Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7JX3BdyWIGDMBrAur00KDq3AAL4.roa
File:                     7JX3BdyWIGDMBrAur00KDq3AAL4.roa (raw, json)
Hash identifier:          ANf+z98THlLIAbtuUReSGCb6JVsoRWy40AX42oqbvas=
Subject key identifier:   EC:95:F7:05:DC:96:20:60:CC:06:B0:2E:AF:4D:0A:0E:AD:C0:00:BE
Certificate issuer:       /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial:       01979B08544AF349C9497599601066A4FF8E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7JX3BdyWIGDMBrAur00KDq3AAL4.roa
Signing time:             Mon 23 Jun 2025 04:25:03 +0000
ROA not before:           Mon 23 Jun 2025 04:25:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     46105
IP address blocks:        77.111.111.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 16:57:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:9b:08:54:4a:f3:49:c9:49:75:99:60:10:66:a4:ff:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
        Validity
            Not Before: Jun 23 04:25:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ec95f705dc962060cc06b02eaf4d0a0eadc000be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:68:0f:0f:67:a1:34:ce:1c:8c:40:65:83:39:
                    79:d9:53:ca:ff:24:9b:4f:83:dc:02:55:af:a8:1f:
                    ab:69:61:04:3d:94:7c:bc:57:72:0f:d0:ec:e7:04:
                    13:55:ff:77:24:2b:e4:5d:4a:5d:d6:1c:b0:57:a7:
                    b7:0b:0f:fb:fd:b4:bb:d2:50:03:ee:f3:fe:85:72:
                    1b:c2:5d:0c:87:a5:0b:29:a2:01:f6:52:80:76:b7:
                    98:76:ca:c5:fe:a6:c8:ac:65:45:ac:e5:f8:b7:e6:
                    28:38:ca:e1:4d:2e:f4:a7:e4:a2:1e:54:c0:f6:4c:
                    df:b7:f9:bc:f3:53:83:38:f5:a3:a1:71:ce:66:79:
                    2d:dc:31:19:d0:d6:ff:b4:19:6c:05:5d:9c:49:97:
                    b6:b7:88:1a:a0:5f:ce:a3:15:45:21:48:e1:c5:ec:
                    47:e4:9c:07:84:c7:ac:72:66:90:04:57:b0:b1:1c:
                    07:bc:92:7d:b3:c7:bf:98:aa:77:42:58:b7:ee:22:
                    46:17:bd:b5:49:bb:cc:30:0b:7d:cf:14:b8:57:7d:
                    15:ba:1c:d8:8e:fa:04:89:8a:cb:35:12:5b:a2:31:
                    72:12:07:cf:9e:ab:fb:ac:38:79:7a:55:5e:98:38:
                    5b:f3:17:5d:5d:c1:34:ae:3c:11:a0:ef:83:8a:45:
                    f1:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:95:F7:05:DC:96:20:60:CC:06:B0:2E:AF:4D:0A:0E:AD:C0:00:BE
            X509v3 Authority Key Identifier:
                keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7JX3BdyWIGDMBrAur00KDq3AAL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.111.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:3d:7b:cb:d7:f5:d6:c5:0e:2c:4c:50:c2:07:31:82:e1:0a:
         f6:ad:c6:f7:84:b5:c7:6c:f0:5c:79:c1:61:cc:31:f2:25:0f:
         bc:bd:dc:1c:17:9f:3f:da:bf:e4:fa:6d:b7:e0:19:02:3b:3d:
         a9:43:46:85:5f:0a:24:8f:4b:af:e6:75:aa:b7:8b:6f:a3:30:
         47:43:56:c8:a7:f7:ba:8b:e7:ab:60:1e:fc:8e:2a:23:37:c8:
         6f:10:3a:1a:62:7f:9a:c5:d6:21:f4:8a:95:94:16:a7:41:ce:
         f4:95:8b:ad:43:ff:71:e9:42:38:b2:36:15:d4:e6:6c:7c:0c:
         3f:65:4d:55:f4:f4:f7:f8:87:4d:86:ed:82:6e:f6:9b:90:d4:
         5b:24:77:3b:2f:46:ba:26:85:1b:79:05:98:17:86:15:0d:81:
         d1:7a:9d:b5:3c:79:41:33:b3:7c:1d:e7:ae:10:6d:e5:db:44:
         29:7b:7b:a4:8c:8a:29:d7:2b:d8:b4:6d:84:ed:9b:0a:bb:49:
         ea:80:c4:da:1d:8c:19:c0:89:5a:66:60:14:62:57:86:58:f7:
         d9:00:63:d6:1f:38:70:33:8b:c3:07:41:58:41:9c:eb:ac:8d:
         d3:1a:90:03:19:ce:df:9e:96:6c:5d:6e:89:40:a0:00:2a:62:
         59:99:2e:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZebCFRK80nJSXWZYBBmpP+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjIzMDQyNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk1ZjcwNWRjOTYyMDYwY2MwNmIwMmVhZjRkMGEwZWFkYzAwMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGgPD2ehNM4cjEBlgzl52VPK/ySb
T4PcAlWvqB+raWEEPZR8vFdyD9Ds5wQTVf93JCvkXUpd1hywV6e3Cw/7/bS70lAD
7vP+hXIbwl0Mh6ULKaIB9lKAdreYdsrF/qbIrGVFrOX4t+YoOMrhTS70p+SiHlTA
9kzft/m881ODOPWjoXHOZnkt3DEZ0Nb/tBlsBV2cSZe2t4gaoF/OoxVFIUjhxexH
5JwHhMescmaQBFewsRwHvJJ9s8e/mKp3Qli37iJGF721SbvMMAt9zxS4V30VuhzY
jvoEiYrLNRJbojFyEgfPnqv7rDh5elVemDhb8xddXcE0rjwRoO+DikXxzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyV9wXcliBgzAawLq9NCg6twAC+MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvN0pYM0JkeVdJR0RNQnJBdXIwMEtEcTNBQUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9vMA0G
CSqGSIb3DQEBCwUAA4IBAQAQPXvL1/XWxQ4sTFDCBzGC4Qr2rcb3hLXHbPBcecFh
zDHyJQ+8vdwcF58/2r/k+m234BkCOz2pQ0aFXwokj0uv5nWqt4tvozBHQ1bIp/e6
i+erYB78jiojN8hvEDoaYn+axdYh9IqVlBanQc70lYutQ/9x6UI4sjYV1OZsfAw/
ZU1V9PT3+IdNhu2CbvabkNRbJHc7L0a6JoUbeQWYF4YVDYHRep21PHlBM7N8Heeu
EG3l20Qpe3ukjIop1yvYtG2E7ZsKu0nqgMTaHYwZwIlaZmAUYleGWPfZAGPWHzhw
M4vDB0FYQZzrrI3TGpADGc7fnpZsXW6JQKAAKmJZmS6V
-----END CERTIFICATE-----