Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/TnQBnRgF1Fd44NNajn0aU2c4k-U.roa
File:                     TnQBnRgF1Fd44NNajn0aU2c4k-U.roa (raw, json)
Hash identifier:          bygzgFDHIVUQArLZudG2dlgz5CAq7YfyRAQZ0W8ymG8=
Subject key identifier:   4E:74:01:9D:18:05:D4:57:78:E0:D3:5A:8E:7D:1A:53:67:38:93:E5
Certificate issuer:       /CN=2e3d5adb1d064369b7e41baebdb0e8e135d65763
Certificate serial:       0198A42107D20DF52D77341D5BBBC259FA16
Authority key identifier: 2E:3D:5A:DB:1D:06:43:69:B7:E4:1B:AE:BD:B0:E8:E1:35:D6:57:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/TnQBnRgF1Fd44NNajn0aU2c4k-U.roa
Signing time:             Wed 13 Aug 2025 15:51:24 +0000
ROA not before:           Wed 13 Aug 2025 15:51:24 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     60359
IP address blocks:        80.78.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 09:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a4:21:07:d2:0d:f5:2d:77:34:1d:5b:bb:c2:59:fa:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e3d5adb1d064369b7e41baebdb0e8e135d65763
        Validity
            Not Before: Aug 13 15:51:24 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4e74019d1805d45778e0d35a8e7d1a53673893e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c0:a2:bd:34:79:c8:b6:8a:a2:b7:d0:a8:40:
                    2c:2c:27:56:5b:e2:bc:32:27:bd:49:d6:fa:ef:a7:
                    78:63:c2:5d:39:b4:e7:bb:c5:95:fe:b3:c1:a3:71:
                    9f:ad:6d:cb:8a:a3:f3:15:81:aa:1d:de:0a:53:96:
                    a4:72:a5:1d:4b:94:54:4c:f9:07:c2:55:ab:be:1d:
                    34:c6:a1:f5:e9:14:71:16:11:9b:ed:b2:ac:aa:b8:
                    79:15:57:cf:5b:d7:0b:b1:b3:1c:9c:89:54:8f:e2:
                    0b:99:db:7e:3d:6c:9e:6a:9c:9d:d0:38:ed:d8:55:
                    37:6c:74:76:28:46:9d:f7:34:d0:cb:a7:e3:98:99:
                    e2:66:47:92:f3:f4:cf:2c:08:0c:7e:b7:51:56:db:
                    84:0d:1b:e2:92:94:38:13:cb:84:41:98:63:1f:34:
                    dd:15:85:43:1a:0f:2a:7a:53:55:6c:cc:a1:07:4d:
                    ce:67:97:cb:07:9c:65:1c:f3:93:1a:da:ff:f4:94:
                    29:68:08:f2:ce:a9:c0:df:12:93:59:39:da:f2:c0:
                    13:dc:1e:51:54:4c:5f:68:e3:9c:cf:03:24:11:02:
                    de:0c:95:43:40:cb:c9:b4:e2:78:f9:dc:b4:8f:a9:
                    71:7c:c6:a9:31:99:19:94:b5:73:f7:07:63:47:a6:
                    2f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:74:01:9D:18:05:D4:57:78:E0:D3:5A:8E:7D:1A:53:67:38:93:E5
            X509v3 Authority Key Identifier:
