Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/vEoakUYlpmTQIaLwpaXyp7_1UqE.roa
File:                     vEoakUYlpmTQIaLwpaXyp7_1UqE.roa (raw, json)
Hash identifier:          eiYLucoZ9zchXIwhszUzBZ15EUScjN1eZIZfgJxOdfo=
Subject key identifier:   BC:4A:1A:91:46:25:A6:64:D0:21:A2:F0:A5:A5:F2:A7:BF:F5:52:A1
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       019982CFD5C2B37103EBD17867288BA4B26B
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/vEoakUYlpmTQIaLwpaXyp7_1UqE.roa
Signing time:             Thu 25 Sep 2025 21:38:02 +0000
ROA not before:           Thu 25 Sep 2025 21:38:02 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     26548
IP address blocks:        45.133.112.0/22 maxlen: 24
                          45.136.24.0/22 maxlen: 24
                          45.147.8.0/22 maxlen: 24
                          45.147.232.0/22 maxlen: 24
                          45.159.23.0/24 maxlen: 24
                          88.218.46.0/24 maxlen: 24
                          89.19.34.0/24 maxlen: 24
                          91.132.124.0/23 maxlen: 24
                          93.177.94.0/23 maxlen: 24
                          146.19.39.0/24 maxlen: 24
                          176.126.111.0/24 maxlen: 24
                          193.31.127.0/24 maxlen: 24
                          193.56.20.0/24 maxlen: 24
                          193.142.36.0/22 maxlen: 24
                          193.202.16.0/24 maxlen: 24
                          194.99.25.0/24 maxlen: 24
                          194.110.150.0/24 maxlen: 24
                          194.180.232.0/23 maxlen: 24
                          194.180.236.0/23 maxlen: 24
                          212.87.216.0/24 maxlen: 24
                          212.87.218.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:82:cf:d5:c2:b3:71:03:eb:d1:78:67:28:8b:a4:b2:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Sep 25 21:38:02 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bc4a1a914625a664d021a2f0a5a5f2a7bff552a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:dd:fa:c0:1e:bb:d2:52:8f:8b:fd:4f:cf:ba:
                    d6:0b:31:f7:49:be:11:df:dc:d3:bc:ff:83:f0:f0:
                    4c:3d:06:b9:4d:10:f9:89:45:33:3d:fd:68:07:a8:
                    fb:aa:80:71:a8:37:41:26:32:b6:c5:74:66:ee:19:
                    47:34:15:fb:e8:dc:e2:46:6b:52:bb:7e:fb:b8:58:
                    11:0a:df:0b:1e:3b:f3:68:de:be:59:8d:59:fd:dc:
                    41:f6:39:44:73:bd:ab:9f:aa:de:ee:67:a7:c9:2c:
                    bf:24:d6:04:52:10:7e:30:6c:a8:09:fe:0d:e7:bf:
                    09:d8:dd:fc:13:d0:a0:1f:7f:ac:7a:54:a1:ea:56:
                    cc:ac:2d:4f:11:09:7c:8a:d4:e3:5f:5f:26:9f:2c:
                    53:82:08:2c:4d:c1:e3:2c:ae:38:b3:ce:8c:b3:cc:
                    5a:e0:cc:3a:4c:fb:b5:a9:02:9e:e7:9e:ff:8a:a5:
                    d3:bc:22:62:78:71:d5:a1:dd:46:06:24:cb:80:ad:
                    0c:22:08:4a:a7:06:3e:62:6b:c7:ac:4f:3c:cf:4d:
                    6e:c9:9a:4c:fd:06:55:35:b2:24:f4:35:8c:08:53:
                    5c:7d:28:d6:7b:0a:e1:8a:a7:08:d8:b9:e5:bb:e4:
                    3a:62:e8:47:52:9e:e3:7c:8a:54:75:9b:b9:ec:1e:
                    41:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:4A:1A:91:46:25:A6:64:D0:21:A2:F0:A5:A5:F2:A7:BF:F5:52:A1
