Route Origin Authorization

$ rpki-client -vvf rpki.athene-center.net/repo/rpki-athene-center/0/3135382e3232302e3132382e302f32342d3234203d3e20323132373935.roa
File:                     3135382e3232302e3132382e302f32342d3234203d3e20323132373935.roa (raw, json)
Hash identifier:          XIE+vldvDOudocScn0fDSTh+9UFm5JKUnhBv1uMpBwc=
Subject key identifier:   27:ED:D3:03:05:30:85:76:D7:92:F7:FA:F7:49:31:16:16:F2:B9:A9
Certificate issuer:       /CN=ee092d6ecb52bc99a39fa6677afbee9e41bae0d9
Certificate serial:       753BCAEABF541DD9EA91786932AC0843A3687EBE
Authority key identifier: EE:09:2D:6E:CB:52:BC:99:A3:9F:A6:67:7A:FB:EE:9E:41:BA:E0:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer
Subject info access:      rsync://rpki.athene-center.net/repo/rpki-athene-center/0/3135382e3232302e3132382e302f32342d3234203d3e20323132373935.roa
Signing time:             Fri 05 Jun 2026 09:20:05 +0000
ROA not before:           Fri 05 Jun 2026 09:15:05 +0000
ROA not after:            Fri 04 Jun 2027 09:20:05 +0000
asID:                     212795
IP address blocks:        158.220.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.crl
                          rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 12:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:3b:ca:ea:bf:54:1d:d9:ea:91:78:69:32:ac:08:43:a3:68:7e:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee092d6ecb52bc99a39fa6677afbee9e41bae0d9
        Validity
            Not Before: Jun  5 09:15:05 2026 GMT
            Not After : Jun  4 09:20:05 2027 GMT
        Subject: CN=27EDD30305308576D792F7FAF749311616F2B9A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:24:48:33:82:d9:8a:8c:9b:55:6d:02:71:ff:
                    f2:cf:9e:3c:5b:46:b4:47:92:ed:04:24:f2:16:49:
                    88:e9:04:3f:64:8b:1e:af:ee:13:7c:7f:c8:c9:45:
                    55:7d:3e:04:b9:84:49:cc:e7:e4:b2:06:6e:48:65:
                    31:35:26:45:ed:0d:c8:6b:9f:4d:89:cf:28:7a:01:
                    cf:f6:88:6b:69:94:61:a1:23:67:18:02:1d:37:2a:
                    1b:a0:1b:5f:32:53:f0:8f:85:9b:38:83:6c:6c:e4:
                    8e:0d:47:6d:e9:36:6a:0b:89:3a:28:bd:a4:97:2c:
                    fe:eb:c3:a7:20:8a:ed:b9:82:45:9b:0c:2d:96:bb:
                    93:5f:4d:ee:ad:de:86:8a:61:2f:4a:0c:f6:37:75:
                    75:51:08:45:5a:09:40:05:c2:53:28:1d:ae:77:a0:
                    00:85:d7:cb:90:7e:cc:64:05:db:06:18:1c:fc:d0:
                    3e:3d:0f:09:06:93:7d:03:86:be:41:88:7e:14:25:
                    62:e8:ab:06:be:75:e2:f8:cb:c7:75:0a:96:9e:93:
                    70:8f:63:36:5c:a8:03:e1:59:df:ef:ef:c1:de:cb:
                    c2:a2:86:c0:73:ea:d1:af:26:da:eb:d0:ab:36:55:
                    7f:b5:d6:f4:a2:5d:aa:19:d6:f9:f2:0d:24:b5:71:
                    b3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:ED:D3:03:05:30:85:76:D7:92:F7:FA:F7:49:31:16:16:F2:B9:A9
            X509v3 Authority Key Identifier:
