Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/eb7sx9ePFPxVxN3dxUZev0OlGYY.roa
File:                     eb7sx9ePFPxVxN3dxUZev0OlGYY.roa (raw, json)
Hash identifier:          w0wJJey1W+F7kCK7HbjcBxe63Ekx0R0PVYnXFa3QcR0=
Subject key identifier:   79:BE:EC:C7:D7:8F:14:FC:55:C4:DD:DD:C5:46:5E:BF:43:A5:19:86
Certificate issuer:       /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial:       019854AE49B0243D92A2453FA0A08B47507C
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/eb7sx9ePFPxVxN3dxUZev0OlGYY.roa
Signing time:             Tue 29 Jul 2025 05:36:04 +0000
ROA not before:           Tue 29 Jul 2025 05:36:04 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     212238
IP address blocks:        84.37.34.0/23 maxlen: 24
                          84.37.38.0/23 maxlen: 24
                          84.37.178.0/23 maxlen: 24
                          84.37.180.0/23 maxlen: 24
                          84.37.182.0/23 maxlen: 24
                          84.37.194.0/23 maxlen: 24
                          84.37.220.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 11:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:54:ae:49:b0:24:3d:92:a2:45:3f:a0:a0:8b:47:50:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
        Validity
            Not Before: Jul 29 05:36:04 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=79beecc7d78f14fc55c4ddddc5465ebf43a51986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4a:86:c6:c4:c5:26:6b:ac:2d:3a:ec:39:61:
                    04:af:d5:89:2a:64:44:6e:1f:0a:09:5b:af:44:92:
                    51:1c:b1:3d:de:54:9a:4b:87:4d:2a:35:9a:a4:ed:
                    88:72:57:de:1d:6d:e8:19:17:e2:4f:cf:88:21:e8:
                    42:4e:73:5c:2c:1a:5e:33:54:31:54:f2:1c:44:a7:
                    1d:bc:81:62:e9:b9:1d:2b:c1:dd:d4:0e:c9:dd:70:
                    39:61:17:c8:78:b0:e5:ee:11:9b:0a:29:a1:2d:9e:
                    97:43:79:52:33:d0:7e:cc:bc:a6:a8:14:b1:b2:70:
                    ef:8e:7b:3a:9c:b5:99:c1:c3:fa:b4:13:f4:1b:dd:
                    90:27:ef:1a:7d:41:89:6b:26:40:fc:8b:a0:67:0b:
                    18:f8:7f:5e:da:e8:b0:56:73:cf:ef:8b:fe:5b:e3:
                    4f:2b:eb:a8:2c:7a:31:09:3b:57:6b:78:e5:3e:06:
                    3b:09:e6:17:1b:54:73:b7:cd:f7:1e:27:9b:d0:6b:
                    85:35:2f:94:3b:30:0d:d3:7a:f8:c7:ea:b5:c9:a0:
                    8b:8e:04:17:da:8e:a0:44:fc:56:1d:24:59:ba:25:
                    72:b7:ed:d8:ba:8f:80:21:93:c7:3a:9c:82:de:78:
                    28:1c:b7:6b:a7:11:7a:d3:ab:dd:0d:34:5e:7d:19:
                    96:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:BE:EC:C7:D7:8F:14:FC:55:C4:DD:DD:C5:46:5E:BF:43:A5:19:86
            X509v3 Authority Key Identifier:
                keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/eb7sx9ePFPxVxN3dxUZev0OlGYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.37.34.0/23
                  84.37.38.0/23
                  84.37.178.0-84.37.183.255
                  84.37.194.0/23
                  84.37.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:35:71:e2:7d:35:c7:01:4d:b8:3e:b0:a5:74:c4:cc:97:b5:
         c3:62:fb:ef:f2:bf:c9:38:1b:e3:7c:3c:39:65:10:36:da:b1:
         50:58:a2:65:f9:75:98:be:d8:8a:c5:03:d9:b2:72:45:59:e1:
         5a:c0:7b:5c:94:e2:0d:14:b2:ec:6f:34:9f:1f:92:ed:8e:bb:
         3e:77:ff:57:06:18:21:95:ff:49:12:10:15:26:1d:a5:a6:60:
         da:90:70:10:c8:87:fe:b8:04:58:b9:89:72:0f:de:03:3c:14:
         04:cb:30:7a:04:17:b6:69:50:8e:4a:c4:37:a3:78:50:d9:a5:
         89:08:94:0e:4e:35:dc:48:31:30:d5:ee:b5:72:95:fe:d0:69:
         b4:33:ad:0e:bf:54:5c:c9:d8:99:45:4e:e9:72:77:63:25:5d:
         94:d5:e7:55:ac:24:c5:91:44:40:cb:7b:ab:38:6f:71:39:47:
         6d:d1:81:1e:6a:6d:70:7a:91:1e:c0:1c:01:ca:9f:8f:8a:b7:
         bd:82:5e:0a:b9:29:6d:46:ad:b4:18:37:0f:c0:79:90:95:4e:
         e4:19:6f:50:d5:03:f0:82:56:8b:e2:0f:64:1f:42:ca:7c:5d:
         9b:f5:47:9f:90:97:96:40:b4:66:ac:0c:d8:cb:f6:5c:cb:b4:
         28:c0:ae:28
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhUrkmwJD2SokU/oKCLR1B8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwNzI5MDUzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWJlZWNjN2Q3OGYxNGZjNTVjNGRkZGRjNTQ2NWViZjQzYTUxOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEqGxsTFJmusLTrsOWEEr9WJKmRE
bh8KCVuvRJJRHLE93lSaS4dNKjWapO2IclfeHW3oGRfiT8+IIehCTnNcLBpeM1Qx
VPIcRKcdvIFi6bkdK8Hd1A7J3XA5YRfIeLDl7hGbCimhLZ6XQ3lSM9B+zLymqBSx
snDvjns6nLWZwcP6tBP0G92QJ+8afUGJayZA/IugZwsY+H9e2uiwVnPP74v+W+NP
K+uoLHoxCTtXa3jlPgY7CeYXG1Rzt833Hieb0GuFNS+UOzAN03r4x+q1yaCLjgQX
2o6gRPxWHSRZuiVyt+3Yuo+AIZPHOpyC3ngoHLdrpxF606vdDTRefRmW4QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHm+7MfXjxT8VcTd3cVGXr9DpRmGMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvZWI3c3g5ZVBGUHhWeE4zZHhVWmV2ME9sR1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVCUiAwQB
VCUmMAwDBAFUJbIDBANUJbADBAFUJcIDBAFUJdwwDQYJKoZIhvcNAQELBQADggEB
AD01ceJ9NccBTbg+sKV0xMyXtcNi++/yv8k4G+N8PDllEDbasVBYomX5dZi+2IrF
A9myckVZ4VrAe1yU4g0UsuxvNJ8fku2Ouz53/1cGGCGV/0kSEBUmHaWmYNqQcBDI
h/64BFi5iXIP3gM8FATLMHoEF7ZpUI5KxDejeFDZpYkIlA5ONdxIMTDV7rVylf7Q
abQzrQ6/VFzJ2JlFTulyd2MlXZTV51WsJMWRREDLe6s4b3E5R23RgR5qbXB6kR7A
HAHKn4+Kt72CXgq5KW1GrbQYNw/AeZCVTuQZb1DVA/CCVoviD2QfQsp8XZv1R5+Q
l5ZAtGasDNjL9lzLtCjArig=
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:37:22 2025 by rpki-client