d1:
         6d:ab:13:f9:bc:7c:7c:ed:ef:95:a5:97:3f:75:50:1a:c7:54:
         3e:ae:51:57:68:7e:41:3b:ae:00:fb:fd:63:5f:02:9e:b6:14:
         9d:f1:53:34:d3:96:a8:9a:a2:2e:88:7a:e9:de:49:11:ab:1a:
         b8:09:45:2f:73:e9:f4:ef:41:d2:33:43:ef:0b:21:4c:46:ea:
         c6:de:d5:80:a2:7f:e9:dd:5a:e0:9c:23:e1:08:b3:e8:7d:3e:
         7e:45:53:1a:20:7b:d8:e4:ba:05:9e:08:d7:20:10:13:7e:55:
         d6:64:f7:ca:06:f3:37:dc:8a:e6:89:7e:4c:04:66:f7:50:f3:
         6c:d1:01:cf:1d:bb:ec:b8:ea:2b:9f:75:ca:26:a9:de:78:43:
         fc:6d:2d:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZmhOKFxSQkE8+xm3uj2a8BAwEycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MjQwMTIyMDRaFw0yNzA1MjMwMTI3MDRaMDMxMTAvBgNV
BAMTKDRENjM1OTc2NEVBOERBQ0IxRjM2QzM5MDlBRDZBQ0M2M0QxMUNCQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEdDAPwonMfVLCfVVj2EeohQHA
3CcpJY0gRGxBS47xGj5NPSlVdvGn9PjOniNk6Zu16ZQ4Srd9g9BEbZE7KGTW+DIh
oZgWPvwZi4PkSYXLcTurxtPkTuqF0Q/ZV2VI2WJ0vG5PQASwhUePleEe/uIdxH8T
79ZpkyiJUVTP0Hk1H3rsnrqPFJhfyYsndh53OOg0L4/KXDEnvFGPd1OaWO/+BwJl
FEGA+Q+mIJDt5omxaNmAj28VUxPOB6xf3GzpSuVSV4brTqvh7e43GOsr1LOjCKEn
FpWoq8Pl93w63czMxKRRtlOtBpmUMaS4MJXPjc5hBdQzVDemhq83VnJO2DbfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUTWNZdk6o2ssfNsOQmtasxj0Ry7QwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk3MzU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsl2k
MA0GCSqGSIb3DQEBCwUAA4IBAQCdebORQWaWMxcPliUyLNi9ydvPcbxINLn6vEn5
mdlqfVPVCTzO43pAQTcsUDDQC26ijqgFmKxPOvIbV9EdH3UhoTU/+xDSVy2CDlbW
vJEQcsdppAcKlWtCgCcuXnUy1UfZ3cN4/wVgPBos4tFtqxP5vHx87e+VpZc/dVAa
x1Q+rlFXaH5BO64A+/1jXwKethSd8VM005aomqIuiHrp3kkRqxq4CUUvc+n070HS
M0PvCyFMRurG3tWAon/p3VrgnCPhCLPofT5+RVMaIHvY5LoFngjXIBATflXWZPfK
BvM33IrmiX5MBGb3UPNs0QHPHbvsuOorn3XKJqneeEP8bS39
-----END CERTIFICATE-----