Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8075.roa
File:                     AS8075.roa (raw, json)
Hash identifier:          +wGxwRHzCowLVwwwDjJ6UzLWWqMUNLThC6JCP6FgNb0=
Subject key identifier:   B4:93:A4:D9:45:5E:83:61:CC:B0:4B:D5:28:4F:57:57:21:C3:49:7E
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       6C212054A86D6E2C6440B892F59092D4D343A3E0
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8075.roa
Signing time:             Tue 12 Aug 2025 08:55:37 +0000
ROA not before:           Tue 12 Aug 2025 08:50:37 +0000
ROA not after:            Tue 11 Aug 2026 08:55:37 +0000
asID:                     8075
IP address blocks:        95.135.62.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Aug 2025 16:54:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:21:20:54:a8:6d:6e:2c:64:40:b8:92:f5:90:92:d4:d3:43:a3:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Aug 12 08:50:37 2025 GMT
            Not After : Aug 11 08:55:37 2026 GMT
        Subject: CN=B493A4D9455E8361CCB04BD5284F575721C3497E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:27:ba:7a:62:5e:a4:16:87:02:31:45:17:18:
                    e6:df:a6:ed:98:67:41:1f:19:b5:1d:ab:62:c4:27:
                    16:bb:1c:8d:99:65:a3:87:3a:13:6c:df:01:4a:4f:
                    cc:e5:ab:fa:38:36:18:b6:ee:39:2d:35:19:ba:18:
                    4e:13:ad:78:37:01:56:ff:cf:39:15:a4:6d:f9:1e:
                    09:93:6f:9e:5f:9f:58:b5:d0:f5:d3:fc:58:14:00:
                    94:b0:b0:df:fd:c7:3d:e4:aa:2c:5b:c8:9a:f2:58:
                    14:98:65:4b:9f:85:90:fa:e5:65:c4:12:14:6b:90:
                    f0:5d:62:89:55:52:53:12:6f:5d:e4:06:f6:dc:05:
                    de:73:ef:49:0c:30:0f:86:c4:91:81:42:1f:7c:ab:
                    22:dc:4c:66:a9:5c:85:0d:31:24:19:a2:ad:f1:0e:
                    a1:5d:57:df:c7:bf:51:39:17:43:38:10:f8:aa:db:
                    eb:7e:44:73:44:71:06:92:93:d3:c2:f5:f1:88:13:
                    f8:b7:90:a8:bb:8e:83:39:c8:50:a3:ea:2e:5f:24:
                    02:5b:50:fc:df:ec:14:09:41:12:0e:6e:14:59:ff:
                    12:92:6d:d7:7f:d1:6f:ef:39:cd:f4:cc:e9:b7:d2:
                    0a:ec:13:9d:54:95:47:0f:c8:a8:d9:a5:86:c5:3b:
                    6c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:93:A4:D9:45:5E:83:61:CC:B0:4B:D5:28:4F:57:57:21:C3:49:7E
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS8075.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.135.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:b3:c8:e0:e9:ee:24:fe:02:9a:70:b9:fd:da:68:95:fd:d2:
         76:16:14:d2:cf:59:13:b0:7c:ae:a8:95:57:db:a3:1a:70:54:
         48:93:43:db:9b:6a:87:67:22:58:40:59:11:d8:b6:33:35:f6:
         a6:df:b0:12:77:1f:90:1c:d4:76:55:84:ce:52:8a:bf:1a:71:
         c7:d7:30:2b:77:32:4f:03:70:ff:45:95:bf:60:2f:71:e0:bc:
         fe:11:1e:da:a6:db:11:b7:fe:58:83:96:2f:34:53:b6:8a:e6:
         56:89:5e:ae:e2:c1:40:34:66:47:37:f9:42:98:2a:b1:d1:fa:
         ca:d5:f7:28:b3:5b:cb:33:f8:37:60:59:e8:72:37:d9:9d:f3:
         f3:56:03:d7:04:6e:23:a9:2c:5f:af:3a:be:85:2f:90:97:dc:
         f4:ac:e2:58:4e:c1:de:2d:0b:99:4f:4f:6b:a2:3e:a2:2f:fa:
         10:aa:cf:7e:e9:b2:9a:9c:c5:ca:e5:7c:5e:9b:98:66:c8:33:
         7f:81:72:ba:99:3c:d3:ca:48:6d:ba:55:e2:b6:1a:e3:89:fe:
         29:8b:d2:de:e2:53:0d:c3:ef:18:c1:63:9c:f2:5b:a2:61:58:
         9d:29:00:e1:50:12:db:d2:a5:29:15:a3:0a:74:73:ea:4d:22:
         87:e0:d9:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUbCEgVKhtbixkQLiS9ZCS1NNDo+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA4MTIwODUwMzdaFw0yNjA4MTEwODU1MzdaMDMxMTAvBgNV
BAMTKEI0OTNBNEQ5NDU1RTgzNjFDQ0IwNEJENTI4NEY1NzU3MjFDMzQ5N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJ7p6Yl6kFocCMUUXGObfpu2Y
Z0EfGbUdq2LEJxa7HI2ZZaOHOhNs3wFKT8zlq/o4Nhi27jktNRm6GE4TrXg3AVb/
zzkVpG35HgmTb55fn1i10PXT/FgUAJSwsN/9xz3kqixbyJryWBSYZUufhZD65WXE
EhRrkPBdYolVUlMSb13kBvbcBd5z70kMMA+GxJGBQh98qyLcTGapXIUNMSQZoq3x
DqFdV9/Hv1E5F0M4EPiq2+t+RHNEcQaSk9PC9fGIE/i3kKi7joM5yFCj6i5fJAJb
UPzf7BQJQRIObhRZ/xKSbdd/0W/vOc30zOm30grsE51UlUcPyKjZpYbFO2xxAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUtJOk2UVeg2HMsEvVKE9XVyHDSX4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTODA3NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV+HPjAN
BgkqhkiG9w0BAQsFAAOCAQEAn7PI4OnuJP4CmnC5/dpolf3SdhYU0s9ZE7B8rqiV
V9ujGnBUSJND25tqh2ciWEBZEdi2MzX2pt+wEncfkBzUdlWEzlKKvxpxx9cwK3cy
TwNw/0WVv2AvceC8/hEe2qbbEbf+WIOWLzRTtormVoleruLBQDRmRzf5QpgqsdH6
ytX3KLNbyzP4N2BZ6HI32Z3z81YD1wRuI6ksX686voUvkJfc9KziWE7B3i0LmU9P
a6I+oi/6EKrPfumympzFyuV8XpuYZsgzf4Fyupk808pIbbpV4rYa44n+KYvS3uJT
DcPvGMFjnPJbomFYnSkA4VAS29KlKRWjCnRz6k0ih+DZXg==
-----END CERTIFICATE-----