Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/e5_v6xhlzRioNu7pPqcxgbio8VU.roa
File:                     e5_v6xhlzRioNu7pPqcxgbio8VU.roa (raw, json)
Hash identifier:          EvR0dlLjUmhrdpl6WksG3VAhbOibMVCgk2a2YuzEtmw=
Subject key identifier:   7B:9F:EF:EB:18:65:CD:18:A8:36:EE:E9:3E:A7:31:81:B8:A8:F1:55
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       019977FF9A05946E5BCF40E69A309F56F375
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/e5_v6xhlzRioNu7pPqcxgbio8VU.roa
Signing time:             Tue 23 Sep 2025 19:14:23 +0000
ROA not before:           Tue 23 Sep 2025 19:14:23 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     60542
IP address blocks:        45.139.9.0/24 maxlen: 24
                          91.243.119.0/24 maxlen: 24
                          194.180.209.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:77:ff:9a:05:94:6e:5b:cf:40:e6:9a:30:9f:56:f3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Sep 23 19:14:23 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7b9fefeb1865cd18a836eee93ea73181b8a8f155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cc:bf:04:97:6b:75:78:39:2e:dc:ba:c4:fe:
                    b5:06:20:97:8b:ab:56:4a:4d:fe:f2:44:1b:01:af:
                    6a:eb:ab:a6:4a:ec:03:93:a7:1b:9f:bd:19:3c:ee:
                    0f:8c:b6:43:d3:cd:ae:53:cb:6e:5c:4e:59:e7:7e:
                    9e:4a:34:42:36:76:c6:48:3c:31:85:11:65:47:e5:
                    d4:78:56:e8:2d:b8:70:1f:9b:8b:6a:be:46:85:69:
                    f7:8d:f2:06:36:e9:0a:9e:c2:64:db:a3:1a:18:04:
                    41:49:f0:3e:de:7c:62:0f:3d:5b:4b:69:fc:83:51:
                    80:5c:c8:ff:82:14:fb:5c:cb:17:6a:15:88:a4:75:
                    81:67:c3:1a:ef:c4:18:ca:41:5b:2b:9d:87:1d:dd:
                    87:ff:f2:6c:73:92:b3:43:f5:89:7f:ca:04:5f:ef:
                    77:87:27:5c:8f:e4:5e:5d:9d:dd:51:56:54:4b:52:
                    f8:0c:1f:71:16:9d:79:eb:9b:1c:5a:81:05:0a:d2:
                    fd:d1:87:5a:4d:da:a0:67:9b:cd:44:92:33:00:95:
                    5d:0a:3d:6e:b4:45:e0:34:46:88:1c:70:90:5e:d3:
                    9b:7c:31:e2:3f:43:4d:5f:4f:e2:13:8f:9a:60:39:
                    e4:ea:69:4b:67:af:44:e1:5d:81:68:a4:2b:88:de:
                    8a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:9F:EF:EB:18:65:CD:18:A8:36:EE:E9:3E:A7:31:81:B8:A8:F1:55
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/e5_v6xhlzRioNu7pPqcxgbio8VU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.9.0/24
                  91.243.119.0/24
                  194.180.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:c5:bb:e0:f8:2b:af:97:13:c7:e4:62:8c:41:7c:fa:43:f4:
         57:19:d6:59:4f:fb:84:12:12:c5:a6:47:e8:8e:d9:cc:25:0e:
         97:8f:11:b1:1d:d8:28:ec:be:11:3a:c0:1d:28:45:37:4c:f0:
         a5:77:b5:fe:8c:1a:25:e4:aa:71:2d:26:7f:19:a4:d4:4f:b9:
         8e:8d:fb:54:b2:63:01:27:55:83:bc:e3:41:ca:49:f6:0f:5f:
         6d:56:9c:18:e0:58:d7:cd:01:7b:f8:3f:26:74:ce:8d:30:04:
         ed:44:03:16:8e:d4:76:a2:65:d5:e6:aa:cb:d6:c3:73:a1:3b:
         03:4c:5c:f0:4d:68:48:90:98:cf:e0:03:6c:c7:e9:0e:eb:8e:
         34:39:49:f5:89:fc:00:f3:84:4d:32:cb:cd:c9:41:73:ef:0b:
         27:37:b2:ac:c5:78:29:8b:fe:d4:fd:5e:ce:0b:ae:6f:6a:a6:
         c2:21:c9:25:d0:d1:38:fd:7b:98:fa:ed:93:a8:a8:c8:b3:1f:
         13:3e:d3:9d:42:fd:0d:f6:d9:11:1c:3d:77:dc:49:66:99:b1:
         df:4f:d8:72:11:80:a8:01:64:a3:e1:29:4b:46:62:6a:65:80:
         63:e5:31:cd:00:82:62:81:50:f4:ca:e2:38:0e:57:4f:0a:f7:
         f3:c1:84:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZl3/5oFlG5bz0DmmjCfVvN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwOTIzMTkxNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjlmZWZlYjE4NjVjZDE4YTgzNmVlZTkzZWE3MzE4MWI4YThmMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsy/BJdrdXg5Lty6xP61BiCXi6tW
Sk3+8kQbAa9q66umSuwDk6cbn70ZPO4PjLZD082uU8tuXE5Z536eSjRCNnbGSDwx
hRFlR+XUeFboLbhwH5uLar5GhWn3jfIGNukKnsJk26MaGARBSfA+3nxiDz1bS2n8
g1GAXMj/ghT7XMsXahWIpHWBZ8Ma78QYykFbK52HHd2H//Jsc5KzQ/WJf8oEX+93
hydcj+ReXZ3dUVZUS1L4DB9xFp1565scWoEFCtL90YdaTdqgZ5vNRJIzAJVdCj1u
tEXgNEaIHHCQXtObfDHiP0NNX0/iE4+aYDnk6mlLZ69E4V2BaKQriN6KewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHuf7+sYZc0YqDbu6T6nMYG4qPFVMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvZTVfdjZ4aGx6UmlvTnU3cFBxY3hnYmlvOFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYsJAwQA
W/N3AwQAwrTRMA0GCSqGSIb3DQEBCwUAA4IBAQAGxbvg+CuvlxPH5GKMQXz6Q/RX
GdZZT/uEEhLFpkfojtnMJQ6XjxGxHdgo7L4ROsAdKEU3TPCld7X+jBol5KpxLSZ/
GaTUT7mOjftUsmMBJ1WDvONBykn2D19tVpwY4FjXzQF7+D8mdM6NMATtRAMWjtR2
omXV5qrL1sNzoTsDTFzwTWhIkJjP4ANsx+kO6440OUn1ifwA84RNMsvNyUFz7wsn
N7KsxXgpi/7U/V7OC65vaqbCIckl0NE4/XuY+u2TqKjIsx8TPtOdQv0N9tkRHD13
3ElmmbHfT9hyEYCoAWSj4SlLRmJqZYBj5THNAIJigVD0yuI4DldPCvfzwYT3
-----END CERTIFICATE-----