Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/1/39342e3132342e37392e302f32342d3234203d3e20323130383037.roa
File:                     39342e3132342e37392e302f32342d3234203d3e20323130383037.roa (raw, json)
Hash identifier:          2DQqDqnDPPhuWOqbbkwncdnBSrKbY3H1++n86G7dNCM=
Subject key identifier:   57:70:5B:A5:21:CF:39:36:58:8E:DB:EC:FF:27:FB:20:8F:76:FC:B6
Certificate issuer:       /CN=917b088922d0f33feca164e08554ec992daa39c5
Certificate serial:       3515E0FB8D95DC6E33EEF3689298BB246415ACA5
Authority key identifier: 91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
Subject info access:      rsync://0.sb/repo/sb/1/39342e3132342e37392e302f32342d3234203d3e20323130383037.roa
Signing time:             Tue 23 Jan 2024 06:35:36 +0000
ROA not before:           Tue 23 Jan 2024 06:30:36 +0000
ROA not after:            Tue 21 Jan 2025 06:35:36 +0000
asID:                     210807
IP address blocks:        94.124.79.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl
                          rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:15:e0:fb:8d:95:dc:6e:33:ee:f3:68:92:98:bb:24:64:15:ac:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917b088922d0f33feca164e08554ec992daa39c5
        Validity
            Not Before: Jan 23 06:30:36 2024 GMT
            Not After : Jan 21 06:35:36 2025 GMT
        Subject: CN=57705BA521CF3936588EDBECFF27FB208F76FCB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:71:c8:8e:5f:5b:31:5a:ee:da:02:aa:26:eb:
                    be:9b:13:21:ba:64:3e:4a:c7:2b:44:61:66:29:54:
                    db:df:ba:f3:3b:58:c8:98:32:ed:7c:90:67:a9:41:
                    1c:32:e6:53:8b:1b:d1:30:07:0f:d1:09:4d:a9:bb:
                    e7:b2:5b:1c:25:a9:f3:63:ca:b5:92:ba:fc:f6:7d:
                    5c:17:8e:ac:e6:54:c7:51:96:4a:89:c0:e7:cf:c1:
                    c6:0e:44:59:5d:b9:66:f8:bb:de:d7:65:3e:65:5e:
                    0a:ca:de:51:61:48:a9:de:f1:f2:9b:2f:31:ed:43:
                    22:29:a9:9a:0d:32:30:0d:bb:67:5f:66:59:c6:ab:
                    80:ee:10:50:d1:3e:4d:69:e2:fc:c7:00:ae:be:e2:
                    42:41:af:b6:14:6e:85:78:50:08:9e:df:c3:f3:81:
                    2d:f1:f4:91:04:dd:d2:a6:2b:2a:2d:bd:06:9b:30:
                    ae:58:3c:3b:ff:79:29:fb:13:0c:e3:4c:41:cf:19:
                    1b:d1:74:89:67:91:a1:e3:f6:e5:35:23:14:b6:5c:
                    21:a2:f6:53:3e:64:5c:d4:3c:89:b7:d9:ab:fc:f7:
                    68:0b:d2:fd:fd:db:aa:12:bb:45:13:1f:84:d7:d7:
                    bf:ff:3f:bb:0c:88:f4:9f:47:e3:23:69:41:b8:b2:
                    e7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:70:5B:A5:21:CF:39:36:58:8E:DB:EC:FF:27:FB:20:8F:76:FC:B6
            X509v3 Authority Key Identifier:
