Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS35179.roa
File:                     AS35179.roa (raw, json)
Hash identifier:          eW8a2efBOCWIgtI2PVbjO9biE7MOdSyoe58iWmuqcEs=
Subject key identifier:   4A:45:9E:83:F2:F0:59:FA:99:19:92:76:E4:FB:73:56:93:E2:10:BF
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       105C24B58106BE592B63DE2B8F34F5BCC28F3E95
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS35179.roa
Signing time:             Mon 25 Aug 2025 09:54:13 +0000
ROA not before:           Mon 25 Aug 2025 09:49:13 +0000
ROA not after:            Mon 24 Aug 2026 09:54:13 +0000
asID:                     35179
IP address blocks:        92.112.10.0/24 maxlen: 24
                          92.112.11.0/24 maxlen: 24
                          92.112.70.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 11 Sep 2025 11:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:5c:24:b5:81:06:be:59:2b:63:de:2b:8f:34:f5:bc:c2:8f:3e:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Aug 25 09:49:13 2025 GMT
            Not After : Aug 24 09:54:13 2026 GMT
        Subject: CN=4A459E83F2F059FA99199276E4FB735693E210BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1d:0e:26:be:cd:9d:7e:d1:7b:ce:88:45:0c:
                    9b:88:ed:93:89:b3:64:94:a4:9b:60:34:34:69:84:
                    3e:4d:7d:fa:03:58:df:0f:6d:e6:40:ae:20:bc:40:
                    c5:af:4c:d5:0f:8c:2a:bc:ed:0d:ec:b5:54:b3:08:
                    75:ac:0b:d6:26:ef:8f:4d:81:45:9b:94:8a:5a:d3:
                    f7:1c:65:3e:2e:47:31:a1:73:ff:b9:53:c8:cd:93:
                    df:ca:c6:10:b3:8a:04:3e:8a:26:1f:3c:40:cf:19:
                    3c:c9:b9:90:d5:f9:21:3d:54:32:f1:0d:f8:d5:1e:
                    ed:65:9a:3c:62:3f:5a:04:82:2a:75:da:fb:97:52:
                    f0:a4:3a:7b:af:fe:54:ba:da:d0:92:e3:ed:14:85:
                    93:4e:1a:2b:c1:89:ac:3b:bc:0f:05:c9:67:94:fa:
                    1a:26:3a:ce:ac:b2:26:50:5c:55:22:e6:83:e2:a5:
                    6c:14:49:8f:f8:74:4b:c2:be:2e:e2:13:da:64:ef:
                    19:0d:ce:4e:7c:60:03:d5:2d:65:64:a4:be:ae:39:
                    94:a1:5d:de:67:f0:36:fb:8a:85:32:85:45:14:65:
                    0f:7e:f0:7c:2c:7e:f8:41:93:b3:31:43:7f:e6:a8:
                    9c:75:c2:5c:38:0a:b6:6b:c2:8d:0f:fe:1c:56:f0:
                    bc:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:45:9E:83:F2:F0:59:FA:99:19:92:76:E4:FB:73:56:93:E2:10:BF
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS35179.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.10.0/23
                  92.112.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:73:a4:9e:36:dd:dc:13:2c:94:89:95:5e:88:99:f5:ce:be:
         f9:0c:ac:b5:91:25:8a:2f:b1:2d:95:e1:f2:73:14:82:d3:e5:
         de:68:d1:8c:88:30:a1:02:88:ab:35:81:f4:18:52:3f:48:3b:
         72:d1:6d:3a:fa:78:f7:9d:af:27:52:94:d7:73:dd:28:0a:fe:
         e4:e6:e1:bb:39:4a:d0:37:72:bc:b2:13:92:5b:2c:e3:e5:27:
         05:15:b0:47:42:87:5f:ba:20:59:19:f7:23:2a:c9:05:e6:97:
         cc:4a:06:70:d9:4e:28:48:a6:3c:e1:fb:1f:ab:b6:56:3a:e0:
         24:41:27:a6:47:04:3a:89:80:6e:a2:1f:cb:8b:85:b3:54:72:
         1c:6b:c7:27:d8:8b:27:53:02:cf:5a:a0:6d:2f:b3:04:b2:ef:
         73:85:df:14:b9:77:f0:29:14:26:56:b1:60:d2:57:dd:fd:67:
         2b:57:bc:96:58:40:c2:a3:40:11:f1:51:0d:d9:98:02:d9:c8:
         73:02:3c:06:2b:d6:81:9b:81:1f:90:bc:0a:7e:01:ec:0b:b9:
         54:9c:82:da:f6:87:82:07:b3:97:dd:db:d6:c6:af:a7:86:ac:
         c0:50:7f:c7:9b:24:30:bc:86:16:62:bc:06:4c:5d:3c:0f:72:
         6b:6d:6d:9e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUEFwktYEGvlkrY94rjzT1vMKPPpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MjUwOTQ5MTNaFw0yNjA4MjQwOTU0MTNaMDMxMTAvBgNV
BAMTKDRBNDU5RTgzRjJGMDU5RkE5OTE5OTI3NkU0RkI3MzU2OTNFMjEwQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdHQ4mvs2dftF7zohFDJuI7ZOJ
s2SUpJtgNDRphD5NffoDWN8PbeZAriC8QMWvTNUPjCq87Q3stVSzCHWsC9Ym749N
gUWblIpa0/ccZT4uRzGhc/+5U8jNk9/KxhCzigQ+iiYfPEDPGTzJuZDV+SE9VDLx
DfjVHu1lmjxiP1oEgip12vuXUvCkOnuv/lS62tCS4+0UhZNOGivBiaw7vA8FyWeU
+homOs6ssiZQXFUi5oPipWwUSY/4dEvCvi7iE9pk7xkNzk58YAPVLWVkpL6uOZSh
Xd5n8Db7ioUyhUUUZQ9+8HwsfvhBk7MxQ3/mqJx1wlw4CrZrwo0P/hxW8LzVAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUSkWeg/LwWfqZGZJ25PtzVpPiEL8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzUxNzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFccAoD
BABccEYwDQYJKoZIhvcNAQELBQADggEBAJ9zpJ423dwTLJSJlV6ImfXOvvkMrLWR
JYovsS2V4fJzFILT5d5o0YyIMKECiKs1gfQYUj9IO3LRbTr6ePedrydSlNdz3SgK
/uTm4bs5StA3cryyE5JbLOPlJwUVsEdCh1+6IFkZ9yMqyQXml8xKBnDZTihIpjzh
+x+rtlY64CRBJ6ZHBDqJgG6iH8uLhbNUchxrxyfYiydTAs9aoG0vswSy73OF3xS5
d/ApFCZWsWDSV939ZytXvJZYQMKjQBHxUQ3ZmALZyHMCPAYr1oGbgR+QvAp+AewL
uVScgtr2h4IHs5fd29bGr6eGrMBQf8ebJDC8hhZivAZMXTwPcmttbZ4=
-----END CERTIFICATE-----