Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/eaYzedJj0iHFcG0KYnXaq2WaMrg.roa
File:                     eaYzedJj0iHFcG0KYnXaq2WaMrg.roa (raw, json)
Hash identifier:          EFdmtdvNcZKPHNju/URsb5ZZ0wsMbSniQxdmPqLJJss=
Subject key identifier:   79:A6:33:79:D2:63:D2:21:C5:70:6D:0A:62:75:DA:AB:65:9A:32:B8
Certificate issuer:       /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial:       01918015DF4E905329C6C04B1F4655707BD0
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/eaYzedJj0iHFcG0KYnXaq2WaMrg.roa
Signing time:             Fri 23 Aug 2024 16:33:22 +0000
ROA not before:           Fri 23 Aug 2024 16:33:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216246
IP address blocks:        217.144.184.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 06:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:80:15:df:4e:90:53:29:c6:c0:4b:1f:46:55:70:7b:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
        Validity
            Not Before: Aug 23 16:33:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=79a63379d263d221c5706d0a6275daab659a32b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:dc:d8:1c:cb:c8:59:f6:f0:10:90:d5:9e:eb:
                    2d:fa:27:98:0c:06:1d:b1:94:f7:0d:b1:f5:6e:8a:
                    b1:5c:90:3c:0c:11:77:e7:7c:f5:ab:9c:8f:19:40:
                    06:3e:3a:08:20:92:3e:95:5b:0d:8c:c5:5b:9f:3f:
                    0b:eb:bf:d7:41:9b:74:ff:f9:eb:37:2c:1c:13:33:
                    e2:de:28:8a:1d:11:e8:f6:31:98:6f:ec:57:f4:ad:
                    24:db:e0:67:b9:f5:90:da:ce:a7:f1:eb:e8:86:ca:
                    17:c6:83:3b:b5:b2:c1:fe:36:1b:9e:9a:3b:d7:f8:
                    c3:6a:4c:58:cf:69:81:41:bf:ab:fd:5a:94:84:16:
                    b5:c8:d4:60:3b:7f:8a:6f:89:89:28:30:a2:1b:c8:
                    68:d4:b1:a0:ea:a2:97:8f:25:ec:09:66:7d:b6:97:
                    e2:85:32:64:69:51:3e:64:77:de:5c:5a:44:05:5f:
                    26:89:ff:18:6a:50:5d:b8:a8:ba:5e:d1:db:76:7c:
                    1c:fd:3d:be:4e:37:06:8c:07:e8:d8:c2:14:48:b5:
                    83:ec:df:a9:e3:7a:ac:6d:07:20:78:97:14:0b:89:
                    04:0f:41:1e:86:d2:e9:18:8f:1f:c5:31:71:91:7d:
                    5e:b6:be:48:ea:02:8f:8b:99:a4:34:42:f5:9e:05:
                    be:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A6:33:79:D2:63:D2:21:C5:70:6D:0A:62:75:DA:AB:65:9A:32:B8
            X509v3 Authority Key Identifier:
                keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/eaYzedJj0iHFcG0KYnXaq2WaMrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.144.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:ca:d9:21:70:35:71:02:8a:40:f9:c0:34:dc:49:1e:8d:ef:
         62:98:93:ab:79:a6:7b:53:88:ec:68:5f:e0:d5:ae:8f:12:75:
         fb:40:f8:7a:b7:1c:95:60:2d:ac:cd:fd:6b:ab:28:88:a3:f2:
         88:a3:93:73:f2:f1:6f:7c:f6:d9:5a:49:43:91:a3:8f:78:da:
         d3:84:0e:86:97:2d:c8:c3:f6:53:40:7a:7b:6f:43:4f:37:0e:
         db:ef:38:84:85:1d:00:a2:ef:23:5f:2e:62:9f:d9:63:41:34:
         e2:7d:df:90:9b:ba:2b:ed:4f:de:51:a4:5a:ad:59:ff:42:be:
         d8:3e:17:71:f0:d9:4e:61:cd:85:9c:ca:85:24:6e:ef:55:a8:
         79:d9:15:94:f6:d6:3a:42:87:05:aa:c9:eb:bd:88:c1:d6:9b:
         c5:32:b6:43:26:86:55:49:00:c5:f1:91:0a:ba:5b:3a:3a:1e:
         ef:15:d2:ba:0e:a5:08:13:08:6b:ab:38:dd:32:4d:99:df:15:
         f6:b4:3d:d8:2c:b1:95:b8:b7:20:73:1a:ad:f8:d1:0f:35:ce:
         cb:b2:9f:67:3b:3a:3c:3d:f5:eb:d1:18:dd:3e:9d:04:9e:c6:
         25:0e:b6:cf:ef:30:be:0d:ed:bf:fd:2a:67:ec:41:94:f0:8d:
         04:04:3b:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGAFd9OkFMpxsBLH0ZVcHvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwODIzMTYzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE2MzM3OWQyNjNkMjIxYzU3MDZkMGE2Mjc1ZGFhYjY1OWEzMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NzYHMvIWfbwEJDVnust+ieYDAYd
sZT3DbH1boqxXJA8DBF353z1q5yPGUAGPjoIIJI+lVsNjMVbnz8L67/XQZt0//nr
NywcEzPi3iiKHRHo9jGYb+xX9K0k2+BnufWQ2s6n8evohsoXxoM7tbLB/jYbnpo7
1/jDakxYz2mBQb+r/VqUhBa1yNRgO3+Kb4mJKDCiG8ho1LGg6qKXjyXsCWZ9tpfi
hTJkaVE+ZHfeXFpEBV8mif8YalBduKi6XtHbdnwc/T2+TjcGjAfo2MIUSLWD7N+p
43qsbQcgeJcUC4kED0EehtLpGI8fxTFxkX1etr5I6gKPi5mkNEL1ngW+fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmmM3nSY9IhxXBtCmJ12qtlmjK4MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvZWFZemVkSmowaUhGY0cwS1luWGFxMldhTXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZC4MA0G
CSqGSIb3DQEBCwUAA4IBAQCTytkhcDVxAopA+cA03Ekeje9imJOreaZ7U4jsaF/g
1a6PEnX7QPh6txyVYC2szf1rqyiIo/KIo5Nz8vFvfPbZWklDkaOPeNrThA6Gly3I
w/ZTQHp7b0NPNw7b7ziEhR0Aou8jXy5in9ljQTTifd+Qm7or7U/eUaRarVn/Qr7Y
Phdx8NlOYc2FnMqFJG7vVah52RWU9tY6QocFqsnrvYjB1pvFMrZDJoZVSQDF8ZEK
uls6Oh7vFdK6DqUIEwhrqzjdMk2Z3xX2tD3YLLGVuLcgcxqt+NEPNc7Lsp9nOzo8
PfXr0RjdPp0EnsYlDrbP7zC+De2//Spn7EGU8I0EBDse
-----END CERTIFICATE-----