Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/wZUVkqB6E-aCMAdUL9kA2ghbJsU.roa
File:                     wZUVkqB6E-aCMAdUL9kA2ghbJsU.roa (raw, json)
Hash identifier:          3wvCztUy4SNcpk1iX0gY8NL+kTpS+pWyTYrHQh19Dds=
Subject key identifier:   C1:95:15:92:A0:7A:13:E6:82:30:07:54:2F:D9:00:DA:08:5B:26:C5
Certificate issuer:       /CN=9e687583810cc0064edb4efe4057f5a61a55e70b
Certificate serial:       019B7CEE5D4B937E66AD99C1B2E6543FF344
Authority key identifier: 9E:68:75:83:81:0C:C0:06:4E:DB:4E:FE:40:57:F5:A6:1A:55:E7:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nmh1g4EMwAZO207-QFf1phpV5ws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/wZUVkqB6E-aCMAdUL9kA2ghbJsU.roa
Signing time:             Fri 02 Jan 2026 04:19:14 +0000
ROA not before:           Fri 02 Jan 2026 04:19:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     197550
IP address blocks:        46.173.192.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/nmh1g4EMwAZO207-QFf1phpV5ws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/nmh1g4EMwAZO207-QFf1phpV5ws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nmh1g4EMwAZO207-QFf1phpV5ws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ee:5d:4b:93:7e:66:ad:99:c1:b2:e6:54:3f:f3:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e687583810cc0064edb4efe4057f5a61a55e70b
        Validity
            Not Before: Jan  2 04:19:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c1951592a07a13e6823007542fd900da085b26c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fe:1d:d4:3a:33:45:59:f8:11:03:0d:67:11:
                    ac:75:d2:e2:93:be:c6:eb:61:8e:f2:c6:e1:2a:31:
                    2e:ff:eb:36:5b:3e:be:42:97:44:54:e1:2b:c5:07:
                    2c:d3:28:96:e1:94:c9:6d:4b:f7:6b:c9:78:56:f8:
                    e3:31:33:e5:bf:f4:0d:e1:04:99:37:7d:45:be:de:
                    22:4e:63:53:76:50:c4:72:b0:de:ef:37:48:15:9e:
                    06:e6:4d:63:e4:6a:ec:c7:a2:ba:8f:5a:84:96:e8:
                    7c:42:17:14:b9:49:e8:10:84:04:b0:ff:aa:a2:6d:
                    9c:be:db:33:6f:e3:34:79:a6:5e:55:9a:f1:60:ca:
                    47:33:61:97:2d:a0:c6:60:e5:39:82:40:ff:d5:f5:
                    88:1b:90:9b:61:a0:dd:ea:8b:48:97:7c:56:82:04:
                    70:98:92:5f:12:f8:35:1e:c0:8f:af:9f:62:42:be:
                    33:bf:16:8e:48:e8:60:35:2e:d4:87:8e:5a:2b:8c:
                    f9:cd:4c:ae:b3:a2:f8:78:1c:0a:81:8f:14:0a:fe:
                    2b:48:4c:aa:dc:ad:95:c6:0c:43:7b:56:77:ae:02:
                    9e:64:48:6d:1d:2e:06:4f:ad:bf:07:8f:36:8c:33:
                    77:5c:46:b1:76:ce:69:d2:25:2f:66:15:fc:0b:58:
                    e5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:95:15:92:A0:7A:13:E6:82:30:07:54:2F:D9:00:DA:08:5B:26:C5
            X509v3 Authority Key Identifier:
                keyid:9E:68:75:83:81:0C:C0:06:4E:DB:4E:FE:40:57:F5:A6:1A:55:E7:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nmh1g4EMwAZO207-QFf1phpV5ws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/wZUVkqB6E-aCMAdUL9kA2ghbJsU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/7f78e3-0ccd-41fc-9883-69be037bf079/1/nmh1g4EMwAZO207-QFf1phpV5ws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.173.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b8:4f:5d:95:4f:c9:bc:21:d0:eb:98:f6:3d:52:5f:a0:8c:fa:
         ac:98:df:e4:d3:de:df:95:cc:a3:35:5a:a6:f3:bd:01:af:92:
         46:fd:f8:d3:75:9a:c8:b6:b0:ea:e7:f4:4e:9b:2f:01:b1:af:
         c6:32:53:1f:fe:48:b0:7b:4d:e4:79:62:47:d7:17:28:0d:a1:
         18:af:e7:5b:2e:26:91:03:cc:af:e6:a5:d1:60:ee:c9:db:60:
         7e:81:02:f0:c9:3a:06:d7:01:89:5e:73:02:68:ce:45:8a:ff:
         2b:64:d7:94:71:9b:02:8a:cf:e6:32:28:48:4e:2b:34:53:46:
         f4:e7:8e:c5:fc:72:b8:63:a8:96:2b:87:ed:65:45:fd:e0:f5:
         85:f4:81:db:02:c8:0f:88:90:5b:26:98:8b:98:d4:24:80:e2:
         a9:de:ed:24:b9:fd:df:0c:86:06:d6:3a:05:a6:be:75:66:cd:
         f9:06:db:1c:00:31:56:22:27:6a:87:ed:90:d5:5b:13:bb:15:
         bd:e4:6e:b0:8b:f4:5b:b3:14:a1:f5:77:fb:81:2f:8f:c4:42:
         08:63:45:68:ae:9e:26:26:1a:ac:44:2c:17:9a:c1:46:26:2f:
         5f:e3:ef:95:17:6b:06:60:a5:07:5a:5a:34:d0:1a:ff:57:0a:
         c0:91:55:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt87l1Lk35mrZnBsuZUP/NEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNjg3NTgzODEwY2MwMDY0ZWRiNGVmZTQwNTdmNWE2MWE1
NWU3MGIwHhcNMjYwMTAyMDQxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk1MTU5MmEwN2ExM2U2ODIzMDA3NTQyZmQ5MDBkYTA4NWIyNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/4d1DozRVn4EQMNZxGsddLik77G
62GO8sbhKjEu/+s2Wz6+QpdEVOErxQcs0yiW4ZTJbUv3a8l4VvjjMTPlv/QN4QSZ
N31Fvt4iTmNTdlDEcrDe7zdIFZ4G5k1j5Grsx6K6j1qEluh8QhcUuUnoEIQEsP+q
om2cvtszb+M0eaZeVZrxYMpHM2GXLaDGYOU5gkD/1fWIG5CbYaDd6otIl3xWggRw
mJJfEvg1HsCPr59iQr4zvxaOSOhgNS7Uh45aK4z5zUyus6L4eBwKgY8UCv4rSEyq
3K2VxgxDe1Z3rgKeZEhtHS4GT62/B482jDN3XEaxds5p0iUvZhX8C1jlfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGVFZKgehPmgjAHVC/ZANoIWybFMB8GA1UdIwQY
MBaAFJ5odYOBDMAGTttO/kBX9aYaVecLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm1oMWc0RU13QVpPMjA3LVFGZjFwaHBWNXdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC83Zjc4ZTMtMGNjZC00MWZjLTk4ODMt
NjliZTAzN2JmMDc5LzEvd1pVVmtxQjZFLWFDTUFkVUw5a0EyZ2hiSnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC83Zjc4ZTMtMGNjZC00MWZjLTk4ODMtNjliZTAzN2JmMDc5
LzEvbm1oMWc0RU13QVpPMjA3LVFGZjFwaHBWNXdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELq3AMA0G
CSqGSIb3DQEBCwUAA4IBAQC4T12VT8m8IdDrmPY9Ul+gjPqsmN/k097flcyjNVqm
870Br5JG/fjTdZrItrDq5/ROmy8Bsa/GMlMf/kiwe03keWJH1xcoDaEYr+dbLiaR
A8yv5qXRYO7J22B+gQLwyToG1wGJXnMCaM5Fiv8rZNeUcZsCis/mMihITis0U0b0
547F/HK4Y6iWK4ftZUX94PWF9IHbAsgPiJBbJpiLmNQkgOKp3u0kuf3fDIYG1joF
pr51Zs35BtscADFWIidqh+2Q1VsTuxW95G6wi/RbsxSh9Xf7gS+PxEIIY0Vorp4m
JhqsRCwXmsFGJi9f4++VF2sGYKUHWlo00Br/VwrAkVVs
-----END CERTIFICATE-----