Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3232382e302f32342d3234203d3e2031303330.roa
File:                     3139322e3130392e3232382e302f32342d3234203d3e2031303330.roa (raw, json)
Hash identifier:          eoT/NXsFFHhGmrNnzqLIk8ko0heZfjukMzJyeajFQtY=
Subject key identifier:   CE:72:E5:B9:F0:49:81:60:F0:B2:ED:DD:8F:BC:95:FD:5D:08:8B:EA
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       10B098C45BB50C384648855022DF0098E333B3B4
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32342d3234203d3e2031303330.roa
Signing time:             Fri 25 Jul 2025 10:52:38 +0000
ROA not before:           Fri 25 Jul 2025 10:47:38 +0000
ROA not after:            Fri 24 Jul 2026 10:52:38 +0000
asID:                     1030
IP address blocks:        192.109.228.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 26 Jul 2025 14:17:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:b0:98:c4:5b:b5:0c:38:46:48:85:50:22:df:00:98:e3:33:b3:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Jul 25 10:47:38 2025 GMT
            Not After : Jul 24 10:52:38 2026 GMT
        Subject: CN=CE72E5B9F0498160F0B2EDDD8FBC95FD5D088BEA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:db:a7:34:8e:51:84:40:5a:8a:18:c6:51:f6:
                    fe:00:3d:48:c2:d9:4d:f2:f3:45:ea:f4:d3:12:cf:
                    46:73:0b:33:b0:0b:4d:3d:26:65:96:5e:9b:60:f5:
                    91:3d:fa:58:38:43:3e:8c:f7:f8:ca:a4:f7:1e:7c:
                    c0:71:06:0c:18:dc:fe:6e:36:da:78:45:2e:9b:74:
                    e0:c4:81:26:fe:d3:42:53:a4:c6:40:62:36:6b:01:
                    7a:e9:0a:01:58:39:fa:24:24:f5:2e:cb:50:f3:7c:
                    d6:f9:29:c9:55:78:fc:a2:0f:7a:4b:f5:d5:f9:53:
                    bd:00:fb:0a:b0:5f:a7:14:36:2b:5b:e0:7c:26:11:
                    ea:b4:9b:de:82:d8:0d:54:b1:99:b8:02:d6:64:e8:
                    96:f6:32:c5:c2:40:40:22:36:fa:ea:e0:e3:0d:7d:
                    8c:61:d3:d8:07:2b:db:cd:53:1f:c8:e2:d3:56:be:
                    2f:d8:3c:94:eb:6d:0b:48:37:74:d1:71:b7:86:b1:
                    a3:46:7d:6f:d0:bc:02:af:d5:9d:cd:d0:e7:d4:fc:
                    b6:89:1a:d7:9c:38:6c:f6:d1:78:3c:87:0d:0f:ce:
                    7b:f5:f8:f4:cd:3e:69:c1:c1:26:e3:fb:14:6c:4c:
                    b8:85:43:6e:f1:b1:2d:db:c4:09:ed:c7:d0:87:b3:
                    e6:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:72:E5:B9:F0:49:81:60:F0:B2:ED:DD:8F:BC:95:FD:5D:08:8B:EA
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32342d3234203d3e2031303330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:80:35:3b:53:ee:90:f3:30:64:b5:14:ba:e8:96:cc:1e:c8:
         d0:ca:c2:85:99:1c:42:64:5f:98:0c:42:29:a7:ec:aa:9f:6f:
         0e:7f:44:ab:e1:5a:45:f6:4f:f5:9c:7c:93:57:52:b0:f1:bd:
         2d:4e:57:7b:a9:7a:e9:18:e9:a3:e5:86:63:59:0f:2d:d9:ca:
         bb:d3:5c:53:88:c4:15:29:52:6f:bd:f5:9e:0e:44:11:cf:a3:
         0f:3c:b5:f4:00:05:07:e1:01:04:f1:6f:76:a4:d4:2e:73:a6:
         d1:61:56:5b:26:b7:e4:4f:6f:c0:09:f7:6d:d6:69:e7:81:0b:
         f9:81:f7:3d:ac:9a:09:7c:7f:15:fd:cb:9c:b2:54:f5:15:66:
         23:60:9f:4e:c1:e0:9c:61:9a:9c:3c:6d:73:99:f3:14:23:05:
         fd:96:34:66:a0:d8:86:85:61:52:34:f5:1e:34:e5:22:35:fb:
         c8:2d:25:f9:83:a6:cf:50:76:1f:bf:57:d9:e9:b1:ed:c1:b5:
         59:77:15:79:e6:a6:ff:34:c9:45:39:cc:cb:bb:d3:c0:ea:ab:
         bc:11:e0:ba:bd:39:00:51:9e:40:40:9f:5a:93:de:27:16:f2:
         25:cd:1a:ba:27:15:0d:d4:59:64:c4:bf:29:68:02:55:d7:a4:
         aa:80:01:4c
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUELCYxFu1DDhGSIVQIt8AmOMzs7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yNTA3MjUxMDQ3MzhaFw0yNjA3MjQxMDUyMzhaMDMxMTAvBgNV
BAMTKENFNzJFNUI5RjA0OTgxNjBGMEIyRURERDhGQkM5NUZENUQwODhCRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/26c0jlGEQFqKGMZR9v4APUjC
2U3y80Xq9NMSz0ZzCzOwC009JmWWXptg9ZE9+lg4Qz6M9/jKpPcefMBxBgwY3P5u
Ntp4RS6bdODEgSb+00JTpMZAYjZrAXrpCgFYOfokJPUuy1DzfNb5KclVePyiD3pL
9dX5U70A+wqwX6cUNitb4HwmEeq0m96C2A1UsZm4AtZk6Jb2MsXCQEAiNvrq4OMN
fYxh09gHK9vNUx/I4tNWvi/YPJTrbQtIN3TRcbeGsaNGfW/QvAKv1Z3N0OfU/LaJ
GtecOGz20Xg8hw0Pznv1+PTNPmnBwSbj+xRsTLiFQ27xsS3bxAntx9CHs+YLAgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUznLlufBJgWDwsu3dj7yV/V0Ii+owHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMG4GCCsGAQUF
BwELBGIwYDBeBggrBgEFBQcwC4ZScnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzAz
MzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQAwG3kMA0GCSqGSIb3DQEBCwUAA4IBAQAIgDU7U+6Q8zBk
tRS66JbMHsjQysKFmRxCZF+YDEIpp+yqn28Of0Sr4VpF9k/1nHyTV1Kw8b0tTld7
qXrpGOmj5YZjWQ8t2cq701xTiMQVKVJvvfWeDkQRz6MPPLX0AAUH4QEE8W92pNQu
c6bRYVZbJrfkT2/ACfdt1mnngQv5gfc9rJoJfH8V/cucslT1FWYjYJ9OweCcYZqc
PG1zmfMUIwX9ljRmoNiGhWFSNPUeNOUiNfvILSX5g6bPUHYfv1fZ6bHtwbVZdxV5
5qb/NMlFOczLu9PA6qu8EeC6vTkAUZ5AQJ9ak94nFvIlzRq6JxUN1FlkxL8paAJV
16SqgAFM
-----END CERTIFICATE-----