Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/uw5KIyglPtCBajZfvp_4MoIXMiY.roa
File:                     uw5KIyglPtCBajZfvp_4MoIXMiY.roa (raw, json)
Hash identifier:          +BtHm8C8PIjC3P+48v8raxefyMbdIOq6iq81PMb5GEU=
Subject key identifier:   BB:0E:4A:23:28:25:3E:D0:81:6A:36:5F:BE:9F:F8:32:82:17:32:26
Certificate issuer:       /CN=e8f239a70043734172d26378bf2106ae72552187
Certificate serial:       01985F412B6C490B016A282A82EF1F69A8C6
Authority key identifier: E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/uw5KIyglPtCBajZfvp_4MoIXMiY.roa
Signing time:             Thu 31 Jul 2025 06:52:43 +0000
ROA not before:           Thu 31 Jul 2025 06:52:43 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42560
IP address blocks:        37.0.64.0/21 maxlen: 24
                          79.140.144.0/20 maxlen: 24
                          79.140.145.0/24 maxlen: 24
                          79.140.146.0/23 maxlen: 23
                          79.140.153.0/24 maxlen: 24
                          185.12.40.0/22 maxlen: 24
                          185.80.96.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 20:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:5f:41:2b:6c:49:0b:01:6a:28:2a:82:ef:1f:69:a8:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8f239a70043734172d26378bf2106ae72552187
        Validity
            Not Before: Jul 31 06:52:43 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bb0e4a2328253ed0816a365fbe9ff83282173226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:6c:8a:80:01:d4:78:f5:45:d2:1c:bb:87:58:
                    f9:69:b3:7b:ab:15:ac:ee:f6:ef:6a:eb:b1:fb:e5:
                    aa:9c:28:93:7b:17:11:fc:55:f1:d5:14:4e:b3:bd:
                    08:70:c3:22:06:f2:ff:55:60:ac:c7:db:fe:af:25:
                    3c:15:d8:33:e9:62:c1:bd:35:ab:25:cb:9b:41:2b:
                    79:38:77:38:ae:08:41:5d:09:fa:44:39:bc:52:6d:
                    fc:58:15:7e:f9:fd:41:66:3e:a2:97:be:c3:7e:ec:
                    fd:0d:c7:a0:16:c5:0c:2c:1a:95:f1:40:95:99:65:
                    e4:0f:a1:74:cd:85:89:e2:0e:d9:2b:ba:ed:2d:c6:
                    7b:f6:0d:b7:10:55:59:2a:f8:13:b0:c6:cd:be:54:
                    e9:9a:f0:71:ef:05:c8:9b:e8:ae:d6:7b:95:59:bf:
                    ca:4c:77:1d:73:cb:da:ab:82:fb:8f:ac:39:c8:3b:
                    63:b6:96:12:a7:50:9c:dc:a3:f3:ad:4a:df:32:5e:
                    e4:b1:e6:fb:4b:8d:92:56:98:a5:7b:70:58:fb:a8:
                    89:87:59:ee:71:94:93:67:d3:df:4f:1b:c5:3c:94:
                    37:1f:48:e6:4f:b4:0a:a1:f5:dd:e0:ec:63:9b:b7:
                    82:67:44:13:11:c1:44:61:1d:f7:67:23:63:c5:29:
                    fe:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:0E:4A:23:28:25:3E:D0:81:6A:36:5F:BE:9F:F8:32:82:17:32:26
            X509v3 Authority Key Identifier:
