Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pQR6GwEdEqmheG6MQ1YT7TnY9eY.roa
File:                     pQR6GwEdEqmheG6MQ1YT7TnY9eY.roa (raw, json)
Hash identifier:          83gz5YQmQn5/u8Qq6HbUF1goC2QANvEFfllGwF+288I=
Subject key identifier:   A5:04:7A:1B:01:1D:12:A9:A1:78:6E:8C:43:56:13:ED:39:D8:F5:E6
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       019D1969AF5F5C83FF00CD5DB42A07350BDE
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pQR6GwEdEqmheG6MQ1YT7TnY9eY.roa
Signing time:             Mon 23 Mar 2026 06:37:29 +0000
ROA not before:           Mon 23 Mar 2026 06:37:29 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     401922
IP address blocks:        5.183.116.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:19:69:af:5f:5c:83:ff:00:cd:5d:b4:2a:07:35:0b:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Mar 23 06:37:29 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a5047a1b011d12a9a1786e8c435613ed39d8f5e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:19:0b:00:5e:80:70:4a:37:3a:bd:9c:90:75:
                    65:45:d2:a5:84:be:30:c9:ec:d8:6b:55:b9:31:93:
                    33:64:1a:f7:96:3c:6c:db:b8:8e:03:50:18:49:0a:
                    f5:f4:ec:42:f4:78:54:99:7e:90:01:70:e2:66:ea:
                    44:6f:05:b8:af:9f:d8:70:b7:b8:c5:86:bc:7e:1b:
                    72:fc:4b:2c:1c:93:a8:09:95:11:fa:c9:78:85:c6:
                    19:ed:ee:d8:52:ca:03:f0:c8:80:7f:2a:cb:90:1f:
                    8f:2f:d1:68:81:3b:26:dd:02:24:62:74:e5:7a:c6:
                    e6:43:47:eb:42:ac:97:08:e6:04:45:aa:d3:14:9d:
                    21:55:2f:53:b9:29:f4:be:b2:b1:2d:0c:a3:a9:b5:
                    05:d9:ff:28:99:16:61:04:a2:b2:5f:e5:27:d1:c7:
                    45:42:b3:91:80:12:2f:33:c7:57:c6:c1:70:2a:02:
                    70:fe:33:b3:dd:95:a3:7e:d1:a8:33:2e:4d:f7:0b:
                    01:d2:8e:a2:c4:3e:f7:0a:96:46:3a:0c:a3:1f:ed:
                    2c:17:a0:3d:2f:a7:a3:78:b1:b6:99:06:6b:c3:f1:
                    d3:46:90:18:a9:0b:a6:1d:89:02:ac:f0:e5:d9:13:
                    7f:67:be:ba:8a:02:b4:39:ac:16:2e:6d:5a:04:df:
                    fe:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:04:7A:1B:01:1D:12:A9:A1:78:6E:8C:43:56:13:ED:39:D8:F5:E6
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pQR6GwEdEqmheG6MQ1YT7TnY9eY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:51:be:81:d7:88:e3:cf:11:53:1a:81:38:c3:b0:f8:ba:c8:
         d6:98:ad:4f:4d:6e:35:31:ab:ff:58:64:4b:d0:83:7d:8a:4b:
         87:df:68:3b:4a:75:64:e8:92:ab:b0:93:a1:1a:5b:0e:1f:d2:
         77:f5:ba:ee:a1:fa:61:8f:90:b1:7c:19:0c:1e:1d:cf:d1:ae:
         a0:80:e6:23:0f:5e:2d:b5:97:49:bd:0a:c8:bb:f3:d5:84:94:
         dd:fa:01:f2:97:06:d7:b7:10:f1:56:9c:61:03:d5:d4:f0:49:
         8a:d6:f0:a3:96:9a:5c:fe:d0:67:9d:b0:3f:13:ab:20:38:dd:
         cd:7a:5e:3c:ca:5e:b1:d9:73:2f:4e:3f:fb:87:da:1e:44:15:
         1f:26:78:68:c4:7c:bc:69:a7:f3:10:50:b0:96:d1:a3:1b:6c:
         cf:a6:d2:e5:b4:53:30:a1:4f:86:6d:07:e0:a6:a8:7e:9b:f8:
         ef:3b:d0:e9:24:69:e8:b4:0b:47:76:8f:9e:4d:31:21:2c:6b:
         42:14:a4:be:1a:c6:14:d1:93:82:b0:de:e4:91:e1:b6:5b:27:
         d8:f4:dc:45:47:5c:e4:ff:b9:00:a3:f9:b3:aa:5e:b2:cf:d6:
         d2:7d:21:77:d5:00:b1:ee:c2:35:f5:02:e8:1d:17:83:c1:aa:
         ce:53:5e:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0Zaa9fXIP/AM1dtCoHNQveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjYwMzIzMDYzNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA0N2ExYjAxMWQxMmE5YTE3ODZlOGM0MzU2MTNlZDM5ZDhmNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hkLAF6AcEo3Or2ckHVlRdKlhL4w
yezYa1W5MZMzZBr3ljxs27iOA1AYSQr19OxC9HhUmX6QAXDiZupEbwW4r5/YcLe4
xYa8fhty/EssHJOoCZUR+sl4hcYZ7e7YUsoD8MiAfyrLkB+PL9FogTsm3QIkYnTl
esbmQ0frQqyXCOYERarTFJ0hVS9TuSn0vrKxLQyjqbUF2f8omRZhBKKyX+Un0cdF
QrORgBIvM8dXxsFwKgJw/jOz3ZWjftGoMy5N9wsB0o6ixD73CpZGOgyjH+0sF6A9
L6ejeLG2mQZrw/HTRpAYqQumHYkCrPDl2RN/Z766igK0OawWLm1aBN/+3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUEehsBHRKpoXhujENWE+052PXmMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcFFSNkd3RWRFcW1oZUc2TVExWVQ3VG5ZOWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbd0MA0G
CSqGSIb3DQEBCwUAA4IBAQACUb6B14jjzxFTGoE4w7D4usjWmK1PTW41Mav/WGRL
0IN9ikuH32g7SnVk6JKrsJOhGlsOH9J39bruofphj5CxfBkMHh3P0a6ggOYjD14t
tZdJvQrIu/PVhJTd+gHylwbXtxDxVpxhA9XU8EmK1vCjlppc/tBnnbA/E6sgON3N
el48yl6x2XMvTj/7h9oeRBUfJnhoxHy8aafzEFCwltGjG2zPptLltFMwoU+GbQfg
pqh+m/jvO9DpJGnotAtHdo+eTTEhLGtCFKS+GsYU0ZOCsN7kkeG2WyfY9NxFR1zk
/7kAo/mzql6yz9bSfSF31QCx7sI19QLoHReDwarOU15A
-----END CERTIFICATE-----