Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/TA3RHAyRhbZeooIsQWMB-18Medo.roa
File:                     TA3RHAyRhbZeooIsQWMB-18Medo.roa (raw, json)
Hash identifier:          hbd2prwUOdAITht5l5Qygma9hqYfUIqWnfb9zdLXopA=
Subject key identifier:   4C:0D:D1:1C:0C:91:85:B6:5E:A2:82:2C:41:63:01:FB:5F:0C:79:DA
Certificate issuer:       /CN=0b6ec8ed8fc93f72334f7a974a46bc27d1102923
Certificate serial:       019EA3254924B4CA0F553020F86B0320DDF5
Authority key identifier: 0B:6E:C8:ED:8F:C9:3F:72:33:4F:7A:97:4A:46:BC:27:D1:10:29:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C27I7Y_JP3IzT3qXSka8J9EQKSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/TA3RHAyRhbZeooIsQWMB-18Medo.roa
Signing time:             Sun 07 Jun 2026 17:33:10 +0000
ROA not before:           Sun 07 Jun 2026 17:33:10 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     206345
IP address blocks:        5.34.206.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/C27I7Y_JP3IzT3qXSka8J9EQKSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/C27I7Y_JP3IzT3qXSka8J9EQKSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C27I7Y_JP3IzT3qXSka8J9EQKSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 23:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:a3:25:49:24:b4:ca:0f:55:30:20:f8:6b:03:20:dd:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b6ec8ed8fc93f72334f7a974a46bc27d1102923
        Validity
            Not Before: Jun  7 17:33:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4c0dd11c0c9185b65ea2822c416301fb5f0c79da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:2c:65:99:92:0f:4d:d3:a3:e5:af:c1:d2:c8:
                    37:dc:e7:cb:05:37:7b:c1:91:9c:5f:73:d4:21:4c:
                    5b:b1:ee:b9:95:07:94:02:34:9f:5f:00:49:cd:56:
                    ec:cc:25:a4:03:a5:a1:f1:25:6a:53:b0:d6:56:f5:
                    62:68:32:7c:cc:3c:6c:a9:6b:83:8c:ff:a4:33:64:
                    31:2b:c4:4b:be:f0:bf:f2:bc:2a:2c:3f:a3:e8:30:
                    8e:2d:ce:fa:0c:a1:02:b6:e7:99:c8:89:4f:51:51:
                    8f:e3:79:ee:ef:d3:5c:e9:1d:51:79:f3:0e:13:4c:
                    07:5f:b1:41:0c:3c:a6:7c:34:c1:6d:10:ab:60:77:
                    4c:86:b7:dd:62:2e:77:58:88:16:d4:40:7f:a2:19:
                    23:c7:fc:f9:04:d1:a4:0e:9d:33:61:85:9e:2e:5d:
                    d9:23:d2:82:27:74:4b:a5:e9:c1:e3:df:6c:2d:71:
                    a2:ed:75:4c:4e:30:0c:9e:15:f2:f5:73:be:09:b9:
                    79:27:20:84:5e:12:fd:28:0c:7b:62:51:93:38:e8:
                    cc:10:26:cd:17:cc:f0:f7:5b:b8:87:a9:e2:66:ef:
                    78:fd:49:f9:57:3c:c6:26:5f:f4:33:f5:2e:14:a8:
                    cc:cf:3a:4a:bb:95:37:cd:69:d9:06:7b:9c:6b:70:
                    cb:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:0D:D1:1C:0C:91:85:B6:5E:A2:82:2C:41:63:01:FB:5F:0C:79:DA
            X509v3 Authority Key Identifier:
