Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS50104.roa
File:                     AS50104.roa (raw, json)
Hash identifier:          6kx54x9xQvLXwyj4C9UuANygmGjnb4yUVhzZV8mE6A4=
Subject key identifier:   B9:D9:B8:DC:DD:41:80:3B:0F:53:12:7F:7D:AB:27:70:0C:01:8F:92
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       1E50F74467FA395D8B80BBB5E2F25784CDC23AF2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS50104.roa
Signing time:             Tue 22 Jul 2025 13:54:13 +0000
ROA not before:           Tue 22 Jul 2025 13:49:13 +0000
ROA not after:            Tue 21 Jul 2026 13:54:13 +0000
asID:                     50104
IP address blocks:        179.61.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:50:f7:44:67:fa:39:5d:8b:80:bb:b5:e2:f2:57:84:cd:c2:3a:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jul 22 13:49:13 2025 GMT
            Not After : Jul 21 13:54:13 2026 GMT
        Subject: CN=B9D9B8DCDD41803B0F53127F7DAB27700C018F92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:40:28:95:12:7b:94:91:d9:84:a4:9f:26:5b:
                    df:a5:4d:40:c6:86:5b:11:5c:d4:07:06:0b:25:d9:
                    2d:df:68:b6:09:df:2a:e5:30:ad:9b:ab:ec:86:3f:
                    e2:23:43:5b:9e:27:60:8b:fc:3e:22:1f:7e:68:d0:
                    ef:59:b0:df:a2:b2:b0:e8:14:c1:3d:0c:f3:8c:d4:
                    b4:07:a3:ee:e8:40:b8:ea:30:db:6c:51:15:c7:53:
                    cb:d7:68:3a:77:36:71:8e:a8:e9:3f:fe:68:82:37:
                    7b:9c:9c:78:88:c6:ae:a6:d6:af:c2:ea:27:f2:d1:
                    9d:6b:ae:63:e3:ee:39:04:2b:8d:6f:ce:e1:84:92:
                    fc:5f:f5:b4:8a:cf:67:b8:f6:3c:2e:96:a1:7f:25:
                    64:41:d8:3d:5d:46:14:ae:8c:ab:8d:1d:b9:a9:60:
                    26:e9:75:ff:fd:74:29:70:ee:56:7a:a8:85:44:de:
                    d8:00:47:c4:3a:2a:ff:1c:da:c6:8d:eb:ce:7b:eb:
                    9f:e0:78:cb:ce:68:06:c9:fd:23:b6:fc:62:00:7f:
                    93:c9:1f:86:1a:09:f2:c0:8c:fc:3c:c4:9e:92:29:
                    cf:db:55:5d:08:58:6e:9e:8f:0f:d1:96:5a:06:cc:
                    94:ec:de:87:23:63:2d:8a:d8:dc:2d:cf:78:d2:b2:
                    d0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D9:B8:DC:DD:41:80:3B:0F:53:12:7F:7D:AB:27:70:0C:01:8F:92
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS50104.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:3f:a5:8a:d8:ac:03:09:01:8b:cd:99:60:59:f5:d8:bb:a2:
         75:84:c4:41:f3:c5:f5:e1:97:77:86:6e:9f:30:46:cf:2e:3d:
         27:fd:92:80:99:81:96:0a:df:2f:e9:8e:17:87:17:db:6a:a9:
         0a:e9:1a:38:b3:1f:33:af:7a:89:72:4c:cc:36:cb:b6:4b:bd:
         2d:6c:84:70:1f:d2:de:03:9a:cc:39:96:b8:89:84:41:15:35:
         82:42:9f:54:78:4f:2b:fc:37:6c:7b:be:ea:cd:11:1b:4a:e3:
         c2:1e:3a:2c:54:6e:c0:44:53:af:6a:5d:f1:2a:19:6b:42:13:
         d0:1e:30:55:48:7e:ab:ae:b1:71:a7:a2:2c:d1:35:30:97:8d:
         f3:10:ab:8a:71:05:fc:5a:34:aa:c8:0b:97:56:0d:6a:4c:41:
         fe:8d:2b:a7:13:a9:93:ab:03:d1:7c:7c:86:53:cd:a4:1e:87:
         4a:2f:af:f5:69:d0:76:aa:a2:65:8d:9b:b9:5d:77:36:14:1f:
         0c:12:45:d9:80:f8:72:6e:7e:e2:d6:ea:dd:e4:dd:ba:b3:ec:
         82:5b:d8:2f:8c:12:85:25:b3:1c:4e:56:94:ae:92:a8:29:09:
         60:ec:64:05:3a:c3:30:af:8f:a4:1c:ed:d9:65:05:58:c6:28:
         ad:59:bf:8e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUHlD3RGf6OV2LgLu14vJXhM3COvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MjIxMzQ5MTNaFw0yNjA3MjExMzU0MTNaMDMxMTAvBgNV
BAMTKEI5RDlCOERDREQ0MTgwM0IwRjUzMTI3RjdEQUIyNzcwMEMwMThGOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpQCiVEnuUkdmEpJ8mW9+lTUDG
hlsRXNQHBgsl2S3faLYJ3yrlMK2bq+yGP+IjQ1ueJ2CL/D4iH35o0O9ZsN+isrDo
FME9DPOM1LQHo+7oQLjqMNtsURXHU8vXaDp3NnGOqOk//miCN3ucnHiIxq6m1q/C
6ify0Z1rrmPj7jkEK41vzuGEkvxf9bSKz2e49jwulqF/JWRB2D1dRhSujKuNHbmp
YCbpdf/9dClw7lZ6qIVE3tgAR8Q6Kv8c2saN685765/geMvOaAbJ/SO2/GIAf5PJ
H4YaCfLAjPw8xJ6SKc/bVV0IWG6ejw/RlloGzJTs3ocjYy2K2Nwtz3jSstDHAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUudm43N1BgDsPUxJ/fasncAwBj5IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTAxMDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACzPYww
DQYJKoZIhvcNAQELBQADggEBAJY/pYrYrAMJAYvNmWBZ9di7onWExEHzxfXhl3eG
bp8wRs8uPSf9koCZgZYK3y/pjheHF9tqqQrpGjizHzOveolyTMw2y7ZLvS1shHAf
0t4Dmsw5lriJhEEVNYJCn1R4Tyv8N2x7vurNERtK48IeOixUbsBEU69qXfEqGWtC
E9AeMFVIfquusXGnoizRNTCXjfMQq4pxBfxaNKrIC5dWDWpMQf6NK6cTqZOrA9F8
fIZTzaQeh0ovr/Vp0HaqomWNm7lddzYUHwwSRdmA+HJufuLW6t3k3bqz7IJb2C+M
EoUlsxxOVpSukqgpCWDsZAU6wzCvj6Qc7dllBVjGKK1Zv44=
-----END CERTIFICATE-----