Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/B5xzluZY3MO07Y-DnPhReukzoAM.roa
File:                     B5xzluZY3MO07Y-DnPhReukzoAM.roa (raw, json)
Hash identifier:          yLbG1QhNKSifZB6S6ehHViwPbt5RRExGQbO6VZAzEXk=
Subject key identifier:   07:9C:73:96:E6:58:DC:C3:B4:ED:8F:83:9C:F8:51:7A:E9:33:A0:03
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       019C9E8D9DC1181489B910EDBFACC6A28205
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/B5xzluZY3MO07Y-DnPhReukzoAM.roa
Signing time:             Fri 27 Feb 2026 10:03:26 +0000
ROA not before:           Fri 27 Feb 2026 10:03:26 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     9304
IP address blocks:        45.132.27.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:9e:8d:9d:c1:18:14:89:b9:10:ed:bf:ac:c6:a2:82:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Feb 27 10:03:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=079c7396e658dcc3b4ed8f839cf8517ae933a003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1c:43:bb:65:c3:46:c6:2e:a0:10:03:60:56:
                    d3:79:a7:b4:2b:d2:4c:93:a2:86:f5:44:aa:52:cd:
                    9e:76:3e:4b:ce:0e:5a:87:6e:66:93:23:87:b1:43:
                    77:0c:16:45:ad:5e:a2:55:30:f4:a3:d9:6a:ef:3a:
                    c6:f9:f0:91:00:f8:ef:e3:04:3b:44:83:1a:77:d9:
                    af:6d:98:d6:84:f1:33:7c:d5:e2:1d:a4:ec:cb:7b:
                    c1:6d:c6:ee:53:25:9d:69:02:e3:eb:7f:3a:20:2d:
                    da:65:f3:e8:04:b0:70:b9:04:9f:dc:3a:61:e8:e5:
                    54:f9:2b:f3:a3:b7:42:e4:a5:d7:23:76:2f:c2:68:
                    be:62:88:7a:5d:99:4c:3b:25:bc:1c:71:2f:e1:42:
                    09:de:8a:8e:1d:ce:16:54:9c:d6:b2:36:cf:21:17:
                    ec:75:3f:03:77:b1:f8:e9:a0:dc:ed:c0:30:26:4c:
                    9e:4c:8f:c7:4f:d7:79:0c:92:02:e4:85:21:46:64:
                    fa:13:98:3d:8f:30:81:79:b4:77:01:d6:28:2c:31:
                    f3:f9:fa:b2:48:11:64:06:38:08:13:1c:58:8d:86:
                    ba:7b:6c:bc:3d:8b:81:27:61:b6:ee:08:5f:ff:e4:
                    90:fd:3c:2b:dd:9f:7e:c2:53:01:98:80:e5:2e:d2:
                    ab:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:9C:73:96:E6:58:DC:C3:B4:ED:8F:83:9C:F8:51:7A:E9:33:A0:03
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/B5xzluZY3MO07Y-DnPhReukzoAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:ee:01:ab:b3:3d:00:cd:5c:7f:38:38:eb:82:b9:1d:aa:be:
         26:9b:b6:0c:c5:0b:2f:72:98:dd:1e:e9:e6:58:b2:30:ea:d5:
         01:e6:b0:6d:dd:ff:8d:dd:99:0c:17:18:5e:54:04:5a:1e:63:
         78:98:8c:f8:a8:53:6e:a0:96:7e:09:25:53:4d:3d:5e:d4:4a:
         04:32:3b:5c:d2:3e:a4:3a:33:a3:db:27:0c:0b:74:38:90:6d:
         d7:6a:e1:b3:6f:e2:b3:7c:fb:da:3a:fd:7d:f2:8c:4a:83:25:
         72:30:2f:b8:0a:5e:af:4f:f4:77:ae:7e:43:4b:b2:09:7b:d6:
         13:37:4c:91:0b:91:09:9a:82:19:89:60:5c:93:6a:68:3c:4c:
         43:85:cf:ce:02:0c:df:08:22:05:48:c2:fe:8e:d3:5a:6e:4c:
         bc:b9:4f:af:06:ca:4c:61:79:83:78:93:ce:26:8e:3f:b7:c0:
         55:04:7b:80:67:05:30:80:0a:40:28:7d:c9:df:c7:c7:89:10:
         4d:2c:22:25:df:29:ab:c6:84:d6:25:d6:32:0d:d2:d1:ec:d2:
         c1:53:3b:5b:05:ef:ca:7e:d1:d7:a6:75:3f:a4:ec:9f:c8:73:
         08:f3:b7:61:88:c4:16:e6:f2:8e:74:97:5c:c0:72:9a:d8:3d:
         7b:43:0d:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyejZ3BGBSJuRDtv6zGooIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjYwMjI3MTAwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzljNzM5NmU2NThkY2MzYjRlZDhmODM5Y2Y4NTE3YWU5MzNhMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBxDu2XDRsYuoBADYFbTeae0K9JM
k6KG9USqUs2edj5Lzg5ah25mkyOHsUN3DBZFrV6iVTD0o9lq7zrG+fCRAPjv4wQ7
RIMad9mvbZjWhPEzfNXiHaTsy3vBbcbuUyWdaQLj6386IC3aZfPoBLBwuQSf3Dph
6OVU+Svzo7dC5KXXI3Yvwmi+Yoh6XZlMOyW8HHEv4UIJ3oqOHc4WVJzWsjbPIRfs
dT8Dd7H46aDc7cAwJkyeTI/HT9d5DJIC5IUhRmT6E5g9jzCBebR3AdYoLDHz+fqy
SBFkBjgIExxYjYa6e2y8PYuBJ2G27ghf/+SQ/Twr3Z9+wlMBmIDlLtKrfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAecc5bmWNzDtO2Pg5z4UXrpM6ADMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvQjV4emx1WlkzTU8wN1ktRG5QaFJldWt6b0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYQbMA0G
CSqGSIb3DQEBCwUAA4IBAQAu7gGrsz0AzVx/ODjrgrkdqr4mm7YMxQsvcpjdHunm
WLIw6tUB5rBt3f+N3ZkMFxheVARaHmN4mIz4qFNuoJZ+CSVTTT1e1EoEMjtc0j6k
OjOj2ycMC3Q4kG3XauGzb+KzfPvaOv198oxKgyVyMC+4Cl6vT/R3rn5DS7IJe9YT
N0yRC5EJmoIZiWBck2poPExDhc/OAgzfCCIFSML+jtNabky8uU+vBspMYXmDeJPO
Jo4/t8BVBHuAZwUwgApAKH3J38fHiRBNLCIl3ymrxoTWJdYyDdLR7NLBUztbBe/K
ftHXpnU/pOyfyHMI87dhiMQW5vKOdJdcwHKa2D17Qw2r
-----END CERTIFICATE-----