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/vEoakUYlpmTQIaLwpaXyp7_1UqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.112.0/22
                  45.136.24.0/22
                  45.147.8.0/22
                  45.147.232.0/22
                  45.159.23.0/24
                  88.218.46.0/24
                  89.19.34.0/24
                  91.132.124.0/23
                  93.177.94.0/23
                  146.19.39.0/24
                  176.126.111.0/24
                  193.31.127.0/24
                  193.56.20.0/24
                  193.142.36.0/22
                  193.202.16.0/24
                  194.99.25.0/24
                  194.110.150.0/24
                  194.180.232.0/23
                  194.180.236.0/23
                  212.87.216.0/24
                  212.87.218.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:aa:6a:a0:18:24:77:a6:bb:0f:c1:59:e7:79:30:2d:bf:b5:
         d9:f6:9f:77:48:17:5e:41:b1:e0:5d:89:a8:56:57:fb:28:71:
         a0:aa:d4:09:57:78:ed:b0:47:36:36:04:5f:67:2e:1d:64:11:
         a0:59:15:9e:38:51:a5:57:ee:d5:02:d0:bc:fb:55:68:44:e0:
         ba:b2:e3:00:89:36:87:a5:59:b6:c2:f5:61:bb:55:84:c5:8c:
         85:64:3d:a6:3b:91:19:90:91:bb:75:4c:24:f4:ae:58:d1:4c:
         ef:98:9a:58:e4:22:a9:7d:23:54:b0:56:4b:c1:01:bc:e8:0d:
         b0:0d:26:b1:90:bb:26:71:f8:e1:ff:e5:ea:f8:94:36:49:2d:
         c7:e5:fa:8f:78:ed:83:08:61:73:1d:f6:82:21:5f:c9:d5:0e:
         d2:2d:cf:f8:60:53:63:0c:8d:f8:3d:ec:87:af:9c:c0:e9:b3:
         d8:32:bd:1d:ea:32:c9:5b:46:aa:de:0e:ea:7b:f7:de:84:3d:
         84:ee:bd:a2:23:9f:12:c8:17:3a:96:f0:05:54:65:0a:3a:cf:
         d3:34:a9:d8:8b:de:e8:6f:d3:68:ca:fc:6b:f8:d7:27:34:7f:
         ea:3f:d7:fc:77:ae:c4:e6:68:13:49:fc:17:a5:45:d0:5b:69:
         2e:03:2e:73
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZmCz9XCs3ED69F4ZyiLpLJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwOTI1MjEzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzRhMWE5MTQ2MjVhNjY0ZDAyMWEyZjBhNWE1ZjJhN2JmZjU1MmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN36wB670lKPi/1Pz7rWCzH3Sb4R
39zTvP+D8PBMPQa5TRD5iUUzPf1oB6j7qoBxqDdBJjK2xXRm7hlHNBX76NziRmtS
u377uFgRCt8LHjvzaN6+WY1Z/dxB9jlEc72rn6re7menySy/JNYEUhB+MGyoCf4N
578J2N38E9CgH3+selSh6lbMrC1PEQl8itTjX18mnyxTgggsTcHjLK44s86Ms8xa
4Mw6TPu1qQKe557/iqXTvCJieHHVod1GBiTLgK0MIghKpwY+YmvHrE88z01uyZpM
/QZVNbIk9DWMCFNcfSjWewrhiqcI2Lnlu+Q6YuhHUp7jfIpUdZu57B5B/wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLxKGpFGJaZk0CGi8KWl8qe/9VKhMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvdkVvYWtVWWxwbVRRSWFMd3BhWHlwN18xVXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi2F
cAMEAi2IGAMEAi2TCAMEAi2T6AMEAC2fFwMEAFjaLgMEAFkTIgMEAVuEfAMEAV2x
XgMEAJITJwMEALB+bwMEAMEffwMEAME4FAMEAsGOJAMEAMHKEAMEAMJjGQMEAMJu
lgMEAcK06AMEAcK07AMEANRX2AMEAdRX2jANBgkqhkiG9w0BAQsFAAOCAQEAg6pq
oBgkd6a7D8FZ53kwLb+12fafd0gXXkGx4F2JqFZX+yhxoKrUCVd47bBHNjYEX2cu
HWQRoFkVnjhRpVfu1QLQvPtVaETgurLjAIk2h6VZtsL1YbtVhMWMhWQ9pjuRGZCR
u3VMJPSuWNFM75iaWOQiqX0jVLBWS8EBvOgNsA0msZC7JnH44f/l6viUNkktx+X6
j3jtgwhhcx32giFfydUO0i3P+GBTYwyN+D3sh6+cwOmz2DK9HeoyyVtGqt4O6nv3
3oQ9hO69oiOfEsgXOpbwBVRlCjrP0zSp2Ive6G/TaMr8a/jXJzR/6j/X/HeuxOZo
E0n8F6VF0FtpLgMucw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:04 2025 by rpki-client