Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/34352e3133332e3131372e302f32342d3234203d3e20323130343239.roa
File:                     34352e3133332e3131372e302f32342d3234203d3e20323130343239.roa (raw, json)
Hash identifier:          cv/6pTbzxQq/cGAaiXGA7QsZH9bVzweuYYwyVUWLNXg=
Subject key identifier:   C6:22:93:65:F0:48:DE:E0:5B:38:D3:46:49:A9:BD:CD:51:B2:87:80
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       2C82583DBC4D5F644336639D6BDB01D0F35EA4DC
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/34352e3133332e3131372e302f32342d3234203d3e20323130343239.roa
Signing time:             Mon 29 Apr 2024 10:46:54 +0000
ROA not before:           Mon 29 Apr 2024 10:41:54 +0000
ROA not after:            Mon 28 Apr 2025 10:46:54 +0000
asID:                     210429
IP address blocks:        45.133.117.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:82:58:3d:bc:4d:5f:64:43:36:63:9d:6b:db:01:d0:f3:5e:a4:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Apr 29 10:41:54 2024 GMT
            Not After : Apr 28 10:46:54 2025 GMT
        Subject: CN=C6229365F048DEE05B38D34649A9BDCD51B28780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:81:cb:bb:cf:d2:4c:2c:c9:73:99:f1:27:a8:
                    a3:f3:06:36:c6:c3:3c:f4:0b:8b:f5:fb:2c:06:b8:
                    fb:c6:e2:48:7c:c6:bd:e9:35:3e:a8:04:50:6b:ef:
                    45:65:34:85:b6:f0:47:8e:2a:fc:c1:0f:d2:73:26:
                    3d:eb:7d:fd:f1:17:b8:69:1d:d5:62:7d:02:a1:73:
                    c7:29:a1:74:10:b6:82:64:90:91:8d:fe:7b:0b:e2:
                    85:f4:79:95:c6:b6:e2:d7:b9:75:88:0a:5f:c3:88:
                    35:eb:8f:76:82:88:4b:a7:5a:e4:24:bf:59:fa:12:
                    50:d5:bd:b1:b2:66:6d:bd:71:3c:8a:e9:8f:16:37:
                    d4:42:00:ba:5c:5c:59:ff:3d:fb:ff:ba:15:1a:37:
                    e9:55:72:02:68:2d:62:7a:b0:25:04:6e:1f:be:af:
                    02:8e:76:7d:3a:ca:2f:50:73:c4:22:41:f2:12:c8:
                    d7:2a:ca:d3:3e:0c:79:df:92:23:03:20:63:df:fd:
                    69:32:ad:6a:07:23:45:b0:c5:d8:a0:4f:63:29:9d:
                    2c:42:46:d6:1c:76:07:bb:97:a6:6e:60:d4:c9:43:
                    b9:cb:1c:c0:a9:08:c2:46:84:6f:e4:37:5a:9f:e2:
                    d5:7d:da:4c:9d:f1:f9:47:96:7d:49:87:3f:9a:c9:
                    46:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:22:93:65:F0:48:DE:E0:5B:38:D3:46:49:A9:BD:CD:51:B2:87:80
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/34352e3133332e3131372e302f32342d3234203d3e20323130343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:8c:80:24:14:9d:1a:16:23:97:0d:a0:28:e2:62:55:a3:3b:
         ae:7c:ea:2c:c2:80:64:7c:6b:d5:35:de:89:f2:a2:aa:01:48:
         a8:72:7d:c1:5f:1f:a3:66:7e:dc:08:b2:02:98:26:3b:51:e0:
         6a:58:d2:0d:2c:51:b3:c9:99:50:40:09:22:96:1d:77:11:fb:
         9e:3d:5c:a3:07:7c:dc:79:d6:af:52:fd:78:62:8a:a4:51:61:
         66:08:a1:c8:00:25:0f:f0:1e:76:3d:ce:fc:3b:47:76:af:38:
         51:3a:3a:b8:99:57:19:0c:a0:b1:4e:eb:6e:1e:f7:4d:8e:28:
         18:35:94:07:94:aa:6f:b2:65:2e:1b:37:27:9e:5e:49:ef:5d:
         39:d4:0a:e7:b4:99:23:2e:5b:d3:e6:87:1c:c3:f2:b8:b1:1f:
         55:25:89:2c:42:de:f9:0b:f7:c1:ce:68:10:d7:eb:e0:6c:f4:
         f7:83:fc:c3:e6:74:83:21:9c:64:da:1b:af:29:9e:1f:f4:36:
         a2:fe:1b:c5:90:5c:ab:b5:81:91:e5:c4:fb:a5:26:17:78:ae:
         48:01:c5:b6:71:ca:ae:a9:d0:2b:0d:29:34:3a:e9:a2:20:0b:
         b6:ee:54:42:48:32:f8:96:d2:84:d0:b3:45:57:b6:27:d2:c3:
         5b:0b:a8:8c
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIULIJYPbxNX2RDNmOda9sB0PNepNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yNDA0MjkxMDQxNTRaFw0yNTA0MjgxMDQ2NTRaMDMxMTAvBgNV
BAMTKEM2MjI5MzY1RjA0OERFRTA1QjM4RDM0NjQ5QTlCRENENTFCMjg3ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAgcu7z9JMLMlzmfEnqKPzBjbG
wzz0C4v1+ywGuPvG4kh8xr3pNT6oBFBr70VlNIW28EeOKvzBD9JzJj3rff3xF7hp
HdVifQKhc8cpoXQQtoJkkJGN/nsL4oX0eZXGtuLXuXWICl/DiDXrj3aCiEunWuQk
v1n6ElDVvbGyZm29cTyK6Y8WN9RCALpcXFn/Pfv/uhUaN+lVcgJoLWJ6sCUEbh++
rwKOdn06yi9Qc8QiQfISyNcqytM+DHnfkiMDIGPf/WkyrWoHI0WwxdigT2MpnSxC
RtYcdge7l6ZuYNTJQ7nLHMCpCMJGhG/kN1qf4tV92kyd8flHln1Jhz+ayUbrAgMB
AAGjggG+MIIBujAdBgNVHQ4EFgQUxiKTZfBI3uBbONNGSam9zVGyh4AwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMHAGCCsGAQUF
BwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzQz
NTJlMzEzMzMzMmUzMTMxMzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAz
NDMyMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAAthXUwDQYJKoZIhvcNAQELBQADggEBADKMgCQUnRoW
I5cNoCjiYlWjO6586izCgGR8a9U13onyoqoBSKhyfcFfH6NmftwIsgKYJjtR4GpY
0g0sUbPJmVBACSKWHXcR+549XKMHfNx51q9S/XhiiqRRYWYIocgAJQ/wHnY9zvw7
R3avOFE6OriZVxkMoLFO624e902OKBg1lAeUqm+yZS4bNyeeXknvXTnUCue0mSMu
W9PmhxzD8rixH1UliSxC3vkL98HOaBDX6+Bs9PeD/MPmdIMhnGTaG68pnh/0NqL+
G8WQXKu1gZHlxPulJhd4rkgBxbZxyq6p0CsNKTQ66aIgC7buVEJIMviW0oTQs0VX
tifSw1sLqIw=
-----END CERTIFICATE-----