Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/dpCn75hkt5WCsXcemx99arZsVj4.roa
File:                     dpCn75hkt5WCsXcemx99arZsVj4.roa (raw, json)
Hash identifier:          UNV6qFqvh7+zsZgIxSlwdVSHxi77oGWMR4+NitLYm6U=
Subject key identifier:   76:90:A7:EF:98:64:B7:95:82:B1:77:1E:9B:1F:7D:6A:B6:6C:56:3E
Certificate issuer:       /CN=5543437ee9c5a8c84f8d3483dc5e0fa4ba89cc3d
Certificate serial:       01988445BD4FC812EDC094F4CF8867241CE4
Authority key identifier: 55:43:43:7E:E9:C5:A8:C8:4F:8D:34:83:DC:5E:0F:A4:BA:89:CC:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VUNDfunFqMhPjTSD3F4PpLqJzD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/dpCn75hkt5WCsXcemx99arZsVj4.roa
Signing time:             Thu 07 Aug 2025 11:23:39 +0000
ROA not before:           Thu 07 Aug 2025 11:23:39 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209240
IP address blocks:        79.174.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/VUNDfunFqMhPjTSD3F4PpLqJzD0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/VUNDfunFqMhPjTSD3F4PpLqJzD0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VUNDfunFqMhPjTSD3F4PpLqJzD0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 13:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:84:45:bd:4f:c8:12:ed:c0:94:f4:cf:88:67:24:1c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5543437ee9c5a8c84f8d3483dc5e0fa4ba89cc3d
        Validity
            Not Before: Aug  7 11:23:39 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7690a7ef9864b79582b1771e9b1f7d6ab66c563e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:66:90:0e:b5:9b:35:46:1d:a3:97:76:57:50:
                    e1:b3:7c:3b:84:59:de:9c:d5:44:60:b5:26:67:66:
                    ea:4b:a7:c3:89:7e:b2:b5:a4:e7:88:13:d6:94:b6:
                    24:f0:77:ed:bc:a1:d4:06:9a:4b:80:7d:22:fb:9c:
                    fe:79:7f:ef:de:7f:24:10:8b:e2:ee:ec:b5:b1:2f:
                    f4:2f:35:a9:da:7f:ee:0c:aa:bb:1b:78:57:84:7e:
                    9e:ca:df:06:b4:7c:56:f4:f2:d2:1c:9c:1e:93:00:
                    51:23:1b:44:6a:19:32:9d:05:7c:2b:80:9e:46:39:
                    f7:00:65:8b:b4:62:20:f9:41:a9:a6:61:a3:56:84:
                    a3:71:fc:f9:c9:34:3b:57:1f:2f:60:0a:54:35:ac:
                    c5:ff:30:63:e4:33:27:62:35:ec:93:04:c2:dd:09:
                    01:2a:75:95:01:5d:29:f1:c5:8f:98:dd:04:70:80:
                    32:3c:43:84:1e:d6:94:a1:9f:48:2c:5f:16:8c:f7:
                    27:66:65:96:1e:4e:dd:0b:ff:64:57:9e:ee:94:49:
                    d3:70:5d:f4:63:16:1f:24:e1:6e:ef:73:83:d3:6a:
                    37:17:98:c9:b8:5b:ce:21:1c:07:a3:1f:54:59:f5:
                    d9:66:10:7e:e0:0d:3c:c8:f9:6b:a6:6c:f0:4d:41:
                    24:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:90:A7:EF:98:64:B7:95:82:B1:77:1E:9B:1F:7D:6A:B6:6C:56:3E
            X509v3 Authority Key Identifier:
