Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/_W45yWZbF0IW6tEuWrtSE9T4T4U.roa
File:                     _W45yWZbF0IW6tEuWrtSE9T4T4U.roa (raw, json)
Hash identifier:          LUpLsmmYWa7Qa/cjp3HgkJS6f328ddsso8MNmbggimo=
Subject key identifier:   FD:6E:39:C9:66:5B:17:42:16:EA:D1:2E:5A:BB:52:13:D4:F8:4F:85
Certificate issuer:       /CN=579f227b02600e602efc512605e9ec665ad1f82e
Certificate serial:       019C6C8F3E847BABFFB2F36812AAA0476F4D
Authority key identifier: 57:9F:22:7B:02:60:0E:60:2E:FC:51:26:05:E9:EC:66:5A:D1:F8:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V58iewJgDmAu_FEmBensZlrR-C4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/_W45yWZbF0IW6tEuWrtSE9T4T4U.roa
Signing time:             Tue 17 Feb 2026 17:04:12 +0000
ROA not before:           Tue 17 Feb 2026 17:04:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     214238
IP address blocks:        193.93.168.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/V58iewJgDmAu_FEmBensZlrR-C4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/V58iewJgDmAu_FEmBensZlrR-C4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V58iewJgDmAu_FEmBensZlrR-C4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:6c:8f:3e:84:7b:ab:ff:b2:f3:68:12:aa:a0:47:6f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=579f227b02600e602efc512605e9ec665ad1f82e
        Validity
            Not Before: Feb 17 17:04:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fd6e39c9665b174216ead12e5abb5213d4f84f85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7e:9d:9d:1b:66:a3:01:4c:bc:aa:ec:a6:73:
                    bb:47:76:ae:91:68:61:dc:71:58:3f:0d:c8:52:f7:
                    7d:8f:3b:06:ec:02:af:3a:70:18:c2:2c:ea:12:2c:
                    1b:90:f2:cf:9a:4a:41:97:63:a8:bb:c6:a8:40:c1:
                    9c:1d:ec:dd:e7:3e:b4:e7:23:eb:a5:05:df:09:2f:
                    f0:55:25:1d:21:26:d6:1a:77:67:be:10:4a:7d:86:
                    40:f3:d9:d7:51:06:1d:35:8f:d9:b8:6d:41:f3:b7:
                    4c:f3:c0:d9:5c:a0:59:f8:58:74:c0:6d:50:75:a5:
                    4d:52:8b:6b:f3:e1:be:75:30:32:8a:a6:32:0c:80:
                    a2:f6:45:1d:33:28:8f:ce:97:c2:17:b4:e7:b5:3c:
                    99:e0:84:de:95:32:bc:e9:d8:5a:f1:88:86:98:94:
                    cc:02:75:46:16:60:37:8d:d1:c2:f0:08:ad:84:9a:
                    4e:90:20:93:0d:85:d8:19:f5:a1:75:00:49:fd:9a:
                    5f:f8:fc:1b:f0:60:e3:df:7f:38:09:cc:60:7a:5f:
                    2f:ec:37:5f:a6:1e:f9:7a:2c:f1:b9:13:28:cd:fb:
                    06:9e:81:85:cc:50:69:ba:5b:f5:8b:d9:1f:c2:70:
                    82:5e:e5:55:dc:15:9f:6d:e6:60:34:5a:ba:d9:99:
                    01:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:6E:39:C9:66:5B:17:42:16:EA:D1:2E:5A:BB:52:13:D4:F8:4F:85
            X509v3 Authority Key Identifier:
                keyid:57:9F:22:7B:02:60:0E:60:2E:FC:51:26:05:E9:EC:66:5A:D1:F8:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V58iewJgDmAu_FEmBensZlrR-C4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/_W45yWZbF0IW6tEuWrtSE9T4T4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a696f1-c37c-4c6a-a1a0-eb8e9aa95484/1/V58iewJgDmAu_FEmBensZlrR-C4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.93.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:07:3d:17:a4:94:f8:b1:a2:2c:1f:51:e9:5f:f9:b6:e8:a8:
         d7:1a:45:5f:96:32:dc:73:13:b7:dc:52:6a:b8:e6:0f:da:01:
         85:28:99:85:0a:57:9c:54:5c:32:4c:05:de:f3:e4:b5:e0:8e:
         1e:f0:e2:ec:f2:52:6d:03:64:73:a0:44:06:b8:73:09:f0:d0:
         62:ba:8a:ff:2a:fe:4b:48:d7:22:a2:00:e5:b7:51:d3:f2:69:
         e0:f3:22:b9:e1:a4:33:99:77:cd:dc:50:fb:43:c2:fd:00:bb:
         ae:3d:16:c7:5b:b3:d2:02:2b:95:e7:3c:94:30:ac:13:72:16:
         f7:b9:ec:dd:69:cc:81:48:ca:09:97:5f:e2:47:2f:de:66:ff:
         79:0b:8f:7d:12:d8:34:45:05:3a:00:20:e1:bd:0e:1b:b4:4f:
         cf:59:60:18:1d:b9:3c:ee:e4:03:23:e4:18:0f:e8:1c:09:d1:
         b0:e4:dc:73:43:a9:0e:23:74:97:e9:ea:95:0c:97:93:2c:4d:
         d9:fd:f7:6e:c4:63:06:d7:32:f0:ec:7b:cc:b4:24:66:cb:89:
         d6:c0:58:59:45:75:51:95:45:ca:f7:3e:15:61:61:72:9e:e5:
         57:2c:89:49:04:16:d4:1f:58:d1:88:b8:2b:b9:43:eb:3c:de:
         6b:19:1c:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxsjz6Ee6v/svNoEqqgR29NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWYyMjdiMDI2MDBlNjAyZWZjNTEyNjA1ZTllYzY2NWFk
MWY4MmUwHhcNMjYwMjE3MTcwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDZlMzljOTY2NWIxNzQyMTZlYWQxMmU1YWJiNTIxM2Q0Zjg0Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn6dnRtmowFMvKrspnO7R3aukWhh
3HFYPw3IUvd9jzsG7AKvOnAYwizqEiwbkPLPmkpBl2Oou8aoQMGcHezd5z605yPr
pQXfCS/wVSUdISbWGndnvhBKfYZA89nXUQYdNY/ZuG1B87dM88DZXKBZ+Fh0wG1Q
daVNUotr8+G+dTAyiqYyDICi9kUdMyiPzpfCF7TntTyZ4ITelTK86dha8YiGmJTM
AnVGFmA3jdHC8AithJpOkCCTDYXYGfWhdQBJ/Zpf+Pwb8GDj3384Ccxgel8v7Ddf
ph75eizxuRMozfsGnoGFzFBpulv1i9kfwnCCXuVV3BWfbeZgNFq62ZkBnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1uOclmWxdCFurRLlq7UhPU+E+FMB8GA1UdIwQY
MBaAFFefInsCYA5gLvxRJgXp7GZa0fguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjU4aWV3SmdEbUF1X0ZFbUJlbnNabHJSLUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hNjk2ZjEtYzM3Yy00YzZhLWExYTAt
ZWI4ZTlhYTk1NDg0LzEvX1c0NXlXWmJGMElXNnRFdVdydFNFOVQ0VDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hNjk2ZjEtYzM3Yy00YzZhLWExYTAtZWI4ZTlhYTk1NDg0
LzEvVjU4aWV3SmdEbUF1X0ZFbUJlbnNabHJSLUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwV2oMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Bz0XpJT4saIsH1HpX/m26KjXGkVfljLccxO33FJq
uOYP2gGFKJmFClecVFwyTAXe8+S14I4e8OLs8lJtA2RzoEQGuHMJ8NBiuor/Kv5L
SNciogDlt1HT8mng8yK54aQzmXfN3FD7Q8L9ALuuPRbHW7PSAiuV5zyUMKwTchb3
uezdacyBSMoJl1/iRy/eZv95C499Etg0RQU6ACDhvQ4btE/PWWAYHbk87uQDI+QY
D+gcCdGw5NxzQ6kOI3SX6eqVDJeTLE3Z/fduxGMG1zLw7HvMtCRmy4nWwFhZRXVR
lUXK9z4VYWFynuVXLIlJBBbUH1jRiLgruUPrPN5rGRye
-----END CERTIFICATE-----