Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa
File:                     AS9304.roa (raw, json)
Hash identifier:          DYIoFrcoHUrMe9iSllgmAIpA3xmssa6jReVf7wigC2A=
Subject key identifier:   58:67:E2:B8:E9:33:6A:D6:67:51:FE:A8:76:E1:6B:7A:34:B6:B8:16
Certificate issuer:       /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial:       54F09CED0B3C152E464ACBD1FD67669EA39FDF45
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa
Signing time:             Sun 19 Oct 2025 12:54:52 +0000
ROA not before:           Sun 19 Oct 2025 12:49:52 +0000
ROA not after:            Sun 18 Oct 2026 12:54:52 +0000
asID:                     9304
IP address blocks:        62.182.32.0/24 maxlen: 24
                          62.182.33.0/24 maxlen: 24
                          62.182.34.0/24 maxlen: 24
                          62.182.35.0/24 maxlen: 24
                          139.28.48.0/24 maxlen: 24
                          139.28.49.0/24 maxlen: 24
                          188.119.69.0/24 maxlen: 24
                          193.32.187.0/24 maxlen: 24
                          193.32.205.0/24 maxlen: 24
                          193.187.111.0/24 maxlen: 24
                          194.93.62.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:f0:9c:ed:0b:3c:15:2e:46:4a:cb:d1:fd:67:66:9e:a3:9f:df:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
        Validity
            Not Before: Oct 19 12:49:52 2025 GMT
            Not After : Oct 18 12:54:52 2026 GMT
        Subject: CN=5867E2B8E9336AD66751FEA876E16B7A34B6B816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ba:a2:54:c5:bb:e8:a7:f2:4d:6a:76:9b:79:
                    53:ba:b0:87:47:07:08:b6:ea:c4:58:e6:6d:62:67:
                    a5:5e:a1:af:7a:37:3a:71:89:5a:1e:c4:53:26:55:
                    a3:22:7b:36:4d:ec:29:cf:8f:37:b5:45:bb:db:bd:
                    59:4b:a8:fd:b7:c6:e9:e3:fc:01:b9:6c:a0:f5:62:
                    06:d6:fe:e5:2c:cc:c7:1a:c6:3d:39:5b:5d:8a:5c:
                    ae:50:31:6b:6f:45:91:c2:3a:47:02:8b:68:56:08:
                    1a:c5:a2:0f:c7:f9:a6:a1:e4:fd:d7:0e:ef:ff:9b:
                    22:26:a4:c3:88:3d:5d:3e:d5:a1:ff:07:9b:07:07:
                    21:9a:8c:37:15:66:ce:e3:36:7d:76:32:42:cb:9c:
                    b7:73:92:e5:ff:26:06:17:e0:da:a7:12:82:cb:27:
                    6e:75:ce:54:eb:90:02:20:11:3a:fa:6b:3a:e4:94:
                    2f:4a:25:d1:0b:a1:81:ce:0f:f5:04:6d:ea:9d:ef:
                    a5:db:c5:75:b2:30:7e:3c:12:5c:3e:d3:bd:a2:ca:
                    f9:ec:86:1c:42:7d:34:ec:a4:6b:34:bf:b2:3d:13:
                    5a:db:36:b5:5c:99:81:21:be:36:78:d6:96:e7:39:
                    1a:d7:f5:3f:c2:63:d2:90:8e:84:5a:90:93:89:52:
                    e6:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:67:E2:B8:E9:33:6A:D6:67:51:FE:A8:76:E1:6B:7A:34:B6:B8:16
            X509v3 Authority Key Identifier:
                keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.32.0/22
                  139.28.48.0/23
                  188.119.69.0/24
                  193.32.187.0/24
                  193.32.205.0/24
                  193.187.111.0/24
                  194.93.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:ef:1c:84:29:59:be:a2:57:ba:8b:43:88:92:8f:d0:0f:96:
         66:e7:ef:2a:a3:31:8e:8d:dc:f9:c9:4c:58:48:f7:a5:e5:6b:
         7b:dd:e9:63:b4:19:19:29:e4:ac:8c:8c:cb:50:31:fb:a6:99:
         42:1b:90:88:18:72:45:0e:72:6b:5f:27:bb:83:b6:fb:6e:d2:
         48:e2:4a:e6:e0:7c:c8:af:95:c9:81:c0:22:88:98:9f:57:7e:
         e2:af:87:d8:89:39:c8:ba:ca:e5:bf:c6:30:23:4b:06:e2:3a:
         49:e4:97:1a:60:f3:77:89:d1:77:de:8a:1c:80:a7:8e:7c:9d:
         71:1b:1b:ab:2c:e2:1a:b0:dd:b3:17:3f:58:71:8a:ae:f6:1c:
         1c:2c:02:1e:18:61:21:6e:83:26:07:d3:9a:32:e0:1c:d7:87:
         b8:06:c2:b7:be:80:a3:46:f0:f5:2d:53:27:79:87:36:fc:c7:
         5a:2a:29:4f:12:e0:1f:0a:b3:8b:79:91:08:e9:be:83:87:32:
         1c:09:b0:1d:6d:60:7d:82:00:1b:e2:a9:f5:cc:eb:2b:77:62:
         29:30:e4:6d:4f:b7:5c:72:31:2f:e2:4c:25:b7:6d:b7:27:01:
         bf:37:53:5c:22:1d:0e:8a:70:f3:43:af:79:a3:18:5e:9d:97:
         62:cc:6c:fd
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUVPCc7Qs8FS5GSsvR/WdmnqOf30UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTEwMTkxMjQ5NTJaFw0yNjEwMTgxMjU0NTJaMDMxMTAvBgNV
BAMTKDU4NjdFMkI4RTkzMzZBRDY2NzUxRkVBODc2RTE2QjdBMzRCNkI4MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPuqJUxbvop/JNanabeVO6sIdH
Bwi26sRY5m1iZ6Veoa96NzpxiVoexFMmVaMiezZN7CnPjze1RbvbvVlLqP23xunj
/AG5bKD1YgbW/uUszMcaxj05W12KXK5QMWtvRZHCOkcCi2hWCBrFog/H+aah5P3X
Du//myImpMOIPV0+1aH/B5sHByGajDcVZs7jNn12MkLLnLdzkuX/JgYX4NqnEoLL
J251zlTrkAIgETr6azrklC9KJdELoYHOD/UEbeqd76XbxXWyMH48Elw+072iyvns
hhxCfTTspGs0v7I9E1rbNrVcmYEhvjZ41pbnORrX9T/CY9KQjoRakJOJUuY7AgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUWGfiuOkzatZnUf6oduFrejS2uBYwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAj62IAME
AYscMAMEALx3RQMEAMEguwMEAMEgzQMEAMG7bwMEAMJdPjANBgkqhkiG9w0BAQsF
AAOCAQEAM+8chClZvqJXuotDiJKP0A+WZufvKqMxjo3c+clMWEj3peVre93pY7QZ
GSnkrIyMy1Ax+6aZQhuQiBhyRQ5ya18nu4O2+27SSOJK5uB8yK+VyYHAIoiYn1d+
4q+H2Ik5yLrK5b/GMCNLBuI6SeSXGmDzd4nRd96KHICnjnydcRsbqyziGrDdsxc/
WHGKrvYcHCwCHhhhIW6DJgfTmjLgHNeHuAbCt76Ao0bw9S1TJ3mHNvzHWiopTxLg
Hwqzi3mRCOm+g4cyHAmwHW1gfYIAG+Kp9czrK3diKTDkbU+3XHIxL+JMJbdttycB
vzdTXCIdDopw80OveaMYXp2XYsxs/Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:46:18 2025 by rpki-client