Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/4MTCoZyyEtH_vzMsUYNakC4E7C0.roa
File:                     4MTCoZyyEtH_vzMsUYNakC4E7C0.roa (raw, json)
Hash identifier:          BTIVteP/7TKIeEXWkihlgppxA5PBx1UODmPt55wHJSA=
Subject key identifier:   E0:C4:C2:A1:9C:B2:12:D1:FF:BF:33:2C:51:83:5A:90:2E:04:EC:2D
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0198C10284AD637C5A59BD8BE830D177FC17
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/4MTCoZyyEtH_vzMsUYNakC4E7C0.roa
Signing time:             Tue 19 Aug 2025 06:27:04 +0000
ROA not before:           Tue 19 Aug 2025 06:27:04 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     206781
IP address blocks:        178.253.227.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:c1:02:84:ad:63:7c:5a:59:bd:8b:e8:30:d1:77:fc:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Aug 19 06:27:04 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e0c4c2a19cb212d1ffbf332c51835a902e04ec2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:35:db:e9:77:c1:da:36:a3:6b:18:b4:28:b9:
                    bf:c9:b8:f7:59:99:08:ec:0b:71:23:6a:e9:2d:db:
                    e8:bf:b6:ad:7c:71:ba:0d:10:96:19:5f:b0:e5:20:
                    b4:9a:25:cc:f0:07:65:b1:a9:51:ea:a2:fc:4a:70:
                    4a:ea:d2:e9:de:bf:19:ca:4d:ab:fc:a8:19:8d:80:
                    5d:71:ac:e2:36:73:e9:13:57:95:5c:f7:28:b2:3c:
                    65:de:9f:ab:65:97:dd:ca:de:c1:6a:2d:a1:f4:3d:
                    79:2e:85:9e:cc:3c:fb:2e:a1:df:74:c4:d0:2c:29:
                    95:59:ad:cf:12:b5:29:92:58:8b:a2:9b:03:81:d8:
                    f3:03:97:7a:59:a7:1f:4e:85:5d:f1:a6:3d:f5:36:
                    51:b8:26:f2:5d:bf:df:81:42:a5:94:f4:89:67:14:
                    68:a4:5f:37:d1:cb:4d:66:8b:b6:3f:e4:5b:29:a2:
                    31:5a:c0:bd:e2:c3:69:15:28:1d:43:17:f2:70:43:
                    e0:7a:00:0c:81:ab:a9:03:e8:de:7b:eb:90:0e:e5:
                    03:0f:5d:ec:00:6d:c4:cf:3a:ad:ef:4e:3e:a5:83:
                    29:ed:93:f7:c4:18:1f:f9:c5:aa:32:a7:e4:29:9d:
                    c2:7d:e6:e9:91:01:25:a7:57:f1:9d:81:d4:6f:55:
                    53:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:C4:C2:A1:9C:B2:12:D1:FF:BF:33:2C:51:83:5A:90:2E:04:EC:2D
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/4MTCoZyyEtH_vzMsUYNakC4E7C0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:9b:8b:84:50:53:69:f2:4a:88:bc:39:7b:08:32:d5:e2:66:
         30:12:0f:ff:2e:4c:28:3e:27:6f:c6:cf:83:62:66:4b:d1:c6:
         5b:c8:66:72:57:e9:16:18:05:a5:99:36:b3:e4:0a:8f:e7:83:
         f6:f9:7e:36:8f:c5:fd:75:c9:72:8c:95:d1:e3:26:de:05:0b:
         82:73:e8:25:dc:cc:62:9d:19:1f:5c:f6:8c:83:d9:69:31:b0:
         c4:a9:a6:26:12:99:ef:e9:59:bc:9c:4f:46:aa:b9:c8:0f:24:
         94:c1:79:f9:d0:43:44:53:eb:77:b1:f8:e4:34:39:1a:93:b9:
         46:3d:63:a3:1b:3a:e3:12:5a:86:70:1c:76:67:73:8a:81:94:
         de:17:71:14:d6:63:db:d9:4c:f7:63:b7:a8:eb:a1:06:38:82:
         b9:14:f8:44:f5:f2:97:66:ca:ce:66:97:3f:c2:2c:ae:5a:78:
         a2:75:93:a1:76:a8:9f:14:41:35:b7:50:20:a7:db:a9:01:42:
         80:9c:22:f3:5d:b4:ae:80:87:75:7e:d7:b2:ec:23:17:c0:28:
         1e:21:a5:77:a9:2b:d9:f8:98:19:92:a9:14:9c:d7:29:05:c1:
         b9:ee:7f:e8:e8:bd:a1:57:dd:17:12:c1:9e:53:92:ac:17:1c:
         d8:82:cb:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjBAoStY3xaWb2L6DDRd/wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwODE5MDYyNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM0YzJhMTljYjIxMmQxZmZiZjMzMmM1MTgzNWE5MDJlMDRlYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjXb6XfB2jajaxi0KLm/ybj3WZkI
7AtxI2rpLdvov7atfHG6DRCWGV+w5SC0miXM8AdlsalR6qL8SnBK6tLp3r8Zyk2r
/KgZjYBdcaziNnPpE1eVXPcosjxl3p+rZZfdyt7Bai2h9D15LoWezDz7LqHfdMTQ
LCmVWa3PErUpkliLopsDgdjzA5d6WacfToVd8aY99TZRuCbyXb/fgUKllPSJZxRo
pF830ctNZou2P+RbKaIxWsC94sNpFSgdQxfycEPgegAMgaupA+jee+uQDuUDD13s
AG3Ezzqt704+pYMp7ZP3xBgf+cWqMqfkKZ3CfebpkQElp1fxnYHUb1VTjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODEwqGcshLR/78zLFGDWpAuBOwtMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvNE1UQ29aeXlFdEhfdnpNc1VZTmFrQzRFN0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv3jMA0G
CSqGSIb3DQEBCwUAA4IBAQA3m4uEUFNp8kqIvDl7CDLV4mYwEg//LkwoPidvxs+D
YmZL0cZbyGZyV+kWGAWlmTaz5AqP54P2+X42j8X9dclyjJXR4ybeBQuCc+gl3Mxi
nRkfXPaMg9lpMbDEqaYmEpnv6Vm8nE9GqrnIDySUwXn50ENEU+t3sfjkNDkak7lG
PWOjGzrjElqGcBx2Z3OKgZTeF3EU1mPb2Uz3Y7eo66EGOIK5FPhE9fKXZsrOZpc/
wiyuWniidZOhdqifFEE1t1Agp9upAUKAnCLzXbSugId1ftey7CMXwCgeIaV3qSvZ
+JgZkqkUnNcpBcG57n/o6L2hV90XEsGeU5KsFxzYgsvA
-----END CERTIFICATE-----