Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/6-v18hxJzersln3NYvAoAWXae3Q.roa
File:                     6-v18hxJzersln3NYvAoAWXae3Q.roa (raw, json)
Hash identifier:          mM909kMEyYakLQ84/zMk3pFsEB5kkaaKEHX9yvQZKMc=
Subject key identifier:   EB:EB:F5:F2:1C:49:CD:EA:EC:96:7D:CD:62:F0:28:01:65:DA:7B:74
Certificate issuer:       /CN=b27261d715348bfd73ce9dbb72488656993ba2f1
Certificate serial:       018FC20ADC456728C5295A3775DED1222A47
Authority key identifier: B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/6-v18hxJzersln3NYvAoAWXae3Q.roa
Signing time:             Wed 29 May 2024 01:50:42 +0000
ROA not before:           Wed 29 May 2024 01:50:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62429
IP address blocks:        31.24.87.0/24 maxlen: 24
                          185.124.64.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 27 Jun 2024 02:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c2:0a:dc:45:67:28:c5:29:5a:37:75:de:d1:22:2a:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b27261d715348bfd73ce9dbb72488656993ba2f1
        Validity
            Not Before: May 29 01:50:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ebebf5f21c49cdeaec967dcd62f0280165da7b74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9d:fa:31:d3:45:22:96:61:08:c9:6e:22:9f:
                    58:3b:be:0e:8c:e1:5e:96:bc:9f:da:50:c2:ad:f2:
                    c0:c9:85:ac:49:ed:d7:0b:4c:9a:c2:6a:04:91:cd:
                    6f:03:4c:cc:5d:3e:b7:0b:ba:3d:55:43:21:80:21:
                    88:c0:f0:83:45:fa:d1:03:82:eb:bc:a4:89:ef:c4:
                    06:13:13:d8:cd:6e:f7:a2:56:8e:c3:5a:d5:0e:e2:
                    2d:06:15:4c:e6:dd:c1:9d:2f:f6:76:f8:a9:e7:7b:
                    5b:82:f6:e8:6a:a5:72:0a:35:f0:13:f9:c9:d8:3c:
                    63:fd:d4:f8:e5:e7:80:c6:9c:15:d2:87:84:3e:e2:
                    8f:2c:e7:fe:3c:f0:af:8b:e7:26:d0:90:2a:3d:a0:
                    da:b4:ea:38:9b:0e:cf:10:a3:f1:cc:6b:de:80:46:
                    c6:30:25:ed:c2:7e:cb:38:db:fc:b7:ba:73:9c:9f:
                    90:29:4a:c8:6c:b4:dd:f9:4f:f3:e1:22:a7:25:d9:
                    54:15:4a:e9:9c:5e:a1:15:7a:61:64:d1:3e:44:db:
                    37:29:94:15:d7:ad:19:e4:29:2d:6d:ac:25:eb:47:
                    d5:53:d3:7c:a4:11:a8:c3:6e:ee:e9:d8:e6:61:72:
                    4c:e9:74:04:9d:ab:06:a5:08:fc:2d:fc:46:10:5e:
                    98:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:EB:F5:F2:1C:49:CD:EA:EC:96:7D:CD:62:F0:28:01:65:DA:7B:74
            X509v3 Authority Key Identifier:
