Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa
File:                     AS8075.roa (raw, json)
Hash identifier:          igukOUocqgwjxNmHuGlBJXiToo/7tkL8vOMiQ5wIHYI=
Subject key identifier:   C3:AD:CF:22:38:D9:BE:75:BD:55:0E:60:94:75:1D:C0:E0:E1:2B:6A
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       3E54060E7F852C7D36EDF5FD44A3831322621089
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa
Signing time:             Sat 13 Sep 2025 00:07:46 +0000
ROA not before:           Sat 13 Sep 2025 00:02:46 +0000
ROA not after:            Sat 12 Sep 2026 00:07:46 +0000
asID:                     8075
IP address blocks:        147.79.26.0/24 maxlen: 24
                          155.117.144.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:54:06:0e:7f:85:2c:7d:36:ed:f5:fd:44:a3:83:13:22:62:10:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Sep 13 00:02:46 2025 GMT
            Not After : Sep 12 00:07:46 2026 GMT
        Subject: CN=C3ADCF2238D9BE75BD550E6094751DC0E0E12B6A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:27:02:77:bf:5c:a1:53:d9:6f:c1:1c:bc:3f:
                    c7:07:48:fa:5b:65:cb:80:3f:28:bd:0b:2b:2f:fd:
                    88:85:eb:0d:f0:6f:83:8b:be:91:1f:fa:f3:e9:39:
                    98:28:97:71:ed:80:a9:d9:47:c8:f1:ae:12:b3:f3:
                    e1:8f:34:e9:2f:6d:e6:94:dc:eb:d6:49:3b:83:6f:
                    c1:d9:f8:cc:b2:ea:e6:b1:36:7f:e9:e8:f1:3e:71:
                    fa:ea:19:ba:9e:c8:04:bb:44:49:27:89:82:32:3d:
                    0b:d4:56:dd:11:c2:5f:2a:38:c7:2a:97:ab:53:6b:
                    b9:ff:77:1e:9c:df:b2:98:f3:1b:9e:e2:17:81:2d:
                    c4:5d:5e:ac:5d:ee:2a:d0:9a:d0:9a:86:7a:e0:0c:
                    7d:67:ec:3f:42:6a:c5:2e:a3:50:20:60:0f:6d:10:
                    eb:c7:9c:de:e7:29:33:60:c5:10:ad:65:3e:09:d8:
                    54:f5:41:07:e5:2b:1c:c3:35:a7:be:8c:c0:2d:a8:
                    2d:5d:a2:4d:bb:3f:d1:eb:d8:9b:cf:c5:3d:a2:2b:
                    1c:8c:81:27:e9:28:92:5d:aa:a0:7f:e6:55:76:83:
                    57:a1:45:18:1c:a1:86:09:56:61:70:62:8a:80:9f:
                    57:5c:6c:af:88:2f:8e:cf:f3:6e:d3:6d:df:1b:20:
                    cf:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:AD:CF:22:38:D9:BE:75:BD:55:0E:60:94:75:1D:C0:E0:E1:2B:6A
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS8075.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.26.0/24
                  155.117.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:5f:62:15:97:47:80:47:85:46:27:d2:12:6b:7c:3e:87:92:
         77:b6:1f:fd:f5:6c:a3:e2:62:07:45:10:33:b2:26:bd:a0:6b:
         cd:f3:fd:35:f3:42:e9:9e:60:a1:cd:92:73:9b:33:20:0e:20:
         6b:bd:bd:e5:a6:b7:2b:d6:77:83:7f:57:aa:b4:0f:65:b6:3c:
         af:63:44:4f:5d:0a:8a:36:5c:8a:d9:a4:c7:69:08:7a:36:84:
         d6:fc:6d:ca:87:b8:a0:54:6c:19:00:2c:05:b7:0c:ba:47:26:
         1c:5b:ad:76:d7:c6:b5:5e:12:7e:bb:f0:97:2b:29:c0:bf:55:
         15:ab:0e:77:41:6a:d3:51:3b:03:56:21:e1:53:07:e3:7d:68:
         da:c1:a4:44:e4:86:a7:c4:43:d3:8a:e6:8a:01:9f:b9:65:e1:
         3b:67:d6:78:b4:a7:1b:e5:e1:7a:73:a8:bd:8d:ee:95:b3:2e:
         ac:d5:b3:36:df:cd:1d:5d:61:e6:aa:8d:0a:1f:f1:2d:04:43:
         02:79:6d:e4:5a:69:b8:a4:fe:53:58:be:49:10:98:1f:45:b8:
         74:9c:92:e4:46:93:7f:bc:19:24:ed:ec:73:00:d5:60:33:18:
         2a:d7:8f:85:a7:4c:3c:34:77:ad:e4:61:d7:7e:f2:40:51:d7:
         9e:56:0d:a2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUPlQGDn+FLH027fX9RKODEyJiEIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA5MTMwMDAyNDZaFw0yNjA5MTIwMDA3NDZaMDMxMTAvBgNV
BAMTKEMzQURDRjIyMzhEOUJFNzVCRDU1MEU2MDk0NzUxREMwRTBFMTJCNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8JwJ3v1yhU9lvwRy8P8cHSPpb
ZcuAPyi9Cysv/YiF6w3wb4OLvpEf+vPpOZgol3HtgKnZR8jxrhKz8+GPNOkvbeaU
3OvWSTuDb8HZ+Myy6uaxNn/p6PE+cfrqGbqeyAS7REkniYIyPQvUVt0Rwl8qOMcq
l6tTa7n/dx6c37KY8xue4heBLcRdXqxd7irQmtCahnrgDH1n7D9CasUuo1AgYA9t
EOvHnN7nKTNgxRCtZT4J2FT1QQflKxzDNae+jMAtqC1dok27P9Hr2JvPxT2iKxyM
gSfpKJJdqqB/5lV2g1ehRRgcoYYJVmFwYoqAn1dcbK+IL47P827Tbd8bIM8dAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUw63PIjjZvnW9VQ5glHUdwODhK2owHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODA3NS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAJNPGgME
Apt1kDANBgkqhkiG9w0BAQsFAAOCAQEAR19iFZdHgEeFRifSEmt8PoeSd7Yf/fVs
o+JiB0UQM7ImvaBrzfP9NfNC6Z5goc2Sc5szIA4ga7295aa3K9Z3g39XqrQPZbY8
r2NET10KijZcitmkx2kIejaE1vxtyoe4oFRsGQAsBbcMukcmHFutdtfGtV4Sfrvw
lyspwL9VFasOd0Fq01E7A1Yh4VMH431o2sGkROSGp8RD04rmigGfuWXhO2fWeLSn
G+XhenOovY3ulbMurNWzNt/NHV1h5qqNCh/xLQRDAnlt5FppuKT+U1i+SRCYH0W4
dJyS5EaTf7wZJO3scwDVYDMYKtePhadMPDR3reRh137yQFHXnlYNog==
-----END CERTIFICATE-----