Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa
File:                     AS31715.roa (raw, json)
Hash identifier:          vmfgtga1svaKEbzZfxP7vI7K8PhZeL1xeQ9jxNBhobE=
Subject key identifier:   62:B9:B7:08:6F:E4:35:DF:AA:34:84:99:DA:69:F3:5B:E6:11:44:3C
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       4868E6C38C95A5FD1951F908B8E93716313EE5F9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa
Signing time:             Mon 15 Sep 2025 12:07:40 +0000
ROA not before:           Mon 15 Sep 2025 12:02:40 +0000
ROA not after:            Mon 14 Sep 2026 12:07:40 +0000
asID:                     31715
IP address blocks:        95.134.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 16 Sep 2025 13:46:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:68:e6:c3:8c:95:a5:fd:19:51:f9:08:b8:e9:37:16:31:3e:e5:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Sep 15 12:02:40 2025 GMT
            Not After : Sep 14 12:07:40 2026 GMT
        Subject: CN=62B9B7086FE435DFAA348499DA69F35BE611443C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:05:1e:84:77:45:8e:45:ec:b9:60:1c:59:56:
                    7d:fb:54:e9:ea:e9:f2:ba:56:9e:b7:21:95:81:6b:
                    e8:2f:5c:a4:c1:01:d8:67:63:85:ed:c0:2c:e0:a4:
                    9e:22:6a:cb:8c:85:d8:e6:fd:13:4f:58:8c:4d:40:
                    6d:b1:52:65:3a:19:e0:32:8d:d0:4a:ed:be:a4:ee:
                    2b:b6:a6:36:f2:0f:88:6f:d5:2e:d4:51:15:a6:00:
                    1f:0d:7c:49:25:13:f1:36:73:12:85:84:57:59:d1:
                    1f:e8:16:d9:2d:65:8f:ec:e7:92:d7:83:9d:39:4e:
                    ee:6a:f0:aa:cd:5d:04:a3:ee:33:5e:c5:c1:ee:df:
                    cf:c1:cf:f2:0a:c4:8e:f9:55:85:66:31:6d:cf:9b:
                    8c:ab:1c:40:bf:92:22:e4:55:18:e0:f4:05:b4:58:
                    58:0c:a4:91:cd:26:54:8a:ab:bd:13:32:ea:b4:d8:
                    84:03:ef:99:45:da:bd:07:b7:db:e2:7a:8b:4e:b5:
                    64:ae:e9:3c:69:27:da:fb:50:14:7d:c3:d7:6a:62:
                    91:90:4b:a9:5c:3a:72:87:ae:10:23:a8:75:39:84:
                    55:57:ac:2c:1b:f6:33:f8:00:54:b3:46:9c:0e:1a:
                    e2:98:2e:53:b3:3a:cb:06:35:70:fb:a1:73:c8:46:
                    a1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B9:B7:08:6F:E4:35:DF:AA:34:84:99:DA:69:F3:5B:E6:11:44:3C
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS31715.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.134.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:f0:c1:26:49:4c:9d:4d:cb:46:b9:b4:95:c5:ff:e4:df:9c:
         92:5d:f0:67:e8:ea:96:7c:57:d3:07:28:bd:0a:a1:57:cd:c3:
         4a:38:67:6b:a7:bd:ef:26:be:cc:25:c3:82:74:b9:75:16:1b:
         89:dc:a5:7a:fd:8a:54:eb:f7:60:74:90:43:d2:af:20:19:fa:
         19:30:1c:25:29:c1:c9:dc:cf:73:bc:b0:e5:67:28:8e:42:18:
         a4:92:67:6e:d9:9e:f7:e3:a7:35:a9:aa:c0:b5:ca:4d:75:55:
         36:61:43:9e:30:b4:7c:17:b0:9f:45:48:8b:ff:0a:69:ce:f1:
         97:53:31:8d:14:cf:dc:ff:4b:b4:55:3e:af:2d:c3:6a:e7:89:
         a3:64:a3:a8:77:41:ba:da:c4:bf:45:87:e3:b2:69:96:f7:75:
         f2:b6:33:aa:f8:d9:9b:39:18:47:36:81:0c:a4:64:08:a3:c3:
         56:33:7c:f4:ec:f9:6a:87:dc:97:34:e6:18:b6:a0:12:5f:6f:
         76:48:da:d6:ed:c1:cd:19:a2:ab:da:bc:2e:42:d5:1a:8e:99:
         19:41:02:68:ea:04:4f:98:d9:b9:ce:6b:9f:45:72:14:bb:01:
         dc:b1:80:61:75:a0:94:7d:77:42:98:7f:bc:78:4b:08:37:9b:
         36:f4:8f:76
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUSGjmw4yVpf0ZUfkIuOk3FjE+5fkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA5MTUxMjAyNDBaFw0yNjA5MTQxMjA3NDBaMDMxMTAvBgNV
BAMTKDYyQjlCNzA4NkZFNDM1REZBQTM0ODQ5OURBNjlGMzVCRTYxMTQ0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtBR6Ed0WORey5YBxZVn37VOnq
6fK6Vp63IZWBa+gvXKTBAdhnY4XtwCzgpJ4iasuMhdjm/RNPWIxNQG2xUmU6GeAy
jdBK7b6k7iu2pjbyD4hv1S7UURWmAB8NfEklE/E2cxKFhFdZ0R/oFtktZY/s55LX
g505Tu5q8KrNXQSj7jNexcHu38/Bz/IKxI75VYVmMW3Pm4yrHEC/kiLkVRjg9AW0
WFgMpJHNJlSKq70TMuq02IQD75lF2r0Ht9vieotOtWSu6TxpJ9r7UBR9w9dqYpGQ
S6lcOnKHrhAjqHU5hFVXrCwb9jP4AFSzRpwOGuKYLlOzOssGNXD7oXPIRqH7AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUYrm3CG/kNd+qNISZ2mnzW+YRRDwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzE3MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABfhmMw
DQYJKoZIhvcNAQELBQADggEBAI3wwSZJTJ1Ny0a5tJXF/+TfnJJd8Gfo6pZ8V9MH
KL0KoVfNw0o4Z2unve8mvswlw4J0uXUWG4ncpXr9ilTr92B0kEPSryAZ+hkwHCUp
wcncz3O8sOVnKI5CGKSSZ27ZnvfjpzWpqsC1yk11VTZhQ54wtHwXsJ9FSIv/CmnO
8ZdTMY0Uz9z/S7RVPq8tw2rniaNko6h3QbraxL9Fh+OyaZb3dfK2M6r42Zs5GEc2
gQykZAijw1YzfPTs+WqH3Jc05hi2oBJfb3ZI2tbtwc0ZoqvavC5C1RqOmRlBAmjq
BE+Y2bnOa59FchS7AdyxgGF1oJR9d0KYf7x4Swg3mzb0j3Y=
-----END CERTIFICATE-----