Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2033323134.roa
File:                     3139322e3130392e3232382e302f32332d3234203d3e2033323134.roa (raw, json)
Hash identifier:          OgwfCc2CRXfUC+lEsb3uq1UaRHPVjlgHokReBxkft4g=
Subject key identifier:   FC:30:C9:D7:FA:29:FC:22:08:50:FE:03:02:13:A8:95:3C:C9:9D:41
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       78F6DD29F03DC1C41EF6E81EA41B171B76F14A19
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2033323134.roa
Signing time:             Thu 12 Oct 2023 13:27:56 +0000
ROA not before:           Thu 12 Oct 2023 13:22:56 +0000
ROA not after:            Thu 10 Oct 2024 13:27:56 +0000
asID:                     3214
IP address blocks:        192.109.228.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:f6:dd:29:f0:3d:c1:c4:1e:f6:e8:1e:a4:1b:17:1b:76:f1:4a:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Oct 12 13:22:56 2023 GMT
            Not After : Oct 10 13:27:56 2024 GMT
        Subject: CN=FC30C9D7FA29FC220850FE030213A8953CC99D41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f7:b2:79:03:fd:73:63:a9:47:ae:51:6f:dd:
                    b8:1c:f3:10:73:2d:66:1b:8a:af:a0:cc:a4:6c:d6:
                    12:4e:56:0a:fb:c0:7e:d3:2c:e8:96:24:25:23:77:
                    f9:68:ae:3f:d8:3d:00:8f:37:e3:0c:12:b1:27:af:
                    d0:32:fd:97:e7:ec:d2:86:42:6a:4a:95:8d:43:a7:
                    5e:87:54:ca:18:e5:5e:8a:2c:25:fa:72:1d:b4:a8:
                    3a:36:be:9e:32:66:0b:04:f7:29:ff:c0:91:35:93:
                    ae:27:72:95:f2:fa:4b:b5:9f:e6:89:f8:07:21:36:
                    f3:23:15:b6:5f:1b:59:de:ef:94:ff:11:e8:33:58:
                    1c:4f:a3:84:7e:c7:d2:cb:84:b5:d5:5d:86:9e:2d:
                    04:92:e0:15:c1:ce:4c:b9:81:c3:15:e4:d7:a2:66:
                    ee:ba:5b:f5:61:fa:3e:8f:2b:01:fd:a4:96:28:c3:
                    05:42:c7:99:ac:98:2e:b1:56:87:ef:65:b1:42:06:
                    cc:92:18:fe:7e:4c:15:66:2c:4f:7d:a8:96:57:76:
                    12:a1:f3:80:bb:5e:67:f7:72:5e:06:4a:3e:94:cf:
                    e1:ed:77:b4:00:f8:ac:7e:da:c7:19:a0:53:11:b2:
                    a2:83:63:67:72:00:0a:3c:b2:e3:0e:7e:c3:c6:2a:
                    bc:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:30:C9:D7:FA:29:FC:22:08:50:FE:03:02:13:A8:95:3C:C9:9D:41
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2033323134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:24:d9:f9:19:88:83:2e:4b:04:18:f5:e1:35:54:92:28:63:
         89:26:b1:0b:e8:70:47:94:88:1b:32:cc:4a:16:74:5c:c8:88:
         30:13:94:16:5b:c1:a9:92:d2:6e:01:06:f1:82:72:ed:ca:66:
         ca:9b:a3:63:68:80:20:7d:54:5f:dd:41:ad:60:8c:00:a9:37:
         19:26:2e:ac:22:4b:b2:a4:33:f0:f1:a8:78:f3:03:96:26:85:
         ce:38:12:4e:15:ca:07:02:d4:71:bf:c7:1f:eb:ba:c3:f7:5d:
         66:a1:82:1a:62:31:e4:e7:d6:20:16:13:44:ab:70:51:2b:4a:
         9f:81:72:e6:95:71:b3:62:d1:4f:86:26:42:7e:3d:6a:a5:f8:
         bd:60:a3:5f:66:a7:99:d8:24:fd:a8:0b:39:c6:ed:4a:88:1c:
         f0:49:21:de:67:ba:0e:4d:4d:46:a2:d3:9f:65:60:5e:7e:9f:
         c6:47:f6:64:4e:e3:b7:d3:13:78:07:9f:49:9c:73:ac:14:b7:
         5d:73:0e:6b:ae:c5:15:72:08:36:da:23:22:6a:0c:c0:4e:89:
         85:f2:79:56:04:e7:25:92:13:ff:8a:c1:16:94:64:f5:50:63:
         09:48:8e:1d:c3:7b:5a:6e:31:c8:61:a8:93:b2:4c:7f:be:bc:
         b5:66:0f:65
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUePbdKfA9wcQe9ugepBsXG3bxShkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yMzEwMTIxMzIyNTZaFw0yNDEwMTAxMzI3NTZaMDMxMTAvBgNV
BAMTKEZDMzBDOUQ3RkEyOUZDMjIwODUwRkUwMzAyMTNBODk1M0NDOTlENDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd97J5A/1zY6lHrlFv3bgc8xBz
LWYbiq+gzKRs1hJOVgr7wH7TLOiWJCUjd/lorj/YPQCPN+MMErEnr9Ay/Zfn7NKG
QmpKlY1Dp16HVMoY5V6KLCX6ch20qDo2vp4yZgsE9yn/wJE1k64ncpXy+ku1n+aJ
+AchNvMjFbZfG1ne75T/EegzWBxPo4R+x9LLhLXVXYaeLQSS4BXBzky5gcMV5Nei
Zu66W/Vh+j6PKwH9pJYowwVCx5msmC6xVofvZbFCBsySGP5+TBVmLE99qJZXdhKh
84C7Xmf3cl4GSj6Uz+Htd7QA+Kx+2scZoFMRsqKDY2dyAAo8suMOfsPGKrxLAgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQU/DDJ1/op/CIIUP4DAhOolTzJnUEwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMG4GCCsGAQUF
BwELBGIwYDBeBggrBgEFBQcwC4ZScnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMzMzIz
MTM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBwG3kMA0GCSqGSIb3DQEBCwUAA4IBAQA2JNn5GYiDLksE
GPXhNVSSKGOJJrEL6HBHlIgbMsxKFnRcyIgwE5QWW8GpktJuAQbxgnLtymbKm6Nj
aIAgfVRf3UGtYIwAqTcZJi6sIkuypDPw8ah48wOWJoXOOBJOFcoHAtRxv8cf67rD
911moYIaYjHk59YgFhNEq3BRK0qfgXLmlXGzYtFPhiZCfj1qpfi9YKNfZqeZ2CT9
qAs5xu1KiBzwSSHeZ7oOTU1GotOfZWBefp/GR/ZkTuO30xN4B59JnHOsFLddcw5r
rsUVcgg22iMiagzATomF8nlWBOclkhP/isEWlGT1UGMJSI4dw3tabjHIYaiTskx/
vry1Zg9l
-----END CERTIFICATE-----