                keyid:2E:3D:5A:DB:1D:06:43:69:B7:E4:1B:AE:BD:B0:E8:E1:35:D6:57:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/TnQBnRgF1Fd44NNajn0aU2c4k-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/87615a-3ca3-4b5b-810c-bebf42fbe846/1/Lj1a2x0GQ2m35BuuvbDo4TXWV2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.78.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:55:75:32:71:ff:9c:df:e1:71:e6:28:66:db:b7:cd:68:11:
         6c:e7:de:1a:0d:23:21:5e:cc:7a:b1:2d:e0:78:d1:b1:e7:05:
         6c:6e:2b:6a:0f:a6:a0:a6:cf:c9:5e:2d:38:ea:91:19:8e:cd:
         fe:06:fe:cd:3e:b4:73:9c:fe:b5:98:9b:3e:63:07:54:9b:1f:
         ce:9f:4b:bf:47:6e:54:54:8e:db:65:75:9e:e7:85:2a:dd:7c:
         98:0e:45:75:91:7b:5f:40:67:61:7b:7f:be:2d:0a:33:2a:5e:
         1f:b8:42:70:ee:d5:de:b4:d0:74:a6:bd:10:82:fc:28:47:e9:
         6b:be:79:53:ae:a4:5d:b8:86:86:b8:14:bb:70:3b:c6:11:92:
         b6:95:8d:bb:5f:2c:b2:e4:39:3a:73:61:e2:2c:b4:02:c4:27:
         2d:f5:49:c7:db:be:50:d5:29:0d:63:ec:f4:48:ea:b2:ac:97:
         fe:3f:9a:b4:cc:49:e2:0b:7e:3d:ec:93:fe:4e:23:02:ad:ff:
         5f:26:8c:bf:f4:a5:8c:d2:0b:e4:59:67:e8:ba:9a:ef:4a:1e:
         33:d8:91:da:95:11:f0:38:48:9d:c9:73:6d:91:50:47:5d:df:
         5c:df:9b:33:8a:07:cf:f3:da:ee:71:ef:37:44:4f:6f:3f:c1:
         89:68:e7:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZikIQfSDfUtdzQdW7vCWfoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlM2Q1YWRiMWQwNjQzNjliN2U0MWJhZWJkYjBlOGUxMzVk
NjU3NjMwHhcNMjUwODEzMTU1MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTc0MDE5ZDE4MDVkNDU3NzhlMGQzNWE4ZTdkMWE1MzY3Mzg5M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcCivTR5yLaKorfQqEAsLCdWW+K8
Mie9Sdb676d4Y8JdObTnu8WV/rPBo3GfrW3LiqPzFYGqHd4KU5akcqUdS5RUTPkH
wlWrvh00xqH16RRxFhGb7bKsqrh5FVfPW9cLsbMcnIlUj+ILmdt+PWyeapyd0Djt
2FU3bHR2KEad9zTQy6fjmJniZkeS8/TPLAgMfrdRVtuEDRvikpQ4E8uEQZhjHzTd
FYVDGg8qelNVbMyhB03OZ5fLB5xlHPOTGtr/9JQpaAjyzqnA3xKTWTna8sAT3B5R
VExfaOOczwMkEQLeDJVDQMvJtOJ4+dy0j6lxfMapMZkZlLVz9wdjR6YvnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE50AZ0YBdRXeODTWo59GlNnOJPlMB8GA1UdIwQY
MBaAFC49WtsdBkNpt+Qbrr2w6OE11ldjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGoxYTJ4MEdRMm0zNUJ1dXZiRG80VFhXVjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84NzYxNWEtM2NhMy00YjViLTgxMGMt
YmViZjQyZmJlODQ2LzEvVG5RQm5SZ0YxRmQ0NE5OYWpuMGFVMmM0ay1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84NzYxNWEtM2NhMy00YjViLTgxMGMtYmViZjQyZmJlODQ2
LzEvTGoxYTJ4MEdRMm0zNUJ1dXZiRG80VFhXVjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUE4/MA0G
CSqGSIb3DQEBCwUAA4IBAQBpVXUycf+c3+Fx5ihm27fNaBFs594aDSMhXsx6sS3g
eNGx5wVsbitqD6agps/JXi046pEZjs3+Bv7NPrRznP61mJs+YwdUmx/On0u/R25U
VI7bZXWe54Uq3XyYDkV1kXtfQGdhe3++LQozKl4fuEJw7tXetNB0pr0QgvwoR+lr
vnlTrqRduIaGuBS7cDvGEZK2lY27Xyyy5Dk6c2HiLLQCxCct9UnH275Q1SkNY+z0
SOqyrJf+P5q0zEniC3497JP+TiMCrf9fJoy/9KWM0gvkWWfouprvSh4z2JHalRHw
OEidyXNtkVBHXd9c35szigfP89ruce83RE9vP8GJaOdV
-----END CERTIFICATE-----