Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lce29TxMLeElQDDpQ8Ij3c0X0Tk.roa
File:                     lce29TxMLeElQDDpQ8Ij3c0X0Tk.roa (raw, json)
Hash identifier:          78Yo5skViqQdWGup+psFTOfViVx1RTBcrcCMhgyvzbM=
Subject key identifier:   95:C7:B6:F5:3C:4C:2D:E1:25:40:30:E9:43:C2:23:DD:CD:17:D1:39
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       0194266C2EC9A10AE6B50939BE12BA9BA518
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lce29TxMLeElQDDpQ8Ij3c0X0Tk.roa
Signing time:             Thu 02 Jan 2025 09:50:11 +0000
ROA not before:           Thu 02 Jan 2025 09:50:11 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     213939
IP address blocks:        5.178.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 07 Apr 2025 05:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:26:6c:2e:c9:a1:0a:e6:b5:09:39:be:12:ba:9b:a5:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Jan  2 09:50:11 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=95c7b6f53c4c2de1254030e943c223ddcd17d139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2c:40:c9:63:ba:91:75:7c:67:93:15:23:e7:
                    c1:b1:df:87:bf:6d:d5:e6:77:3a:a0:fd:26:27:be:
                    27:34:7a:b5:6d:69:a4:a6:7c:17:87:bc:fa:a6:62:
                    cd:fe:a1:72:19:ca:b3:b8:07:ed:3e:c6:51:c8:ab:
                    1d:7d:9e:19:03:ef:18:67:85:95:7a:61:06:65:73:
                    1e:3d:ee:37:65:5f:ff:1b:f7:bd:9b:ee:94:92:42:
                    03:01:31:09:27:1c:05:b4:77:25:c7:c4:a6:ee:4b:
                    aa:22:61:4b:87:14:28:43:a5:32:18:b1:80:a6:aa:
                    07:e9:a3:a5:f0:2f:bb:16:d4:c2:41:57:c9:2b:87:
                    e1:5a:16:1f:13:4e:4f:51:9f:2e:ee:e0:a3:90:a7:
                    4a:67:3c:11:1a:c9:2f:e2:42:b8:2b:64:3f:a4:a2:
                    64:ef:5c:cd:85:6b:a6:20:1d:42:14:2b:55:c3:1a:
                    d4:6e:5b:66:c7:ee:79:7b:89:f8:08:85:25:90:f6:
                    c8:cb:f5:dc:8b:72:15:39:91:0f:bf:51:20:81:c9:
                    d3:5a:60:22:53:5b:54:5b:f1:96:a0:86:5f:80:f8:
                    49:d6:8e:01:dd:b8:e1:2d:8b:24:db:88:7a:77:45:
                    67:99:0c:17:91:14:dd:df:86:49:b5:b1:e2:bf:34:
                    9d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:C7:B6:F5:3C:4C:2D:E1:25:40:30:E9:43:C2:23:DD:CD:17:D1:39
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/lce29TxMLeElQDDpQ8Ij3c0X0Tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:80:4d:9a:18:c2:c8:3f:96:0b:c1:0e:fc:a7:77:2a:84:2e:
         2c:c5:25:ca:94:9f:97:ff:97:2c:90:e5:98:bd:7c:8d:86:8f:
         55:0a:e1:69:86:52:84:a7:db:c1:f2:87:fd:86:37:56:3a:fb:
         1d:78:c7:6b:19:f8:f2:83:db:45:99:91:c1:c2:0f:e5:6d:c5:
         81:9a:c3:19:a5:36:19:b0:75:2b:a3:b1:fe:01:39:f1:9d:26:
         53:24:78:0a:f8:d5:21:bb:96:d2:88:9e:3d:51:76:5e:d3:3d:
         df:8d:af:44:67:7a:6c:30:ee:a1:f0:b7:91:4c:c8:64:c2:3d:
         bc:ba:e3:14:9d:fb:8b:09:21:bc:da:31:89:e0:36:04:df:3f:
         e4:6b:d3:1c:72:7c:8a:53:fa:42:29:0b:1c:19:f4:63:3d:57:
         bd:93:d4:70:fd:e4:bd:76:bd:9b:b0:4e:44:5b:2b:a0:6b:3b:
         bf:2d:ff:46:4d:17:ff:ce:9a:28:3c:91:b2:98:2f:48:36:c0:
         30:9e:ff:74:75:4d:8d:95:b7:55:0a:d5:16:ed:3a:b7:ff:c0:
         5d:bc:0d:e8:70:69:c0:5d:33:d1:1f:a6:27:fe:ac:68:60:76:
         dd:d1:5c:2b:96:c7:99:fe:89:ce:b8:30:6b:5b:9b:14:f9:c3:
         0c:36:78:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbC7JoQrmtQk5vhK6m6UYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM3YjZmNTNjNGMyZGUxMjU0MDMwZTk0M2MyMjNkZGNkMTdkMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSxAyWO6kXV8Z5MVI+fBsd+Hv23V
5nc6oP0mJ74nNHq1bWmkpnwXh7z6pmLN/qFyGcqzuAftPsZRyKsdfZ4ZA+8YZ4WV
emEGZXMePe43ZV//G/e9m+6UkkIDATEJJxwFtHclx8Sm7kuqImFLhxQoQ6UyGLGA
pqoH6aOl8C+7FtTCQVfJK4fhWhYfE05PUZ8u7uCjkKdKZzwRGskv4kK4K2Q/pKJk
71zNhWumIB1CFCtVwxrUbltmx+55e4n4CIUlkPbIy/Xci3IVOZEPv1EggcnTWmAi
U1tUW/GWoIZfgPhJ1o4B3bjhLYsk24h6d0VnmQwXkRTd34ZJtbHivzSdXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXHtvU8TC3hJUAw6UPCI93NF9E5MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbGNlMjlUeE1MZUVsUUREcFE4SWozYzBYMFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJpMA0G
CSqGSIb3DQEBCwUAA4IBAQCggE2aGMLIP5YLwQ78p3cqhC4sxSXKlJ+X/5cskOWY
vXyNho9VCuFphlKEp9vB8of9hjdWOvsdeMdrGfjyg9tFmZHBwg/lbcWBmsMZpTYZ
sHUro7H+ATnxnSZTJHgK+NUhu5bSiJ49UXZe0z3fja9EZ3psMO6h8LeRTMhkwj28
uuMUnfuLCSG82jGJ4DYE3z/ka9MccnyKU/pCKQscGfRjPVe9k9Rw/eS9dr2bsE5E
Wyugazu/Lf9GTRf/zpooPJGymC9INsAwnv90dU2NlbdVCtUW7Tq3/8BdvA3ocGnA
XTPRH6Yn/qxoYHbd0VwrlseZ/onOuDBrW5sU+cMMNniP
-----END CERTIFICATE-----