                keyid:91:7B:08:89:22:D0:F3:3F:EC:A1:64:E0:85:54:EC:99:2D:AA:39:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/1/917B088922D0F33FECA164E08554EC992DAA39C5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXsIiSLQ8z_soWTghVTsmS2qOcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/1/39342e3132342e37392e302f32342d3234203d3e20323130383037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.124.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:e4:80:5a:e5:e3:db:7f:a9:ae:22:98:85:32:71:a8:9e:2f:
         1a:aa:1c:56:64:f0:03:0c:e7:98:bd:bc:47:1b:36:8c:fd:a4:
         2b:96:cd:31:4f:18:b9:23:da:7d:1c:a1:44:5e:b1:10:39:1b:
         84:f2:9b:e8:a9:e6:0c:ba:34:2b:1d:83:a2:12:9b:cb:0f:73:
         2d:d4:cf:a1:f1:d4:36:e9:af:44:dd:d4:12:49:75:90:94:54:
         71:2f:d2:22:70:9e:90:57:7c:5a:f5:b2:a7:fe:cc:31:fd:16:
         ef:a6:82:18:ec:ba:aa:c5:89:63:0f:d6:b9:5f:f3:24:d2:01:
         d6:f0:55:1e:e1:7d:ac:b4:c8:1e:dc:0c:44:06:c1:9f:ec:58:
         db:eb:0a:04:27:fb:89:14:38:9a:23:ef:d7:78:34:5f:5e:97:
         c0:34:1b:fb:59:e4:5b:82:85:65:74:27:2f:31:f0:96:3e:42:
         c8:06:b4:f7:10:87:01:ba:57:82:ca:a3:e1:fa:d9:f0:78:0e:
         00:9b:6d:18:50:dd:da:c4:3b:d6:b2:5c:93:af:54:fd:fe:98:
         41:c4:97:ee:de:3d:00:e9:e8:aa:df:a3:06:6c:a7:06:65:f6:
         47:7b:bb:30:98:48:24:c0:a1:03:c7:04:40:e1:7e:53:e0:a3:
         94:62:07:4a
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIUNRXg+42V3G4z7vNokpi7JGQVrKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE3YjA4ODkyMmQwZjMzZmVjYTE2NGUwODU1NGVjOTky
ZGFhMzljNTAeFw0yNDAxMjMwNjMwMzZaFw0yNTAxMjEwNjM1MzZaMDMxMTAvBgNV
BAMTKDU3NzA1QkE1MjFDRjM5MzY1ODhFREJFQ0ZGMjdGQjIwOEY3NkZDQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgcciOX1sxWu7aAqom676bEyG6
ZD5KxytEYWYpVNvfuvM7WMiYMu18kGepQRwy5lOLG9EwBw/RCU2pu+eyWxwlqfNj
yrWSuvz2fVwXjqzmVMdRlkqJwOfPwcYORFlduWb4u97XZT5lXgrK3lFhSKne8fKb
LzHtQyIpqZoNMjANu2dfZlnGq4DuEFDRPk1p4vzHAK6+4kJBr7YUboV4UAie38Pz
gS3x9JEE3dKmKyotvQabMK5YPDv/eSn7EwzjTEHPGRvRdIlnkaHj9uU1IxS2XCGi
9lM+ZFzUPIm32av892gL0v3926oSu0UTH4TX17//P7sMiPSfR+MjaUG4suc/AgMB
AAGjggG6MIIBtjAdBgNVHQ4EFgQUV3BbpSHPOTZYjtvs/yf7II92/LYwHwYDVR0j
BBgwFoAUkXsIiSLQ8z/soWTghVTsmS2qOcUwDgYDVR0PAQH/BAQDAgeAMFQGA1Ud
HwRNMEswSaBHoEWGQ3JzeW5jOi8vMC5zYi9yZXBvL3NiLzEvOTE3QjA4ODkyMkQw
RjMzRkVDQTE2NEUwODU1NEVDOTkyREFBMzlDNS5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2tYc0lpU0xROHpfc29XVGdoVlRzbVMycU9jVS5jZXIwbQYIKwYBBQUH
AQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovLzAuc2IvcmVwby9zYi8xLzM5MzQy
ZTMxMzIzNDJlMzczOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDM4MzAz
Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAF58TzANBgkqhkiG9w0BAQsFAAOCAQEAkOSAWuXj23+priKY
hTJxqJ4vGqocVmTwAwznmL28Rxs2jP2kK5bNMU8YuSPafRyhRF6xEDkbhPKb6Knm
DLo0Kx2DohKbyw9zLdTPofHUNumvRN3UEkl1kJRUcS/SInCekFd8WvWyp/7MMf0W
76aCGOy6qsWJYw/WuV/zJNIB1vBVHuF9rLTIHtwMRAbBn+xY2+sKBCf7iRQ4miPv
13g0X16XwDQb+1nkW4KFZXQnLzHwlj5CyAa09xCHAbpXgsqj4frZ8HgOAJttGFDd
2sQ71rJck69U/f6YQcSX7t49AOnoqt+jBmynBmX2R3u7MJhIJMChA8cEQOF+U+Cj
lGIHSg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:19:24 2024 by rpki-client on console-ams.rpki-client.org