Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/55edCuY1GzwJ04ViJc0dGUolygc.roa
File:                     55edCuY1GzwJ04ViJc0dGUolygc.roa (raw, json)
Hash identifier:          WRqVNnuK9p1jqOQSQqtKpBkCr/HC52k6pnIla8vmJ8I=
Subject key identifier:   E7:97:9D:0A:E6:35:1B:3C:09:D3:85:62:25:CD:1D:19:4A:25:CA:07
Certificate issuer:       /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial:       019859053228DE8C6FE5CD316D17B29DAEAD
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/55edCuY1GzwJ04ViJc0dGUolygc.roa
Signing time:             Wed 30 Jul 2025 01:49:29 +0000
ROA not before:           Wed 30 Jul 2025 01:49:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     32167
IP address blocks:        77.111.98.0/24 maxlen: 24
                          77.111.99.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:59:05:32:28:de:8c:6f:e5:cd:31:6d:17:b2:9d:ae:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
        Validity
            Not Before: Jul 30 01:49:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e7979d0ae6351b3c09d3856225cd1d194a25ca07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ac:26:83:56:50:a6:52:45:99:39:d5:7b:c3:
                    5a:d5:16:85:84:f6:3f:37:cb:67:dd:a0:bb:e2:54:
                    d5:c0:b6:8d:a4:3a:c7:c7:93:32:95:4d:8a:d6:f2:
                    49:61:e0:13:ad:1f:0d:14:e7:d4:b0:94:36:bc:f8:
                    91:b4:fc:66:75:b3:9c:17:55:42:69:d8:c9:48:00:
                    18:49:6a:83:7b:c2:5e:ae:e6:b4:4f:8f:1c:88:75:
                    59:ea:42:8b:f5:a1:a1:45:e5:73:36:af:6b:59:7e:
                    81:a5:15:44:7a:96:57:d3:42:6d:5f:84:5c:27:98:
                    f2:53:3b:84:31:a3:f6:8a:4c:f6:07:db:51:24:5a:
                    06:8a:49:88:fb:bc:9b:18:68:55:df:59:bf:d8:14:
                    e4:1e:96:bf:27:32:9f:c9:97:57:5b:7e:26:67:51:
                    03:28:8d:44:45:eb:f6:84:b9:b4:35:21:99:fc:e9:
                    ae:ea:58:f9:ed:a9:12:0d:2b:f7:78:fa:54:25:62:
                    dc:0c:1a:25:57:db:13:25:82:73:6a:b6:7f:bc:a1:
                    ef:38:72:c4:3d:10:e1:77:a6:2a:74:b8:12:77:e6:
                    19:b7:1f:fe:0f:36:ed:8c:d0:19:de:d3:af:0b:04:
                    49:3e:40:0a:1f:ba:19:72:79:0d:62:d2:e8:72:01:
                    fe:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:97:9D:0A:E6:35:1B:3C:09:D3:85:62:25:CD:1D:19:4A:25:CA:07
            X509v3 Authority Key Identifier:
                keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/55edCuY1GzwJ04ViJc0dGUolygc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.111.98.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c2:9a:a7:3a:29:e6:f6:5a:70:34:b9:aa:da:7f:8f:25:93:62:
         c9:a5:87:af:44:41:ad:22:fb:aa:d6:28:85:4e:a0:55:29:9a:
         9c:a1:e4:9c:d0:1f:c5:ec:ac:a7:b7:22:93:51:db:28:34:a6:
         e3:ca:7c:ac:6b:72:67:6b:b1:e0:7b:64:86:8f:72:3c:38:04:
         d7:4c:63:48:b9:2c:46:a6:cf:ab:48:e4:58:ad:ca:4c:b7:68:
         b7:26:c0:46:d8:1b:ce:db:f7:4f:49:9c:2f:f0:3f:c9:47:76:
         17:50:f0:3a:51:00:c8:d9:93:df:48:d1:f0:b1:a4:04:29:4c:
         04:ab:c7:67:09:f7:ce:df:d8:26:a7:ca:b4:bc:1b:4a:34:ba:
         10:98:f4:ce:2e:2d:16:50:1d:0d:03:68:a7:18:f5:bc:04:8c:
         56:94:a7:3b:c9:99:9d:c1:24:ea:a9:a7:e6:f2:15:9c:bf:be:
         7c:66:c3:fe:99:51:a9:d1:9c:7c:04:24:07:b4:58:bf:c5:fd:
         df:ef:94:13:8f:46:0b:47:72:a3:33:6c:b1:19:c0:6d:c1:f1:
         fd:7f:0e:e6:f1:83:f1:39:55:31:2b:58:b9:60:a5:af:46:1e:
         06:ff:01:2d:49:71:98:4a:6a:ce:7f:b1:ba:81:6b:2d:5b:8d:
         6e:d8:1c:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhZBTIo3oxv5c0xbReyna6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNzMwMDE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzk3OWQwYWU2MzUxYjNjMDlkMzg1NjIyNWNkMWQxOTRhMjVjYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArawmg1ZQplJFmTnVe8Na1RaFhPY/
N8tn3aC74lTVwLaNpDrHx5MylU2K1vJJYeATrR8NFOfUsJQ2vPiRtPxmdbOcF1VC
adjJSAAYSWqDe8Jerua0T48ciHVZ6kKL9aGhReVzNq9rWX6BpRVEepZX00JtX4Rc
J5jyUzuEMaP2ikz2B9tRJFoGikmI+7ybGGhV31m/2BTkHpa/JzKfyZdXW34mZ1ED
KI1ERev2hLm0NSGZ/Omu6lj57akSDSv3ePpUJWLcDBolV9sTJYJzarZ/vKHvOHLE
PRDhd6YqdLgSd+YZtx/+DzbtjNAZ3tOvCwRJPkAKH7oZcnkNYtLocgH+vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOeXnQrmNRs8CdOFYiXNHRlKJcoHMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvNTVlZEN1WTFHendKMDRWaUpjMGRHVW9seWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTW9iMA0G
CSqGSIb3DQEBCwUAA4IBAQDCmqc6Keb2WnA0uaraf48lk2LJpYevREGtIvuq1iiF
TqBVKZqcoeSc0B/F7KyntyKTUdsoNKbjynysa3Jna7Hge2SGj3I8OATXTGNIuSxG
ps+rSORYrcpMt2i3JsBG2BvO2/dPSZwv8D/JR3YXUPA6UQDI2ZPfSNHwsaQEKUwE
q8dnCffO39gmp8q0vBtKNLoQmPTOLi0WUB0NA2inGPW8BIxWlKc7yZmdwSTqqafm
8hWcv758ZsP+mVGp0Zx8BCQHtFi/xf3f75QTj0YLR3KjM2yxGcBtwfH9fw7m8YPx
OVUxK1i5YKWvRh4G/wEtSXGYSmrOf7G6gWstW41u2By3
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:09:47 2025 by rpki-client