Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/UvLP-6bnebawHLRu374CRo-Ab_4.roa
File:                     UvLP-6bnebawHLRu374CRo-Ab_4.roa (raw, json)
Hash identifier:          iY8/A83LxrkAf1BzXhoW3LMzr7SSlK9Dt4Uec4SSGFM=
Subject key identifier:   52:F2:CF:FB:A6:E7:79:B6:B0:1C:B4:6E:DF:BE:02:46:8F:80:6F:FE
Certificate issuer:       /CN=47ad1f576e3f71b4f6c3391f2fa343d508b6b1ee
Certificate serial:       018CC795287C8E03F8CDD4A7EC303CDC450D
Authority key identifier: 47:AD:1F:57:6E:3F:71:B4:F6:C3:39:1F:2F:A3:43:D5:08:B6:B1:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R60fV24_cbT2wzkfL6ND1Qi2se4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/UvLP-6bnebawHLRu374CRo-Ab_4.roa
Signing time:             Tue 02 Jan 2024 00:31:30 +0000
ROA not before:           Tue 02 Jan 2024 00:31:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208597
IP address blocks:        45.93.208.0/22 maxlen: 23
                          2a0e:28c0::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/R60fV24_cbT2wzkfL6ND1Qi2se4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/R60fV24_cbT2wzkfL6ND1Qi2se4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R60fV24_cbT2wzkfL6ND1Qi2se4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:28:7c:8e:03:f8:cd:d4:a7:ec:30:3c:dc:45:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47ad1f576e3f71b4f6c3391f2fa343d508b6b1ee
        Validity
            Not Before: Jan  2 00:31:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=52f2cffba6e779b6b01cb46edfbe02468f806ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d5:41:8d:9c:26:e8:b0:49:7c:90:c5:93:98:
                    b3:ed:77:ff:c6:59:45:e0:40:0f:65:13:b7:ca:bc:
                    4a:84:33:e8:92:be:93:b4:77:10:55:bb:9b:20:2e:
                    5b:af:12:91:bf:dd:04:28:9c:4e:e4:d3:2a:bc:08:
                    9b:56:dc:c9:64:a0:88:e9:94:30:d6:32:31:01:ab:
                    6f:65:60:47:a8:1d:40:3a:ab:a5:d8:f1:c9:e5:e7:
                    f5:86:7c:24:93:33:75:00:71:8b:8c:c1:78:1e:05:
                    34:34:9f:eb:1e:43:9b:b1:ac:95:8f:05:a1:28:7a:
                    8f:2c:e3:e1:0d:61:58:bc:e8:fa:73:a8:f5:55:e5:
                    46:dd:7b:3b:af:8b:b8:c8:18:63:d8:06:fb:a6:e3:
                    32:27:e2:35:2b:f6:8b:69:33:2d:3d:bc:66:f5:19:
                    e3:39:2f:bb:d5:a4:43:29:50:ba:0c:cd:26:c1:1e:
                    cd:6e:68:e2:63:98:c8:f8:ef:34:30:9b:e2:ea:ff:
                    3a:f7:53:9a:ad:5f:f3:ef:c8:92:60:e0:5c:eb:15:
                    8e:46:a1:db:20:53:73:3b:05:85:f9:cf:d3:20:f8:
                    d9:b4:5a:37:c1:5f:b5:d2:1b:f0:01:89:8d:9b:af:
                    90:06:95:18:cc:40:c7:85:d4:45:88:5d:59:41:82:
                    76:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F2:CF:FB:A6:E7:79:B6:B0:1C:B4:6E:DF:BE:02:46:8F:80:6F:FE
            X509v3 Authority Key Identifier:
                keyid:47:AD:1F:57:6E:3F:71:B4:F6:C3:39:1F:2F:A3:43:D5:08:B6:B1:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R60fV24_cbT2wzkfL6ND1Qi2se4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/UvLP-6bnebawHLRu374CRo-Ab_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2e0286-5639-4a1c-8bf2-3ccb3074020f/1/R60fV24_cbT2wzkfL6ND1Qi2se4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.208.0/22
                IPv6:
                  2a0e:28c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         3e:17:77:33:b8:b2:1c:cc:44:6f:36:40:a7:44:ea:b0:09:e2:
         26:00:d2:b1:c9:af:05:8e:3c:db:e8:3c:b4:ed:bf:23:85:3d:
         93:d6:b7:fc:27:81:97:8f:74:08:10:03:c6:7e:19:32:03:43:
         f5:09:86:e6:47:c5:0a:3c:6b:ed:4e:a5:1c:31:7d:d1:5e:bb:
         c4:48:88:cb:33:ca:77:f0:4b:1f:e3:5a:9f:f2:29:d3:d7:35:
         51:c7:08:1f:70:5f:4d:79:79:71:f9:bc:b9:fa:65:18:6a:66:
         ad:ba:fa:4d:40:c4:8c:5b:16:94:a8:04:a5:10:87:51:bf:62:
         d0:ed:35:a9:90:71:c1:51:e0:52:5c:7a:71:de:d3:9d:79:17:
         6c:62:f4:cb:5f:b6:aa:94:ac:6b:6a:6f:7d:35:94:9e:21:f2:
         f2:d1:c2:59:74:75:52:4a:02:cb:9c:1a:c1:2e:14:52:da:57:
         9e:4f:8f:cd:25:11:f0:54:c7:3f:05:53:8b:33:62:44:af:ee:
         aa:ba:00:79:3b:30:e7:95:13:f4:3d:00:d9:6d:1a:33:e3:78:
         ff:7e:89:e0:08:c5:99:72:82:5a:56:dc:95:a4:ff:36:d4:3b:
         87:4c:97:22:e9:20:e0:0e:c1:b4:64:76:b8:6a:86:e7:1c:08:
         0c:0a:17:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlSh8jgP4zdSn7DA83EUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YWQxZjU3NmUzZjcxYjRmNmMzMzkxZjJmYTM0M2Q1MDhi
NmIxZWUwHhcNMjQwMTAyMDAzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmYyY2ZmYmE2ZTc3OWI2YjAxY2I0NmVkZmJlMDI0NjhmODA2ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tVBjZwm6LBJfJDFk5iz7Xf/xllF
4EAPZRO3yrxKhDPokr6TtHcQVbubIC5brxKRv90EKJxO5NMqvAibVtzJZKCI6ZQw
1jIxAatvZWBHqB1AOqul2PHJ5ef1hnwkkzN1AHGLjMF4HgU0NJ/rHkObsayVjwWh
KHqPLOPhDWFYvOj6c6j1VeVG3Xs7r4u4yBhj2Ab7puMyJ+I1K/aLaTMtPbxm9Rnj
OS+71aRDKVC6DM0mwR7NbmjiY5jI+O80MJvi6v8691OarV/z78iSYOBc6xWORqHb
IFNzOwWF+c/TIPjZtFo3wV+10hvwAYmNm6+QBpUYzEDHhdRFiF1ZQYJ2DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFLyz/um53m2sBy0bt++AkaPgG/+MB8GA1UdIwQY
MBaAFEetH1duP3G09sM5Hy+jQ9UItrHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjYwZlYyNF9jYlQyd3prZkw2TkQxUWkyc2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yZTAyODYtNTYzOS00YTFjLThiZjIt
M2NjYjMwNzQwMjBmLzEvVXZMUC02Ym5lYmF3SExSdTM3NENSby1BYl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8yZTAyODYtNTYzOS00YTFjLThiZjItM2NjYjMwNzQwMjBm
LzEvUjYwZlYyNF9jYlQyd3prZkw2TkQxUWkyc2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV3QMA0E
AgACMAcDBQMqDijAMA0GCSqGSIb3DQEBCwUAA4IBAQA+F3czuLIczERvNkCnROqw
CeImANKxya8Fjjzb6Dy07b8jhT2T1rf8J4GXj3QIEAPGfhkyA0P1CYbmR8UKPGvt
TqUcMX3RXrvESIjLM8p38Esf41qf8inT1zVRxwgfcF9NeXlx+by5+mUYamatuvpN
QMSMWxaUqASlEIdRv2LQ7TWpkHHBUeBSXHpx3tOdeRdsYvTLX7aqlKxram99NZSe
IfLy0cJZdHVSSgLLnBrBLhRS2leeT4/NJRHwVMc/BVOLM2JEr+6qugB5OzDnlRP0
PQDZbRoz43j/fongCMWZcoJaVtyVpP821DuHTJci6SDgDsG0ZHa4aobnHAgMChel
-----END CERTIFICATE-----