Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/6z7jzjE9tsYS3XIUQOgoOfoPyFI.roa
File:                     6z7jzjE9tsYS3XIUQOgoOfoPyFI.roa (raw, json)
Hash identifier:          7tAYDXwUS/qd8gurA1I+zytJxLiGEBXDkvHfzFcnlD0=
Subject key identifier:   EB:3E:E3:CE:31:3D:B6:C6:12:DD:72:14:40:E8:28:39:FA:0F:C8:52
Certificate issuer:       /CN=b814345affd1506af9af32ec0d77399b7664aa3f
Certificate serial:       018CC500A1EC6714DCD45043932472F85E3E
Authority key identifier: B8:14:34:5A:FF:D1:50:6A:F9:AF:32:EC:0D:77:39:9B:76:64:AA:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/6z7jzjE9tsYS3XIUQOgoOfoPyFI.roa
Signing time:             Mon 01 Jan 2024 12:30:02 +0000
ROA not before:           Mon 01 Jan 2024 12:30:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197641
IP address blocks:        45.144.104.0/22 maxlen: 24
                          2a0e:ec40::/29 maxlen: 29

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 21:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:a1:ec:67:14:dc:d4:50:43:93:24:72:f8:5e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b814345affd1506af9af32ec0d77399b7664aa3f
        Validity
            Not Before: Jan  1 12:30:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb3ee3ce313db6c612dd721440e82839fa0fc852
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f3:a1:7f:df:91:29:56:34:f3:a6:7c:49:d4:
                    8a:4d:a3:49:db:29:67:ec:81:77:9e:e1:e1:45:8c:
                    4d:04:28:a3:7b:ca:a2:e9:1e:e5:a4:42:7a:2b:c6:
                    d5:7b:63:5e:57:d0:d5:56:e4:1f:75:a7:80:24:67:
                    3a:42:da:df:72:eb:70:b8:6a:02:c3:c4:3d:71:f5:
                    d0:18:fb:d8:8c:9b:35:37:46:60:1d:5a:4a:12:34:
                    c1:84:bb:55:32:83:01:c8:5b:7d:a7:64:68:9c:bc:
                    b5:93:ae:5b:f7:f5:09:9d:24:fa:65:c0:17:bf:cc:
                    b4:5e:b0:75:9c:6e:79:9a:73:69:a6:74:d6:1e:13:
                    52:d4:33:17:2e:55:b2:30:fb:3c:f4:64:a0:19:61:
                    4c:b7:cd:f1:db:bc:c2:38:c2:44:ee:65:d0:e8:ef:
                    bb:40:71:25:13:6e:8b:2e:cc:8a:73:63:2d:c4:91:
                    d4:cb:2e:d3:96:c7:04:d6:39:2b:5b:54:0c:71:8d:
                    16:20:14:51:9e:fe:3f:2e:fd:b9:22:8e:27:af:20:
                    a0:1a:a2:e6:39:34:2d:80:ec:33:da:5f:f8:f3:ea:
                    a4:7f:bd:f8:35:df:14:f1:cb:23:32:cc:01:1e:e6:
                    e3:07:8d:e9:6c:28:7e:af:d2:87:ac:19:3e:14:33:
                    08:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:3E:E3:CE:31:3D:B6:C6:12:DD:72:14:40:E8:28:39:FA:0F:C8:52
            X509v3 Authority Key Identifier:
                keyid:B8:14:34:5A:FF:D1:50:6A:F9:AF:32:EC:0D:77:39:9B:76:64:AA:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/6z7jzjE9tsYS3XIUQOgoOfoPyFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.104.0/22
