Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS47693.roa
File:                     AS47693.roa (raw, json)
Hash identifier:          nt/1FseVSx9OaGhBFE04fvY3yfX7b4zIDmku7XskqGw=
Subject key identifier:   CC:9D:E0:6C:DF:C8:EC:C1:E3:9B:E0:D1:4D:64:CB:F7:A6:DB:C3:3A
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       45CD57E122F55C38D09C6DE98FD7BA88596EA917
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS47693.roa
Signing time:             Fri 03 Apr 2026 12:46:59 +0000
ROA not before:           Fri 03 Apr 2026 12:41:59 +0000
ROA not after:            Fri 02 Apr 2027 12:46:59 +0000
asID:                     47693
IP address blocks:        141.11.255.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:cd:57:e1:22:f5:5c:38:d0:9c:6d:e9:8f:d7:ba:88:59:6e:a9:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Apr  3 12:41:59 2026 GMT
            Not After : Apr  2 12:46:59 2027 GMT
        Subject: CN=CC9DE06CDFC8ECC1E39BE0D14D64CBF7A6DBC33A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ff:17:79:96:fa:5b:e5:a3:bc:29:18:72:ef:
                    3f:5c:a1:bf:a2:8f:22:a8:4f:d7:e1:cc:46:84:ae:
                    a1:86:f3:06:e9:ac:6f:a6:05:6b:f7:44:5b:4c:22:
                    33:24:37:c8:c2:3b:46:5a:aa:00:7a:b9:d2:4e:4c:
                    d2:35:07:60:f8:e0:46:5f:48:74:be:84:25:2f:fc:
                    ed:b0:1d:72:3b:c7:78:c4:26:ab:24:25:c6:8d:2e:
                    12:42:1e:42:10:33:f9:57:bc:5a:d5:b8:3b:c2:27:
                    ab:ee:0d:4a:5e:ec:7f:6f:9a:ac:4c:35:7b:89:63:
                    8d:fc:28:bc:09:86:1e:91:aa:65:0f:4d:26:0a:97:
                    07:4f:ec:5b:f9:c6:09:d0:a1:5c:67:8f:e5:63:b2:
                    ba:e3:5c:89:2c:2e:22:a9:51:45:3a:4a:04:a4:2b:
                    3f:7f:cf:48:9d:40:38:81:96:4e:92:e6:e1:81:89:
                    97:6c:8a:59:1c:30:73:6c:71:c6:77:13:8b:9d:04:
                    4c:b2:ae:79:2e:7f:a4:f6:90:6c:a5:8f:33:3c:ca:
                    81:c0:e0:96:9f:e2:de:9f:fd:6f:d0:b4:66:65:d6:
                    c3:06:24:ff:7c:79:e2:58:66:09:e9:d6:e4:af:27:
                    b8:14:db:e9:8f:cc:27:04:97:b4:5c:e1:05:a5:66:
                    1c:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:9D:E0:6C:DF:C8:EC:C1:E3:9B:E0:D1:4D:64:CB:F7:A6:DB:C3:3A
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS47693.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:7c:be:08:38:58:22:20:01:2e:a9:5d:3f:c5:10:3a:b8:f8:
         59:28:74:41:ce:30:a2:e0:95:e6:c7:0f:f4:75:3f:a0:d7:2b:
         79:84:70:a0:96:d8:60:d8:0a:36:51:88:02:80:a0:12:e3:de:
         65:4e:a2:a5:a2:ed:fb:65:a7:d8:39:c6:eb:46:96:6e:e1:fc:
         3a:79:ad:0f:40:d9:fe:dc:29:de:ef:7a:ad:64:9e:c2:57:47:
         75:ce:aa:77:71:f9:4f:f0:8a:55:da:9f:47:e7:ca:40:15:22:
         2c:7d:f7:14:bd:89:00:a8:d6:3b:23:a4:2d:8e:33:c7:5d:b5:
         ea:ac:7d:a1:41:84:ee:88:84:08:d6:49:d1:36:70:be:b3:14:
         0d:97:85:9b:fa:82:e2:4f:1d:13:0c:5c:41:f0:43:58:3c:43:
         07:d8:88:fd:ab:b8:39:ba:7e:cd:96:4f:87:31:61:4b:8d:a4:
         43:81:f9:50:3e:69:ca:7a:83:23:51:ee:c3:b4:65:80:96:e0:
         d6:61:00:be:cd:ee:e9:e7:73:d0:75:3e:11:5d:91:b1:44:2d:
         5c:4e:e7:f5:52:ce:3d:47:96:de:b0:ee:3f:0a:c2:1f:db:e5:
         11:cf:3f:60:10:5e:69:92:11:25:09:15:23:1b:c2:95:1d:36:
         53:f7:a1:d2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURc1X4SL1XDjQnG3pj9e6iFluqRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA0MDMxMjQxNTlaFw0yNzA0MDIxMjQ2NTlaMDMxMTAvBgNV
BAMTKENDOURFMDZDREZDOEVDQzFFMzlCRTBEMTRENjRDQkY3QTZEQkMzM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU/xd5lvpb5aO8KRhy7z9cob+i
jyKoT9fhzEaErqGG8wbprG+mBWv3RFtMIjMkN8jCO0ZaqgB6udJOTNI1B2D44EZf
SHS+hCUv/O2wHXI7x3jEJqskJcaNLhJCHkIQM/lXvFrVuDvCJ6vuDUpe7H9vmqxM
NXuJY438KLwJhh6RqmUPTSYKlwdP7Fv5xgnQoVxnj+VjsrrjXIksLiKpUUU6SgSk
Kz9/z0idQDiBlk6S5uGBiZdsilkcMHNsccZ3E4udBEyyrnkuf6T2kGyljzM8yoHA
4Jaf4t6f/W/QtGZl1sMGJP98eeJYZgnp1uSvJ7gU2+mPzCcEl7Rc4QWlZhwnAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUzJ3gbN/I7MHjm+DRTWTL96bbwzowHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDc2OTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC/8w
DQYJKoZIhvcNAQELBQADggEBAGF8vgg4WCIgAS6pXT/FEDq4+FkodEHOMKLglebH
D/R1P6DXK3mEcKCW2GDYCjZRiAKAoBLj3mVOoqWi7ftlp9g5xutGlm7h/Dp5rQ9A
2f7cKd7veq1knsJXR3XOqndx+U/wilXan0fnykAVIix99xS9iQCo1jsjpC2OM8dd
teqsfaFBhO6IhAjWSdE2cL6zFA2XhZv6guJPHRMMXEHwQ1g8QwfYiP2ruDm6fs2W
T4cxYUuNpEOB+VA+acp6gyNR7sO0ZYCW4NZhAL7N7unnc9B1PhFdkbFELVxO5/VS
zj1Hlt6w7j8Kwh/b5RHPP2AQXmmSESUJFSMbwpUdNlP3odI=
-----END CERTIFICATE-----