Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/houQ9u30xj5aefamWngrYmyITpY.roa
File:                     houQ9u30xj5aefamWngrYmyITpY.roa (raw, json)
Hash identifier:          AJ5LqePhdExXWELye1HMcJ+FDfGWDGdZL31bXpVH4Pg=
Subject key identifier:   86:8B:90:F6:ED:F4:C6:3E:5A:79:F6:A6:5A:78:2B:62:6C:88:4E:96
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       018CC64B941A95CFFAB7A4ED2863DEE841B9
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/houQ9u30xj5aefamWngrYmyITpY.roa
Signing time:             Mon 01 Jan 2024 18:31:31 +0000
ROA not before:           Mon 01 Jan 2024 18:31:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203828
IP address blocks:        85.31.248.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:94:1a:95:cf:fa:b7:a4:ed:28:63:de:e8:41:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 18:31:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=868b90f6edf4c63e5a79f6a65a782b626c884e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:03:33:82:55:34:f1:c3:34:af:e1:65:30:ad:
                    31:4d:56:12:6d:b2:dd:b9:45:f2:42:83:3d:b0:38:
                    60:b1:cc:eb:70:b5:d8:31:d4:a1:8b:bb:4a:ff:34:
                    1b:92:a8:c8:b1:fb:ca:06:9a:5f:ea:e5:c0:84:2d:
                    29:2d:fc:6c:d2:6d:0c:a6:a3:1e:c7:e6:3e:45:d3:
                    7a:e8:cb:8f:5d:d8:2b:df:43:6e:27:41:be:7d:cc:
                    67:a8:f1:7f:e1:2f:ea:17:e9:92:41:ac:df:e0:85:
                    e4:d6:71:3f:d9:37:ee:e9:bd:16:f8:33:e4:27:c3:
                    4b:95:8f:6c:59:66:82:b7:60:a4:40:38:e5:91:b7:
                    e3:9e:11:6a:b2:c1:3d:e5:79:a9:37:84:c2:3a:07:
                    dd:49:be:69:5b:24:85:50:d4:3e:1c:59:a3:42:9a:
                    ab:3d:aa:16:c1:f9:16:6c:3e:e6:56:a8:6c:8b:17:
                    f4:44:b1:0c:5e:3c:6c:5b:7b:6a:bd:c6:5c:0d:4b:
                    73:c6:ed:00:66:bf:96:c4:f8:3b:49:a4:42:c2:fe:
                    02:65:03:a7:aa:41:3d:2e:3b:ea:84:1d:e0:84:43:
                    58:0f:81:24:0c:55:98:8f:9d:ac:42:73:94:2e:9e:
                    60:a7:73:2c:0f:f4:d4:56:91:fb:a7:15:29:f3:27:
                    a4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:8B:90:F6:ED:F4:C6:3E:5A:79:F6:A6:5A:78:2B:62:6C:88:4E:96
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/houQ9u30xj5aefamWngrYmyITpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.31.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:08:30:8f:49:57:6d:8b:55:ee:83:5f:45:ee:49:ea:3a:3e:
         f8:fb:c9:82:98:20:5c:f7:c0:1a:eb:76:77:f9:58:0a:6d:9e:
         45:12:86:49:23:9e:12:2c:3d:c0:71:95:85:f9:1d:a6:4e:d8:
         b3:1a:1d:20:dd:f4:ab:c8:ed:7e:0a:b5:e4:c8:cc:ab:ac:64:
         03:b2:c9:4c:27:01:62:b5:26:24:ee:dc:99:07:0b:54:b6:23:
         d2:d5:25:44:06:c7:46:81:ec:82:94:de:39:56:94:60:9d:d9:
         7a:5c:88:89:ff:e6:93:5a:fe:0e:f2:73:e9:bd:5c:da:33:84:
         ec:dd:82:06:de:65:57:6c:ce:4b:f2:8b:19:23:c4:b1:14:de:
         31:dc:a4:96:cb:b7:39:37:7f:34:00:01:89:30:37:ff:d6:41:
         d2:20:d2:35:e6:bb:ed:21:6e:32:d4:a6:6d:28:cc:14:66:5b:
         fb:d9:7d:2e:74:c8:f3:ac:b2:31:c7:2b:2c:bb:5c:85:44:c3:
         87:1d:4f:98:2c:17:6a:e2:82:05:31:d0:b4:f7:66:22:33:74:
         45:f9:2e:55:fe:e7:17:4d:af:5d:e9:d0:b5:ef:80:12:5e:91:
         6a:90:2a:5b:9e:f5:43:b5:ce:57:e3:23:b2:d3:83:cb:0b:b0:
         d0:59:86:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS5Qalc/6t6TtKGPe6EG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhiOTBmNmVkZjRjNjNlNWE3OWY2YTY1YTc4MmI2MjZjODg0ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QMzglU08cM0r+FlMK0xTVYSbbLd
uUXyQoM9sDhgsczrcLXYMdShi7tK/zQbkqjIsfvKBppf6uXAhC0pLfxs0m0MpqMe
x+Y+RdN66MuPXdgr30NuJ0G+fcxnqPF/4S/qF+mSQazf4IXk1nE/2Tfu6b0W+DPk
J8NLlY9sWWaCt2CkQDjlkbfjnhFqssE95XmpN4TCOgfdSb5pWySFUNQ+HFmjQpqr
PaoWwfkWbD7mVqhsixf0RLEMXjxsW3tqvcZcDUtzxu0AZr+WxPg7SaRCwv4CZQOn
qkE9LjvqhB3ghENYD4EkDFWYj52sQnOULp5gp3MsD/TUVpH7pxUp8yekAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaLkPbt9MY+Wnn2plp4K2JsiE6WMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvaG91UTl1MzB4ajVhZWZhbVduZ3JZbXlJVHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVR/4MA0G
CSqGSIb3DQEBCwUAA4IBAQCCCDCPSVdti1Xug19F7knqOj74+8mCmCBc98Aa63Z3
+VgKbZ5FEoZJI54SLD3AcZWF+R2mTtizGh0g3fSryO1+CrXkyMyrrGQDsslMJwFi
tSYk7tyZBwtUtiPS1SVEBsdGgeyClN45VpRgndl6XIiJ/+aTWv4O8nPpvVzaM4Ts
3YIG3mVXbM5L8osZI8SxFN4x3KSWy7c5N380AAGJMDf/1kHSINI15rvtIW4y1KZt
KMwUZlv72X0udMjzrLIxxyssu1yFRMOHHU+YLBdq4oIFMdC092YiM3RF+S5V/ucX
Ta9d6dC174ASXpFqkCpbnvVDtc5X4yOy04PLC7DQWYY1
-----END CERTIFICATE-----