                keyid:EE:09:2D:6E:CB:52:BC:99:A3:9F:A6:67:7A:FB:EE:9E:41:BA:E0:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.athene-center.net/repo/rpki-athene-center/0/3135382e3232302e3132382e302f32342d3234203d3e20323132373935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.220.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:47:dd:6a:f1:8a:e1:7c:fe:6b:ab:0f:57:07:2f:68:88:cc:
         47:c8:ec:2b:00:bb:1f:02:bc:93:25:02:a4:82:bd:02:21:1e:
         b0:89:64:47:36:e5:63:57:fb:71:bf:5f:c1:47:31:c6:53:4c:
         7b:25:c5:1c:a5:9e:97:f3:1f:f9:0d:53:61:2b:b8:06:8e:1c:
         3f:1a:9d:a8:20:92:fb:b0:e9:08:5e:c7:26:68:8c:2f:e1:1d:
         81:f2:e5:02:2d:86:f7:3e:ab:dd:8c:ed:e4:23:7f:a1:e8:e5:
         bb:dd:9a:d3:59:c8:3a:0c:cc:97:36:4b:be:08:67:32:c0:49:
         c8:dd:ca:36:ce:02:1c:ab:01:38:cc:41:3b:0a:3a:86:9e:15:
         97:51:ac:ab:64:90:85:d8:83:1f:ed:28:9d:b7:4b:20:be:e0:
         ab:c7:9a:c3:e9:f9:b7:a9:ec:24:97:45:a2:31:69:66:6a:b0:
         bd:29:ab:1a:ed:d2:93:d5:52:20:aa:74:15:be:90:cd:84:c6:
         36:6f:27:e2:ea:fe:f5:8e:fa:29:ed:68:18:1e:83:e8:7b:00:
         55:ff:66:9e:7a:dc:7b:9e:01:a4:cf:28:00:18:91:e7:45:db:
         05:0f:62:ea:e9:50:df:a6:ef:73:94:72:6c:cf:79:95:df:6e:
         22:b9:22:fd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUdTvK6r9UHdnqkXhpMqwIQ6Nofr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWUwOTJkNmVjYjUyYmM5OWEzOWZhNjY3N2FmYmVlOWU0
MWJhZTBkOTAeFw0yNjA2MDUwOTE1MDVaFw0yNzA2MDQwOTIwMDVaMDMxMTAvBgNV
BAMTKDI3RUREMzAzMDUzMDg1NzZENzkyRjdGQUY3NDkzMTE2MTZGMkI5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgJEgzgtmKjJtVbQJx//LPnjxb
RrRHku0EJPIWSYjpBD9kix6v7hN8f8jJRVV9PgS5hEnM5+SyBm5IZTE1JkXtDchr
n02Jzyh6Ac/2iGtplGGhI2cYAh03KhugG18yU/CPhZs4g2xs5I4NR23pNmoLiToo
vaSXLP7rw6cgiu25gkWbDC2Wu5NfTe6t3oaKYS9KDPY3dXVRCEVaCUAFwlMoHa53
oACF18uQfsxkBdsGGBz80D49DwkGk30Dhr5BiH4UJWLoqwa+deL4y8d1Cpaek3CP
YzZcqAPhWd/v78Hey8KihsBz6tGvJtrr0Ks2VX+11vSiXaoZ1vnyDSS1cbNJAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUJ+3TAwUwhXbXkvf690kxFhbyuakwHwYDVR0j
BBgwFoAU7gktbstSvJmjn6ZnevvunkG64NkwDgYDVR0PAQH/BAQDAgeAMHYGA1Ud
HwRvMG0wa6BpoGeGZXJzeW5jOi8vcnBraS5hdGhlbmUtY2VudGVyLm5ldC9yZXBv
L3Jwa2ktYXRoZW5lLWNlbnRlci8wL0VFMDkyRDZFQ0I1MkJDOTlBMzlGQTY2NzdB
RkJFRTlFNDFCQUUwRDkuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZI
cnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Z2t0YnN0
U3ZKbWpuNlpuZXZ2dW5rRzY0TmsuY2VyMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYI
KwYBBQUHMAuGd3JzeW5jOi8vcnBraS5hdGhlbmUtY2VudGVyLm5ldC9yZXBvL3Jw
a2ktYXRoZW5lLWNlbnRlci8wLzMxMzUzODJlMzIzMjMwMmUzMTMyMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNzM5MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACe3IAwDQYJ
KoZIhvcNAQELBQADggEBACZH3WrxiuF8/murD1cHL2iIzEfI7CsAux8CvJMlAqSC
vQIhHrCJZEc25WNX+3G/X8FHMcZTTHslxRylnpfzH/kNU2EruAaOHD8anaggkvuw
6QhexyZojC/hHYHy5QIthvc+q92M7eQjf6Ho5bvdmtNZyDoMzJc2S74IZzLAScjd
yjbOAhyrATjMQTsKOoaeFZdRrKtkkIXYgx/tKJ23SyC+4KvHmsPp+bep7CSXRaIx
aWZqsL0pqxrt0pPVUiCqdBW+kM2ExjZvJ+Lq/vWO+intaBgeg+h7AFX/Zp563Hue
AaTPKAAYkedF2wUPYurpUN+m73OUcmzPeZXfbiK5Iv0=
-----END CERTIFICATE-----