Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/zvDigeQlBoKJlhQo9OPahUy9E_M.roa
File:                     zvDigeQlBoKJlhQo9OPahUy9E_M.roa (raw, json)
Hash identifier:          QX+oYYBq2P8yR5/yKVD83zulZdFWNmmkAbHPDpDdO4Y=
Subject key identifier:   CE:F0:E2:81:E4:25:06:82:89:96:14:28:F4:E3:DA:85:4C:BD:13:F3
Certificate issuer:       /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial:       019EBAF0504806FC161A6F0A7634DD2E6579
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/zvDigeQlBoKJlhQo9OPahUy9E_M.roa
Signing time:             Fri 12 Jun 2026 08:26:11 +0000
ROA not before:           Fri 12 Jun 2026 08:26:11 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     153947
IP address blocks:        87.83.175.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 15:15:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:ba:f0:50:48:06:fc:16:1a:6f:0a:76:34:dd:2e:65:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e20b034e2c497b1884488def106972704765029
        Validity
            Not Before: Jun 12 08:26:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=cef0e281e425068289961428f4e3da854cbd13f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:28:3f:0c:87:3f:df:1f:c7:f3:af:8a:41:15:
                    72:7e:30:a5:04:fb:eb:19:c5:02:50:8e:3f:c8:53:
                    00:f1:65:b7:99:e4:8a:b7:d5:79:ef:d4:a4:38:4e:
                    1a:13:cc:20:cb:8b:a9:dd:89:d2:99:d3:ea:83:af:
                    ce:31:e8:b5:c4:cd:70:79:13:7d:82:43:01:a7:25:
                    a1:1f:03:a2:73:c9:ea:36:52:8d:54:d3:9b:14:12:
                    93:91:14:94:17:87:d3:05:d2:8a:4d:d8:ae:70:29:
                    ba:10:9e:2b:5a:35:ce:9c:19:4c:c0:c0:b8:97:c8:
                    fb:4a:f1:d3:31:e0:bb:39:8e:be:09:39:f2:c0:8c:
                    c0:89:20:95:64:e9:fe:0f:36:e8:1c:69:c9:5c:a1:
                    86:45:12:c1:75:3d:b5:09:51:54:1b:76:82:14:8d:
                    ce:b2:2a:3d:5b:9e:ba:20:88:42:5a:63:d9:2e:b8:
                    aa:d2:94:ea:44:f6:05:57:41:1d:9e:3c:9d:47:cc:
                    d0:f2:51:47:15:3b:49:07:91:2d:20:95:25:bf:ef:
                    10:b6:d1:d3:52:7b:80:4b:83:7d:e4:5c:8b:75:e2:
                    14:39:31:f1:d2:af:54:24:1f:34:6c:fe:b3:21:98:
                    11:2b:82:06:8d:c7:ba:f5:5b:cc:d1:10:d3:03:2c:
                    de:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F0:E2:81:E4:25:06:82:89:96:14:28:F4:E3:DA:85:4C:BD:13:F3
            X509v3 Authority Key Identifier:
                keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/zvDigeQlBoKJlhQo9OPahUy9E_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.83.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:e2:f5:02:6a:ff:d8:3a:8f:58:57:74:13:20:b3:ee:c7:cc:
         29:5a:bc:1b:b2:bd:43:b0:7b:7a:5d:4b:72:67:5d:57:62:46:
         45:03:3c:f6:34:16:c0:78:48:0e:d0:c0:83:1d:3e:8a:44:ff:
         a3:c2:87:97:30:38:67:c0:0b:8f:46:9e:cd:bd:a3:05:e1:b0:
         ca:d8:f4:62:37:98:02:63:7e:e4:a6:e8:fb:26:b4:3c:b5:9f:
         9f:94:75:2b:ee:78:9c:f9:ba:08:db:6b:39:5e:77:e2:dc:ff:
         52:32:b5:f4:28:49:17:65:96:35:2e:35:8c:f1:03:6a:e3:96:
         5c:b1:6d:1a:ce:32:84:ef:5c:91:f0:55:45:6d:b6:5e:a5:65:
         61:d4:be:d2:9a:de:63:a7:9b:c8:5f:2b:04:fe:19:9d:a0:69:
         a6:96:ab:1c:bb:bf:af:16:da:25:7d:e8:2d:1a:3c:48:31:c7:
         2f:a8:da:17:c5:aa:a1:5e:76:80:f9:e7:1d:67:39:8c:bf:4f:
         6e:d4:de:12:2c:ed:05:f2:5d:ad:ca:95:18:5e:d3:df:e2:80:
         90:f6:d2:35:3b:85:0d:2e:c4:8a:08:2a:48:78:08:d9:4d:8f:
         fe:d1:25:6b:2f:83:28:cd:91:83:16:92:43:4e:47:86:da:e6:
         6e:d7:89:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ668FBIBvwWGm8KdjTdLmV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNjEyMDgyNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWYwZTI4MWU0MjUwNjgyODk5NjE0MjhmNGUzZGE4NTRjYmQxM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyg/DIc/3x/H86+KQRVyfjClBPvr
GcUCUI4/yFMA8WW3meSKt9V579SkOE4aE8wgy4up3YnSmdPqg6/OMei1xM1weRN9
gkMBpyWhHwOic8nqNlKNVNObFBKTkRSUF4fTBdKKTdiucCm6EJ4rWjXOnBlMwMC4
l8j7SvHTMeC7OY6+CTnywIzAiSCVZOn+DzboHGnJXKGGRRLBdT21CVFUG3aCFI3O
sio9W566IIhCWmPZLriq0pTqRPYFV0EdnjydR8zQ8lFHFTtJB5EtIJUlv+8QttHT
UnuAS4N95FyLdeIUOTHx0q9UJB80bP6zIZgRK4IGjce69VvM0RDTAyzepwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7w4oHkJQaCiZYUKPTj2oVMvRPzMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvenZEaWdlUWxCb0tKbGhRbzlPUGFoVXk5RV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV1OvMA0G
CSqGSIb3DQEBCwUAA4IBAQCU4vUCav/YOo9YV3QTILPux8wpWrwbsr1DsHt6XUty
Z11XYkZFAzz2NBbAeEgO0MCDHT6KRP+jwoeXMDhnwAuPRp7NvaMF4bDK2PRiN5gC
Y37kpuj7JrQ8tZ+flHUr7nic+boI22s5Xnfi3P9SMrX0KEkXZZY1LjWM8QNq45Zc
sW0azjKE71yR8FVFbbZepWVh1L7Smt5jp5vIXysE/hmdoGmmlqscu7+vFtolfegt
GjxIMccvqNoXxaqhXnaA+ecdZzmMv09u1N4SLO0F8l2typUYXtPf4oCQ9tI1O4UN
LsSKCCpIeAjZTY/+0SVrL4MozZGDFpJDTkeG2uZu14mF
-----END CERTIFICATE-----