Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/EMEQainrdjhvrSxfRt2EdTwfFho.roa
File:                     EMEQainrdjhvrSxfRt2EdTwfFho.roa (raw, json)
Hash identifier:          MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=
Subject key identifier:   10:C1:10:6A:29:EB:76:38:6F:AD:2C:5F:46:DD:84:75:3C:1F:16:1A
Certificate issuer:       /CN=e2a10de6ffae590427244a03343db66ac564275a
Certificate serial:       0194252130651FE730CBB6EB6A2DDE3D5EA6
Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/EMEQainrdjhvrSxfRt2EdTwfFho.roa
Signing time:             Thu 02 Jan 2025 03:48:39 +0000
ROA not before:           Thu 02 Jan 2025 03:48:39 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     212498
IP address blocks:        83.97.37.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:21:30:65:1f:e7:30:cb:b6:eb:6a:2d:de:3d:5e:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a
        Validity
            Not Before: Jan  2 03:48:39 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=10c1106a29eb76386fad2c5f46dd84753c1f161a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:47:1c:09:93:f0:f2:30:14:37:a7:e3:ad:a6:
                    a2:5c:40:99:66:4a:69:31:dd:90:29:2d:84:36:ff:
                    7d:5f:1e:9b:95:8c:6a:bc:fd:16:a6:8b:5d:e6:16:
                    c5:00:a3:98:26:35:3f:fe:e9:c9:ff:a8:85:93:ba:
                    be:55:55:53:76:65:53:b1:3d:0f:68:42:39:2c:ac:
                    ce:df:e6:58:b2:3e:a0:d2:75:7c:f9:8e:81:f7:19:
                    bc:8f:c2:ad:ab:46:88:30:65:f2:a4:88:2f:6a:d5:
                    75:4c:c2:cb:d5:a3:f7:aa:fd:9e:c8:19:a4:cc:ad:
                    3f:f0:a4:d1:ee:f4:c7:9a:e5:ff:e2:c7:f9:8b:4f:
                    b5:40:fc:8d:5d:d7:61:ce:fe:e8:9d:72:52:12:1e:
                    cf:a5:56:6b:8c:c3:c1:3a:5c:fe:06:61:ef:ca:e0:
                    03:f4:64:12:dd:a8:79:59:bf:82:dd:1d:9b:d5:2f:
                    48:ab:d0:af:90:c1:be:81:c8:11:99:b7:ae:02:9b:
                    24:b2:8d:e0:8b:68:48:9b:a5:64:9f:fd:ac:3a:c5:
                    af:3f:f2:21:ac:1e:fe:b5:0a:c8:48:d4:2e:0f:33:
                    f3:e1:8b:9f:b4:8a:78:92:18:5c:54:37:ec:74:b8:
                    14:5e:3e:6c:39:cb:4a:38:2c:d9:67:7d:6a:3b:16:
                    c8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:C1:10:6A:29:EB:76:38:6F:AD:2C:5F:46:DD:84:75:3C:1F:16:1A
            X509v3 Authority Key Identifier:
                keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/EMEQainrdjhvrSxfRt2EdTwfFho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:48:06:23:57:1b:df:08:8c:28:6e:2d:83:3a:54:bc:56:fc:
         09:6c:3a:ba:ff:75:ff:b6:0f:02:f6:b9:cf:2e:83:6f:7b:f0:
         6a:2e:e3:1e:8d:9c:ce:2f:cd:f6:0a:85:f2:30:bc:a1:fc:03:
         53:96:b9:2e:d3:87:17:70:42:c9:16:3e:3e:ed:3c:61:f9:8b:
         63:78:a4:05:58:3a:97:88:05:3c:4d:ed:5e:44:3e:b5:04:42:
         68:a7:0f:2d:bf:85:2a:59:c4:5a:e7:83:e8:a2:28:57:32:be:
         e0:3a:f7:65:60:f7:a8:59:03:1c:e1:69:6d:37:bb:83:d5:04:
         1f:53:1f:1b:3e:ba:48:19:a3:a9:50:9f:3d:f6:8f:21:e7:7f:
         6d:02:3e:38:eb:70:74:fb:9a:48:ea:ce:9e:0c:a4:1e:0d:c0:
         0b:44:53:46:60:c5:25:24:0e:09:b9:81:21:8b:d9:ee:72:1a:
         7c:49:16:a3:e4:48:30:a5:fd:a7:8a:94:62:b5:47:0f:00:bb:
         37:32:4d:bd:48:46:6f:bf:e4:84:27:b1:82:3b:d2:54:1f:3d:
         17:e1:c7:14:65:94:0c:35:26:2a:01:02:22:31:6d:1b:90:ef:
         74:8f:14:87:99:6e:90:15:c5:de:d6:64:18:31:73:98:e6:0e:
         5b:15:9e:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlITBlH+cwy7brai3ePV6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2
NDI3NWEwHhcNMjUwMTAyMDM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGMxMTA2YTI5ZWI3NjM4NmZhZDJjNWY0NmRkODQ3NTNjMWYxNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEccCZPw8jAUN6fjraaiXECZZkpp
Md2QKS2ENv99Xx6blYxqvP0Wpotd5hbFAKOYJjU//unJ/6iFk7q+VVVTdmVTsT0P
aEI5LKzO3+ZYsj6g0nV8+Y6B9xm8j8Ktq0aIMGXypIgvatV1TMLL1aP3qv2eyBmk
zK0/8KTR7vTHmuX/4sf5i0+1QPyNXddhzv7onXJSEh7PpVZrjMPBOlz+BmHvyuAD
9GQS3ah5Wb+C3R2b1S9Iq9CvkMG+gcgRmbeuApskso3gi2hIm6Vkn/2sOsWvP/Ih
rB7+tQrISNQuDzPz4YuftIp4khhcVDfsdLgUXj5sOctKOCzZZ31qOxbIawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDBEGop63Y4b60sX0bdhHU8HxYaMB8GA1UdIwQY
MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct
NTc1NTQwNTg2MjBiLzEvRU1FUWFpbnJkamh2clN4ZlJ0MkVkVHdmRmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi
LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU2ElMA0G
CSqGSIb3DQEBCwUAA4IBAQApSAYjVxvfCIwobi2DOlS8VvwJbDq6/3X/tg8C9rnP
LoNve/BqLuMejZzOL832CoXyMLyh/ANTlrku04cXcELJFj4+7Txh+YtjeKQFWDqX
iAU8Te1eRD61BEJopw8tv4UqWcRa54PooihXMr7gOvdlYPeoWQMc4WltN7uD1QQf
Ux8bPrpIGaOpUJ899o8h539tAj4463B0+5pI6s6eDKQeDcALRFNGYMUlJA4JuYEh
i9nuchp8SRaj5Egwpf2nipRitUcPALs3Mk29SEZvv+SEJ7GCO9JUHz0X4ccUZZQM
NSYqAQIiMW0bkO90jxSHmW6QFcXe1mQYMXOY5g5bFZ6v
-----END CERTIFICATE-----