                keyid:E8:F2:39:A7:00:43:73:41:72:D2:63:78:BF:21:06:AE:72:55:21:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/uw5KIyglPtCBajZfvp_4MoIXMiY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/4e902a-299f-4da7-9a6d-669bd113a178/1/6PI5pwBDc0Fy0mN4vyEGrnJVIYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.0.64.0/21
                  79.140.144.0/20
                  185.12.40.0/22
                  185.80.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:a0:59:6d:ac:c0:de:3f:ea:8c:4c:21:d4:73:fa:4f:ae:2b:
         30:5e:ec:69:29:a3:24:68:19:7c:cc:8f:fe:a4:58:b1:ae:03:
         3a:d5:d9:76:bc:8e:01:07:55:2e:19:b1:5e:36:37:8d:e0:03:
         06:a3:9f:7e:aa:09:a0:02:b9:67:b0:16:20:47:47:27:bd:bb:
         1a:f6:87:f9:b5:63:ec:3e:03:d1:37:28:f1:f0:5d:4a:5f:99:
         58:ee:09:30:57:76:1d:2a:80:19:d7:cf:9a:47:63:04:69:60:
         0a:1e:97:65:4c:0d:e2:c3:7c:f2:11:4b:b0:e4:7e:ee:d5:b0:
         2f:52:aa:aa:c4:9d:8c:8a:fd:9b:88:93:b2:67:96:27:10:a6:
         07:27:30:80:40:3a:07:7b:c4:93:b2:0c:b5:98:1d:a2:70:09:
         30:2c:e0:c8:ec:0c:99:9e:96:85:0f:66:b3:1c:dd:04:7b:e4:
         08:0d:a3:3f:23:ae:80:0f:51:4f:f1:34:11:a0:f6:a2:a9:89:
         2a:7f:5d:ca:24:ac:68:b4:5f:cb:d6:0a:1b:44:74:da:fc:c8:
         40:ca:30:c7:c4:a8:fc:bb:b7:0b:53:27:7f:e4:1a:5f:97:36:
         07:81:eb:69:04:13:19:11:b1:37:07:02:0e:f3:55:17:bc:6a:
         4c:61:df:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhfQStsSQsBaigqgu8faajGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjIzOWE3MDA0MzczNDE3MmQyNjM3OGJmMjEwNmFlNzI1
NTIxODcwHhcNMjUwNzMxMDY1MjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBlNGEyMzI4MjUzZWQwODE2YTM2NWZiZTlmZjgzMjgyMTczMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGyKgAHUePVF0hy7h1j5abN7qxWs
7vbvauux++WqnCiTexcR/FXx1RROs70IcMMiBvL/VWCsx9v+ryU8Fdgz6WLBvTWr
JcubQSt5OHc4rghBXQn6RDm8Um38WBV++f1BZj6il77Dfuz9DcegFsUMLBqV8UCV
mWXkD6F0zYWJ4g7ZK7rtLcZ79g23EFVZKvgTsMbNvlTpmvBx7wXIm+iu1nuVWb/K
THcdc8vaq4L7j6w5yDtjtpYSp1Cc3KPzrUrfMl7kseb7S42SVpile3BY+6iJh1nu
cZSTZ9PfTxvFPJQ3H0jmT7QKofXd4Oxjm7eCZ0QTEcFEYR33ZyNjxSn+cQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLsOSiMoJT7QgWo2X76f+DKCFzImMB8GA1UdIwQY
MBaAFOjyOacAQ3NBctJjeL8hBq5yVSGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQt
NjY5YmQxMTNhMTc4LzEvdXc1S0l5Z2xQdENCYWpaZnZwXzRNb0lYTWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy80ZTkwMmEtMjk5Zi00ZGE3LTlhNmQtNjY5YmQxMTNhMTc4
LzEvNlBJNXB3QkRjMEZ5MG1ONHZ5RUdybkpWSVljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJQBAAwQE
T4yQAwQCuQwoAwQCuVBgMA0GCSqGSIb3DQEBCwUAA4IBAQBJoFltrMDeP+qMTCHU
c/pPriswXuxpKaMkaBl8zI/+pFixrgM61dl2vI4BB1UuGbFeNjeN4AMGo59+qgmg
ArlnsBYgR0cnvbsa9of5tWPsPgPRNyjx8F1KX5lY7gkwV3YdKoAZ18+aR2MEaWAK
HpdlTA3iw3zyEUuw5H7u1bAvUqqqxJ2Miv2biJOyZ5YnEKYHJzCAQDoHe8STsgy1
mB2icAkwLODI7AyZnpaFD2azHN0Ee+QIDaM/I66AD1FP8TQRoPaiqYkqf13KJKxo
tF/L1gobRHTa/MhAyjDHxKj8u7cLUyd/5BpflzYHgetpBBMZEbE3BwIO81UXvGpM
Yd/h
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:42:05 2025 by rpki-client