Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dSWQQshiun9rhuRW4QfJR8tRZdI.roa
File:                     dSWQQshiun9rhuRW4QfJR8tRZdI.roa (raw, json)
Hash identifier:          uDF/w3zs0LjnNTZSCqyTKCsNsAB+XI1OZK79JLiWkUs=
Subject key identifier:   75:25:90:42:C8:62:BA:7F:6B:86:E4:56:E1:07:C9:47:CB:51:65:D2
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       0197ADBB4C971215817DFD808DFA6625D28B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dSWQQshiun9rhuRW4QfJR8tRZdI.roa
Signing time:             Thu 26 Jun 2025 19:33:42 +0000
ROA not before:           Thu 26 Jun 2025 19:33:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     25369
IP address blocks:        77.83.205.0/24 maxlen: 24
                          77.83.206.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ad:bb:4c:97:12:15:81:7d:fd:80:8d:fa:66:25:d2:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Jun 26 19:33:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=75259042c862ba7f6b86e456e107c947cb5165d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:fd:51:e0:e4:2a:14:48:41:4a:25:7e:4d:47:
                    e3:88:0c:5e:6c:3b:8b:b6:08:b3:a5:26:21:1a:f4:
                    ac:31:89:d3:7e:36:9b:b7:91:d3:dc:77:59:7d:e0:
                    8d:bf:f0:bc:58:ce:8a:8f:05:ca:93:a9:01:df:8a:
                    1f:d4:9d:2f:8b:28:86:1e:ef:44:b3:45:87:48:51:
                    b9:c1:7c:26:40:1f:51:47:a0:d3:bb:4f:51:c7:d5:
                    e2:26:16:8d:b2:0a:60:97:32:36:51:2b:87:44:0b:
                    63:29:13:71:85:b1:f9:ef:e5:a0:dc:b3:4b:8f:77:
                    20:e9:ac:7a:7e:4a:67:59:65:00:54:e9:3f:9a:a7:
                    96:26:ac:68:38:d4:72:b1:5b:0d:90:0a:40:9d:40:
                    f1:e6:30:c9:dc:88:71:6a:01:b9:43:90:30:ff:b1:
                    28:0f:92:53:4d:14:c4:e0:74:30:2d:b0:70:8f:e1:
                    af:b6:8a:27:16:dc:2a:8d:19:ce:f6:55:a9:91:71:
                    4f:42:18:d8:c9:fa:0d:f9:d7:9c:98:15:e5:00:15:
                    21:2b:d0:7e:60:17:f9:0d:e0:c9:e6:c8:d7:4e:75:
                    89:27:21:f5:a7:fe:e2:be:9f:72:42:b5:eb:50:66:
                    19:c1:68:32:13:42:8e:31:b7:68:bf:df:ad:0c:98:
                    26:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:25:90:42:C8:62:BA:7F:6B:86:E4:56:E1:07:C9:47:CB:51:65:D2
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dSWQQshiun9rhuRW4QfJR8tRZdI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.205.0-77.83.206.255

    Signature Algorithm: sha256WithRSAEncryption
         2b:cf:8a:5e:2d:24:3c:30:5d:f3:b2:58:e3:da:91:d3:50:de:
         3c:00:5b:6b:07:54:c2:5f:a5:b7:04:61:26:b4:89:f1:59:b7:
         c1:7c:57:21:53:df:b6:d9:11:d6:9d:11:e4:d3:30:b5:00:60:
         7b:a9:48:1f:9d:5c:01:39:7c:fd:0a:75:70:47:bb:f2:8f:b1:
         15:90:c3:98:de:4b:08:24:59:ab:01:6f:9a:ce:8a:a2:97:9e:
         b3:15:26:3d:a0:b3:af:8a:e5:4d:d0:87:a9:6d:b8:b1:07:c4:
         8d:10:4d:64:29:9a:1e:26:05:de:1a:f2:13:5d:da:21:d2:6f:
         da:4f:34:ae:8b:73:7e:61:77:3e:b4:46:ea:1e:70:25:a9:b1:
         3d:85:17:61:71:39:e9:4e:5b:60:a2:5d:ff:90:27:23:a9:bd:
         e9:d9:83:50:56:a3:f6:b7:76:20:9c:e4:b0:e5:88:00:67:47:
         85:37:3a:79:c8:78:ac:ae:a6:c8:a1:cf:34:a3:20:70:6f:da:
         2d:4d:15:72:ff:19:31:2b:f2:04:55:df:e1:06:7e:80:4c:8a:
         08:60:6e:b6:47:be:08:4a:d1:05:75:d5:74:dd:7b:0a:73:d4:
         6e:6d:85:52:0f:ae:e9:f3:ab:c5:1f:4e:7a:d7:5d:22:e9:80:
         8f:c8:73:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZetu0yXEhWBff2AjfpmJdKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNjI2MTkzMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI1OTA0MmM4NjJiYTdmNmI4NmU0NTZlMTA3Yzk0N2NiNTE2NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/1R4OQqFEhBSiV+TUfjiAxebDuL
tgizpSYhGvSsMYnTfjabt5HT3HdZfeCNv/C8WM6KjwXKk6kB34of1J0viyiGHu9E
s0WHSFG5wXwmQB9RR6DTu09Rx9XiJhaNsgpglzI2USuHRAtjKRNxhbH57+Wg3LNL
j3cg6ax6fkpnWWUAVOk/mqeWJqxoONRysVsNkApAnUDx5jDJ3IhxagG5Q5Aw/7Eo
D5JTTRTE4HQwLbBwj+GvtoonFtwqjRnO9lWpkXFPQhjYyfoN+decmBXlABUhK9B+
YBf5DeDJ5sjXTnWJJyH1p/7ivp9yQrXrUGYZwWgyE0KOMbdov9+tDJgmQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHUlkELIYrp/a4bkVuEHyUfLUWXSMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZFNXUVFzaGl1bjlyaHVSVzRRZkpSOHRSWmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABNU80D
BABNU84wDQYJKoZIhvcNAQELBQADggEBACvPil4tJDwwXfOyWOPakdNQ3jwAW2sH
VMJfpbcEYSa0ifFZt8F8VyFT37bZEdadEeTTMLUAYHupSB+dXAE5fP0KdXBHu/KP
sRWQw5jeSwgkWasBb5rOiqKXnrMVJj2gs6+K5U3Qh6ltuLEHxI0QTWQpmh4mBd4a
8hNd2iHSb9pPNK6Lc35hdz60RuoecCWpsT2FF2FxOelOW2CiXf+QJyOpvenZg1BW
o/a3diCc5LDliABnR4U3OnnIeKyupsihzzSjIHBv2i1NFXL/GTEr8gRV3+EGfoBM
ighgbrZHvghK0QV11XTdewpz1G5thVIPrunzq8UfTnrXXSLpgI/Ic9I=
-----END CERTIFICATE-----