                keyid:55:43:43:7E:E9:C5:A8:C8:4F:8D:34:83:DC:5E:0F:A4:BA:89:CC:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUNDfunFqMhPjTSD3F4PpLqJzD0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/dpCn75hkt5WCsXcemx99arZsVj4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0b2524-fc7b-4ecf-a813-4a5f92e5bde2/1/VUNDfunFqMhPjTSD3F4PpLqJzD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.174.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:16:52:cb:ae:c6:a3:c2:aa:d9:de:9d:14:63:27:3d:69:6d:
         11:d3:ab:cd:96:4d:d6:b7:8e:74:41:70:09:74:71:f3:00:71:
         dc:4d:30:77:e0:5a:b2:6a:2f:7b:77:43:1a:6a:71:63:88:a4:
         0d:11:27:79:08:22:f8:4d:a6:b4:0c:fd:cc:29:cf:ed:41:fe:
         5b:ba:eb:1f:aa:8f:37:03:ff:33:05:d3:ef:93:32:83:8a:a3:
         62:26:8a:c6:e8:22:1d:1c:80:1c:cd:24:ba:bc:53:cf:22:22:
         51:7b:96:15:d5:2e:25:70:b2:a2:c3:4b:44:95:52:ec:02:ab:
         04:2e:28:5e:a4:65:50:f9:c9:e2:35:2d:b4:65:6e:6a:9e:bb:
         95:7a:7f:79:e5:3d:87:3a:4c:52:c9:d2:bc:91:95:b5:6a:2d:
         f7:73:67:bf:2d:9d:3a:2f:4f:35:ba:2e:97:04:1d:ea:83:b1:
         0d:26:12:84:9a:02:b7:87:ec:37:3e:38:d0:e1:64:71:c3:9c:
         cd:41:32:26:33:1f:bd:58:ad:90:3f:57:30:2c:b1:11:fa:47:
         03:84:4a:7e:a6:f0:eb:40:78:de:df:4e:14:52:96:8d:67:d0:
         4d:6f:24:61:c9:c7:9f:85:cc:86:c7:9f:2b:88:83:58:d3:34:
         1e:50:11:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiERb1PyBLtwJT0z4hnJBzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NDM0MzdlZTljNWE4Yzg0ZjhkMzQ4M2RjNWUwZmE0YmE4
OWNjM2QwHhcNMjUwODA3MTEyMzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjkwYTdlZjk4NjRiNzk1ODJiMTc3MWU5YjFmN2Q2YWI2NmM1NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22aQDrWbNUYdo5d2V1Dhs3w7hFne
nNVEYLUmZ2bqS6fDiX6ytaTniBPWlLYk8HftvKHUBppLgH0i+5z+eX/v3n8kEIvi
7uy1sS/0LzWp2n/uDKq7G3hXhH6eyt8GtHxW9PLSHJwekwBRIxtEahkynQV8K4Ce
Rjn3AGWLtGIg+UGppmGjVoSjcfz5yTQ7Vx8vYApUNazF/zBj5DMnYjXskwTC3QkB
KnWVAV0p8cWPmN0EcIAyPEOEHtaUoZ9ILF8WjPcnZmWWHk7dC/9kV57ulEnTcF30
YxYfJOFu73OD02o3F5jJuFvOIRwHox9UWfXZZhB+4A08yPlrpmzwTUEkjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaQp++YZLeVgrF3HpsffWq2bFY+MB8GA1UdIwQY
MBaAFFVDQ37pxajIT400g9xeD6S6icw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVORGZ1bkZxTWhQalRTRDNGNFBwTHFKekQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wYjI1MjQtZmM3Yi00ZWNmLWE4MTMt
NGE1ZjkyZTViZGUyLzEvZHBDbjc1aGt0NVdDc1hjZW14OTlhclpzVmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wYjI1MjQtZmM3Yi00ZWNmLWE4MTMtNGE1ZjkyZTViZGUy
LzEvVlVORGZ1bkZxTWhQalRTRDNGNFBwTHFKekQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT64bMA0G
CSqGSIb3DQEBCwUAA4IBAQByFlLLrsajwqrZ3p0UYyc9aW0R06vNlk3Wt450QXAJ
dHHzAHHcTTB34Fqyai97d0MaanFjiKQNESd5CCL4Taa0DP3MKc/tQf5buusfqo83
A/8zBdPvkzKDiqNiJorG6CIdHIAczSS6vFPPIiJRe5YV1S4lcLKiw0tElVLsAqsE
LihepGVQ+cniNS20ZW5qnruVen955T2HOkxSydK8kZW1ai33c2e/LZ06L081ui6X
BB3qg7ENJhKEmgK3h+w3PjjQ4WRxw5zNQTImMx+9WK2QP1cwLLER+kcDhEp+pvDr
QHje304UUpaNZ9BNbyRhycefhcyGx58riINY0zQeUBFO
-----END CERTIFICATE-----