Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa
File:                     3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa (raw, json)
Hash identifier:          WBrIS9JMPbcG1N7dXvIbsDQ0CRWxoRtfr+PXDP+d4H4=
Subject key identifier:   5E:8E:A7:18:D9:1F:B0:30:15:75:C4:52:6A:68:B8:FE:D0:A1:03:C2
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       4383F4EF0A5BD8F711AD5A57D2252072A4A29925
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa
Signing time:             Wed 02 Oct 2024 09:00:54 +0000
ROA not before:           Wed 02 Oct 2024 08:55:54 +0000
ROA not after:            Wed 01 Oct 2025 09:00:54 +0000
asID:                     3214
IP address blocks:        192.109.228.0/23 maxlen: 32

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:83:f4:ef:0a:5b:d8:f7:11:ad:5a:57:d2:25:20:72:a4:a2:99:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Oct  2 08:55:54 2024 GMT
            Not After : Oct  1 09:00:54 2025 GMT
        Subject: CN=5E8EA718D91FB0301575C4526A68B8FED0A103C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:70:9f:78:74:9a:d2:fa:29:8f:50:d6:80:93:
                    6e:ae:3a:9f:f9:d2:28:0e:ae:d6:01:f9:73:dd:8f:
                    46:b1:27:c5:35:6b:04:61:2b:0a:a8:2a:ef:f6:32:
                    98:fa:4e:05:4b:c8:a9:cd:5e:18:11:fd:35:74:ba:
                    71:f1:b3:7c:79:d6:b6:95:9c:38:c5:ec:32:da:5a:
                    dd:e8:49:60:98:ad:8f:a2:6d:6f:69:69:86:eb:51:
                    a4:89:4b:63:7b:55:33:86:ec:84:4a:bd:48:d8:86:
                    89:ad:dc:4e:0d:84:af:b8:b8:51:8d:09:f8:9d:44:
                    05:96:62:cb:5e:58:01:7d:26:59:8a:dc:e8:a1:04:
                    0f:1a:74:fc:63:84:e5:38:f9:2a:ad:89:1c:57:62:
                    84:09:9d:8f:23:bc:48:98:55:e6:a7:3b:12:c9:40:
                    ac:75:39:7a:5d:ce:8f:e9:46:ef:2d:5c:01:58:aa:
                    0c:32:e2:0c:05:f6:7a:f6:0b:d9:87:7f:b4:d7:d5:
                    5a:47:57:4f:df:cd:3f:c7:d4:6e:b8:2d:62:aa:ed:
                    a0:6e:0c:f8:ba:27:5a:a6:9b:72:a7:2b:a0:5c:19:
                    4e:4c:4d:d9:55:bc:09:5d:31:16:b8:ed:40:de:d0:
                    72:91:8c:db:b8:c8:33:83:e2:be:2b:98:46:1c:15:
                    51:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:8E:A7:18:D9:1F:B0:30:15:75:C4:52:6A:68:B8:FE:D0:A1:03:C2
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:48:ba:cd:3a:0b:24:e8:cb:a4:e4:20:dd:51:69:a5:3e:a4:
         08:27:b9:75:26:8d:88:b3:c5:46:ad:61:57:de:07:fa:a2:e0:
         d8:79:b1:13:43:27:90:3b:a2:e7:c6:35:03:75:94:4a:bc:e6:
         c0:8d:35:bf:e4:b1:b9:78:48:14:d7:f3:d6:82:81:f9:06:24:
         5c:a4:5d:0d:83:7c:71:fc:54:8b:d0:3c:6d:6f:d7:9a:9f:fe:
         3e:5c:39:bc:8c:67:98:86:da:41:5f:64:1a:23:8d:e5:25:01:
         01:14:59:bb:62:bc:bf:b3:8b:9a:12:2f:e4:99:e4:77:f0:07:
         62:11:37:3d:a0:50:e7:3b:f6:68:fa:92:9a:34:4f:8c:fb:3f:
         c4:93:17:20:da:fb:0b:a0:97:45:db:92:47:bd:e8:f6:d8:12:
         c8:0a:8f:20:ba:f9:9c:9c:a8:48:4b:55:dd:2c:3b:d5:c5:fc:
         02:a2:0c:0b:e6:f1:59:d5:50:70:86:fd:76:a4:62:a3:a6:80:
         d1:cd:bf:4a:3b:c6:9c:05:47:f7:2a:5b:cb:82:cc:eb:46:dd:
         7b:4a:57:9a:3f:bb:88:18:2f:02:e7:39:bb:4d:f6:77:50:ea:
         e2:4e:18:43:23:2a:a5:37:27:72:9d:ab:51:07:99:64:2e:93:
         7a:2b:b9:cd
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUQ4P07wpb2PcRrVpX0iUgcqSimSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yNDEwMDIwODU1NTRaFw0yNTEwMDEwOTAwNTRaMDMxMTAvBgNV
BAMTKDVFOEVBNzE4RDkxRkIwMzAxNTc1QzQ1MjZBNjhCOEZFRDBBMTAzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7cJ94dJrS+imPUNaAk26uOp/5
0igOrtYB+XPdj0axJ8U1awRhKwqoKu/2Mpj6TgVLyKnNXhgR/TV0unHxs3x51raV
nDjF7DLaWt3oSWCYrY+ibW9paYbrUaSJS2N7VTOG7IRKvUjYhomt3E4NhK+4uFGN
CfidRAWWYsteWAF9JlmK3OihBA8adPxjhOU4+SqtiRxXYoQJnY8jvEiYVeanOxLJ
QKx1OXpdzo/pRu8tXAFYqgwy4gwF9nr2C9mHf7TX1VpHV0/fzT/H1G64LWKq7aBu
DPi6J1qmm3KnK6BcGU5MTdlVvAldMRa47UDe0HKRjNu4yDOD4r4rmEYcFVF1AgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUXo6nGNkfsDAVdcRSami4/tChA8IwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMG4GCCsGAQUF
BwELBGIwYDBeBggrBgEFBQcwC4ZScnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzIzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDMzMzIz
MTM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBwG3kMA0GCSqGSIb3DQEBCwUAA4IBAQBcSLrNOgsk6Muk
5CDdUWmlPqQIJ7l1Jo2Is8VGrWFX3gf6ouDYebETQyeQO6LnxjUDdZRKvObAjTW/
5LG5eEgU1/PWgoH5BiRcpF0Ng3xx/FSL0Dxtb9ean/4+XDm8jGeYhtpBX2QaI43l
JQEBFFm7Yry/s4uaEi/kmeR38AdiETc9oFDnO/Zo+pKaNE+M+z/Ekxcg2vsLoJdF
25JHvej22BLICo8guvmcnKhIS1XdLDvVxfwCogwL5vFZ1VBwhv12pGKjpoDRzb9K
O8acBUf3KlvLgszrRt17SleaP7uIGC8C5zm7TfZ3UOriThhDIyqlNydynatRB5lk
LpN6K7nN
-----END CERTIFICATE-----