Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LiaDsuFiQwM3Ju_JDnde5I4oxeY.roa
File:                     LiaDsuFiQwM3Ju_JDnde5I4oxeY.roa (raw, json)
Hash identifier:          ta+hJxhXSfnZQUFUOD1lgSKx8cri3qT9yEqJUL4Cbnw=
Subject key identifier:   2E:26:83:B2:E1:62:43:03:37:26:EF:C9:0E:77:5E:E4:8E:28:C5:E6
Certificate issuer:       /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial:       019886378F3EEDC6DFED712347659DF9E6A0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LiaDsuFiQwM3Ju_JDnde5I4oxeY.roa
Signing time:             Thu 07 Aug 2025 20:27:24 +0000
ROA not before:           Thu 07 Aug 2025 20:27:24 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214652
IP address blocks:        2a13:c902::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:86:37:8f:3e:ed:c6:df:ed:71:23:47:65:9d:f9:e6:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
        Validity
            Not Before: Aug  7 20:27:24 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2e2683b2e16243033726efc90e775ee48e28c5e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:85:e8:e1:25:c7:09:01:d5:ef:2a:7f:11:9d:
                    5c:27:fa:48:ad:69:57:f8:5b:bc:fa:a3:64:3f:a2:
                    84:8f:9e:6c:6a:4b:45:e4:36:ac:ec:4b:7d:65:8a:
                    92:00:40:67:ca:fd:50:a3:59:ec:a7:62:ab:47:f3:
                    58:d9:0f:e1:54:84:0f:d3:a4:5f:a3:ee:d2:3f:e1:
                    25:0b:8e:9b:89:95:4c:46:e2:2c:1c:e1:55:7e:7a:
                    e0:14:a1:83:5b:dc:b0:eb:2d:93:01:b6:ce:6b:b6:
                    a4:08:31:c8:f6:fb:e4:0d:c9:3b:2e:af:d9:66:6f:
                    3c:67:51:78:94:2c:f7:2b:ee:9f:eb:03:d3:a7:1a:
                    fd:09:43:95:45:7e:24:5c:bb:4c:cb:d3:c3:4e:a4:
                    a0:cd:f7:2c:f5:ca:dc:21:2f:5a:61:4e:f2:6d:17:
                    ad:f8:40:d9:0e:41:27:8e:55:ea:1b:0e:02:cb:75:
                    94:55:34:d9:04:36:21:18:8c:07:cf:a8:d3:40:33:
                    f0:3c:5a:b1:3f:5d:dc:32:87:2e:81:22:fd:37:4d:
                    db:08:95:ee:1e:6e:b2:62:8a:6c:c2:12:7b:85:38:
                    57:b6:08:08:5a:84:c0:91:44:b0:0b:56:4c:18:25:
                    88:a4:c6:c6:7d:d3:80:c0:64:f7:22:bc:1f:c3:b1:
                    a6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:26:83:B2:E1:62:43:03:37:26:EF:C9:0E:77:5E:E4:8E:28:C5:E6
            X509v3 Authority Key Identifier:
                keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LiaDsuFiQwM3Ju_JDnde5I4oxeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c902::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:59:4f:5f:be:bb:df:2e:37:b8:ce:ba:45:8e:39:dd:2d:b6:
         81:19:61:08:ce:21:47:5f:a6:de:ec:28:ff:47:be:3e:a3:45:
         7e:3d:41:a8:d0:6b:a5:f8:b4:4e:63:f5:b3:60:f1:5b:5e:1f:
         57:6c:6b:26:57:9e:2e:ae:46:53:f3:fe:68:67:06:a2:3d:21:
         4b:9d:21:26:86:bb:65:78:ee:21:1c:a6:c8:3a:96:45:58:c0:
         90:c7:dd:25:a6:a3:b7:3b:f6:8e:77:d1:f5:4f:9b:44:3f:80:
         bc:84:94:3a:78:19:26:69:f6:90:2a:50:0a:d0:a6:3a:4c:4d:
         bb:c2:e2:18:33:49:e3:96:6f:d2:23:e8:10:b7:b4:89:67:3d:
         31:7d:ea:a2:e4:08:93:3d:4c:6a:65:a0:da:94:75:45:1a:45:
         db:71:9a:bf:a3:06:a3:33:db:ee:0e:b3:63:c2:08:be:4e:43:
         b3:88:4e:2d:33:21:86:77:c3:7e:c6:a7:7b:8e:99:f1:11:b9:
         3b:49:0b:e8:cb:59:8f:f9:9c:ec:71:af:61:a4:0a:79:fc:10:
         a4:2f:4a:26:2c:77:e3:d4:5a:a6:ac:00:81:84:1c:cb:ad:6e:
         24:1d:4d:9a:20:a2:69:34:37:5a:31:8e:35:a3:d2:4a:62:94:
         50:d4:8a:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZiGN48+7cbf7XEjR2Wd+eagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwODA3MjAyNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTI2ODNiMmUxNjI0MzAzMzcyNmVmYzkwZTc3NWVlNDhlMjhjNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Xo4SXHCQHV7yp/EZ1cJ/pIrWlX
+Fu8+qNkP6KEj55saktF5Das7Et9ZYqSAEBnyv1Qo1nsp2KrR/NY2Q/hVIQP06Rf
o+7SP+ElC46biZVMRuIsHOFVfnrgFKGDW9yw6y2TAbbOa7akCDHI9vvkDck7Lq/Z
Zm88Z1F4lCz3K+6f6wPTpxr9CUOVRX4kXLtMy9PDTqSgzfcs9crcIS9aYU7ybRet
+EDZDkEnjlXqGw4Cy3WUVTTZBDYhGIwHz6jTQDPwPFqxP13cMocugSL9N03bCJXu
Hm6yYopswhJ7hThXtggIWoTAkUSwC1ZMGCWIpMbGfdOAwGT3Irwfw7Gm3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC4mg7LhYkMDNybvyQ53XuSOKMXmMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTGlhRHN1RmlRd00zSnVfSkRuZGU1STRveGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPJAjAN
BgkqhkiG9w0BAQsFAAOCAQEAEVlPX7673y43uM66RY453S22gRlhCM4hR1+m3uwo
/0e+PqNFfj1BqNBrpfi0TmP1s2DxW14fV2xrJleeLq5GU/P+aGcGoj0hS50hJoa7
ZXjuIRymyDqWRVjAkMfdJaajtzv2jnfR9U+bRD+AvISUOngZJmn2kCpQCtCmOkxN
u8LiGDNJ45Zv0iPoELe0iWc9MX3qouQIkz1MamWg2pR1RRpF23Gav6MGozPb7g6z
Y8IIvk5Ds4hOLTMhhnfDfsane46Z8RG5O0kL6MtZj/mc7HGvYaQKefwQpC9KJix3
49RapqwAgYQcy61uJB1NmiCiaTQ3WjGONaPSSmKUUNSK1A==
-----END CERTIFICATE-----