Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS271799.roa
File:                     AS271799.roa (raw, json)
Hash identifier:          knInZk+KSBjLkNm7iLboav+168+7/Mdglc4Wxg8tNik=
Subject key identifier:   15:02:78:D7:09:C4:E1:99:9E:CB:14:5A:8F:66:9D:BA:49:1C:1F:CF
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       510323E7B0ADB25F65718E11BB82FBFB880BD082
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS271799.roa
Signing time:             Mon 04 Aug 2025 17:37:48 +0000
ROA not before:           Mon 04 Aug 2025 17:32:48 +0000
ROA not after:            Mon 03 Aug 2026 17:37:48 +0000
asID:                     271799
IP address blocks:        181.214.29.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:03:23:e7:b0:ad:b2:5f:65:71:8e:11:bb:82:fb:fb:88:0b:d0:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Aug  4 17:32:48 2025 GMT
            Not After : Aug  3 17:37:48 2026 GMT
        Subject: CN=150278D709C4E1999ECB145A8F669DBA491C1FCF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:54:94:77:b6:67:6a:87:34:89:46:4b:8c:e7:
                    61:8c:da:bd:ac:ec:30:8d:db:b6:5a:5e:5a:05:f7:
                    15:32:b5:52:6a:38:80:eb:19:fa:6e:5c:9e:0d:a0:
                    c6:b5:8f:c5:81:3a:1f:54:60:bb:92:78:ab:ca:2d:
                    82:dc:f6:61:b1:33:ea:44:aa:4e:8b:c4:9c:9f:a5:
                    61:70:f6:15:44:64:7a:0e:85:6f:6a:79:c5:5f:d2:
                    a0:5e:65:77:2b:f1:27:8d:88:b1:e1:c9:3a:eb:f9:
                    55:d5:70:93:04:00:28:eb:08:ba:5e:ba:f9:05:ff:
                    ee:8f:25:4f:e3:7b:9e:ca:d8:44:fc:bc:bc:e3:b9:
                    69:f7:b0:9f:ca:c3:6a:f3:f7:a0:1d:1d:b6:82:ab:
                    76:2e:69:fe:e3:35:10:32:6d:f7:f9:26:ad:18:2e:
                    41:cc:0a:88:43:fc:45:c9:f1:64:95:36:7d:1f:77:
                    0a:e2:93:7e:99:6d:3d:b2:e2:76:f7:ab:9c:9d:a8:
                    45:db:7d:64:93:1e:3f:77:26:40:20:e4:96:98:bb:
                    cb:af:f2:8b:5b:4d:ef:d0:f0:84:42:37:1c:12:4f:
                    8e:49:bf:49:f7:47:b6:0a:28:e5:17:e4:10:2b:6c:
                    bf:c9:a8:41:49:89:40:a7:55:aa:b0:fc:82:ad:39:
                    0f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:02:78:D7:09:C4:E1:99:9E:CB:14:5A:8F:66:9D:BA:49:1C:1F:CF
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS271799.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:d8:a3:bb:b7:37:e6:78:aa:3e:e0:50:a3:ed:5c:3d:87:e7:
         77:ac:95:e0:36:68:61:44:35:0e:0c:ab:af:5d:28:c9:b0:0a:
         9f:a0:2a:4d:cf:4e:b8:a6:2c:00:1c:54:e5:16:89:64:bf:e2:
         7c:2d:e4:21:36:60:2f:22:9e:66:6f:2c:24:cc:78:03:7d:a1:
         17:15:a0:b1:f7:89:1e:a8:b6:2c:80:51:01:71:9c:fb:ff:74:
         da:7f:1a:90:77:ce:00:33:cb:a9:31:2d:31:b9:d8:c9:d5:a0:
         30:e0:ee:16:05:74:0e:c4:78:ae:e7:28:ad:76:a8:35:3f:e2:
         27:44:6c:80:c5:3d:59:2a:57:25:a2:9e:b5:e7:a3:e2:f2:1a:
         37:ea:cf:ce:7d:42:f6:d7:96:f6:aa:98:15:f7:c6:69:82:c8:
         93:df:16:5b:c8:75:f4:0a:d0:9f:ed:91:4b:3e:76:0f:f9:fa:
         54:d8:2c:85:6f:79:ea:b0:4d:57:9c:53:dc:e8:17:63:c0:60:
         12:f6:d3:a6:cc:17:67:d0:ac:bb:24:97:25:60:a4:5c:2d:79:
         7e:0e:be:cf:3c:b0:34:b3:b6:38:e4:2e:5f:bb:c9:bb:45:ab:
         40:57:b5:8a:05:40:04:ec:75:e8:16:ce:55:9d:ae:a1:05:e5:
         c8:20:41:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUUQMj57Ctsl9lcY4Ru4L7+4gL0IIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MDQxNzMyNDhaFw0yNjA4MDMxNzM3NDhaMDMxMTAvBgNV
BAMTKDE1MDI3OEQ3MDlDNEUxOTk5RUNCMTQ1QThGNjY5REJBNDkxQzFGQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvVJR3tmdqhzSJRkuM52GM2r2s
7DCN27ZaXloF9xUytVJqOIDrGfpuXJ4NoMa1j8WBOh9UYLuSeKvKLYLc9mGxM+pE
qk6LxJyfpWFw9hVEZHoOhW9qecVf0qBeZXcr8SeNiLHhyTrr+VXVcJMEACjrCLpe
uvkF/+6PJU/je57K2ET8vLzjuWn3sJ/Kw2rz96AdHbaCq3Yuaf7jNRAybff5Jq0Y
LkHMCohD/EXJ8WSVNn0fdwrik36ZbT2y4nb3q5ydqEXbfWSTHj93JkAg5JaYu8uv
8otbTe/Q8IRCNxwST45Jv0n3R7YKKOUX5BArbL/JqEFJiUCnVaqw/IKtOQ91AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUFQJ41wnE4ZmeyxRaj2adukkcH88wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcxNzk5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdYd
MA0GCSqGSIb3DQEBCwUAA4IBAQAk2KO7tzfmeKo+4FCj7Vw9h+d3rJXgNmhhRDUO
DKuvXSjJsAqfoCpNz064piwAHFTlFolkv+J8LeQhNmAvIp5mbywkzHgDfaEXFaCx
94keqLYsgFEBcZz7/3TafxqQd84AM8upMS0xudjJ1aAw4O4WBXQOxHiu5yitdqg1
P+InRGyAxT1ZKlclop6156Pi8ho36s/OfUL215b2qpgV98ZpgsiT3xZbyHX0CtCf
7ZFLPnYP+fpU2CyFb3nqsE1XnFPc6BdjwGAS9tOmzBdn0Ky7JJclYKRcLXl+Dr7P
PLA0s7Y45C5fu8m7RatAV7WKBUAE7HXoFs5Vna6hBeXIIEFO
-----END CERTIFICATE-----