                IPv6:
                  2a0e:ec40::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:3f:f1:e3:ec:b5:8e:ae:d8:b6:3b:b3:00:5d:46:79:b0:f5:
         b5:7d:74:4a:42:3c:1b:c8:5e:43:83:cd:c4:96:c8:c2:c1:eb:
         1d:29:11:8c:5f:60:f5:d5:ab:cd:d3:78:2c:4d:88:96:a8:ef:
         78:ab:d5:56:45:6a:28:ff:66:41:24:71:75:3e:26:03:ba:85:
         99:69:61:40:f3:1e:7b:ed:9d:0f:84:ff:06:32:f8:48:c2:26:
         25:df:b5:ba:90:7d:a9:19:c4:1b:58:52:b2:b1:fb:f7:31:96:
         ef:df:62:ca:21:cd:53:50:6d:8f:3d:39:10:3e:f5:36:81:51:
         d5:27:cc:f8:17:67:29:6b:47:ac:02:99:5c:db:36:ff:bc:cc:
         c4:b2:aa:17:a3:62:fb:fd:91:97:45:f3:88:29:97:80:f6:93:
         07:c3:94:55:13:53:9e:97:53:de:84:61:3a:30:ee:61:30:03:
         07:43:f2:89:c1:71:7f:4c:17:51:46:08:cc:64:39:69:59:91:
         21:dd:44:6b:2f:64:8a:bb:ce:aa:ff:f3:ba:36:69:d6:0a:34:
         8c:53:05:f1:f7:f0:2e:0e:0d:86:d1:5b:9a:73:69:5b:d4:89:
         93:03:8a:37:58:fa:ec:97:4c:e9:01:60:9d:75:1f:25:5e:62:
         a2:c2:ae:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAKHsZxTc1FBDkyRy+F4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTQzNDVhZmZkMTUwNmFmOWFmMzJlYzBkNzczOTliNzY2
NGFhM2YwHhcNMjQwMTAxMTIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNlZTNjZTMxM2RiNmM2MTJkZDcyMTQ0MGU4MjgzOWZhMGZjODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvOhf9+RKVY086Z8SdSKTaNJ2yln
7IF3nuHhRYxNBCije8qi6R7lpEJ6K8bVe2NeV9DVVuQfdaeAJGc6QtrfcutwuGoC
w8Q9cfXQGPvYjJs1N0ZgHVpKEjTBhLtVMoMByFt9p2RonLy1k65b9/UJnST6ZcAX
v8y0XrB1nG55mnNppnTWHhNS1DMXLlWyMPs89GSgGWFMt83x27zCOMJE7mXQ6O+7
QHElE26LLsyKc2MtxJHUyy7TlscE1jkrW1QMcY0WIBRRnv4/Lv25Io4nryCgGqLm
OTQtgOwz2l/48+qkf734Nd8U8csjMswBHubjB43pbCh+r9KHrBk+FDMIZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOs+484xPbbGEt1yFEDoKDn6D8hSMB8GA1UdIwQY
MBaAFLgUNFr/0VBq+a8y7A13OZt2ZKo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJRMFd2X1JVR3I1cnpMc0RYYzVtM1prcWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81MGIxOGYtOWE3ZC00NTJjLWE2ZDUt
OWRlNzUyNWJhNzEyLzEvNno3anpqRTl0c1lTM1hJVVFPZ29PZm9QeUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81MGIxOGYtOWE3ZC00NTJjLWE2ZDUtOWRlNzUyNWJhNzEy
LzEvdUJRMFd2X1JVR3I1cnpMc0RYYzVtM1prcWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZBoMA0E
AgACMAcDBQMqDuxAMA0GCSqGSIb3DQEBCwUAA4IBAQBNP/Hj7LWOrti2O7MAXUZ5
sPW1fXRKQjwbyF5Dg83ElsjCwesdKRGMX2D11avN03gsTYiWqO94q9VWRWoo/2ZB
JHF1PiYDuoWZaWFA8x577Z0PhP8GMvhIwiYl37W6kH2pGcQbWFKysfv3MZbv32LK
Ic1TUG2PPTkQPvU2gVHVJ8z4F2cpa0esAplc2zb/vMzEsqoXo2L7/ZGXRfOIKZeA
9pMHw5RVE1Oel1PehGE6MO5hMAMHQ/KJwXF/TBdRRgjMZDlpWZEh3URrL2SKu86q
//O6NmnWCjSMUwXx9/AuDg2G0Vuac2lb1ImTA4o3WPrsl0zpAWCddR8lXmKiwq4A
-----END CERTIFICATE-----