Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS44592.roa
File:                     AS44592.roa (raw, json)
Hash identifier:          2YPnPSuu51o04/p+oDfCtHlck32Pt4EflVnGCL1VR/w=
Subject key identifier:   5D:16:E8:16:F8:36:81:AE:C7:06:4F:86:FE:73:C2:A1:FD:74:33:66
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       799760D6346D31886C83B31D11766949DEE0748E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS44592.roa
Signing time:             Sun 03 May 2026 00:47:07 +0000
ROA not before:           Sun 03 May 2026 00:42:07 +0000
ROA not after:            Sun 02 May 2027 00:47:07 +0000
asID:                     44592
IP address blocks:        147.79.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 17:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:97:60:d6:34:6d:31:88:6c:83:b3:1d:11:76:69:49:de:e0:74:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: May  3 00:42:07 2026 GMT
            Not After : May  2 00:47:07 2027 GMT
        Subject: CN=5D16E816F83681AEC7064F86FE73C2A1FD743366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4b:bf:ba:c4:bc:b8:8f:35:47:fc:76:4a:24:
                    02:bb:c7:b2:58:cb:ff:50:8b:75:55:08:4a:d7:44:
                    27:b7:6e:81:56:e3:66:14:37:9b:b3:d8:a8:93:d7:
                    16:87:d2:39:0e:39:35:ed:d6:1b:e3:a4:42:32:e3:
                    f2:59:10:fe:34:30:ad:76:ba:d4:28:23:1c:ff:e0:
                    4f:71:54:06:89:09:27:f8:02:fc:99:b2:d5:02:eb:
                    71:2a:23:be:32:89:8d:ed:45:b0:35:50:ad:28:04:
                    78:0b:41:26:9e:89:c5:9f:73:12:e4:de:5b:3e:3a:
                    7e:4e:e3:25:99:41:c7:00:48:e0:7b:71:97:65:c1:
                    cb:a8:49:09:3c:11:69:b2:92:44:b8:12:24:9b:96:
                    8d:22:67:87:5c:c0:e8:58:d3:01:78:43:03:48:a4:
                    58:a4:38:b4:92:6a:1d:51:93:83:28:6c:50:7b:9a:
                    e7:8a:76:77:0f:15:44:38:7a:e7:1e:eb:5a:36:82:
                    ec:2d:fc:43:a1:b6:c3:97:9d:04:9b:8c:9c:53:b1:
                    23:ee:1e:f2:7d:e3:a9:27:a3:83:f4:86:a6:56:23:
                    45:74:3b:3c:cd:32:32:46:8b:c6:ab:29:15:e2:12:
                    04:1d:ae:b5:51:0c:6a:a6:36:9f:b0:d6:f0:b0:05:
                    c2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:16:E8:16:F8:36:81:AE:C7:06:4F:86:FE:73:C2:A1:FD:74:33:66
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS44592.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:c2:33:82:b2:cc:44:03:ea:2b:fd:06:d0:f3:e3:43:3b:33:
         87:bc:f4:6e:b7:d2:9d:75:6d:30:79:dc:5d:cc:49:da:77:95:
         c0:3b:92:5c:f8:bf:76:cf:a1:e5:f3:4f:cc:02:00:86:c1:31:
         f0:eb:aa:34:20:af:b3:74:9e:ad:80:b3:3f:14:58:3e:cc:01:
         00:6d:d7:6c:05:de:3e:0e:a6:0a:5c:1b:da:5a:a4:2f:5d:9f:
         57:2b:01:5d:b5:b9:23:4b:6f:11:be:a8:9a:7c:c9:d3:09:e2:
         09:53:28:b3:0b:a2:ef:a8:e5:00:3f:df:1a:52:b5:57:dc:4b:
         6f:5a:71:b1:81:bb:ce:b9:5e:c0:5d:a5:33:55:43:0b:12:52:
         89:16:bd:3d:93:1d:78:ea:32:0f:87:46:da:c6:b3:27:db:44:
         93:16:fe:f2:f4:6c:6a:78:e4:42:3d:9e:b0:8d:ac:d5:ca:a9:
         d5:8e:0c:93:ee:f5:03:f2:33:e0:62:69:f2:bd:3e:b0:f3:47:
         72:13:6c:49:b5:e4:9f:7d:a1:24:09:10:cd:f9:64:38:4b:43:
         7f:53:d6:fc:45:fb:13:27:af:f3:5b:0f:28:3f:b2:69:bd:92:
         b1:26:11:c3:db:f5:c4:33:e7:75:be:03:f6:c8:f1:81:fc:be:
         f4:66:e9:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUeZdg1jRtMYhsg7MdEXZpSd7gdI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA1MDMwMDQyMDdaFw0yNzA1MDIwMDQ3MDdaMDMxMTAvBgNV
BAMTKDVEMTZFODE2RjgzNjgxQUVDNzA2NEY4NkZFNzNDMkExRkQ3NDMzNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVS7+6xLy4jzVH/HZKJAK7x7JY
y/9Qi3VVCErXRCe3boFW42YUN5uz2KiT1xaH0jkOOTXt1hvjpEIy4/JZEP40MK12
utQoIxz/4E9xVAaJCSf4AvyZstUC63EqI74yiY3tRbA1UK0oBHgLQSaeicWfcxLk
3ls+On5O4yWZQccASOB7cZdlwcuoSQk8EWmykkS4EiSblo0iZ4dcwOhY0wF4QwNI
pFikOLSSah1Rk4MobFB7mueKdncPFUQ4euce61o2guwt/EOhtsOXnQSbjJxTsSPu
HvJ946kno4P0hqZWI0V0OzzNMjJGi8arKRXiEgQdrrVRDGqmNp+w1vCwBcJrAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUXRboFvg2ga7HBk+G/nPCof10M2YwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDQ1OTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTTxsw
DQYJKoZIhvcNAQELBQADggEBABnCM4KyzEQD6iv9BtDz40M7M4e89G630p11bTB5
3F3MSdp3lcA7klz4v3bPoeXzT8wCAIbBMfDrqjQgr7N0nq2Asz8UWD7MAQBt12wF
3j4OpgpcG9papC9dn1crAV21uSNLbxG+qJp8ydMJ4glTKLMLou+o5QA/3xpStVfc
S29acbGBu865XsBdpTNVQwsSUokWvT2THXjqMg+HRtrGsyfbRJMW/vL0bGp45EI9
nrCNrNXKqdWODJPu9QPyM+BiafK9PrDzR3ITbEm15J99oSQJEM35ZDhLQ39T1vxF
+xMnr/NbDyg/smm9krEmEcPb9cQz53W+A/bI8YH8vvRm6Zg=
-----END CERTIFICATE-----