Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/ReZmbzf0D7_MWTsNbfdEThbDaLU.roa
File:                     ReZmbzf0D7_MWTsNbfdEThbDaLU.roa (raw, json)
Hash identifier:          R6u5SdaRqCfaERd+n3VdGCqhbxaMzm3aRS6Q1XizVBk=
Subject key identifier:   45:E6:66:6F:37:F4:0F:BF:CC:59:3B:0D:6D:F7:44:4E:16:C3:68:B5
Certificate issuer:       /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial:       019DF8379D93CF1BE6379ADF1B27DCB75FD5
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/ReZmbzf0D7_MWTsNbfdEThbDaLU.roa
Signing time:             Tue 05 May 2026 12:58:07 +0000
ROA not before:           Tue 05 May 2026 12:58:07 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     210462
IP address blocks:        185.151.142.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:f8:37:9d:93:cf:1b:e6:37:9a:df:1b:27:dc:b7:5f:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
        Validity
            Not Before: May  5 12:58:07 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=45e6666f37f40fbfcc593b0d6df7444e16c368b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:06:23:bd:62:66:40:e9:62:ca:19:c1:8c:f4:
                    46:62:87:5a:fb:08:c3:3f:e0:4e:7b:a0:83:62:6e:
                    73:52:a4:47:ca:4a:75:31:c4:fd:e2:58:05:d5:e0:
                    da:3a:87:88:c7:6d:2c:13:1c:a2:fd:df:a9:10:6b:
                    d9:e6:e4:5a:16:4e:39:77:86:d0:2d:e0:b0:68:27:
                    a4:cc:57:fb:11:25:9b:e0:45:8a:6e:bd:e3:b0:22:
                    5a:99:22:8a:ac:60:eb:b2:d8:2f:e3:fb:3d:67:0e:
                    02:29:9e:6f:ec:68:b7:8e:16:85:66:e5:5f:c6:cf:
                    ae:4c:ff:0f:dd:c3:20:40:8f:75:2c:ec:57:94:f6:
                    f0:40:84:17:ac:0f:cb:a0:6a:5d:34:ce:f6:0f:41:
                    1e:c2:8a:8b:18:6d:d4:62:eb:5e:9c:45:1f:04:51:
                    be:73:17:ba:fc:27:ee:3a:ba:69:98:e2:cf:4b:d8:
                    d0:7e:b7:62:1c:75:7a:06:91:22:02:72:80:a8:42:
                    c4:2c:96:ad:e5:04:07:6b:ba:d1:8d:d0:a0:de:c7:
                    4f:43:c4:20:86:15:c4:26:3d:dc:8d:3a:fe:14:e7:
                    03:92:9b:68:17:d3:42:07:a1:11:8c:57:1b:cd:06:
                    a2:a7:ef:60:16:47:52:5d:39:ce:38:44:44:de:0a:
                    08:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:E6:66:6F:37:F4:0F:BF:CC:59:3B:0D:6D:F7:44:4E:16:C3:68:B5
            X509v3 Authority Key Identifier:
                keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/ReZmbzf0D7_MWTsNbfdEThbDaLU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:b3:8b:f6:48:0c:68:89:e7:ae:f1:04:a3:9f:a4:c2:b4:26:
         c6:d8:cc:54:41:29:bf:53:83:83:97:ba:b9:b5:b8:5b:8b:7a:
         f3:50:b9:1c:c8:59:c4:2c:4f:f1:a7:41:bc:fa:2d:58:a1:92:
         55:93:2c:02:75:fa:59:92:e2:4c:67:c1:21:5b:fa:7a:30:ba:
         81:7a:8b:e6:d8:b3:a4:6c:63:74:30:eb:64:ac:9b:67:09:44:
         cf:01:08:b8:2e:1b:32:91:bc:c4:9b:7f:44:a6:3a:bf:ed:38:
         3f:d9:ac:f4:7b:e9:90:53:98:d4:e9:17:ed:d7:31:af:a9:fd:
         64:c5:35:4d:13:bf:6a:54:9b:c7:c8:03:d0:38:67:05:0f:1b:
         34:0f:aa:c8:0c:42:49:d8:17:3c:54:dd:bb:62:3c:61:48:d3:
         6b:a7:79:6c:21:bf:5b:e5:59:db:7f:5b:4a:4a:fb:16:4b:c9:
         7c:b1:d7:d5:8c:f0:f6:86:a5:76:eb:95:d0:c9:8f:c6:98:7b:
         d1:2e:89:9b:67:1c:a7:73:95:8f:dc:62:0e:7e:58:0b:06:d1:
         62:b2:62:41:96:c4:b0:df:f6:d0:d1:87:c3:59:e9:c5:98:ad:
         4f:45:f9:31:7b:15:70:65:e8:6f:46:93:53:43:ec:7e:74:6c:
         53:2b:ff:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ34N52TzxvmN5rfGyfct1/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjYwNTA1MTI1ODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU2NjY2ZjM3ZjQwZmJmY2M1OTNiMGQ2ZGY3NDQ0ZTE2YzM2OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAYjvWJmQOliyhnBjPRGYoda+wjD
P+BOe6CDYm5zUqRHykp1McT94lgF1eDaOoeIx20sExyi/d+pEGvZ5uRaFk45d4bQ
LeCwaCekzFf7ESWb4EWKbr3jsCJamSKKrGDrstgv4/s9Zw4CKZ5v7Gi3jhaFZuVf
xs+uTP8P3cMgQI91LOxXlPbwQIQXrA/LoGpdNM72D0EewoqLGG3UYutenEUfBFG+
cxe6/CfuOrppmOLPS9jQfrdiHHV6BpEiAnKAqELELJat5QQHa7rRjdCg3sdPQ8Qg
hhXEJj3cjTr+FOcDkptoF9NCB6ERjFcbzQaip+9gFkdSXTnOOERE3goI5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXmZm839A+/zFk7DW33RE4Ww2i1MB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvUmVabWJ6ZjBEN19NV1RzTmJmZEVUaGJEYUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZeOMA0G
CSqGSIb3DQEBCwUAA4IBAQBms4v2SAxoieeu8QSjn6TCtCbG2MxUQSm/U4ODl7q5
tbhbi3rzULkcyFnELE/xp0G8+i1YoZJVkywCdfpZkuJMZ8EhW/p6MLqBeovm2LOk
bGN0MOtkrJtnCUTPAQi4LhsykbzEm39Epjq/7Tg/2az0e+mQU5jU6Rft1zGvqf1k
xTVNE79qVJvHyAPQOGcFDxs0D6rIDEJJ2Bc8VN27YjxhSNNrp3lsIb9b5Vnbf1tK
SvsWS8l8sdfVjPD2hqV265XQyY/GmHvRLombZxync5WP3GIOflgLBtFismJBlsSw
3/bQ0YfDWenFmK1PRfkxexVwZehvRpNTQ+x+dGxTK/+N
-----END CERTIFICATE-----