Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa
File:                     3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa (raw, json)
Hash identifier:          qImMnAcM/aJZeptZmG2rDEqlIxd9h/pMRdIA4Ep6UEw=
Subject key identifier:   4D:10:CA:4E:BF:E9:05:A8:3C:C3:1F:26:E0:DF:68:F0:3C:6D:57:D0
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       2017F8EE593D74253D9D3158E65A387B98072790
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa
Signing time:             Wed 01 Nov 2023 08:51:50 +0000
ROA not before:           Wed 01 Nov 2023 08:46:50 +0000
ROA not after:            Wed 30 Oct 2024 08:51:50 +0000
asID:                     3214
IP address blocks:        192.109.228.0/23 maxlen: 32

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:17:f8:ee:59:3d:74:25:3d:9d:31:58:e6:5a:38:7b:98:07:27:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Nov  1 08:46:50 2023 GMT
            Not After : Oct 30 08:51:50 2024 GMT
        Subject: CN=4D10CA4EBFE905A83CC31F26E0DF68F03C6D57D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a0:79:11:ea:f7:0f:aa:63:4e:8b:81:b6:51:
                    27:1c:e1:1e:46:db:06:b0:29:84:80:68:6a:48:f9:
                    74:ab:d3:93:2c:47:df:08:b6:7e:56:ef:2e:b2:79:
                    9e:ee:98:43:0a:42:3f:f0:50:f6:0b:80:d5:99:5a:
                    2f:0f:43:31:a5:4a:22:c3:ab:37:08:52:00:3a:f5:
                    16:64:15:07:ab:99:54:1f:f8:71:39:ee:d0:73:e4:
                    60:91:29:47:80:cd:fd:11:1c:b5:f3:6d:04:ad:c3:
                    04:0d:c7:7c:77:4c:7f:f3:34:e9:c6:f2:3f:20:41:
                    4c:21:bb:c4:89:12:af:81:35:1c:ec:ea:80:18:9f:
                    07:de:38:d7:cf:27:7f:16:d3:95:63:71:1e:25:a6:
                    e7:8b:20:ed:8f:0e:33:a5:aa:03:08:c6:39:fc:73:
                    d7:72:cc:5a:94:21:46:c7:0e:3a:6f:ed:86:b1:83:
                    9f:8e:91:82:01:b6:5a:1e:1c:76:6d:19:dc:fd:fe:
                    3f:23:14:32:59:e6:a6:71:fe:8c:84:6f:7e:4e:bb:
                    bc:28:43:d6:ed:29:f2:9a:e3:44:36:c8:21:1c:ff:
                    18:e6:03:7f:c8:82:58:4a:c9:55:44:49:26:92:ed:
                    19:2c:13:3b:15:0f:53:4e:c8:96:a7:0b:ac:cd:0a:
                    8a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:10:CA:4E:BF:E9:05:A8:3C:C3:1F:26:E0:DF:68:F0:3C:6D:57:D0
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3332203d3e2033323134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         14:70:d4:b9:17:6c:3a:f1:ff:e3:3a:ec:7c:f8:bc:57:58:a4:
         07:2a:f4:72:f1:e4:ea:75:83:17:d6:b5:fd:9f:44:a7:db:59:
         ea:74:03:5e:25:16:13:d7:73:d5:fc:1e:30:33:2e:ff:c7:69:
         4d:6c:7b:b4:43:a9:37:3f:76:d8:25:50:3e:18:30:1f:6f:71:
         ce:4a:08:b6:03:d1:39:2a:dd:ac:e2:e0:09:cc:11:12:75:41:
         ba:60:4f:89:c9:5e:06:bc:cf:8d:1d:af:ff:b3:b6:20:1b:e1:
         ed:e0:60:77:59:79:74:fc:d1:b7:05:f0:c2:d0:2e:b2:36:2c:
         4a:2c:7e:7c:04:4a:da:db:2a:0e:00:c4:b7:f7:ea:c1:6c:92:
         e1:c5:2d:f9:d8:6e:1b:5b:9d:66:f6:ea:6f:0f:29:37:52:f9:
         8b:3e:6c:c8:a6:6a:3e:f2:dd:44:9c:52:50:e5:20:d0:15:65:
         61:29:f3:e1:ce:c5:93:d5:b7:98:86:ed:91:7b:6d:38:f2:63:
         a2:92:41:db:a5:75:27:a7:f0:1e:50:42:72:45:5f:ec:21:29:
         55:32:46:97:5f:13:1b:a1:b5:06:0c:10:02:aa:ac:f9:c9:d9:
         3b:6e:01:3e:ba:d4:d2:c9:de:ba:a9:8d:9b:12:4b:aa:95:fa:
         f9:fe:0f:e8
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUIBf47lk9dCU9nTFY5lo4e5gHJ5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yMzExMDEwODQ2NTBaFw0yNDEwMzAwODUxNTBaMDMxMTAvBgNV
BAMTKDREMTBDQTRFQkZFOTA1QTgzQ0MzMUYyNkUwREY2OEYwM0M2RDU3RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGoHkR6vcPqmNOi4G2UScc4R5G
2wawKYSAaGpI+XSr05MsR98Itn5W7y6yeZ7umEMKQj/wUPYLgNWZWi8PQzGlSiLD
qzcIUgA69RZkFQermVQf+HE57tBz5GCRKUeAzf0RHLXzbQStwwQNx3x3TH/zNOnG
8j8gQUwhu8SJEq+BNRzs6oAYnwfeONfPJ38W05VjcR4lpueLIO2PDjOlqgMIxjn8
c9dyzFqUIUbHDjpv7Yaxg5+OkYIBtloeHHZtGdz9/j8jFDJZ5qZx/oyEb35Ou7wo
Q9btKfKa40Q2yCEc/xjmA3/IglhKyVVESSaS7RksEzsVD1NOyJanC6zNCoqvAgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUTRDKTr/pBag8wx8m4N9o8DxtV9AwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMG4GCCsGAQUF
BwELBGIwYDBeBggrBgEFBQcwC4ZScnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzIzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDMzMzIz
MTM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBwG3kMA0GCSqGSIb3DQEBCwUAA4IBAQAUcNS5F2w68f/j
Oux8+LxXWKQHKvRy8eTqdYMX1rX9n0Sn21nqdANeJRYT13PV/B4wMy7/x2lNbHu0
Q6k3P3bYJVA+GDAfb3HOSgi2A9E5Kt2s4uAJzBESdUG6YE+JyV4GvM+NHa//s7Yg
G+Ht4GB3WXl0/NG3BfDC0C6yNixKLH58BEra2yoOAMS39+rBbJLhxS352G4bW51m
9upvDyk3UvmLPmzIpmo+8t1EnFJQ5SDQFWVhKfPhzsWT1beYhu2Re2048mOikkHb
pXUnp/AeUEJyRV/sISlVMkaXXxMbobUGDBACqqz5ydk7bgE+utTSyd66qY2bEkuq
lfr5/g/o
-----END CERTIFICATE-----