Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J0Rk4OOo8LxGX77JhgYpBvpsMb8.roa
File:                     J0Rk4OOo8LxGX77JhgYpBvpsMb8.roa (raw, json)
Hash identifier:          uJPMXGgsTxU4mzI8on8iKdkHbLpIpc0tyOKoG3Ecm50=
Subject key identifier:   27:44:64:E0:E3:A8:F0:BC:46:5F:BE:C9:86:06:29:06:FA:6C:31:BF
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018D849A36B1624A6D1DF99B584704E9A018
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J0Rk4OOo8LxGX77JhgYpBvpsMb8.roa
Signing time:             Wed 07 Feb 2024 17:25:15 +0000
ROA not before:           Wed 07 Feb 2024 17:25:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50612
IP address blocks:        80.242.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 20:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:84:9a:36:b1:62:4a:6d:1d:f9:9b:58:47:04:e9:a0:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Feb  7 17:25:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=274464e0e3a8f0bc465fbec986062906fa6c31bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:1f:ac:53:d2:8c:1e:60:a1:ab:a6:39:31:39:
                    44:74:10:01:af:4d:84:6b:95:29:53:13:d2:ea:fe:
                    3a:41:86:5f:ff:b2:c0:9d:fd:e2:e5:6d:16:03:87:
                    b1:88:22:72:0a:12:f0:7e:3d:42:6d:bb:29:b9:44:
                    37:d8:bb:d8:be:46:7c:13:ae:c6:73:4a:6f:16:12:
                    46:b0:ca:92:47:b9:5d:3a:13:67:05:8a:68:66:18:
                    d1:24:8a:46:56:af:59:55:c5:f3:47:28:60:b2:26:
                    2d:d6:2d:81:48:e0:8b:88:c1:74:cd:a0:36:ec:15:
                    24:6b:70:9e:da:8c:ad:f5:ad:1d:c1:5b:41:34:e3:
                    3b:b8:84:86:ff:ab:fa:e6:52:b3:21:49:51:70:0a:
                    56:39:da:d3:3a:20:de:3f:ec:0b:a9:38:13:7c:22:
                    4f:8c:b4:25:12:cf:be:78:38:d3:ea:77:c2:94:5c:
                    94:87:e8:8b:18:d5:e7:1c:f2:6e:e8:84:4d:a0:3a:
                    76:21:82:eb:1e:5a:80:86:e8:f3:4b:a7:fb:53:9c:
                    b9:19:d2:5a:0f:e8:58:b0:67:72:4d:fd:df:e1:b1:
                    cc:bf:8d:28:16:30:76:68:f3:63:bc:89:e8:e4:5c:
                    81:80:eb:8b:91:77:f3:e6:50:35:ae:ca:23:f3:dc:
                    76:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:44:64:E0:E3:A8:F0:BC:46:5F:BE:C9:86:06:29:06:FA:6C:31:BF
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/J0Rk4OOo8LxGX77JhgYpBvpsMb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.242.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:b5:01:55:80:40:39:59:ad:62:1c:3e:e1:16:47:b9:24:ce:
         3a:1f:1a:2f:0e:71:ed:0f:13:92:80:27:36:6c:58:21:93:77:
         1e:41:19:31:14:fe:5e:1e:01:e9:fe:7e:30:a8:ba:3e:8c:94:
         62:e1:25:67:9b:cb:54:66:86:d2:d2:d0:d0:22:92:7f:3a:f9:
         ed:58:ed:52:59:b6:58:8e:1c:26:70:4f:24:66:3f:de:d6:ba:
         d5:0e:47:28:35:a3:db:59:6b:c0:31:73:de:a2:24:ce:24:ab:
         4a:15:73:35:e2:28:91:f8:f5:66:c9:6d:5a:34:80:41:a4:ce:
         25:26:df:4e:2b:f9:5c:df:ee:db:d7:63:93:f3:b7:e6:f6:d8:
         c4:75:f0:e1:5a:ea:4c:5c:88:e6:02:13:0a:a0:25:65:8e:d9:
         0b:7e:2f:be:dd:a5:3b:48:49:cc:f5:c1:7b:67:b0:c5:a5:41:
         52:94:82:77:fd:7d:6b:0b:16:22:b4:87:36:48:b3:66:d3:ce:
         b7:b8:d6:38:2b:cc:17:ca:92:41:f2:34:b2:17:4b:25:a0:9c:
         a1:fa:d0:bd:5e:0b:e3:b3:e2:26:da:25:bd:ef:45:7f:e2:df:
         8d:1b:25:3f:42:03:f1:80:9f:34:8a:eb:0e:c3:4e:46:37:fc:
         8b:05:4f:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2EmjaxYkptHfmbWEcE6aAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMjA3MTcyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQ0NjRlMGUzYThmMGJjNDY1ZmJlYzk4NjA2MjkwNmZhNmMzMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR+sU9KMHmChq6Y5MTlEdBABr02E
a5UpUxPS6v46QYZf/7LAnf3i5W0WA4exiCJyChLwfj1CbbspuUQ32LvYvkZ8E67G
c0pvFhJGsMqSR7ldOhNnBYpoZhjRJIpGVq9ZVcXzRyhgsiYt1i2BSOCLiMF0zaA2
7BUka3Ce2oyt9a0dwVtBNOM7uISG/6v65lKzIUlRcApWOdrTOiDeP+wLqTgTfCJP
jLQlEs++eDjT6nfClFyUh+iLGNXnHPJu6IRNoDp2IYLrHlqAhujzS6f7U5y5GdJa
D+hYsGdyTf3f4bHMv40oFjB2aPNjvIno5FyBgOuLkXfz5lA1rsoj89x2LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdEZODjqPC8Rl++yYYGKQb6bDG/MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvSjBSazRPT284THhHWDc3SmhnWXBCdnBzTWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPI7MA0G
CSqGSIb3DQEBCwUAA4IBAQBwtQFVgEA5Wa1iHD7hFke5JM46HxovDnHtDxOSgCc2
bFghk3ceQRkxFP5eHgHp/n4wqLo+jJRi4SVnm8tUZobS0tDQIpJ/OvntWO1SWbZY
jhwmcE8kZj/e1rrVDkcoNaPbWWvAMXPeoiTOJKtKFXM14iiR+PVmyW1aNIBBpM4l
Jt9OK/lc3+7b12OT87fm9tjEdfDhWupMXIjmAhMKoCVljtkLfi++3aU7SEnM9cF7
Z7DFpUFSlIJ3/X1rCxYitIc2SLNm0863uNY4K8wXypJB8jSyF0sloJyh+tC9Xgvj
s+Im2iW970V/4t+NGyU/QgPxgJ80iusOw05GN/yLBU/D
-----END CERTIFICATE-----