Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1405.roa
File:                     AS1405.roa (raw, json)
Hash identifier:          TpgTxPHgMrtVWsQKyAQ4w5R3u0IYtXu/WzR0qa3gLn8=
Subject key identifier:   4E:04:10:63:43:D5:47:DB:F9:38:0F:BD:A9:99:72:25:95:63:A7:60
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       303468E6C1B3A4F14D2412286AB50FC2B11529F1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1405.roa
Signing time:             Thu 04 Jun 2026 12:19:26 +0000
ROA not before:           Thu 04 Jun 2026 12:14:26 +0000
ROA not after:            Thu 03 Jun 2027 12:19:26 +0000
asID:                     1405
IP address blocks:        82.39.160.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 15:07:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:34:68:e6:c1:b3:a4:f1:4d:24:12:28:6a:b5:0f:c2:b1:15:29:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun  4 12:14:26 2026 GMT
            Not After : Jun  3 12:19:26 2027 GMT
        Subject: CN=4E04106343D547DBF9380FBDA99972259563A760
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:93:a0:88:39:75:dd:94:ca:a3:0d:3d:eb:d0:
                    08:9b:71:ec:0c:02:8f:f1:e0:19:bb:7c:24:bc:f7:
                    40:a3:84:f0:4e:f1:5a:81:ec:1d:14:33:18:5f:1e:
                    fe:36:6d:c9:fa:bc:99:99:b1:a0:0d:26:21:c9:65:
                    a2:f9:a8:aa:61:94:3e:5b:1b:04:4c:a8:04:8e:59:
                    4b:1d:64:77:45:56:42:6b:70:6b:2a:a1:25:03:ad:
                    03:7b:c2:a4:ef:1b:e4:bf:76:42:a8:fa:62:fe:d9:
                    e6:95:ff:0d:80:aa:d5:e7:75:6a:88:8d:68:27:ce:
                    64:6c:6a:e3:ca:d0:e9:ed:e5:db:36:99:78:c2:6f:
                    25:6b:04:24:e3:47:74:33:e6:ce:eb:18:07:71:45:
                    88:4b:1b:77:c4:74:33:bc:ab:f8:55:6f:55:e2:60:
                    c3:1f:b4:10:d9:ae:85:f1:00:d5:11:bb:6a:fc:85:
                    15:be:d6:6d:cf:bc:47:45:0b:65:f5:49:d1:51:b7:
                    5f:a9:62:a6:63:0a:dd:9b:48:6e:f2:00:14:b8:c4:
                    01:67:10:14:44:38:9b:ac:c5:ed:a6:a7:02:c5:df:
                    5e:a5:8c:6c:bd:d6:eb:8e:c0:bc:f0:75:9a:07:f2:
                    5d:bc:1d:c2:86:a0:f3:d1:c2:d9:f5:35:f7:0e:c6:
                    38:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:04:10:63:43:D5:47:DB:F9:38:0F:BD:A9:99:72:25:95:63:A7:60
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS1405.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.39.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:a8:dd:c2:64:d8:9b:6c:58:e8:6a:67:d2:5c:29:22:2f:0e:
         7d:26:65:aa:d5:33:f6:0b:f2:af:ce:50:5e:52:85:83:0c:cc:
         8c:5e:27:91:2b:6a:00:7d:a1:c2:ee:44:94:17:c8:af:0f:8f:
         b9:8d:62:f8:c9:63:2c:14:a8:ec:66:21:86:f2:3d:80:6b:a8:
         17:6b:f6:82:34:ed:df:ed:0a:e8:52:e8:57:28:85:22:56:d2:
         7d:86:ab:c7:33:bb:b4:5e:a5:bf:be:67:0f:5e:f8:24:d9:97:
         11:d9:36:f1:31:af:60:a5:8a:b0:14:07:6e:af:43:00:e5:f6:
         41:a8:68:60:86:84:87:8f:84:b0:e1:6f:c5:a1:51:dd:d4:96:
         43:78:f4:f7:27:49:1f:d7:cd:2c:ca:b1:28:c7:30:33:72:db:
         cd:a5:31:e5:eb:db:f1:16:dd:80:a2:28:c5:55:dd:6f:1e:ed:
         21:25:23:82:e0:69:16:58:67:1f:04:14:28:8a:cb:48:7e:81:
         05:4b:6b:9f:ef:9c:80:ea:d5:43:96:76:93:63:e6:76:01:e6:
         62:42:59:b3:0e:d6:73:66:f1:b7:b9:f2:97:0e:fe:d9:00:2e:
         72:17:ba:b0:08:89:4a:c2:3e:40:0a:4e:d1:4b:41:7d:f5:ff:
         32:ed:50:6d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUMDRo5sGzpPFNJBIoarUPwrEVKfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDQxMjE0MjZaFw0yNzA2MDMxMjE5MjZaMDMxMTAvBgNV
BAMTKDRFMDQxMDYzNDNENTQ3REJGOTM4MEZCREE5OTk3MjI1OTU2M0E3NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0k6CIOXXdlMqjDT3r0AibcewM
Ao/x4Bm7fCS890CjhPBO8VqB7B0UMxhfHv42bcn6vJmZsaANJiHJZaL5qKphlD5b
GwRMqASOWUsdZHdFVkJrcGsqoSUDrQN7wqTvG+S/dkKo+mL+2eaV/w2AqtXndWqI
jWgnzmRsauPK0Ont5ds2mXjCbyVrBCTjR3Qz5s7rGAdxRYhLG3fEdDO8q/hVb1Xi
YMMftBDZroXxANURu2r8hRW+1m3PvEdFC2X1SdFRt1+pYqZjCt2bSG7yABS4xAFn
EBREOJusxe2mpwLF316ljGy91uuOwLzwdZoH8l28HcKGoPPRwtn1NfcOxjivAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUTgQQY0PVR9v5OA+9qZlyJZVjp2AwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTQwNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFInoDAN
BgkqhkiG9w0BAQsFAAOCAQEAiqjdwmTYm2xY6Gpn0lwpIi8OfSZlqtUz9gvyr85Q
XlKFgwzMjF4nkStqAH2hwu5ElBfIrw+PuY1i+MljLBSo7GYhhvI9gGuoF2v2gjTt
3+0K6FLoVyiFIlbSfYarxzO7tF6lv75nD174JNmXEdk28TGvYKWKsBQHbq9DAOX2
QahoYIaEh4+EsOFvxaFR3dSWQ3j09ydJH9fNLMqxKMcwM3LbzaUx5evb8RbdgKIo
xVXdbx7tISUjguBpFlhnHwQUKIrLSH6BBUtrn++cgOrVQ5Z2k2PmdgHmYkJZsw7W
c2bxt7nylw7+2QAuche6sAiJSsI+QApO0UtBffX/Mu1QbQ==
-----END CERTIFICATE-----