Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa
File:                     AS401783.roa (raw, json)
Hash identifier:          xNJ+g/lUDniSaKjdceAAo3kbxTxWg4M1iBLeEyH1ruI=
Subject key identifier:   81:D8:C8:33:EB:C9:24:E9:04:FC:F9:40:A7:1B:32:1F:E4:CF:AA:C1
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       5AD1122F0479B4FAAF08DFEBB20852678CA6CC50
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa
Signing time:             Mon 11 Aug 2025 10:06:55 +0000
ROA not before:           Mon 11 Aug 2025 10:01:55 +0000
ROA not after:            Mon 10 Aug 2026 10:06:55 +0000
asID:                     401783
IP address blocks:        178.92.132.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Aug 2025 16:54:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:d1:12:2f:04:79:b4:fa:af:08:df:eb:b2:08:52:67:8c:a6:cc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Aug 11 10:01:55 2025 GMT
            Not After : Aug 10 10:06:55 2026 GMT
        Subject: CN=81D8C833EBC924E904FCF940A71B321FE4CFAAC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:94:ca:4d:ed:6b:95:c8:c2:b4:7d:c8:4c:ec:
                    44:ab:fc:3a:e4:5b:06:9a:73:fd:bb:45:4e:8f:c1:
                    57:61:82:c7:9f:8c:1f:b2:31:f4:df:a7:70:0b:14:
                    78:ec:e5:54:f3:64:89:ec:5b:b7:b7:db:1b:06:97:
                    50:cb:2a:46:b6:f6:33:93:47:bb:e7:89:7a:75:38:
                    2b:61:68:3b:fa:5d:c4:f3:0f:2f:92:38:65:f0:e5:
                    84:2d:91:83:6a:59:38:b1:a6:87:28:37:cd:eb:5d:
                    27:90:ee:66:97:10:c9:08:25:3c:4c:42:b9:01:6c:
                    90:2e:26:1c:9b:6a:5f:b0:bb:a2:b3:e6:94:ea:cc:
                    ba:3f:d9:8c:48:f8:3b:aa:b5:37:c2:1f:d9:a2:fa:
                    49:cd:18:e4:60:6d:38:2c:c2:34:d4:69:84:32:db:
                    ff:98:f8:23:b3:64:5a:19:bc:9a:a6:91:ca:83:9d:
                    20:ce:7d:a0:78:34:95:3c:5e:a7:12:f6:8e:46:fd:
                    46:bd:02:00:8d:36:dd:e9:8c:78:10:1d:a4:8b:7a:
                    28:52:33:49:26:76:9b:a1:f0:be:ec:d3:8b:b7:68:
                    27:fa:72:2d:15:c4:0b:4c:6f:81:15:29:c6:9f:5f:
                    01:1b:9d:c6:26:0b:bd:e8:bb:7e:bd:71:60:8c:48:
                    53:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:D8:C8:33:EB:C9:24:E9:04:FC:F9:40:A7:1B:32:1F:E4:CF:AA:C1
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS401783.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.92.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:b0:8f:f0:8b:51:2e:16:f0:01:e8:4d:ae:d5:81:1e:56:32:
         e9:75:df:7d:4f:48:e4:42:00:b1:40:68:26:e6:1d:be:17:1d:
         c3:b8:f4:16:a7:d4:44:d3:91:82:cd:d6:86:be:79:80:d7:14:
         cd:06:2c:27:82:97:08:76:94:b4:73:91:89:75:89:37:9e:0a:
         5a:5e:3b:43:48:57:87:b3:e4:ad:b7:e5:a3:2b:4e:ac:71:19:
         c1:b9:ad:08:18:1c:00:dd:e8:f6:13:9d:4e:87:97:a5:f2:6b:
         36:de:43:4f:0d:35:1f:00:eb:46:bf:12:85:14:d2:62:88:18:
         2d:7a:51:d4:fc:13:0b:6b:c8:1d:f2:35:27:8e:31:d8:13:ec:
         e4:0a:cb:11:b5:2b:c0:e3:84:5b:94:b3:d7:81:87:fc:4a:74:
         d6:78:53:80:ef:67:fa:93:b1:64:de:8c:db:9a:a7:77:dd:fd:
         b3:bb:2c:18:aa:09:17:5f:e9:86:64:51:e2:bc:74:1c:b6:9f:
         a4:87:11:49:43:97:5a:7c:61:d1:c1:63:f2:69:76:93:21:43:
         29:0f:d9:cf:41:88:22:e1:75:c9:f5:c1:6c:51:75:43:3a:68:
         2c:06:3c:20:f8:99:9d:f1:3d:07:8e:b0:66:43:a6:50:ff:22:
         ed:2e:3b:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWtESLwR5tPqvCN/rsghSZ4ymzFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTExMDAxNTVaFw0yNjA4MTAxMDA2NTVaMDMxMTAvBgNV
BAMTKDgxRDhDODMzRUJDOTI0RTkwNEZDRjk0MEE3MUIzMjFGRTRDRkFBQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCllMpN7WuVyMK0fchM7ESr/Drk
Wwaac/27RU6PwVdhgsefjB+yMfTfp3ALFHjs5VTzZInsW7e32xsGl1DLKka29jOT
R7vniXp1OCthaDv6XcTzDy+SOGXw5YQtkYNqWTixpocoN83rXSeQ7maXEMkIJTxM
QrkBbJAuJhybal+wu6Kz5pTqzLo/2YxI+DuqtTfCH9mi+knNGORgbTgswjTUaYQy
2/+Y+COzZFoZvJqmkcqDnSDOfaB4NJU8XqcS9o5G/Ua9AgCNNt3pjHgQHaSLeihS
M0kmdpuh8L7s04u3aCf6ci0VxAtMb4EVKcafXwEbncYmC73ou369cWCMSFPfAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUgdjIM+vJJOkE/PlApxsyH+TPqsEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDAxNzgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAslyE
MA0GCSqGSIb3DQEBCwUAA4IBAQB4sI/wi1EuFvAB6E2u1YEeVjLpdd99T0jkQgCx
QGgm5h2+Fx3DuPQWp9RE05GCzdaGvnmA1xTNBiwngpcIdpS0c5GJdYk3ngpaXjtD
SFeHs+Stt+WjK06scRnBua0IGBwA3ej2E51Oh5el8ms23kNPDTUfAOtGvxKFFNJi
iBgtelHU/BMLa8gd8jUnjjHYE+zkCssRtSvA44RblLPXgYf8SnTWeFOA72f6k7Fk
3ozbmqd33f2zuywYqgkXX+mGZFHivHQctp+khxFJQ5dafGHRwWPyaXaTIUMpD9nP
QYgi4XXJ9cFsUXVDOmgsBjwg+Jmd8T0HjrBmQ6ZQ/yLtLjse
-----END CERTIFICATE-----