Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/B27dYqcLqDvSG7-eZTIr5lIA2Y0.roa
File:                     B27dYqcLqDvSG7-eZTIr5lIA2Y0.roa (raw, json)
Hash identifier:          AhO+Kz7ENbPZ6PhWs8QqeC6e8mXmWsG/FxtWshR7gWI=
Subject key identifier:   07:6E:DD:62:A7:0B:A8:3B:D2:1B:BF:9E:65:32:2B:E6:52:00:D9:8D
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       019421B239A530ABC9EEA4D2A783572FB280
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/B27dYqcLqDvSG7-eZTIr5lIA2Y0.roa
Signing time:             Wed 01 Jan 2025 11:48:35 +0000
ROA not before:           Wed 01 Jan 2025 11:48:35 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     44547
IP address blocks:        45.9.5.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Apr 2025 22:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:21:b2:39:a5:30:ab:c9:ee:a4:d2:a7:83:57:2f:b2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan  1 11:48:35 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=076edd62a70ba83bd21bbf9e65322be65200d98d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6f:d5:84:df:0b:49:47:1a:9f:bb:65:ec:f0:
                    62:0c:42:b9:1e:1c:f4:88:58:f3:c7:c8:63:ee:7b:
                    f4:44:ff:ee:45:b4:78:a1:fd:c4:42:b6:d9:45:e8:
                    06:22:08:23:3f:07:dc:ef:ae:2b:0a:67:15:44:6f:
                    16:60:10:98:f6:ff:ce:9f:f6:d9:b9:29:1d:a3:66:
                    9a:7e:7f:a0:bb:bc:5c:08:94:f4:f6:67:1d:4f:3a:
                    b6:7b:e2:b9:09:e7:6a:d3:82:17:41:80:4e:04:b3:
                    1f:fc:4d:f8:77:c0:dc:f0:7e:fd:d6:7a:60:5a:7d:
                    d5:36:ff:32:0e:53:47:49:c6:10:dd:77:6f:80:e3:
                    71:ea:2e:42:fe:3f:a0:15:c5:0c:7f:3d:a2:74:2b:
                    77:25:76:35:5e:9f:66:67:c6:1e:e3:31:64:c3:b4:
                    84:d3:88:5a:8c:2d:a6:a8:d6:16:4b:7b:0f:49:0f:
                    75:7b:84:36:25:6f:27:cb:68:06:53:54:99:01:90:
                    c5:ba:35:1c:ed:bd:f2:73:66:e1:4f:f7:6f:85:2b:
                    1a:97:c2:55:a4:be:80:7d:b1:8f:d7:fe:09:92:ac:
                    c7:db:f4:c8:fd:97:1a:75:ba:3d:1d:ce:d4:c1:e2:
                    98:5c:8e:ef:26:b8:33:38:2b:70:67:ac:fc:fc:9a:
                    4f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:6E:DD:62:A7:0B:A8:3B:D2:1B:BF:9E:65:32:2B:E6:52:00:D9:8D
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/B27dYqcLqDvSG7-eZTIr5lIA2Y0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:8b:b6:7a:ce:5f:58:c8:6b:08:ec:d2:6f:db:cc:41:53:e3:
         dd:9d:d3:42:42:97:94:58:49:08:dd:f3:3d:f5:38:8c:b9:2f:
         b8:ac:50:dc:e1:3a:68:6d:3d:6f:b8:b6:9e:e5:94:1c:a7:cc:
         67:5e:93:11:65:00:9b:b7:9d:90:e3:81:14:ad:11:9c:95:aa:
         60:6e:32:25:3e:0e:b9:0d:71:3d:48:4a:af:38:a3:66:81:fd:
         a5:88:48:2d:33:6c:f2:52:fc:e3:6b:c7:5c:9c:ef:c3:4d:2f:
         79:59:86:12:49:ff:33:2b:4f:72:5e:03:b6:47:60:15:71:e1:
         a6:5a:f0:95:c1:a9:3e:af:66:41:18:fa:e1:4e:6f:24:b0:b7:
         6f:1f:42:9a:62:13:0f:6b:18:f0:55:35:29:6c:4f:e4:7f:4f:
         1a:e1:52:54:de:cb:ef:26:37:5f:68:cb:99:f1:13:99:98:7c:
         00:78:36:f1:26:82:ba:5f:fb:e4:5f:23:da:b0:89:3f:9f:fe:
         f4:ab:96:61:b0:c3:02:d2:06:a0:1c:b5:04:fb:df:82:72:82:
         a4:4a:5e:ae:10:e4:49:ca:03:a9:df:af:64:92:55:01:85:7b:
         25:54:82:35:f2:46:3d:4d:2e:06:4b:b2:fa:dc:bd:65:5d:e5:
         04:2c:61:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjmlMKvJ7qTSp4NXL7KAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzZlZGQ2MmE3MGJhODNiZDIxYmJmOWU2NTMyMmJlNjUyMDBkOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG/VhN8LSUcan7tl7PBiDEK5Hhz0
iFjzx8hj7nv0RP/uRbR4of3EQrbZRegGIggjPwfc764rCmcVRG8WYBCY9v/On/bZ
uSkdo2aafn+gu7xcCJT09mcdTzq2e+K5Cedq04IXQYBOBLMf/E34d8Dc8H791npg
Wn3VNv8yDlNHScYQ3XdvgONx6i5C/j+gFcUMfz2idCt3JXY1Xp9mZ8Ye4zFkw7SE
04hajC2mqNYWS3sPSQ91e4Q2JW8ny2gGU1SZAZDFujUc7b3yc2bhT/dvhSsal8JV
pL6AfbGP1/4JkqzH2/TI/Zcadbo9Hc7UweKYXI7vJrgzOCtwZ6z8/JpPowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdu3WKnC6g70hu/nmUyK+ZSANmNMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQjI3ZFlxY0xxRHZTRzctZVpUSXI1bElBMlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkFMA0G
CSqGSIb3DQEBCwUAA4IBAQC2i7Z6zl9YyGsI7NJv28xBU+PdndNCQpeUWEkI3fM9
9TiMuS+4rFDc4TpobT1vuLae5ZQcp8xnXpMRZQCbt52Q44EUrRGclapgbjIlPg65
DXE9SEqvOKNmgf2liEgtM2zyUvzja8dcnO/DTS95WYYSSf8zK09yXgO2R2AVceGm
WvCVwak+r2ZBGPrhTm8ksLdvH0KaYhMPaxjwVTUpbE/kf08a4VJU3svvJjdfaMuZ
8ROZmHwAeDbxJoK6X/vkXyPasIk/n/70q5ZhsMMC0gagHLUE+9+CcoKkSl6uEORJ
ygOp369kklUBhXslVII18kY9TS4GS7L63L1lXeUELGH7
-----END CERTIFICATE-----