Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64315.roa
File:                     AS64315.roa (raw, json)
Hash identifier:          9w9zK+i3btCJWnywBGngs+PZljCTBnwQmfw5obPZqIo=
Subject key identifier:   89:37:7F:2D:47:04:F9:26:C3:83:63:47:71:49:44:D7:43:21:3D:28
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       5A49BAA2659EACCA0668887D5F24879121644BB7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64315.roa
Signing time:             Sun 17 Aug 2025 02:38:25 +0000
ROA not before:           Sun 17 Aug 2025 02:33:25 +0000
ROA not after:            Sun 16 Aug 2026 02:38:25 +0000
asID:                     64315
IP address blocks:        178.92.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Aug 2025 16:54:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:49:ba:a2:65:9e:ac:ca:06:68:88:7d:5f:24:87:91:21:64:4b:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Aug 17 02:33:25 2025 GMT
            Not After : Aug 16 02:38:25 2026 GMT
        Subject: CN=89377F2D4704F926C3836347714944D743213D28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5a:42:83:f8:59:d5:ac:db:e0:7b:8a:fd:73:
                    72:69:b9:92:0c:ac:4e:2b:df:15:f5:83:13:dc:84:
                    c1:b1:67:c5:42:a5:cf:1b:c5:31:04:d1:55:69:80:
                    5d:3c:71:32:c3:2e:34:19:df:9c:2e:8c:25:57:40:
                    8d:91:a0:30:68:d5:a4:4a:76:de:18:ae:0a:9d:b4:
                    34:47:37:d8:70:fa:3a:b5:f5:a5:7a:d2:ea:03:63:
                    b8:9d:48:c5:b6:e5:c6:a1:1e:8f:2f:bb:f8:2d:cf:
                    b2:75:b8:a3:2a:b5:1f:11:73:b8:e8:97:36:ae:91:
                    c9:3e:a1:5c:84:76:3f:9c:43:f0:ef:86:43:60:46:
                    04:ac:47:61:13:22:b6:da:2e:5f:fa:8e:4b:0c:66:
                    d8:4b:1d:5e:f2:04:c9:5b:d0:95:6b:9b:29:5c:34:
                    9d:b0:03:4a:f3:68:c4:a2:6f:91:3d:9f:92:3c:9d:
                    4a:d0:ad:d4:f0:7f:a3:7f:4e:c2:66:2e:2f:cb:a6:
                    bc:fa:0a:43:ea:34:1b:cc:d4:ab:df:a7:12:dc:7a:
                    c3:ef:1e:ca:11:23:1e:c5:31:05:73:81:cd:81:2b:
                    e3:6a:c5:f8:4a:35:51:12:ef:a4:22:1a:f9:41:2e:
                    be:f5:33:fd:5e:0d:b3:2f:78:e0:e5:df:ae:54:86:
                    5e:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:37:7F:2D:47:04:F9:26:C3:83:63:47:71:49:44:D7:43:21:3D:28
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS64315.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.92.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:30:4c:4d:62:2e:18:ae:b1:f2:bf:b1:45:c6:04:ba:c0:ad:
         8b:f7:37:75:b6:85:dc:5e:e6:01:b0:32:11:41:37:ff:67:17:
         84:3d:b3:37:99:20:64:b4:bd:56:c9:8b:5f:05:dc:08:26:b6:
         f2:91:ae:0c:3e:65:ad:68:f8:fe:1d:41:b1:27:dc:e0:47:32:
         57:4d:0b:52:64:3c:81:7e:36:fa:1d:3b:82:ee:c1:7e:ed:75:
         4b:97:f0:1d:a2:69:dc:9e:cc:41:54:c0:29:3f:71:28:9a:b1:
         d6:51:65:b4:7f:86:b3:97:4b:0f:55:9d:3a:bf:5a:e5:84:ec:
         fa:64:26:93:0d:82:1b:f5:3e:53:2e:a8:0e:b6:1b:64:bf:f8:
         b6:04:c7:d5:b1:f5:e4:1a:17:4d:dc:4f:72:1c:0c:11:c8:b8:
         9d:b0:70:7e:90:cc:90:48:66:aa:64:e9:fa:0f:6f:0b:c9:1f:
         e1:ed:2c:58:e9:46:59:a0:75:af:c7:05:5a:3e:0e:75:79:b9:
         3d:53:2f:40:89:35:c7:91:57:1a:22:93:24:0f:67:ee:28:53:
         cf:3d:42:bd:6f:4f:6a:1e:2a:0c:a3:31:98:09:3b:b6:af:96:
         13:48:39:ad:a8:c4:f4:41:73:de:01:c2:e3:3b:30:9a:c5:cf:
         d4:30:3a:79
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWkm6omWerMoGaIh9XySHkSFkS7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTcwMjMzMjVaFw0yNjA4MTYwMjM4MjVaMDMxMTAvBgNV
BAMTKDg5Mzc3RjJENDcwNEY5MjZDMzgzNjM0NzcxNDk0NEQ3NDMyMTNEMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3WkKD+FnVrNvge4r9c3JpuZIM
rE4r3xX1gxPchMGxZ8VCpc8bxTEE0VVpgF08cTLDLjQZ35wujCVXQI2RoDBo1aRK
dt4YrgqdtDRHN9hw+jq19aV60uoDY7idSMW25cahHo8vu/gtz7J1uKMqtR8Rc7jo
lzaukck+oVyEdj+cQ/DvhkNgRgSsR2ETIrbaLl/6jksMZthLHV7yBMlb0JVrmylc
NJ2wA0rzaMSib5E9n5I8nUrQrdTwf6N/TsJmLi/Lprz6CkPqNBvM1KvfpxLcesPv
HsoRIx7FMQVzgc2BK+NqxfhKNVES76QiGvlBLr71M/1eDbMveODl365Uhl71AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUiTd/LUcE+SbDg2NHcUlE10MhPSgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjQzMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACyXAEw
DQYJKoZIhvcNAQELBQADggEBAJIwTE1iLhiusfK/sUXGBLrArYv3N3W2hdxe5gGw
MhFBN/9nF4Q9szeZIGS0vVbJi18F3AgmtvKRrgw+Za1o+P4dQbEn3OBHMldNC1Jk
PIF+NvodO4LuwX7tdUuX8B2iadyezEFUwCk/cSiasdZRZbR/hrOXSw9VnTq/WuWE
7PpkJpMNghv1PlMuqA62G2S/+LYEx9Wx9eQaF03cT3IcDBHIuJ2wcH6QzJBIZqpk
6foPbwvJH+HtLFjpRlmgda/HBVo+DnV5uT1TL0CJNceRVxoikyQPZ+4oU889Qr1v
T2oeKgyjMZgJO7avlhNIOa2oxPRBc94BwuM7MJrFz9QwOnk=
-----END CERTIFICATE-----