Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa
File:                     tnDBwukw0h8yvmfKynq161ze7HM.roa (raw, json)
Hash identifier:          hhJlzz8ox0/NR3tX5f2QrfPo2aePRzJGPcnJfHw1RMM=
Subject key identifier:   B6:70:C1:C2:E9:30:D2:1F:32:BE:67:CA:CA:7A:B5:EB:5C:DE:EC:73
Certificate issuer:       /CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
Certificate serial:       0199513953DB0B6B084E80DB576170914A5C
Authority key identifier: 26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa
Signing time:             Tue 16 Sep 2025 06:32:15 +0000
ROA not before:           Tue 16 Sep 2025 06:32:15 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     58243
IP address blocks:        5.61.128.0/18 maxlen: 18
                          5.61.128.0/19 maxlen: 19
                          5.61.128.0/20 maxlen: 20
                          5.61.128.0/23 maxlen: 23
                          5.61.130.0/23 maxlen: 23
                          5.61.130.0/24 maxlen: 24
                          5.61.131.0/24 maxlen: 24
                          5.61.132.0/22 maxlen: 24
                          5.61.134.0/23 maxlen: 23
                          5.61.136.0/21 maxlen: 24
                          5.61.138.0/23 maxlen: 23
                          5.61.140.0/22 maxlen: 22
                          5.61.144.0/20 maxlen: 24
                          5.61.144.0/22 maxlen: 22
                          5.61.144.0/24 maxlen: 24
                          5.61.145.0/24 maxlen: 24
                          5.61.146.0/24 maxlen: 24
                          5.61.147.0/24 maxlen: 24
                          5.61.148.0/24 maxlen: 24
                          5.61.150.0/24 maxlen: 24
                          5.61.151.0/24 maxlen: 24
                          5.61.152.0/22 maxlen: 22
                          5.61.152.0/23 maxlen: 23
                          5.61.156.0/24 maxlen: 24
                          5.61.157.0/24 maxlen: 24
                          5.61.158.0/23 maxlen: 23
                          5.61.160.0/19 maxlen: 19
                          5.61.160.0/20 maxlen: 20
                          5.61.160.0/24 maxlen: 24
                          5.61.163.0/24 maxlen: 24
                          5.61.164.0/22 maxlen: 22
                          5.61.164.0/24 maxlen: 24
                          5.61.165.0/24 maxlen: 24
                          5.61.166.0/23 maxlen: 23
                          5.61.168.0/21 maxlen: 21
                          5.61.168.0/23 maxlen: 23
                          5.61.170.0/23 maxlen: 23
                          5.61.172.0/22 maxlen: 22
                          5.61.175.0/24 maxlen: 24
                          5.61.176.0/20 maxlen: 20
                          5.61.176.0/21 maxlen: 21
                          5.61.184.0/23 maxlen: 23
                          5.61.186.0/24 maxlen: 24
                          5.61.187.0/24 maxlen: 24
                          5.61.188.0/23 maxlen: 23
                          5.61.190.0/23 maxlen: 23
                          5.61.190.0/24 maxlen: 24
                          185.78.252.0/22 maxlen: 22
                          185.78.255.0/24 maxlen: 24
