Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/UU4xI-IDeZuaxwAij62eAAaWQ_0.roa
File:                     UU4xI-IDeZuaxwAij62eAAaWQ_0.roa (raw, json)
Hash identifier:          V7I4/+fg+WJ0ybpIztp9e8XhyLxQSgqYEJV59yE+n4M=
Subject key identifier:   51:4E:31:23:E2:03:79:9B:9A:C7:00:22:8F:AD:9E:00:06:96:43:FD
Certificate issuer:       /CN=46fe7b56722245116d4234be484a02a48a1dde1f
Certificate serial:       019C712A718818AF47184BFF336854665E46
Authority key identifier: 46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/UU4xI-IDeZuaxwAij62eAAaWQ_0.roa
Signing time:             Wed 18 Feb 2026 14:32:12 +0000
ROA not before:           Wed 18 Feb 2026 14:32:12 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     15576
IP address blocks:        185.79.200.0/23 maxlen: 24
                          2a03:5e20::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:71:2a:71:88:18:af:47:18:4b:ff:33:68:54:66:5e:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46fe7b56722245116d4234be484a02a48a1dde1f
        Validity
            Not Before: Feb 18 14:32:12 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=514e3123e203799b9ac700228fad9e00069643fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:05:28:e8:6f:63:08:cc:25:d4:5b:a6:13:d2:
                    90:1e:07:1c:f8:7a:63:7a:ff:18:ab:26:19:94:bc:
                    8b:fe:e4:cb:9b:da:c7:5c:96:96:b5:b6:da:c7:88:
                    24:5e:29:b2:75:0d:20:36:ff:2c:0c:f4:62:31:a5:
                    9c:43:9d:97:80:ad:cc:99:23:d6:b7:a2:35:ba:f8:
                    9b:77:07:e6:5e:ab:c4:f8:d2:fe:22:75:02:a1:04:
                    5c:c6:7d:0d:9b:9c:cb:78:4c:bd:53:2f:03:b5:cd:
                    52:23:0b:bb:f4:34:e8:bf:39:73:c8:c3:6e:7c:ac:
                    86:8f:4a:45:d1:a2:1d:57:94:b3:18:e7:ac:56:05:
                    80:3e:97:ff:35:4b:a8:10:a5:e3:4c:56:49:33:79:
                    36:40:dc:94:b0:5e:17:1f:0d:ec:fb:c6:0e:08:56:
                    ae:13:6c:6a:18:cc:6e:d9:1a:34:2c:a6:88:33:e9:
                    4b:4b:1e:d0:1d:d7:19:e7:d3:19:a2:d0:5e:36:81:
                    9c:21:ab:e8:11:05:53:a5:e5:f3:2b:aa:ed:02:ec:
                    58:f5:43:f9:5c:22:71:28:96:1d:c4:d2:ee:ff:0d:
                    7f:08:f2:11:21:22:94:99:09:56:8a:71:d8:60:be:
                    cb:ec:c6:30:b0:2c:5f:41:16:3e:fb:9a:30:1c:ea:
                    37:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:4E:31:23:E2:03:79:9B:9A:C7:00:22:8F:AD:9E:00:06:96:43:FD
            X509v3 Authority Key Identifier:
                keyid:46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/UU4xI-IDeZuaxwAij62eAAaWQ_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.200.0/23
                IPv6:
                  2a03:5e20::/32

    Signature Algorithm: sha256WithRSAEncryption
         7c:fb:f3:6d:13:0c:c3:36:2c:92:5b:41:81:fd:9a:29:7c:67:
         a6:da:ec:30:e1:59:62:42:6f:11:03:5a:b9:39:48:62:c3:81:
         6a:df:04:83:be:8a:3f:34:31:97:ef:3a:7f:1e:f7:97:7e:f3:
         1e:b3:04:a5:ea:ae:56:b7:86:4b:cc:ac:b3:d2:69:78:41:ff:
         48:9c:1c:e7:17:ef:ac:a0:1e:b9:e8:ca:37:71:03:4c:76:81:
         31:e5:da:53:6a:7f:3e:84:9c:3d:5d:44:15:27:bd:68:05:e8:
         8e:fd:37:c3:cc:f5:b5:26:30:b9:07:ef:f7:5e:5f:f2:24:a9:
         64:d4:ed:be:09:51:7b:f6:ea:ce:6a:7f:9d:cc:67:95:82:f7:
         35:92:fe:a8:e1:d4:0d:00:b1:2f:d1:6f:ac:a7:d9:e8:64:3e:
         27:01:a7:93:3a:bf:80:9e:a2:f3:96:67:dd:b9:6f:99:52:f9:
         a6:3e:3f:76:e8:c1:73:3a:f4:2e:36:60:f3:71:22:fe:0d:17:
         29:ab:18:71:d2:dd:4d:e1:7f:75:c6:32:f5:01:08:20:fa:4e:
         61:5e:ef:2e:7d:fb:25:b4:2b:3e:89:9a:28:73:d9:05:5b:39:
         3b:48:8b:78:81:77:16:18:97:62:c1:5e:3e:c7:d5:55:80:65:
         39:37:0a:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZxxKnGIGK9HGEv/M2hUZl5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmU3YjU2NzIyMjQ1MTE2ZDQyMzRiZTQ4NGEwMmE0OGEx
ZGRlMWYwHhcNMjYwMjE4MTQzMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTRlMzEyM2UyMDM3OTliOWFjNzAwMjI4ZmFkOWUwMDA2OTY0M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugUo6G9jCMwl1FumE9KQHgcc+Hpj
ev8YqyYZlLyL/uTLm9rHXJaWtbbax4gkXimydQ0gNv8sDPRiMaWcQ52XgK3MmSPW
t6I1uvibdwfmXqvE+NL+InUCoQRcxn0Nm5zLeEy9Uy8Dtc1SIwu79DTovzlzyMNu
fKyGj0pF0aIdV5SzGOesVgWAPpf/NUuoEKXjTFZJM3k2QNyUsF4XHw3s+8YOCFau
E2xqGMxu2Ro0LKaIM+lLSx7QHdcZ59MZotBeNoGcIavoEQVTpeXzK6rtAuxY9UP5
XCJxKJYdxNLu/w1/CPIRISKUmQlWinHYYL7L7MYwsCxfQRY++5owHOo3NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFFOMSPiA3mbmscAIo+tngAGlkP9MB8GA1UdIwQY
MBaAFEb+e1ZyIkURbUI0vkhKAqSKHd4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTct
NGJkMzM5MmQ1NWQxLzEvVVU0eEktSURlWnVheHdBaWo2MmVBQWFXUV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTctNGJkMzM5MmQ1NWQx
LzEvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU/IMA0E
AgACMAcDBQAqA14gMA0GCSqGSIb3DQEBCwUAA4IBAQB8+/NtEwzDNiySW0GB/Zop
fGem2uww4VliQm8RA1q5OUhiw4Fq3wSDvoo/NDGX7zp/HveXfvMeswSl6q5Wt4ZL
zKyz0ml4Qf9InBznF++soB656Mo3cQNMdoEx5dpTan8+hJw9XUQVJ71oBeiO/TfD
zPW1JjC5B+/3Xl/yJKlk1O2+CVF79urOan+dzGeVgvc1kv6o4dQNALEv0W+sp9no
ZD4nAaeTOr+AnqLzlmfduW+ZUvmmPj926MFzOvQuNmDzcSL+DRcpqxhx0t1N4X91
xjL1AQgg+k5hXu8uffsltCs+iZooc9kFWzk7SIt4gXcWGJdiwV4+x9VVgGU5NwrN
-----END CERTIFICATE-----