Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/WWtCrJTOa2fdz1x4NrejDaidA4c.roa
File:                     WWtCrJTOa2fdz1x4NrejDaidA4c.roa (raw, json)
Hash identifier:          bNRJCU/5ggmed8Sa2EXYIbSVMg5Nfmrhzw8GYsZOcgY=
Subject key identifier:   59:6B:42:AC:94:CE:6B:67:DD:CF:5C:78:36:B7:A3:0D:A8:9D:03:87
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0199DE12CD289722374EB1F22C65FD2F00C6
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/WWtCrJTOa2fdz1x4NrejDaidA4c.roa
Signing time:             Mon 13 Oct 2025 14:56:38 +0000
ROA not before:           Mon 13 Oct 2025 14:56:38 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     210976
IP address blocks:        81.31.244.0/24 maxlen: 24
                          81.31.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:de:12:cd:28:97:22:37:4e:b1:f2:2c:65:fd:2f:00:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Oct 13 14:56:38 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=596b42ac94ce6b67ddcf5c7836b7a30da89d0387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:8b:b0:f9:b5:bc:49:b5:ab:14:4b:0d:73:df:
                    b4:b8:33:ba:c5:1a:a5:50:ab:d1:41:c2:ee:31:b1:
                    d0:18:96:fd:34:f6:52:ce:fe:59:30:01:33:d2:2c:
                    fb:9b:00:22:6b:af:b4:0e:93:8a:bd:9d:72:32:6b:
                    47:3f:9d:5f:0a:f2:85:a8:d5:61:da:e3:b8:98:77:
                    bc:6e:3d:3b:96:4b:c5:d8:ae:6c:4e:6e:6d:dd:29:
                    13:10:1b:df:30:96:bf:0a:ce:0b:80:b6:00:75:86:
                    ec:33:5d:2d:49:cc:04:1b:85:e4:02:a7:a7:a6:96:
                    e8:a5:10:dc:da:fd:c5:ed:61:87:38:a4:69:1e:b0:
                    22:35:c3:76:c5:8a:0d:98:33:a8:3c:35:f5:69:62:
                    b2:56:9f:cd:69:67:59:a2:26:18:82:fa:ed:fd:13:
                    a2:04:d8:3d:e5:b3:a5:e5:29:f1:5e:d5:97:04:21:
                    8a:76:7a:da:c1:4e:4c:e7:3b:82:82:e7:82:01:91:
                    39:18:90:15:bd:9d:61:94:1f:6e:42:b0:57:d0:07:
                    c6:de:df:22:f0:de:bc:e1:61:63:89:07:73:ca:0e:
                    4e:cf:c6:72:00:b1:c0:a9:90:77:e8:3b:95:4e:06:
                    ab:b9:01:cc:40:f1:69:b8:aa:0c:a0:9b:3c:e2:0f:
                    e9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:6B:42:AC:94:CE:6B:67:DD:CF:5C:78:36:B7:A3:0D:A8:9D:03:87
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/WWtCrJTOa2fdz1x4NrejDaidA4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:46:52:78:10:8e:76:95:1b:98:35:30:13:45:4a:30:15:63:
         98:72:ff:14:dc:28:0f:10:d9:2b:3f:24:83:f2:f7:a4:5b:b5:
         ea:15:9d:23:58:11:dc:6f:ca:5c:7d:e6:e4:ca:b2:75:a4:c9:
         6b:ca:86:57:f7:16:31:93:97:49:c4:29:62:72:65:0b:47:d9:
         72:27:1c:82:61:0e:df:9b:7c:78:30:31:97:79:9c:13:39:f4:
         0c:ff:a9:79:be:aa:47:8c:78:1d:66:32:39:78:2e:44:48:7f:
         0e:a3:5f:46:ab:b8:1c:e1:7f:6e:1d:7a:cd:b9:d1:b3:4c:a8:
         39:62:bc:29:9c:e4:04:bf:a7:dc:07:7a:0c:c6:f9:a6:0a:87:
         d3:c7:b3:30:1d:f3:fc:79:8d:6e:9a:80:ec:0f:26:7e:4a:0d:
         e3:ad:99:66:b4:c3:d0:e9:55:0e:2d:cb:ba:ea:09:19:f7:89:
         5d:e7:a1:27:df:8a:c6:9d:98:6f:ec:13:7e:fe:b7:0c:de:92:
         57:76:a8:9e:b9:d7:bc:31:39:89:5f:cd:0e:2a:9a:c0:51:88:
         b2:8c:f9:ea:d1:05:0e:84:b0:ed:b1:cb:24:c4:ca:e1:f4:49:
         f2:22:b6:2e:85:17:3e:5a:58:9b:c5:24:be:1c:2f:8d:68:70:
         fe:c9:b5:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZneEs0olyI3TrHyLGX9LwDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjUxMDEzMTQ1NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTZiNDJhYzk0Y2U2YjY3ZGRjZjVjNzgzNmI3YTMwZGE4OWQwMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34uw+bW8SbWrFEsNc9+0uDO6xRql
UKvRQcLuMbHQGJb9NPZSzv5ZMAEz0iz7mwAia6+0DpOKvZ1yMmtHP51fCvKFqNVh
2uO4mHe8bj07lkvF2K5sTm5t3SkTEBvfMJa/Cs4LgLYAdYbsM10tScwEG4XkAqen
ppbopRDc2v3F7WGHOKRpHrAiNcN2xYoNmDOoPDX1aWKyVp/NaWdZoiYYgvrt/ROi
BNg95bOl5SnxXtWXBCGKdnrawU5M5zuCgueCAZE5GJAVvZ1hlB9uQrBX0AfG3t8i
8N684WFjiQdzyg5Oz8ZyALHAqZB36DuVTgaruQHMQPFpuKoMoJs84g/pKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlrQqyUzmtn3c9ceDa3ow2onQOHMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvV1d0Q3JKVE9hMmZkejF4NE5yZWpEYWlkQTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUR/0MA0G
CSqGSIb3DQEBCwUAA4IBAQBIRlJ4EI52lRuYNTATRUowFWOYcv8U3CgPENkrPySD
8vekW7XqFZ0jWBHcb8pcfebkyrJ1pMlryoZX9xYxk5dJxClicmULR9lyJxyCYQ7f
m3x4MDGXeZwTOfQM/6l5vqpHjHgdZjI5eC5ESH8Oo19Gq7gc4X9uHXrNudGzTKg5
YrwpnOQEv6fcB3oMxvmmCofTx7MwHfP8eY1umoDsDyZ+Sg3jrZlmtMPQ6VUOLcu6
6gkZ94ld56En34rGnZhv7BN+/rcM3pJXdqieude8MTmJX80OKprAUYiyjPnq0QUO
hLDtscskxMrh9EnyIrYuhRc+WlibxSS+HC+NaHD+ybW8
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:55 2025 by rpki-client