                keyid:0B:6E:C8:ED:8F:C9:3F:72:33:4F:7A:97:4A:46:BC:27:D1:10:29:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C27I7Y_JP3IzT3qXSka8J9EQKSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/TA3RHAyRhbZeooIsQWMB-18Medo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/304762-6733-4c73-8523-047775129148/1/C27I7Y_JP3IzT3qXSka8J9EQKSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.34.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:0e:c6:6a:3a:f7:6a:e2:e9:d3:aa:35:bb:0a:b9:32:7c:96:
         f7:f9:1d:65:83:e3:b1:10:e4:ef:fb:3d:0a:d7:65:f3:68:cd:
         df:3e:4e:56:75:0c:95:0a:e6:7f:6e:6d:ee:c0:fc:06:21:1a:
         c7:f5:54:25:fa:95:6a:bc:8f:aa:a2:12:03:55:04:de:7b:f2:
         86:a9:74:9a:74:68:97:ca:e2:34:36:07:e3:71:a7:46:c0:60:
         f6:25:d4:14:e6:07:7e:84:7b:e4:4d:7f:aa:d3:cb:92:61:db:
         0e:81:29:64:e8:d7:02:5a:da:1b:0d:09:c3:4e:25:7e:ef:17:
         b6:e9:eb:a6:c3:e1:b6:54:ad:2a:c9:fe:bf:4b:49:04:c0:58:
         ce:61:4d:17:04:fa:15:ce:03:10:29:c4:ab:84:e2:e0:20:76:
         f8:33:58:cc:a6:21:58:47:85:e0:dd:42:4b:80:34:50:c5:e6:
         49:35:0a:11:5f:29:91:87:23:e9:19:12:66:eb:d6:d1:f2:48:
         da:5c:65:c5:2a:f2:7e:8b:ab:a7:84:9a:78:52:19:f4:88:6c:
         a1:56:fd:1f:d7:0c:cd:2f:df:75:ce:ee:38:dc:95:03:50:5d:
         f5:fc:0b:6c:ac:5c:fe:98:c1:df:68:23:01:af:09:4b:08:0e:
         6a:77:e2:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6jJUkktMoPVTAg+GsDIN31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmVjOGVkOGZjOTNmNzIzMzRmN2E5NzRhNDZiYzI3ZDEx
MDI5MjMwHhcNMjYwNjA3MTczMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzBkZDExYzBjOTE4NWI2NWVhMjgyMmM0MTYzMDFmYjVmMGM3OWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuixlmZIPTdOj5a/B0sg33OfLBTd7
wZGcX3PUIUxbse65lQeUAjSfXwBJzVbszCWkA6Wh8SVqU7DWVvViaDJ8zDxsqWuD
jP+kM2QxK8RLvvC/8rwqLD+j6DCOLc76DKECtueZyIlPUVGP43nu79Nc6R1RefMO
E0wHX7FBDDymfDTBbRCrYHdMhrfdYi53WIgW1EB/ohkjx/z5BNGkDp0zYYWeLl3Z
I9KCJ3RLpenB499sLXGi7XVMTjAMnhXy9XO+Cbl5JyCEXhL9KAx7YlGTOOjMECbN
F8zw91u4h6niZu94/Un5VzzGJl/0M/UuFKjMzzpKu5U3zWnZBnuca3DLBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwN0RwMkYW2XqKCLEFjAftfDHnaMB8GA1UdIwQY
MBaAFAtuyO2PyT9yM096l0pGvCfRECkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI3STdZX0pQM0l6VDNxWFNrYThKOUVRS1NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zMDQ3NjItNjczMy00YzczLTg1MjMt
MDQ3Nzc1MTI5MTQ4LzEvVEEzUkhBeVJoYlplb29Jc1FXTUItMThNZWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zMDQ3NjItNjczMy00YzczLTg1MjMtMDQ3Nzc1MTI5MTQ4
LzEvQzI3STdZX0pQM0l6VDNxWFNrYThKOUVRS1NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSLOMA0G
CSqGSIb3DQEBCwUAA4IBAQBjDsZqOvdq4unTqjW7CrkyfJb3+R1lg+OxEOTv+z0K
12XzaM3fPk5WdQyVCuZ/bm3uwPwGIRrH9VQl+pVqvI+qohIDVQTee/KGqXSadGiX
yuI0NgfjcadGwGD2JdQU5gd+hHvkTX+q08uSYdsOgSlk6NcCWtobDQnDTiV+7xe2
6eumw+G2VK0qyf6/S0kEwFjOYU0XBPoVzgMQKcSrhOLgIHb4M1jMpiFYR4Xg3UJL
gDRQxeZJNQoRXymRhyPpGRJm69bR8kjaXGXFKvJ+i6unhJp4Uhn0iGyhVv0f1wzN
L991zu443JUDUF31/AtsrFz+mMHfaCMBrwlLCA5qd+I6
-----END CERTIFICATE-----