Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/EnEl3j-w99KIdI5ENTznDqsZ0QU.roa
File:                     EnEl3j-w99KIdI5ENTznDqsZ0QU.roa (raw, json)
Hash identifier:          0+nihLinw/HlHretYAxdAaVQ3wWi8vaKXQiqmIpaJxw=
Subject key identifier:   12:71:25:DE:3F:B0:F7:D2:88:74:8E:44:35:3C:E7:0E:AB:19:D1:05
Certificate issuer:       /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial:       01986E80C2B03D3760536BB5775728EE6F3B
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/EnEl3j-w99KIdI5ENTznDqsZ0QU.roa
Signing time:             Sun 03 Aug 2025 05:56:28 +0000
ROA not before:           Sun 03 Aug 2025 05:56:28 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     43754
IP address blocks:        185.132.80.0/22 maxlen: 22
                          185.132.80.0/23 maxlen: 23
                          185.132.80.0/24 maxlen: 24
                          185.132.81.0/24 maxlen: 24
                          185.132.82.0/23 maxlen: 23
                          185.132.82.0/24 maxlen: 24
                          185.132.83.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 23:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:6e:80:c2:b0:3d:37:60:53:6b:b5:77:57:28:ee:6f:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
        Validity
            Not Before: Aug  3 05:56:28 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=127125de3fb0f7d288748e44353ce70eab19d105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:36:97:df:ae:6a:70:be:9a:7b:69:e3:d6:96:
                    a4:f2:8d:24:ba:54:e5:8f:07:3a:df:1d:79:5b:f4:
                    23:00:29:61:88:af:d6:6d:0f:97:93:a5:e6:de:ea:
                    5c:98:1a:e7:0b:1f:c1:cb:6f:67:a1:a4:b5:f8:e0:
                    e1:a1:5d:f3:c9:0a:8a:71:4f:0c:51:b6:a0:ab:da:
                    2e:4d:62:2d:dc:8d:b7:d6:a1:65:23:7e:8f:e2:ae:
                    09:f3:2a:24:5d:d8:82:40:0c:35:77:b7:89:56:3a:
                    c3:6b:70:a0:d3:29:fa:c1:ef:ef:42:7c:90:37:22:
                    6f:52:0f:d3:6b:e2:dd:ed:f6:ae:33:5d:7d:90:81:
                    f6:c1:ca:8c:82:16:7e:2d:b5:43:8e:a9:c4:bf:e6:
                    67:3c:46:d4:24:7d:19:1b:ca:48:eb:ca:d3:e3:20:
                    cb:db:8e:12:b4:3e:2a:a4:0f:9c:a7:26:b2:23:d9:
                    58:f0:a8:5d:aa:f5:90:1d:ab:63:9b:e1:0b:59:5d:
                    48:0f:48:85:81:89:b8:25:3a:b2:84:94:24:4a:6b:
                    98:85:39:5f:11:12:7d:b4:c2:0d:60:31:ad:a6:41:
                    f3:49:b1:7d:3d:13:48:c1:60:ca:74:6e:f6:65:e8:
                    8d:ac:a2:36:9a:cb:65:e1:36:52:4f:eb:6b:17:90:
                    b0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:71:25:DE:3F:B0:F7:D2:88:74:8E:44:35:3C:E7:0E:AB:19:D1:05
            X509v3 Authority Key Identifier:
                keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/EnEl3j-w99KIdI5ENTznDqsZ0QU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.132.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:42:5c:e8:ce:3f:39:c3:d4:72:a6:93:e6:ba:79:86:6f:2b:
         c5:ca:17:2e:f0:2e:b1:cf:6b:12:9e:48:20:b0:04:06:63:b2:
         91:35:88:8f:9f:9b:5a:6c:19:0f:c5:fd:eb:d1:d3:2d:99:bd:
         d1:be:24:d8:d2:8b:5e:e2:22:42:b7:58:d2:d0:c4:50:f4:5b:
         6c:8b:df:a4:7f:9e:77:6c:6f:8e:11:23:9c:d7:37:b3:4e:89:
         e1:d0:ea:7b:c8:11:e9:f2:11:c4:0d:42:b4:1a:08:c0:a7:e7:
         97:38:01:07:b0:c6:41:85:c1:f9:30:15:97:fb:6b:ec:41:8f:
         07:14:86:2e:dc:53:13:9a:d8:cb:ee:1e:14:db:30:cf:c7:f0:
         ee:a2:a4:88:50:77:a1:20:ff:96:d2:e1:bb:7f:97:ad:3a:dd:
         0e:09:47:67:83:e3:50:6f:47:21:7b:a3:67:21:a1:91:e4:81:
         c7:d1:36:14:1a:f3:5f:b4:c0:77:e4:e3:71:62:cc:25:8d:89:
         6d:1c:ea:8a:8f:9f:5b:ea:d1:1f:bf:3f:45:cd:56:06:4d:45:
         f4:65:9f:30:eb:4e:43:ed:3d:44:7f:82:ac:96:06:2f:c5:12:
         7d:91:bf:c7:96:eb:f8:5e:7a:fb:72:5b:2a:6c:4c:23:6d:48:
         0f:41:39:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhugMKwPTdgU2u1d1co7m87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjUwODAzMDU1NjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjcxMjVkZTNmYjBmN2QyODg3NDhlNDQzNTNjZTcwZWFiMTlkMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzaX365qcL6ae2nj1pak8o0kulTl
jwc63x15W/QjAClhiK/WbQ+Xk6Xm3upcmBrnCx/By29noaS1+ODhoV3zyQqKcU8M
Ubagq9ouTWIt3I231qFlI36P4q4J8yokXdiCQAw1d7eJVjrDa3Cg0yn6we/vQnyQ
NyJvUg/Ta+Ld7fauM119kIH2wcqMghZ+LbVDjqnEv+ZnPEbUJH0ZG8pI68rT4yDL
244StD4qpA+cpyayI9lY8KhdqvWQHatjm+ELWV1ID0iFgYm4JTqyhJQkSmuYhTlf
ERJ9tMINYDGtpkHzSbF9PRNIwWDKdG72ZeiNrKI2mstl4TZST+trF5CwcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJxJd4/sPfSiHSORDU85w6rGdEFMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvRW5FbDNqLXc5OUtJZEk1RU5Uem5EcXNaMFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYRQMA0G
CSqGSIb3DQEBCwUAA4IBAQCHQlzozj85w9RyppPmunmGbyvFyhcu8C6xz2sSnkgg
sAQGY7KRNYiPn5tabBkPxf3r0dMtmb3RviTY0ote4iJCt1jS0MRQ9Ftsi9+kf553
bG+OESOc1zezTonh0Op7yBHp8hHEDUK0GgjAp+eXOAEHsMZBhcH5MBWX+2vsQY8H
FIYu3FMTmtjL7h4U2zDPx/DuoqSIUHehIP+W0uG7f5etOt0OCUdng+NQb0che6Nn
IaGR5IHH0TYUGvNftMB35ONxYswljYltHOqKj59b6tEfvz9FzVYGTUX0ZZ8w605D
7T1Ef4KslgYvxRJ9kb/Hluv4Xnr7clsqbEwjbUgPQTnw
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:48:07 2025 by rpki-client