Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS48266.roa
File:                     AS48266.roa (raw, json)
Hash identifier:          3SldfKaWP3xOABIbgDMfweZ0U5hjVGYJ+iWwlqcULQw=
Subject key identifier:   9B:30:E7:17:FF:48:5E:FC:FB:97:03:C5:1C:32:97:38:D5:5B:09:4B
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       0C8713599E7F67E3167CDE86906187128D961EE6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS48266.roa
Signing time:             Tue 28 Oct 2025 04:42:51 +0000
ROA not before:           Tue 28 Oct 2025 04:37:51 +0000
ROA not after:            Tue 27 Oct 2026 04:42:51 +0000
asID:                     48266
IP address blocks:        91.124.6.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:87:13:59:9e:7f:67:e3:16:7c:de:86:90:61:87:12:8d:96:1e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Oct 28 04:37:51 2025 GMT
            Not After : Oct 27 04:42:51 2026 GMT
        Subject: CN=9B30E717FF485EFCFB9703C51C329738D55B094B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:78:05:e1:46:06:3a:9c:0d:b2:39:43:75:76:
                    66:33:27:f7:10:9b:58:74:1d:46:96:64:aa:db:06:
                    0a:ef:3e:59:09:2a:00:33:2b:c4:a4:47:42:ac:da:
                    9f:a6:0f:39:6e:19:c6:8f:6f:04:30:5e:3f:cd:65:
                    f0:52:2d:60:86:d5:02:b4:59:d9:e6:76:52:7d:91:
                    0c:e6:9e:76:f1:06:b4:4a:9a:cc:d6:2c:e9:b5:65:
                    00:52:a2:6c:c5:ca:ea:a7:4f:11:b5:81:3e:db:e0:
                    6d:e1:f3:8b:2c:d2:4b:d5:f2:34:0c:09:7b:6d:a1:
                    5e:ba:d7:0d:25:32:cd:b3:26:5b:79:4c:21:ca:53:
                    6c:c5:0b:55:2e:b5:2a:54:da:34:79:7a:1c:6f:2a:
                    37:d6:37:8f:f4:e8:34:aa:4f:64:be:c6:f8:fb:65:
                    8f:30:81:93:d5:8c:7f:c9:ff:22:86:bb:af:c9:c3:
                    9f:30:24:e2:0c:ce:8d:3c:48:ca:84:eb:8c:a8:1e:
                    61:87:21:67:49:1f:6a:ca:6f:5f:80:13:0c:04:eb:
                    eb:d5:aa:ec:1b:84:e3:7f:19:38:63:7d:02:ca:15:
                    7d:41:41:ba:fa:20:a0:16:90:32:49:34:65:35:54:
                    40:44:ad:c4:69:1a:f6:39:e7:d2:c3:95:d3:49:17:
                    f1:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:30:E7:17:FF:48:5E:FC:FB:97:03:C5:1C:32:97:38:D5:5B:09:4B
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS48266.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.124.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:fe:bf:7a:3f:76:13:9d:be:75:60:44:61:3e:4e:ee:e9:d4:
         9f:60:9c:5a:50:58:9a:0a:bb:c2:43:47:0f:f6:96:38:78:31:
         7a:de:3a:b0:65:16:d4:ee:7d:34:35:12:ba:ed:85:56:6a:26:
         5a:a7:e7:be:74:a3:6a:1b:81:fe:13:c2:f9:6f:46:c8:bb:29:
         40:82:04:c2:14:03:90:ce:68:76:c8:b3:ad:fe:89:cb:41:ca:
         f8:6c:db:99:47:4c:e7:24:39:19:bc:d5:fa:78:57:de:0d:66:
         f6:de:c1:ab:1c:86:98:ba:b2:1b:36:32:f2:b3:69:d1:ae:9b:
         80:18:12:c7:54:3d:6d:a8:d8:bb:ba:af:bd:bf:19:79:d3:82:
         de:3d:fb:6b:85:0d:3e:fc:58:75:fa:b7:06:75:e2:b4:6d:c6:
         d8:43:ac:94:67:26:89:24:e5:83:5e:9c:59:82:65:98:fd:28:
         86:59:49:31:f1:3e:7f:5c:45:6c:77:a1:8c:cd:26:a3:1e:ce:
         c9:77:3a:f2:4b:8b:13:1f:32:df:7f:cc:6c:31:44:32:3f:28:
         8b:20:1d:d2:ae:4b:37:bd:23:8a:7c:be:7b:f5:db:1e:33:65:
         59:78:01:4e:f9:bc:9f:4e:37:e5:02:9f:ea:31:0d:86:c2:0c:
         d8:89:75:d7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUDIcTWZ5/Z+MWfN6GkGGHEo2WHuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjgwNDM3NTFaFw0yNjEwMjcwNDQyNTFaMDMxMTAvBgNV
BAMTKDlCMzBFNzE3RkY0ODVFRkNGQjk3MDNDNTFDMzI5NzM4RDU1QjA5NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmeAXhRgY6nA2yOUN1dmYzJ/cQ
m1h0HUaWZKrbBgrvPlkJKgAzK8SkR0Ks2p+mDzluGcaPbwQwXj/NZfBSLWCG1QK0
WdnmdlJ9kQzmnnbxBrRKmszWLOm1ZQBSomzFyuqnTxG1gT7b4G3h84ss0kvV8jQM
CXttoV661w0lMs2zJlt5TCHKU2zFC1UutSpU2jR5ehxvKjfWN4/06DSqT2S+xvj7
ZY8wgZPVjH/J/yKGu6/Jw58wJOIMzo08SMqE64yoHmGHIWdJH2rKb1+AEwwE6+vV
quwbhON/GThjfQLKFX1BQbr6IKAWkDJJNGU1VEBErcRpGvY559LDldNJF/H9AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUmzDnF/9IXvz7lwPFHDKXONVbCUswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDgyNjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbfAYw
DQYJKoZIhvcNAQELBQADggEBAIv+v3o/dhOdvnVgRGE+Tu7p1J9gnFpQWJoKu8JD
Rw/2ljh4MXreOrBlFtTufTQ1ErrthVZqJlqn5750o2obgf4TwvlvRsi7KUCCBMIU
A5DOaHbIs63+ictByvhs25lHTOckORm81fp4V94NZvbewaschpi6shs2MvKzadGu
m4AYEsdUPW2o2Lu6r72/GXnTgt49+2uFDT78WHX6twZ14rRtxthDrJRnJokk5YNe
nFmCZZj9KIZZSTHxPn9cRWx3oYzNJqMezsl3OvJLixMfMt9/zGwxRDI/KIsgHdKu
Sze9I4p8vnv12x4zZVl4AU75vJ9ON+UCn+oxDYbCDNiJddc=
-----END CERTIFICATE-----