Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SWTEVpFN7Gyum6Cv0X4WnBGBHcI.roa
File:                     SWTEVpFN7Gyum6Cv0X4WnBGBHcI.roa (raw, json)
Hash identifier:          wPYm21cVy+Yvns6LZKyYUHS0M8dDlNVew5j0OgOeAXM=
Subject key identifier:   49:64:C4:56:91:4D:EC:6C:AE:9B:A0:AF:D1:7E:16:9C:11:81:1D:C2
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       019764B69ADFF743AAF9240792883CBA7A2E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SWTEVpFN7Gyum6Cv0X4WnBGBHcI.roa
Signing time:             Thu 12 Jun 2025 15:16:18 +0000
ROA not before:           Thu 12 Jun 2025 15:16:18 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     44331
IP address blocks:        5.231.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:64:b6:9a:df:f7:43:aa:f9:24:07:92:88:3c:ba:7a:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Jun 12 15:16:18 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4964c456914dec6cae9ba0afd17e169c11811dc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9c:53:78:b5:02:26:fa:95:ae:fa:77:58:99:
                    e6:71:cb:02:1c:3b:9e:89:be:a1:3e:26:77:a8:40:
                    87:5d:b4:75:1a:dc:9e:8c:2f:5a:d9:4a:3b:bd:b5:
                    68:0e:81:99:b7:5c:61:0d:3e:02:c8:db:95:2d:93:
                    d4:8c:21:e2:b8:ba:e9:d2:e8:00:7f:4c:82:22:ed:
                    74:d0:22:c9:4a:2d:4a:7a:b4:3b:df:c8:b7:2d:71:
                    56:b7:c1:2a:80:a8:95:e6:68:1e:af:8a:89:19:2c:
                    0e:fd:76:2d:0f:fb:09:70:60:76:95:6e:f7:a1:4c:
                    2f:cb:40:03:d1:1a:6b:8a:b9:75:72:d5:c7:2f:a8:
                    db:0a:2c:05:95:43:93:85:59:05:f7:5e:8e:e9:5a:
                    64:35:d5:41:ae:d9:c4:fb:6e:db:ec:af:a6:87:0b:
                    40:e8:b0:5d:7c:98:95:57:bf:2d:7d:17:92:b9:19:
                    0f:b2:3d:18:d8:3f:65:7a:6b:68:5b:d8:a1:69:79:
                    eb:ca:43:f8:42:98:ee:72:1e:70:82:26:e1:d6:96:
                    72:e6:d1:54:83:f9:ad:c8:2b:22:8e:29:7b:68:44:
                    e0:04:a1:83:82:40:df:21:2d:22:04:24:0a:ac:c7:
                    a6:61:6e:5a:13:26:e4:51:b7:17:ba:ec:c9:40:1c:
                    34:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:64:C4:56:91:4D:EC:6C:AE:9B:A0:AF:D1:7E:16:9C:11:81:1D:C2
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SWTEVpFN7Gyum6Cv0X4WnBGBHcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.231.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:66:c7:86:68:a8:4d:3a:2b:44:f9:30:9c:d1:10:fe:34:9f:
         ca:d2:de:93:04:94:e1:cb:cf:5d:ce:5b:92:66:47:61:d1:0e:
         82:0d:a6:17:0a:cb:65:7e:14:b6:0a:63:7e:2b:cf:0f:6b:36:
         35:17:71:a7:53:8a:b0:67:ac:b5:a2:9f:cb:ef:ad:16:fd:5a:
         b9:38:c3:a6:95:60:7f:76:bf:69:b8:d5:81:69:4c:aa:dc:4d:
         bc:2c:e1:81:b2:33:0a:a9:12:48:09:17:0f:cd:4c:dc:aa:2c:
         05:50:07:b6:79:b3:08:75:c7:a2:54:af:dd:ac:ff:16:35:a5:
         f3:c0:93:fa:53:9a:2e:d5:93:2c:e3:ee:be:0a:39:1e:10:0d:
         e0:71:b3:73:d5:88:96:cd:1f:04:b9:40:92:6f:4d:c6:84:d1:
         0b:13:07:5a:e1:15:26:d6:40:ff:48:53:02:fb:8e:b9:b9:18:
         67:32:d0:3d:72:9d:2f:ae:99:fe:cd:b8:1c:ce:56:79:a5:70:
         d7:0e:6a:27:50:bf:43:b4:7b:6f:c6:37:27:bd:85:8b:36:71:
         ba:8f:2f:23:04:67:fa:d7:a9:a0:22:b8:dc:7b:4e:92:29:ba:
         7c:48:79:6c:4d:8c:41:fc:46:68:e4:24:24:ab:f2:db:e8:0c:
         13:70:24:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdktprf90Oq+SQHkog8unouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjEyMTUxNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTY0YzQ1NjkxNGRlYzZjYWU5YmEwYWZkMTdlMTY5YzExODExZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZxTeLUCJvqVrvp3WJnmccsCHDue
ib6hPiZ3qECHXbR1GtyejC9a2Uo7vbVoDoGZt1xhDT4CyNuVLZPUjCHiuLrp0ugA
f0yCIu100CLJSi1KerQ738i3LXFWt8EqgKiV5mger4qJGSwO/XYtD/sJcGB2lW73
oUwvy0AD0Rprirl1ctXHL6jbCiwFlUOThVkF916O6VpkNdVBrtnE+27b7K+mhwtA
6LBdfJiVV78tfReSuRkPsj0Y2D9lemtoW9ihaXnrykP4Qpjuch5wgibh1pZy5tFU
g/mtyCsijil7aETgBKGDgkDfIS0iBCQKrMemYW5aEybkUbcXuuzJQBw01wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElkxFaRTexsrpugr9F+FpwRgR3CMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU1dURVZwRk43R3l1bTZDdjBYNFduQkdCSGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABedpMA0G
CSqGSIb3DQEBCwUAA4IBAQAYZseGaKhNOitE+TCc0RD+NJ/K0t6TBJThy89dzluS
Zkdh0Q6CDaYXCstlfhS2CmN+K88PazY1F3GnU4qwZ6y1op/L760W/Vq5OMOmlWB/
dr9puNWBaUyq3E28LOGBsjMKqRJICRcPzUzcqiwFUAe2ebMIdceiVK/drP8WNaXz
wJP6U5ou1ZMs4+6+CjkeEA3gcbNz1YiWzR8EuUCSb03GhNELEwda4RUm1kD/SFMC
+465uRhnMtA9cp0vrpn+zbgczlZ5pXDXDmonUL9DtHtvxjcnvYWLNnG6jy8jBGf6
16mgIrjce06SKbp8SHlsTYxB/EZo5CQkq/Lb6AwTcCQj
-----END CERTIFICATE-----