Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TbJKG6q1s8G8Bhyc_RWmVM9YRZ4.roa
File:                     TbJKG6q1s8G8Bhyc_RWmVM9YRZ4.roa (raw, json)
Hash identifier:          7UGSfM5q7545FXKuOZqCCYP1Ee06xuX3hKwjTi37dJo=
Subject key identifier:   4D:B2:4A:1B:AA:B5:B3:C1:BC:06:1C:9C:FD:15:A6:54:CF:58:45:9E
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       019CC36E8AB3CA0303B98A344EBBAC602933
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TbJKG6q1s8G8Bhyc_RWmVM9YRZ4.roa
Signing time:             Fri 06 Mar 2026 13:55:27 +0000
ROA not before:           Fri 06 Mar 2026 13:55:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     200269
IP address blocks:        81.181.144.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:c3:6e:8a:b3:ca:03:03:b9:8a:34:4e:bb:ac:60:29:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Mar  6 13:55:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4db24a1baab5b3c1bc061c9cfd15a654cf58459e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1c:4b:e6:24:a5:db:a1:64:75:80:3b:98:5c:
                    f8:85:8e:f5:72:53:80:8d:c3:4e:7c:3a:1d:57:5d:
                    3d:21:a9:c0:8a:6d:2d:f9:7d:90:cd:97:b5:15:12:
                    2b:17:cc:69:2d:da:48:a2:ba:7b:94:58:56:86:db:
                    28:34:2b:6c:01:f3:83:2b:99:4b:f0:a0:56:7b:72:
                    45:36:8d:81:a8:2b:b8:7e:a3:3e:8b:a7:b7:de:e9:
                    09:9e:63:74:ce:bb:37:6d:61:e3:42:55:fa:b2:15:
                    45:a0:b1:23:4b:ad:6d:b7:a8:9c:a8:3f:11:47:71:
                    09:ec:97:5f:8e:59:3c:f5:8b:33:64:16:bb:01:60:
                    79:e8:78:dc:ca:aa:88:41:65:01:0c:ca:16:b6:4a:
                    52:f2:fd:71:59:ed:0b:61:94:a6:16:88:6e:55:1b:
                    f7:1f:62:8d:cd:12:5a:f8:25:07:c3:bc:2d:53:55:
                    3c:1f:61:62:de:ab:bd:a5:5e:1f:13:77:cf:3a:13:
                    25:7c:35:c8:0b:64:52:ff:6d:5e:32:8d:79:30:40:
                    7c:cb:ea:cb:1c:04:bd:c2:a3:78:68:cd:26:b0:10:
                    cf:51:fc:bd:5c:0d:04:08:61:38:26:91:e5:40:68:
                    90:71:91:87:63:03:d2:26:5c:ab:9a:df:f7:96:89:
                    b7:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B2:4A:1B:AA:B5:B3:C1:BC:06:1C:9C:FD:15:A6:54:CF:58:45:9E
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TbJKG6q1s8G8Bhyc_RWmVM9YRZ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.181.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:9b:80:1c:9c:d7:31:9e:4f:3c:6a:9d:8e:9a:99:74:db:fb:
         9b:86:ab:87:de:dc:7a:74:44:4e:e8:54:33:09:11:19:17:0e:
         1b:3c:61:42:be:56:e5:1d:49:29:71:81:d7:2b:bf:b5:93:ef:
         3b:f1:6d:66:d7:e3:72:d2:62:e5:77:18:1f:85:59:2d:69:9a:
         55:cc:30:ec:49:36:ba:a8:c2:53:9c:20:77:4d:ae:1f:05:6f:
         74:b1:52:18:e1:46:79:b3:0f:59:66:6f:bd:d8:d1:ca:ba:be:
         02:de:11:77:0c:56:61:ee:87:d9:ee:0f:f6:2f:a0:c0:c2:d2:
         d8:a1:d5:ef:1c:db:73:f2:14:cd:dc:bc:d0:5c:71:02:20:1f:
         01:7e:11:ec:22:61:70:a9:46:8b:c6:8c:c2:a3:6c:52:0b:dd:
         b4:89:ea:38:e1:34:fc:d7:38:44:30:43:73:1e:d2:25:b3:71:
         c2:fe:d8:3e:70:73:04:1d:b0:f9:68:d4:2d:86:4c:8e:7f:c0:
         ad:52:22:9e:4b:20:b1:e8:04:5b:c4:7d:2f:51:b0:ae:af:34:
         12:9a:bf:20:93:ec:44:3f:4b:42:af:09:c3:e0:dd:fb:4f:e8:
         a9:69:51:97:43:3a:52:1f:8d:c0:57:f4:1b:0d:76:54:57:f3:
         34:c1:95:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzDboqzygMDuYo0TrusYCkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMzA2MTM1NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGIyNGExYmFhYjViM2MxYmMwNjFjOWNmZDE1YTY1NGNmNTg0NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxxL5iSl26FkdYA7mFz4hY71clOA
jcNOfDodV109IanAim0t+X2QzZe1FRIrF8xpLdpIorp7lFhWhtsoNCtsAfODK5lL
8KBWe3JFNo2BqCu4fqM+i6e33ukJnmN0zrs3bWHjQlX6shVFoLEjS61tt6icqD8R
R3EJ7Jdfjlk89YszZBa7AWB56HjcyqqIQWUBDMoWtkpS8v1xWe0LYZSmFohuVRv3
H2KNzRJa+CUHw7wtU1U8H2Fi3qu9pV4fE3fPOhMlfDXIC2RS/21eMo15MEB8y+rL
HAS9wqN4aM0msBDPUfy9XA0ECGE4JpHlQGiQcZGHYwPSJlyrmt/3lom3DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2yShuqtbPBvAYcnP0VplTPWEWeMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvVGJKS0c2cTFzOEc4Qmh5Y19SV21WTTlZUlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUbWQMA0G
CSqGSIb3DQEBCwUAA4IBAQCgm4AcnNcxnk88ap2Ompl02/ubhquH3tx6dERO6FQz
CREZFw4bPGFCvlblHUkpcYHXK7+1k+878W1m1+Ny0mLldxgfhVktaZpVzDDsSTa6
qMJTnCB3Ta4fBW90sVIY4UZ5sw9ZZm+92NHKur4C3hF3DFZh7ofZ7g/2L6DAwtLY
odXvHNtz8hTN3LzQXHECIB8BfhHsImFwqUaLxozCo2xSC920ieo44TT81zhEMENz
HtIls3HC/tg+cHMEHbD5aNQthkyOf8CtUiKeSyCx6ARbxH0vUbCurzQSmr8gk+xE
P0tCrwnD4N37T+ipaVGXQzpSH43AV/QbDXZUV/M0wZUa
-----END CERTIFICATE-----