Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
File:                     AS395374.roa (raw, json)
Hash identifier:          IHHzmEgceN3AybHPN+Rs/psBXjiMJy86tYcN1y1wPqM=
Subject key identifier:   1E:9F:B7:27:9B:5B:9A:F0:9A:D5:AA:4F:01:2E:29:86:93:A3:4F:03
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       7B2298250C7EB4F78310AEF29384FEC7B394F69F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa
Signing time:             Fri 27 Jun 2025 09:46:38 +0000
ROA not before:           Fri 27 Jun 2025 09:41:38 +0000
ROA not after:            Fri 26 Jun 2026 09:46:38 +0000
asID:                     395374
IP address blocks:        178.93.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:22:98:25:0c:7e:b4:f7:83:10:ae:f2:93:84:fe:c7:b3:94:f6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Jun 27 09:41:38 2025 GMT
            Not After : Jun 26 09:46:38 2026 GMT
        Subject: CN=1E9FB7279B5B9AF09AD5AA4F012E298693A34F03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:69:0a:43:9b:2c:8f:9f:9d:c3:82:3d:da:72:
                    ed:cf:c5:7c:ed:0c:dc:90:31:d8:ad:af:96:19:0f:
                    62:9a:28:ae:0f:9b:de:59:87:62:67:d5:37:3a:54:
                    4e:9f:9c:5f:2c:ae:05:b0:1b:ec:49:c2:e4:fc:91:
                    92:d6:5a:21:80:80:1d:18:ed:bb:c9:ab:d6:ef:ec:
                    1a:22:11:09:a8:c2:2d:7d:1f:9c:b7:f6:12:29:b9:
                    67:85:77:bb:8c:01:85:59:e2:fc:43:f3:a8:8b:7b:
                    f6:2b:75:3a:83:fb:a3:71:b4:3f:2f:30:68:70:e2:
                    a2:66:82:4f:d1:ab:a8:fb:2f:f1:3d:f9:d2:3d:b2:
                    55:13:78:9b:5b:cb:c6:cc:33:77:c6:23:3e:6b:cc:
                    8e:c1:26:5b:a5:b5:44:af:3e:61:0e:25:f2:af:9d:
                    60:b2:13:85:bf:54:ea:91:f0:08:c5:6c:7c:82:2b:
                    c0:c0:81:f5:7b:ae:88:07:d7:1e:c2:8a:cd:77:52:
                    cd:ff:76:cc:0b:dd:39:28:e5:69:27:43:c4:a8:b7:
                    bf:ca:03:5d:c4:c1:8d:66:d8:52:96:0e:a9:55:71:
                    4a:c2:ed:98:fc:4f:97:bb:08:e1:32:3b:51:a6:9d:
                    45:70:b8:7e:3e:b2:1a:74:13:13:59:3b:df:12:78:
                    f7:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:9F:B7:27:9B:5B:9A:F0:9A:D5:AA:4F:01:2E:29:86:93:A3:4F:03
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS395374.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.93.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:d3:c1:ce:7c:d4:ef:c6:37:44:21:58:af:8d:36:cc:47:1c:
         dc:34:ab:da:b7:0e:48:ad:66:f0:e5:aa:f2:cf:45:83:ee:cd:
         b5:ae:85:8a:bd:8e:8f:87:f2:9d:e6:04:e8:12:2a:87:cb:f0:
         12:6c:01:6c:99:37:4d:52:5e:a1:1d:0d:0a:3d:47:18:1b:59:
         83:5d:0a:db:16:32:36:f9:f2:c8:97:cb:1d:1b:18:0f:57:c6:
         91:3e:eb:7e:83:d7:8e:e2:91:46:a6:fa:54:df:db:d6:d7:24:
         fb:bf:b2:37:a8:7a:ed:17:bf:33:54:f7:41:31:43:05:6f:1f:
         41:d4:0b:5b:1a:e2:fa:e3:6d:87:51:a1:b6:75:e7:49:bb:e2:
         f4:e1:27:66:a8:e1:9b:f1:5e:8c:4c:53:ab:c2:16:9c:e2:91:
         53:34:0f:cd:b1:d7:95:bd:ab:23:33:0c:18:76:96:4b:be:ab:
         94:70:e5:a6:bb:6c:eb:6a:0b:74:31:ba:20:40:19:bb:19:1a:
         b6:6f:1e:43:a5:b4:d3:c3:c2:6b:87:a3:db:fd:48:62:3a:8f:
         ce:dc:12:aa:82:48:b1:cd:8f:66:e1:09:62:c6:c4:18:1f:5a:
         35:e0:ae:0e:9a:9c:6d:bf:77:e2:9f:10:15:f4:d2:40:58:08:
         72:61:70:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUeyKYJQx+tPeDEK7yk4T+x7OU9p8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MjcwOTQxMzhaFw0yNjA2MjYwOTQ2MzhaMDMxMTAvBgNV
BAMTKDFFOUZCNzI3OUI1QjlBRjA5QUQ1QUE0RjAxMkUyOTg2OTNBMzRGMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMaQpDmyyPn53Dgj3acu3PxXzt
DNyQMditr5YZD2KaKK4Pm95Zh2Jn1Tc6VE6fnF8srgWwG+xJwuT8kZLWWiGAgB0Y
7bvJq9bv7BoiEQmowi19H5y39hIpuWeFd7uMAYVZ4vxD86iLe/YrdTqD+6NxtD8v
MGhw4qJmgk/Rq6j7L/E9+dI9slUTeJtby8bMM3fGIz5rzI7BJlultUSvPmEOJfKv
nWCyE4W/VOqR8AjFbHyCK8DAgfV7rogH1x7Cis13Us3/dswL3Tko5WknQ8Sot7/K
A13EwY1m2FKWDqlVcUrC7Zj8T5e7COEyO1GmnUVwuH4+shp0ExNZO98SePctAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUHp+3J5tbmvCa1apPAS4phpOjTwMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsl2A
MA0GCSqGSIb3DQEBCwUAA4IBAQB208HOfNTvxjdEIVivjTbMRxzcNKvatw5IrWbw
5aryz0WD7s21roWKvY6Ph/Kd5gToEiqHy/ASbAFsmTdNUl6hHQ0KPUcYG1mDXQrb
FjI2+fLIl8sdGxgPV8aRPut+g9eO4pFGpvpU39vW1yT7v7I3qHrtF78zVPdBMUMF
bx9B1AtbGuL6422HUaG2dedJu+L04SdmqOGb8V6MTFOrwhac4pFTNA/NsdeVvasj
MwwYdpZLvquUcOWmu2zragt0MbogQBm7GRq2bx5DpbTTw8Jrh6Pb/UhiOo/O3BKq
gkixzY9m4QlixsQYH1o14K4Ompxtv3finxAV9NJAWAhyYXB3
-----END CERTIFICATE-----