                          207.89.64.0/18 maxlen: 18
                          207.89.64.0/19 maxlen: 19
                          207.89.64.0/20 maxlen: 20
                          207.89.64.0/24 maxlen: 24
                          207.89.65.0/24 maxlen: 24
                          207.89.66.0/23 maxlen: 23
                          207.89.67.0/24 maxlen: 24
                          207.89.68.0/24 maxlen: 24
                          207.89.70.0/23 maxlen: 23
                          207.89.72.0/22 maxlen: 22
                          207.89.72.0/23 maxlen: 23
                          207.89.74.0/23 maxlen: 23
                          207.89.76.0/24 maxlen: 24
                          207.89.77.0/24 maxlen: 24
                          207.89.78.0/23 maxlen: 23
                          207.89.80.0/20 maxlen: 20
                          207.89.80.0/23 maxlen: 23
                          207.89.82.0/24 maxlen: 24
                          207.89.83.0/24 maxlen: 24
                          207.89.86.0/23 maxlen: 23
                          207.89.88.0/22 maxlen: 22
                          207.89.92.0/22 maxlen: 22
                          207.89.92.0/24 maxlen: 24
                          207.89.96.0/19 maxlen: 24
                          207.89.96.0/20 maxlen: 20
                          207.89.96.0/24 maxlen: 24
                          207.89.101.0/24 maxlen: 24
                          207.89.108.0/24 maxlen: 24
                          207.89.109.0/24 maxlen: 24
                          207.89.112.0/20 maxlen: 20
                          207.89.116.0/23 maxlen: 23
                          207.89.118.0/23 maxlen: 23
                          207.89.120.0/21 maxlen: 21
                          2a01:5240::/29 maxlen: 29
                          2a01:5240::/30 maxlen: 30
                          2a01:5241::/39 maxlen: 39
                          2a01:5244::/30 maxlen: 30
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 09:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:51:39:53:db:0b:6b:08:4e:80:db:57:61:70:91:4a:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
        Validity
            Not Before: Sep 16 06:32:15 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b670c1c2e930d21f32be67caca7ab5eb5cdeec73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9d:d2:c6:91:70:04:aa:7c:a3:e3:68:f7:9c:
                    49:7b:a7:5b:12:ed:c7:eb:0d:84:20:cc:aa:73:02:
                    bd:d8:71:be:c4:e4:38:7e:2b:38:e5:aa:50:eb:12:
                    96:9f:ac:ed:4b:54:cf:5a:7c:5b:6d:8c:fb:43:de:
                    d0:d7:72:ec:39:92:83:54:3f:6d:ef:9c:fe:d0:bd:
                    1e:59:a2:c7:28:67:3a:2d:ec:81:34:f5:0e:16:89:
                    e1:b6:07:01:f0:fc:fa:74:57:89:0e:00:63:1a:af:
                    9d:e0:e8:6b:25:3e:ad:17:ae:06:5a:32:4b:cb:86:
                    3c:2f:b5:53:04:6c:42:f9:97:e2:f4:f3:74:3a:c0:
                    39:27:78:37:c1:a4:2b:91:be:35:a2:1f:f8:ac:9a:
                    7d:57:aa:2a:aa:4f:cb:9a:45:79:4f:dd:d1:9a:b0:
                    53:51:10:a0:21:65:04:17:bd:a7:91:85:84:b5:66:
                    4f:c6:5e:4e:eb:21:05:b9:87:f7:4c:c3:3c:57:a1:
