Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53107.roa
File:                     AS53107.roa (raw, json)
Hash identifier:          jZ03hThpLwIpQprgEXozr8M8NpvF+F26k4cxKG2vttc=
Subject key identifier:   28:B9:AA:48:7E:67:B1:8A:62:52:67:DA:63:38:CD:56:EF:47:97:8F
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       11DADBC8C90FEAD59FB522056D47515FB19D72B4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53107.roa
Signing time:             Thu 07 May 2026 12:33:01 +0000
ROA not before:           Thu 07 May 2026 12:28:01 +0000
ROA not after:            Thu 06 May 2027 12:33:01 +0000
asID:                     53107
IP address blocks:        178.92.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 May 2026 08:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:da:db:c8:c9:0f:ea:d5:9f:b5:22:05:6d:47:51:5f:b1:9d:72:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: May  7 12:28:01 2026 GMT
            Not After : May  6 12:33:01 2027 GMT
        Subject: CN=28B9AA487E67B18A625267DA6338CD56EF47978F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f1:20:d8:d4:04:64:4a:d1:a4:30:df:ae:a3:
                    b0:58:72:46:24:58:35:61:57:3e:19:dc:f4:ef:9b:
                    3d:5c:3a:d8:99:f4:bb:3a:c3:8b:d3:b1:db:30:18:
                    7c:e5:e7:96:85:3e:c8:09:f0:0d:45:37:eb:ba:63:
                    df:84:40:7d:db:d8:79:3d:20:88:43:53:0c:c9:42:
                    a7:64:5f:6a:55:bf:db:cd:d3:4a:1a:b4:e8:f6:3f:
                    fa:de:0b:e7:53:62:f8:08:e5:ee:50:82:d1:a4:b1:
                    97:67:fb:a3:a7:82:d9:2c:bf:b9:ce:bf:51:21:e1:
                    b9:6c:b0:e2:88:5b:cb:dd:17:74:a1:ed:17:f8:56:
                    4b:a6:93:c9:47:3b:49:57:1c:3b:b9:89:70:08:a7:
                    08:ee:80:a1:ac:19:90:c2:35:a6:9e:30:f6:cd:64:
                    a5:42:1e:ff:b7:03:22:13:72:0c:44:6d:01:8b:c3:
                    d9:77:34:0a:4f:78:24:ae:62:77:5e:b4:f0:a0:23:
                    35:74:e1:9d:f9:65:87:4e:13:c2:11:49:ae:cf:fb:
                    ac:3d:18:16:1b:9b:06:4b:16:0e:2e:f4:6c:33:77:
                    ba:3a:4f:c9:7a:35:b6:18:2a:93:b8:e4:9b:bc:82:
                    b6:2b:fc:4e:d1:65:08:eb:25:8c:90:86:15:d8:8f:
                    13:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:B9:AA:48:7E:67:B1:8A:62:52:67:DA:63:38:CD:56:EF:47:97:8F
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS53107.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.92.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:db:06:6b:e7:01:1e:32:79:1a:77:59:6f:95:6f:29:de:9b:
         64:d8:40:8d:95:9d:e4:c5:12:69:9e:6b:f1:dd:c1:22:d2:17:
         44:50:45:be:e8:97:4e:44:42:4a:94:56:cd:e8:fe:40:33:78:
         b6:7f:b7:d2:68:b3:b4:27:fa:8d:06:73:21:0e:5b:6c:c0:c8:
         b0:43:c4:5e:35:14:ba:cb:e6:e2:3a:d8:6c:0e:6e:cd:da:2c:
         0f:de:0f:5a:ac:79:ce:cc:be:e1:98:9e:a5:4f:df:ca:f2:1f:
         d1:cf:af:3f:9a:ba:43:61:01:f0:ac:24:99:86:3c:6b:85:8a:
         40:bf:9b:d2:ad:79:1c:dd:e4:76:f5:ea:fd:81:c1:69:f9:51:
         5d:89:54:2e:0e:dd:8c:d6:13:90:4d:a3:cd:02:b8:1b:42:26:
         db:6f:e6:93:b5:46:ce:6a:2c:d0:93:0a:59:ea:77:27:59:ae:
         b1:a9:5d:d8:2d:ed:2d:b1:af:0a:4b:66:ab:37:84:24:51:64:
         ab:45:1d:8a:c4:e8:56:a6:b4:e8:98:99:09:49:49:02:a0:bf:
         40:f4:c6:8b:91:54:3e:5a:f1:6a:ac:f1:6d:a9:3e:41:ad:55:
         f4:a7:e6:ca:65:49:bd:b2:77:99:64:66:30:64:b9:88:a4:20:
         1e:e3:4b:5b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUEdrbyMkP6tWftSIFbUdRX7GdcrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDcxMjI4MDFaFw0yNzA1MDYxMjMzMDFaMDMxMTAvBgNV
BAMTKDI4QjlBQTQ4N0U2N0IxOEE2MjUyNjdEQTYzMzhDRDU2RUY0Nzk3OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB8SDY1ARkStGkMN+uo7BYckYk
WDVhVz4Z3PTvmz1cOtiZ9Ls6w4vTsdswGHzl55aFPsgJ8A1FN+u6Y9+EQH3b2Hk9
IIhDUwzJQqdkX2pVv9vN00oatOj2P/reC+dTYvgI5e5QgtGksZdn+6Ongtksv7nO
v1Eh4blssOKIW8vdF3Sh7Rf4Vkumk8lHO0lXHDu5iXAIpwjugKGsGZDCNaaeMPbN
ZKVCHv+3AyITcgxEbQGLw9l3NApPeCSuYndetPCgIzV04Z35ZYdOE8IRSa7P+6w9
GBYbmwZLFg4u9Gwzd7o6T8l6NbYYKpO45Ju8grYr/E7RZQjrJYyQhhXYjxPpAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUKLmqSH5nsYpiUmfaYzjNVu9Hl48wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTMxMDcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACyXMAw
DQYJKoZIhvcNAQELBQADggEBAEfbBmvnAR4yeRp3WW+Vbynem2TYQI2VneTFEmme
a/HdwSLSF0RQRb7ol05EQkqUVs3o/kAzeLZ/t9Jos7Qn+o0GcyEOW2zAyLBDxF41
FLrL5uI62GwObs3aLA/eD1qsec7MvuGYnqVP38ryH9HPrz+aukNhAfCsJJmGPGuF
ikC/m9KteRzd5Hb16v2BwWn5UV2JVC4O3YzWE5BNo80CuBtCJttv5pO1Rs5qLNCT
ClnqdydZrrGpXdgt7S2xrwpLZqs3hCRRZKtFHYrE6FamtOiYmQlJSQKgv0D0xouR
VD5a8Wqs8W2pPkGtVfSn5splSb2yd5lkZjBkuYikIB7jS1s=
-----END CERTIFICATE-----