                keyid:B2:72:61:D7:15:34:8B:FD:73:CE:9D:BB:72:48:86:56:99:3B:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snJh1xU0i_1zzp27ckiGVpk7ovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/6-v18hxJzersln3NYvAoAWXae3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/aba502-d191-4fd7-a7cf-504f2766760f/1/snJh1xU0i_1zzp27ckiGVpk7ovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.24.87.0/24
                  185.124.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:3b:a3:a1:8a:8a:45:18:45:45:3f:0a:d6:a7:8f:cc:47:c7:
         c5:30:75:ee:a0:77:be:1f:2f:0d:d6:33:28:bb:d0:67:44:49:
         8c:07:c7:ea:1c:74:4a:d4:75:4b:a4:38:b6:00:d9:a2:de:22:
         4b:8a:b9:39:a1:66:23:e5:ba:b5:4c:90:5d:7a:b6:d4:b6:bc:
         f1:84:53:0d:70:4c:bc:78:86:5d:b4:6b:8a:33:e8:70:68:35:
         17:34:59:a4:e0:78:36:56:01:fa:75:38:00:0b:37:9d:d4:b4:
         c7:92:33:68:45:27:b7:df:30:45:79:bd:a3:a6:62:8a:bd:74:
         fa:a2:07:42:c7:d5:15:2d:a2:a8:f5:ed:dd:e2:d3:05:5b:c2:
         6f:de:4e:1f:15:e2:78:91:6b:d9:0a:76:de:74:fb:f5:d5:bc:
         10:23:eb:35:ad:e1:eb:0e:d8:b1:5b:82:24:55:20:03:48:70:
         3a:6f:69:dd:9f:de:8c:a4:11:4e:e5:d9:62:bb:3a:d4:e3:12:
         23:8c:19:f3:29:5f:6f:db:fe:8f:de:19:4e:b9:7b:29:c9:3d:
         a7:b8:9d:ba:cd:cc:80:63:d7:e7:8f:c8:b4:50:01:1e:78:10:
         72:11:61:75:c8:92:61:4b:03:a3:d0:dd:45:b2:72:82:67:04:
         f2:f3:95:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/CCtxFZyjFKVo3dd7RIipHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzI2MWQ3MTUzNDhiZmQ3M2NlOWRiYjcyNDg4NjU2OTkz
YmEyZjEwHhcNMjQwNTI5MDE1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmViZjVmMjFjNDljZGVhZWM5NjdkY2Q2MmYwMjgwMTY1ZGE3Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1p36MdNFIpZhCMluIp9YO74OjOFe
lryf2lDCrfLAyYWsSe3XC0yawmoEkc1vA0zMXT63C7o9VUMhgCGIwPCDRfrRA4Lr
vKSJ78QGExPYzW73olaOw1rVDuItBhVM5t3BnS/2dvip53tbgvboaqVyCjXwE/nJ
2Dxj/dT45eeAxpwV0oeEPuKPLOf+PPCvi+cm0JAqPaDatOo4mw7PEKPxzGvegEbG
MCXtwn7LONv8t7pznJ+QKUrIbLTd+U/z4SKnJdlUFUrpnF6hFXphZNE+RNs3KZQV
160Z5Cktbawl60fVU9N8pBGow27u6djmYXJM6XQEnasGpQj8LfxGEF6YbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOvr9fIcSc3q7JZ9zWLwKAFl2nt0MB8GA1UdIwQY
MBaAFLJyYdcVNIv9c86du3JIhlaZO6LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2Yt
NTA0ZjI3NjY3NjBmLzEvNi12MThoeEp6ZXJzbG4zTll2QW9BV1hhZTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hYmE1MDItZDE5MS00ZmQ3LWE3Y2YtNTA0ZjI3NjY3NjBm
LzEvc25KaDF4VTBpXzF6enAyN2NraUdWcGs3b3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxhXAwQA
uXxAMA0GCSqGSIb3DQEBCwUAA4IBAQA+O6OhiopFGEVFPwrWp4/MR8fFMHXuoHe+
Hy8N1jMou9BnREmMB8fqHHRK1HVLpDi2ANmi3iJLirk5oWYj5bq1TJBderbUtrzx
hFMNcEy8eIZdtGuKM+hwaDUXNFmk4Hg2VgH6dTgACzed1LTHkjNoRSe33zBFeb2j
pmKKvXT6ogdCx9UVLaKo9e3d4tMFW8Jv3k4fFeJ4kWvZCnbedPv11bwQI+s1reHr
DtixW4IkVSADSHA6b2ndn96MpBFO5dliuzrU4xIjjBnzKV9v2/6P3hlOuXspyT2n
uJ26zcyAY9fnj8i0UAEeeBByEWF1yJJhSwOj0N1FsnKCZwTy85V8
-----END CERTIFICATE-----