Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12741.roa
File:                     AS12741.roa (raw, json)
Hash identifier:          Kbu7slsB09kauclUZ7z+t+d4RGiYz59fhRAQxi3CSig=
Subject key identifier:   42:AD:97:AD:E9:92:94:A3:10:27:60:BA:98:16:76:BF:66:76:86:10
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       2AC01E8DA4B9B22A6F88544A79D99E5FF4EEACFE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12741.roa
Signing time:             Tue 03 Mar 2026 03:46:43 +0000
ROA not before:           Tue 03 Mar 2026 03:41:43 +0000
ROA not after:            Tue 02 Mar 2027 03:46:43 +0000
asID:                     12741
IP address blocks:        96.62.232.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:c0:1e:8d:a4:b9:b2:2a:6f:88:54:4a:79:d9:9e:5f:f4:ee:ac:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar  3 03:41:43 2026 GMT
            Not After : Mar  2 03:46:43 2027 GMT
        Subject: CN=42AD97ADE99294A3102760BA981676BF66768610
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:04:ce:7a:41:75:74:79:bb:c2:f4:13:a1:0b:
                    88:da:4b:e7:ae:9b:1f:1f:07:c6:3f:d5:91:8e:35:
                    af:17:13:4e:c0:37:7f:2c:93:76:66:c1:e3:cd:27:
                    17:d3:0b:27:e0:32:3a:1f:1b:22:62:7b:3b:7a:19:
                    bb:f0:f4:1e:2a:da:38:ff:a7:a0:a5:8f:1d:14:b6:
                    d7:56:be:0b:87:df:af:d7:0b:03:cd:1e:77:41:b8:
                    05:a9:e8:9f:81:ed:0c:66:42:fb:b6:59:d7:b9:64:
                    a1:9c:8e:0b:48:96:de:85:f0:d7:e4:a5:62:34:30:
                    c9:01:2b:a4:14:bc:13:52:c8:b5:b3:39:20:63:19:
                    d9:9a:c0:4d:04:e2:74:7d:9f:ac:e6:f4:42:dc:6a:
                    86:cc:8a:6a:25:83:37:70:fb:72:a8:c6:f4:6d:ec:
                    47:d7:3e:15:a2:90:a8:ea:07:70:f8:e8:7a:07:1d:
                    f1:80:00:fb:08:97:ca:0b:01:84:28:67:fd:d0:de:
                    f3:f8:45:7b:9f:b6:f6:6b:68:87:18:9a:21:38:72:
                    53:ed:1b:63:eb:d9:b8:66:d5:13:49:53:a3:ab:6b:
                    b2:38:cd:50:28:f7:a8:63:77:4c:8f:54:9d:3d:a9:
                    5b:3e:90:1d:e5:4b:45:83:9c:20:61:40:f6:15:b6:
                    a4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:AD:97:AD:E9:92:94:A3:10:27:60:BA:98:16:76:BF:66:76:86:10
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS12741.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.62.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:6f:27:65:0b:fc:17:57:dc:ac:cc:fe:db:d7:2e:2a:89:b5:
         1e:96:a0:0f:19:6c:82:63:68:85:25:b5:fa:0e:39:9d:ba:68:
         9d:2f:ac:01:48:c7:74:cb:d8:20:87:18:a8:5b:d3:1a:e8:90:
         3e:74:46:03:64:bb:2a:b9:64:48:2a:0d:6b:c4:95:71:e0:45:
         a2:20:d1:5d:a0:b5:60:45:1e:56:ff:8f:b0:a8:2f:ba:ff:e7:
         94:ca:e2:a0:0d:9e:3c:b4:6c:6d:9b:ba:25:ee:d9:5d:48:cd:
         e4:1d:63:95:7d:7b:46:65:26:70:99:a1:dc:4a:f7:ff:87:64:
         15:78:04:96:48:3a:d7:42:cd:ae:35:9b:01:0d:b9:09:0b:66:
         92:f0:d8:65:50:95:10:d0:43:3f:72:fa:23:9f:4f:29:20:7e:
         bd:04:98:4e:c9:a2:75:99:b3:42:7b:9e:8e:62:51:c1:6c:74:
         17:11:10:f1:1a:9a:f4:71:5c:95:4b:b6:db:59:35:64:c3:d8:
         4d:1c:e6:c4:e4:bb:93:df:c1:d8:45:b8:82:e7:3d:72:e1:61:
         ae:55:ef:54:2a:0f:cb:3b:35:75:f9:54:6c:df:ff:40:23:2c:
         5d:e9:ba:bd:ad:66:f3:bf:61:b7:2c:c5:a8:bc:a1:94:30:e4:
         3b:68:a9:c1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUKsAejaS5sipviFRKedmeX/TurP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMDMwMzQxNDNaFw0yNzAzMDIwMzQ2NDNaMDMxMTAvBgNV
BAMTKDQyQUQ5N0FERTk5Mjk0QTMxMDI3NjBCQTk4MTY3NkJGNjY3Njg2MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmBM56QXV0ebvC9BOhC4jaS+eu
mx8fB8Y/1ZGONa8XE07AN38sk3ZmwePNJxfTCyfgMjofGyJiezt6Gbvw9B4q2jj/
p6Cljx0UttdWvguH36/XCwPNHndBuAWp6J+B7QxmQvu2Wde5ZKGcjgtIlt6F8Nfk
pWI0MMkBK6QUvBNSyLWzOSBjGdmawE0E4nR9n6zm9ELcaobMimolgzdw+3KoxvRt
7EfXPhWikKjqB3D46HoHHfGAAPsIl8oLAYQoZ/3Q3vP4RXuftvZraIcYmiE4clPt
G2Pr2bhm1RNJU6Ora7I4zVAo96hjd0yPVJ09qVs+kB3lS0WDnCBhQPYVtqSZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUQq2XremSlKMQJ2C6mBZ2v2Z2hhAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTI3NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJgPugw
DQYJKoZIhvcNAQELBQADggEBAJFvJ2UL/BdX3KzM/tvXLiqJtR6WoA8ZbIJjaIUl
tfoOOZ26aJ0vrAFIx3TL2CCHGKhb0xrokD50RgNkuyq5ZEgqDWvElXHgRaIg0V2g
tWBFHlb/j7CoL7r/55TK4qANnjy0bG2buiXu2V1IzeQdY5V9e0ZlJnCZodxK9/+H
ZBV4BJZIOtdCza41mwENuQkLZpLw2GVQlRDQQz9y+iOfTykgfr0EmE7JonWZs0J7
no5iUcFsdBcREPEamvRxXJVLtttZNWTD2E0c5sTku5PfwdhFuILnPXLhYa5V71Qq
D8s7NXX5VGzf/0AjLF3pur2tZvO/Ybcsxai8oZQw5DtoqcE=
-----END CERTIFICATE-----