                    62:04:be:67:25:37:6b:4b:17:57:e3:9f:bb:41:36:
                    ad:ea:dd:6d:a7:ee:03:87:4e:34:d9:d4:ec:b8:d2:
                    57:26:f0:2f:5d:b5:0b:ac:ab:06:a6:44:f8:9b:62:
                    ca:ec:80:31:86:c2:04:d9:4e:a3:b1:e3:87:67:ea:
                    6c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:70:C1:C2:E9:30:D2:1F:32:BE:67:CA:CA:7A:B5:EB:5C:DE:EC:73
            X509v3 Authority Key Identifier:
                keyid:26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.61.128.0/18
                  185.78.252.0/22
                  207.89.64.0/18
                IPv6:
                  2a01:5240::/29

    Signature Algorithm: sha256WithRSAEncryption
         3c:d3:12:96:ea:24:b0:60:11:3b:c9:3d:ca:55:b1:af:a6:76:
         bb:57:04:aa:2e:1a:73:f1:51:b8:fe:92:bc:b2:87:60:17:7b:
         04:e6:6c:c9:b4:85:42:c6:11:7d:89:43:f3:dd:9e:76:16:3d:
         b3:16:bc:6e:33:59:ea:1a:61:6a:ab:8a:3c:81:7a:1b:5f:0d:
         ed:81:5c:69:9b:e8:2d:54:2c:f8:ab:41:13:7d:8b:0e:03:f2:
         80:11:28:73:1f:a6:d2:bc:65:ed:45:fe:b8:27:46:97:6f:6f:
         45:ad:8e:aa:83:56:e5:a2:b5:fa:4c:8b:1d:1c:ba:83:12:58:
         0f:45:7e:0f:56:cb:fa:87:dc:a4:9e:ef:fa:38:5f:68:9a:4a:
         9f:15:ce:eb:c7:18:1c:14:08:09:b9:25:2e:91:4e:be:a0:f8:
         57:29:7d:df:ee:37:f2:70:b0:fb:79:3d:b4:25:dd:68:65:6f:
         ed:da:e6:37:e2:1c:ff:a6:5c:da:5e:f2:c0:c2:50:76:e6:a4:
         18:79:34:00:14:69:4b:b1:71:60:c0:47:ba:62:a0:67:19:dd:
         47:77:86:8c:39:b1:fa:ac:fb:0a:a4:28:03:78:4c:e1:7e:ee:
         2c:ef:f6:b1:a6:cf:59:cf:bc:09:a7:a4:7a:72:ab:b0:3b:57:
         e4:c7:e7:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZlROVPbC2sIToDbV2FwkUpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZjM2YjVjNmNhN2ExNjk4ZTc0MjFhMjdlM2Q0YTZiNzY0
ODE0OGQwHhcNMjUwOTE2MDYzMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcwYzFjMmU5MzBkMjFmMzJiZTY3Y2FjYTdhYjVlYjVjZGVlYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ3SxpFwBKp8o+No95xJe6dbEu3H
6w2EIMyqcwK92HG+xOQ4fis45apQ6xKWn6ztS1TPWnxbbYz7Q97Q13LsOZKDVD9t
75z+0L0eWaLHKGc6LeyBNPUOFonhtgcB8Pz6dFeJDgBjGq+d4OhrJT6tF64GWjJL
y4Y8L7VTBGxC+Zfi9PN0OsA5J3g3waQrkb41oh/4rJp9V6oqqk/LmkV5T93RmrBT
URCgIWUEF72nkYWEtWZPxl5O6yEFuYf3TMM8V6FiBL5nJTdrSxdX45+7QTat6t1t
p+4Dh0402dTsuNJXJvAvXbULrKsGpkT4m2LK7IAxhsIE2U6jseOHZ+psmwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLZwwcLpMNIfMr5nysp6tetc3uxzMB8GA1UdIwQY
MBaAFCbza1xsp6FpjnQhon49Smt2SBSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYt
NGEyYmY0YWIxOTlkLzEvdG5EQnd1a3cwaDh5dm1mS3lucTE2MXplN0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYtNGEyYmY0YWIxOTlk
LzEvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGBT2AAwQC
uU78AwQGz1lAMA0EAgACMAcDBQMqAVJAMA0GCSqGSIb3DQEBCwUAA4IBAQA80xKW
6iSwYBE7yT3KVbGvpna7VwSqLhpz8VG4/pK8sodgF3sE5mzJtIVCxhF9iUPz3Z52
Fj2zFrxuM1nqGmFqq4o8gXobXw3tgVxpm+gtVCz4q0ETfYsOA/KAEShzH6bSvGXt
Rf64J0aXb29FrY6qg1blorX6TIsdHLqDElgPRX4PVsv6h9yknu/6OF9omkqfFc7r
xxgcFAgJuSUukU6+oPhXKX3f7jfycLD7eT20Jd1oZW/t2uY34hz/plzaXvLAwlB2
5qQYeTQAFGlLsXFgwEe6YqBnGd1Hd4aMObH6rPsKpCgDeEzhfu4s7/axps9Zz7wJ
p6R6cquwO1fkx+dv
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:16 2025 by rpki-client