Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa
File:                     AS207459.roa (raw, json)
Hash identifier:          vp2NdaHpqz6ovtSDkVrSzC4gaBPJIGbPZngfi+f+xLI=
Subject key identifier:   56:47:D5:88:5F:4E:E0:1E:CC:67:2C:65:29:99:46:95:72:86:CF:AD
Certificate issuer:       /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial:       79EC1C82BE67EDA4966A507A83D2D7C0052DCE9B
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa
Signing time:             Wed 18 Feb 2026 12:01:57 +0000
ROA not before:           Wed 18 Feb 2026 11:56:57 +0000
ROA not after:            Wed 17 Feb 2027 12:01:57 +0000
asID:                     207459
IP address blocks:        92.249.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:ec:1c:82:be:67:ed:a4:96:6a:50:7a:83:d2:d7:c0:05:2d:ce:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
        Validity
            Not Before: Feb 18 11:56:57 2026 GMT
            Not After : Feb 17 12:01:57 2027 GMT
        Subject: CN=5647D5885F4EE01ECC672C65299946957286CFAD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a0:9f:6b:b4:e1:88:cd:90:51:6a:56:4c:52:
                    23:24:a3:09:b0:df:e1:ba:82:99:6c:3c:ca:a2:57:
                    13:39:65:9a:ff:4d:d8:88:69:73:e5:3d:ec:5d:23:
                    dc:ff:90:42:54:34:00:99:b4:0d:3c:85:15:e6:a8:
                    80:8f:88:89:b6:e7:2a:53:eb:c4:22:c9:ad:f6:dd:
                    65:1d:36:df:2d:a8:ba:2d:6c:d8:c4:62:be:49:b9:
                    1b:ad:73:f3:b0:02:c6:b1:5b:25:d0:82:5d:d5:0b:
                    de:d1:50:70:5e:7c:38:a3:7e:fb:85:b8:43:d3:46:
                    00:ee:b4:12:8f:b9:1a:f0:d0:bf:51:18:5a:66:82:
                    23:9a:59:0f:ba:6d:ea:13:c5:e2:f4:07:ed:80:9c:
                    49:86:22:48:08:44:eb:f6:12:12:71:aa:8a:c6:32:
                    26:03:00:95:86:71:cf:03:a7:28:a1:b2:13:33:0d:
                    4a:cc:d0:e8:50:b4:9e:70:ea:5c:32:de:0a:0a:55:
                    0b:c9:6e:76:aa:95:28:b5:08:20:25:57:0b:6e:b2:
                    da:12:81:0f:28:7b:1a:82:68:44:92:59:d8:68:b9:
                    bf:25:71:20:b6:9f:18:54:a7:bd:43:f5:4d:4f:18:
                    2c:85:16:03:6c:5e:b9:60:b8:0b:8b:10:cd:30:9a:
                    b7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:47:D5:88:5F:4E:E0:1E:CC:67:2C:65:29:99:46:95:72:86:CF:AD
            X509v3 Authority Key Identifier:
                keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS207459.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.249.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:be:89:23:77:8b:6c:e1:cb:d9:f8:6c:b3:3d:8c:58:de:23:
         13:39:c9:2c:25:54:76:0b:5b:f2:57:81:5f:65:1f:76:48:ee:
         81:4f:53:7d:cd:f6:f5:78:f2:af:6b:5c:0d:84:9d:f7:a1:87:
         be:32:42:2b:a2:d3:be:e3:df:05:68:04:e2:d6:66:07:3d:52:
         b1:68:26:d6:c3:26:17:5f:eb:2e:9d:c9:e8:11:e9:0a:7b:9f:
         e3:2f:02:5c:76:48:31:d4:be:9d:2e:79:45:22:7c:ce:60:10:
         96:a4:9b:bf:df:d5:46:e2:97:9b:74:8b:59:f8:4c:96:43:3c:
         80:59:cf:1d:e1:d6:21:f7:44:e6:e7:33:b2:9a:23:cc:3e:e5:
         b0:85:45:47:15:e5:2e:73:44:96:4d:75:09:2d:16:e6:72:95:
         46:0e:3c:4c:41:33:21:e4:e6:36:ea:5b:b7:a8:b5:3d:89:d4:
         f2:7a:d9:62:2d:ae:30:99:15:84:35:4b:6e:60:8b:09:33:28:
         b5:c1:0b:a5:24:36:64:2f:b2:4c:0d:2c:1f:f0:15:2b:3d:4b:
         67:cb:be:2e:a7:85:52:4f:b1:2d:a9:75:50:68:c9:ff:57:10:
         70:c6:d7:35:31:8d:c0:cb:62:4d:f0:25:2a:9d:5e:ce:61:85:
         d2:b9:e7:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUeewcgr5n7aSWalB6g9LXwAUtzpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAyMTgxMTU2NTdaFw0yNzAyMTcxMjAxNTdaMDMxMTAvBgNV
BAMTKDU2NDdENTg4NUY0RUUwMUVDQzY3MkM2NTI5OTk0Njk1NzI4NkNGQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcoJ9rtOGIzZBRalZMUiMkowmw
3+G6gplsPMqiVxM5ZZr/TdiIaXPlPexdI9z/kEJUNACZtA08hRXmqICPiIm25ypT
68Qiya323WUdNt8tqLotbNjEYr5JuRutc/OwAsaxWyXQgl3VC97RUHBefDijfvuF
uEPTRgDutBKPuRrw0L9RGFpmgiOaWQ+6beoTxeL0B+2AnEmGIkgIROv2EhJxqorG
MiYDAJWGcc8DpyihshMzDUrM0OhQtJ5w6lwy3goKVQvJbnaqlSi1CCAlVwtustoS
gQ8oexqCaESSWdhoub8lcSC2nxhUp71D9U1PGCyFFgNsXrlguAuLEM0wmre7AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUVkfViF9O4B7MZyxlKZlGlXKGz60wHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA3NDU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXPk/
MA0GCSqGSIb3DQEBCwUAA4IBAQBBvokjd4ts4cvZ+GyzPYxY3iMTOcksJVR2C1vy
V4FfZR92SO6BT1N9zfb1ePKva1wNhJ33oYe+MkIrotO+498FaATi1mYHPVKxaCbW
wyYXX+suncnoEekKe5/jLwJcdkgx1L6dLnlFInzOYBCWpJu/39VG4pebdItZ+EyW
QzyAWc8d4dYh90Tm5zOymiPMPuWwhUVHFeUuc0SWTXUJLRbmcpVGDjxMQTMh5OY2
6lu3qLU9idTyetliLa4wmRWENUtuYIsJMyi1wQulJDZkL7JMDSwf8BUrPUtny74u
p4VST7EtqXVQaMn/VxBwxtc1MY3Ay2JN8CUqnV7OYYXSuefP
-----END CERTIFICATE-----