Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GublByumzR0yWywlkmwD_2dVWwE.roa
File:                     GublByumzR0yWywlkmwD_2dVWwE.roa (raw, json)
Hash identifier:          wY1PUCPhOCAX3BO0CA97xY9ingMfgAqmUmohKXuuCsM=
Subject key identifier:   1A:E6:E5:07:2B:A6:CD:1D:32:5B:2C:25:92:6C:03:FF:67:55:5B:01
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       0199773BADF33688FBF85116C863F644F4B9
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GublByumzR0yWywlkmwD_2dVWwE.roa
Signing time:             Tue 23 Sep 2025 15:40:23 +0000
ROA not before:           Tue 23 Sep 2025 15:40:23 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     48024
IP address blocks:        178.173.241.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:77:3b:ad:f3:36:88:fb:f8:51:16:c8:63:f6:44:f4:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Sep 23 15:40:23 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1ae6e5072ba6cd1d325b2c25926c03ff67555b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ed:4b:94:23:bc:5f:a7:91:71:b8:26:a4:88:
                    f9:90:05:39:a3:92:fa:13:18:d9:84:28:20:f3:34:
                    81:19:b3:e4:22:fa:c9:7a:28:8d:20:88:79:01:4a:
                    b8:0f:9f:d9:cb:eb:8d:f5:27:1c:5a:89:92:bd:13:
                    f0:e5:6d:11:f6:6f:95:c5:a9:2d:c8:02:f7:6c:e6:
                    b8:a3:43:ad:2c:b4:d6:73:bc:67:32:12:c2:46:23:
                    e0:43:33:44:8f:15:57:25:99:65:ee:88:f7:99:3e:
                    41:48:91:2b:ae:cd:0a:81:f9:55:ca:7f:54:83:2e:
                    ab:42:5b:f8:50:7c:ae:7e:74:bc:03:e0:72:5e:90:
                    52:f4:55:30:d0:10:ee:96:4b:65:02:63:4b:e1:69:
                    29:05:da:1e:e8:c1:fa:48:f1:4c:85:25:bb:b8:b2:
                    f9:8e:91:55:76:39:6c:2e:a0:e1:73:45:3f:a7:0d:
                    d2:76:f6:4d:2e:ef:29:45:28:25:3d:d0:07:7a:b3:
                    de:fc:7b:6e:7a:4a:cc:bf:01:a9:5c:e0:65:da:18:
                    d1:56:03:35:49:83:83:2f:7e:cd:99:3f:0b:da:2c:
                    a7:d7:7b:b1:0f:04:2a:09:c7:ba:7f:fd:60:12:82:
                    0e:22:5e:f9:21:a8:4c:65:c3:08:f6:21:18:17:7b:
                    fe:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:E6:E5:07:2B:A6:CD:1D:32:5B:2C:25:92:6C:03:FF:67:55:5B:01
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/GublByumzR0yWywlkmwD_2dVWwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.173.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:d8:53:27:a1:c8:ce:27:9d:7e:88:e5:c3:fe:be:bf:d4:3d:
         21:60:2c:9d:b7:76:0f:91:d2:ee:69:df:ba:44:bd:1d:84:89:
         2b:87:53:81:58:31:e8:7a:84:b6:0d:de:e6:b4:c4:a0:ea:f0:
         6e:13:6c:41:8b:e6:b4:76:24:b4:fe:ed:82:e5:a7:60:40:14:
         56:60:65:3d:ab:2b:c4:6e:f4:be:72:15:55:1f:a5:ef:f9:61:
         39:c1:36:9a:ef:15:44:35:c4:2b:be:c0:4c:87:bd:e5:0e:c8:
         09:6c:60:29:f1:48:ba:c7:2b:fd:c4:c9:17:61:29:e3:84:a2:
         02:61:be:e3:4c:68:9c:82:a3:cc:d8:ad:d2:bb:b6:87:af:51:
         f9:7f:64:f0:1f:e1:a8:44:21:b2:7c:1a:c5:a9:a2:0e:08:fa:
         68:75:8c:28:f9:4d:fb:20:23:92:77:4c:2d:f1:61:4a:9d:12:
         79:db:57:b8:91:ec:5a:fc:5d:df:e2:52:55:ee:d2:f8:28:23:
         2c:0d:26:fb:5d:1b:d3:51:b8:90:74:1c:ed:35:b6:cf:22:00:
         ad:f5:0d:d7:5d:78:22:3c:8a:67:d1:7a:c2:f8:03:a2:99:53:
         84:e7:96:ca:6d:6b:6c:49:b4:14:5d:9a:86:ec:43:0d:4f:1c:
         68:f3:a7:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl3O63zNoj7+FEWyGP2RPS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwOTIzMTU0MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU2ZTUwNzJiYTZjZDFkMzI1YjJjMjU5MjZjMDNmZjY3NTU1YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O1LlCO8X6eRcbgmpIj5kAU5o5L6
ExjZhCgg8zSBGbPkIvrJeiiNIIh5AUq4D5/Zy+uN9SccWomSvRPw5W0R9m+Vxakt
yAL3bOa4o0OtLLTWc7xnMhLCRiPgQzNEjxVXJZll7oj3mT5BSJErrs0KgflVyn9U
gy6rQlv4UHyufnS8A+ByXpBS9FUw0BDulktlAmNL4WkpBdoe6MH6SPFMhSW7uLL5
jpFVdjlsLqDhc0U/pw3SdvZNLu8pRSglPdAHerPe/HtuekrMvwGpXOBl2hjRVgM1
SYODL37NmT8L2iyn13uxDwQqCce6f/1gEoIOIl75IahMZcMI9iEYF3v+JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBrm5Qcrps0dMlssJZJsA/9nVVsBMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvR3VibEJ5dW16UjB5V3l3bGttd0RfMmRWV3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsq3xMA0G
CSqGSIb3DQEBCwUAA4IBAQAf2FMnocjOJ51+iOXD/r6/1D0hYCydt3YPkdLuad+6
RL0dhIkrh1OBWDHoeoS2Dd7mtMSg6vBuE2xBi+a0diS0/u2C5adgQBRWYGU9qyvE
bvS+chVVH6Xv+WE5wTaa7xVENcQrvsBMh73lDsgJbGAp8Ui6xyv9xMkXYSnjhKIC
Yb7jTGicgqPM2K3Su7aHr1H5f2TwH+GoRCGyfBrFqaIOCPpodYwo+U37ICOSd0wt
8WFKnRJ521e4kexa/F3f4lJV7tL4KCMsDSb7XRvTUbiQdBztNbbPIgCt9Q3XXXgi
PIpn0XrC+AOimVOE55bKbWtsSbQUXZqG7EMNTxxo86f/
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:13 2025 by rpki-client