Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/YeiyJoy5H_MNeil65OjoObeNzwo.roa
File:                     YeiyJoy5H_MNeil65OjoObeNzwo.roa (raw, json)
Hash identifier:          RcUl/pWFLN4opKw53YV9g0qIhTFEHzbUwIM8agvIUmk=
Subject key identifier:   61:E8:B2:26:8C:B9:1F:F3:0D:7A:29:7A:E4:E8:E8:39:B7:8D:CF:0A
Certificate issuer:       /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial:       019CBE113F4761B25F6133500DFC659AF7E3
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/YeiyJoy5H_MNeil65OjoObeNzwo.roa
Signing time:             Thu 05 Mar 2026 12:55:27 +0000
ROA not before:           Thu 05 Mar 2026 12:55:27 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     57814
IP address blocks:        80.75.215.0/24 maxlen: 24
                          185.104.192.0/24 maxlen: 24
                          2a01:8640:10::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:be:11:3f:47:61:b2:5f:61:33:50:0d:fc:65:9a:f7:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
        Validity
            Not Before: Mar  5 12:55:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=61e8b2268cb91ff30d7a297ae4e8e839b78dcf0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e1:75:79:cd:f5:45:05:11:da:23:8e:22:f8:
                    d0:20:c5:8f:eb:ad:09:14:88:5e:20:61:60:35:05:
                    eb:a1:cd:c3:8f:3b:8b:d2:db:4a:8d:96:a5:67:2a:
                    5b:d5:f3:b7:dc:09:aa:d1:e2:f4:43:98:ec:e6:b1:
                    74:e2:b7:45:7b:13:c7:b8:5b:6a:cf:a7:2d:07:22:
                    b2:fd:ea:45:a7:72:56:e9:f8:ee:df:d6:fb:6c:a8:
                    14:1f:4c:ab:b2:14:d8:a6:af:3d:91:38:cb:28:41:
                    01:7e:f3:51:bc:12:e7:13:b5:c5:95:90:25:02:39:
                    03:7d:73:55:d2:ae:58:60:63:09:d9:7c:1a:cd:06:
                    07:53:23:26:4a:cc:2d:11:15:1d:d1:5a:23:43:b4:
                    77:fa:d5:58:7b:ba:91:12:c3:dd:5d:b5:a3:9f:33:
                    5e:e9:8d:21:96:d6:1b:1c:79:65:fd:7b:59:89:df:
                    61:8c:2e:21:03:14:86:1c:b9:f9:9d:0b:d4:4f:88:
                    51:80:a5:3e:09:1f:2d:ed:61:ef:50:57:f8:e8:be:
                    f7:52:83:ec:d0:a5:2d:5a:d7:7a:b8:f7:a7:9c:95:
                    f4:94:9a:97:f5:ec:40:a2:76:07:87:c2:6a:93:b1:
                    60:ad:dd:87:0f:b3:d6:e5:66:6a:e8:84:1d:83:4d:
                    99:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E8:B2:26:8C:B9:1F:F3:0D:7A:29:7A:E4:E8:E8:39:B7:8D:CF:0A
            X509v3 Authority Key Identifier:
                keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/YeiyJoy5H_MNeil65OjoObeNzwo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.75.215.0/24
                  185.104.192.0/24
                IPv6:
                  2a01:8640:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:a6:90:8d:b2:4b:b3:e0:af:4a:55:0a:d0:42:6a:da:77:dc:
         41:1c:26:df:e7:88:bd:79:80:b0:a7:44:ba:36:7f:24:f6:df:
         b9:35:ed:71:f0:df:02:7b:27:49:36:9b:49:64:2f:59:0c:c0:
         37:64:cb:58:34:46:36:c9:12:4c:37:9e:c8:7d:b0:04:9a:c8:
         87:89:f7:d4:0e:bc:e9:aa:65:a7:b8:3f:9d:69:82:d7:8e:a3:
         be:fe:7b:a7:e2:77:14:29:a0:69:75:e7:2d:54:8f:0b:12:bf:
         ed:e1:51:f7:cf:ca:b6:3d:e8:35:fb:63:eb:7c:1c:91:aa:b8:
         66:b1:d7:fe:44:26:2e:43:8c:cf:bd:2d:6c:5a:2a:d8:77:6c:
         f7:d8:f0:06:cf:51:37:28:d7:a5:3f:10:cf:df:04:f2:86:a7:
         58:07:1b:54:8c:2b:b6:40:ce:6b:5a:9d:b6:63:49:bf:7e:75:
         18:47:3d:ea:e2:63:b7:d6:3c:84:a8:40:d0:3f:87:42:aa:5a:
         ed:5e:5f:62:c2:63:15:a8:20:4d:43:24:e6:d7:c4:bd:c2:2f:
         59:58:41:34:8d:f2:ff:31:ca:53:78:c6:56:6e:50:b1:59:eb:
         48:98:ef:2b:b5:65:bd:59:b8:d1:3d:35:a9:5f:be:1c:e2:f5:
         74:58:06:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZy+ET9HYbJfYTNQDfxlmvfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjYwMzA1MTI1NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU4YjIyNjhjYjkxZmYzMGQ3YTI5N2FlNGU4ZTgzOWI3OGRjZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneF1ec31RQUR2iOOIvjQIMWP660J
FIheIGFgNQXroc3DjzuL0ttKjZalZypb1fO33Amq0eL0Q5js5rF04rdFexPHuFtq
z6ctByKy/epFp3JW6fju39b7bKgUH0yrshTYpq89kTjLKEEBfvNRvBLnE7XFlZAl
AjkDfXNV0q5YYGMJ2XwazQYHUyMmSswtERUd0VojQ7R3+tVYe7qREsPdXbWjnzNe
6Y0hltYbHHll/XtZid9hjC4hAxSGHLn5nQvUT4hRgKU+CR8t7WHvUFf46L73UoPs
0KUtWtd6uPennJX0lJqX9exAonYHh8Jqk7Fgrd2HD7PW5WZq6IQdg02ZpwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGHosiaMuR/zDXopeuTo6Dm3jc8KMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvWWVpeUpveTVIX01OZWlsNjVPam9PYmVOendvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAUEvXAwQA
uWjAMA8EAgACMAkDBwAqAYZAABAwDQYJKoZIhvcNAQELBQADggEBAJSmkI2yS7Pg
r0pVCtBCatp33EEcJt/niL15gLCnRLo2fyT237k17XHw3wJ7J0k2m0lkL1kMwDdk
y1g0RjbJEkw3nsh9sASayIeJ99QOvOmqZae4P51pgteOo77+e6fidxQpoGl15y1U
jwsSv+3hUffPyrY96DX7Y+t8HJGquGax1/5EJi5DjM+9LWxaKth3bPfY8AbPUTco
16U/EM/fBPKGp1gHG1SMK7ZAzmtanbZjSb9+dRhHPeriY7fWPISoQNA/h0KqWu1e
X2LCYxWoIE1DJObXxL3CL1lYQTSN8v8xylN4xlZuULFZ60iY7yu1Zb1ZuNE9Nalf
vhzi9XRYBlU=
-----END CERTIFICATE-----