Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/34352e3134322e3136352e302f32342d3234203d3e2034373835.roa
File:                     34352e3134322e3136352e302f32342d3234203d3e2034373835.roa (raw, json)
Hash identifier:          o9Y40IZeYM7rql11qrGHuc1gLDQK8b01Mzgtad4Wy48=
Subject key identifier:   CA:2A:6D:08:7F:EB:06:56:62:DC:FA:42:93:72:FB:41:53:BA:90:40
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       28CF8A7BE3FA6EBF1E23E2E3980A8C281B190C79
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/34352e3134322e3136352e302f32342d3234203d3e2034373835.roa
Signing time:             Fri 22 Sep 2023 10:19:34 +0000
ROA not before:           Fri 22 Sep 2023 10:14:34 +0000
ROA not after:            Fri 20 Sep 2024 10:19:34 +0000
asID:                     4785
IP address blocks:        45.142.165.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:cf:8a:7b:e3:fa:6e:bf:1e:23:e2:e3:98:0a:8c:28:1b:19:0c:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Sep 22 10:14:34 2023 GMT
            Not After : Sep 20 10:19:34 2024 GMT
        Subject: CN=CA2A6D087FEB065662DCFA429372FB4153BA9040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:91:a7:6e:bb:e0:f2:aa:bc:fc:c1:14:2a:6f:
                    bc:09:cd:ed:b9:22:62:f1:6d:f1:be:39:00:44:e6:
                    34:84:e4:dc:df:28:0e:fc:69:09:50:91:9f:85:d2:
                    41:e2:78:38:96:4d:aa:ee:f3:b1:b7:c4:3b:83:71:
                    92:92:ca:96:cb:02:df:47:17:55:d3:c8:dd:eb:5c:
                    74:97:1e:1f:88:a3:8a:fc:e0:ac:10:65:65:60:a4:
                    e9:94:bf:07:db:46:32:4b:00:b9:31:5d:1f:c4:ff:
                    9c:37:8e:2b:e2:69:c9:3b:53:21:e0:63:ff:b2:49:
                    5d:30:1b:9f:5a:65:84:bf:fc:24:ed:26:82:ba:5c:
                    f5:bc:81:f4:b1:d2:ff:c9:34:88:48:df:fa:de:f2:
                    cf:ab:a1:ea:2e:91:37:a7:79:66:07:f9:d2:91:8b:
                    5e:1d:9b:8e:5a:7e:91:1a:79:70:28:bc:f9:89:f7:
                    35:5c:e0:18:9a:7c:57:11:1b:e4:48:19:5e:cb:dd:
                    2d:b4:bb:0b:4d:6d:cd:88:f9:74:0f:c6:f5:d0:72:
                    aa:8b:7a:a6:c5:7a:1b:83:9a:82:9b:c6:dc:9c:93:
                    32:03:28:f5:59:22:30:cc:30:cd:5a:3d:15:50:2a:
                    f6:61:be:b1:bd:16:cf:dc:4c:c9:07:31:13:51:e3:
                    19:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:2A:6D:08:7F:EB:06:56:62:DC:FA:42:93:72:FB:41:53:BA:90:40
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/34352e3134322e3136352e302f32342d3234203d3e2034373835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:4b:64:80:98:91:1f:7a:64:0e:b8:95:1c:ce:5f:21:b1:e5:
         88:a2:6d:d3:41:73:14:fd:a6:fa:34:a0:91:1e:fc:3d:39:ee:
         d5:86:b1:fd:26:0c:25:77:c4:ee:fe:bd:a7:ce:06:13:a1:61:
         5b:d8:cb:1f:1d:d5:e4:a3:0c:74:52:34:a2:f5:36:df:a6:a7:
         a6:3a:43:e9:fc:3c:54:a7:22:dc:8a:c9:53:4b:8c:7d:e9:c3:
         45:ea:e0:e2:e6:8b:0c:7a:0e:1f:2c:eb:da:46:cc:49:10:fa:
         15:0b:e5:27:1e:e5:29:0e:36:58:b6:bd:9b:88:4f:81:5a:d9:
         63:4a:f3:18:4e:03:0d:67:4e:18:57:1a:07:27:f8:de:d8:5e:
         a8:50:e9:51:96:36:15:e6:09:96:2e:a9:23:4e:a7:b0:46:df:
         fe:50:9c:60:ad:f3:b8:ff:11:ae:18:d3:c3:ef:98:70:1e:e7:
         36:60:ec:9c:19:84:20:24:26:b7:f1:07:0c:bb:a0:c1:af:31:
         9c:a9:b5:4d:34:16:1f:76:5f:5c:f3:a7:db:4e:24:2a:1f:34:
         c7:b5:9a:9b:1c:0f:18:7f:9f:64:b7:73:f7:44:42:60:99:4e:
         f7:d3:19:ee:35:b9:f3:19:ed:54:52:93:19:f4:a1:04:ef:ad:
         52:63:b6:53
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIUKM+Ke+P6br8eI+LjmAqMKBsZDHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yMzA5MjIxMDE0MzRaFw0yNDA5MjAxMDE5MzRaMDMxMTAvBgNV
BAMTKENBMkE2RDA4N0ZFQjA2NTY2MkRDRkE0MjkzNzJGQjQxNTNCQTkwNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWkaduu+Dyqrz8wRQqb7wJze25
ImLxbfG+OQBE5jSE5NzfKA78aQlQkZ+F0kHieDiWTaru87G3xDuDcZKSypbLAt9H
F1XTyN3rXHSXHh+Io4r84KwQZWVgpOmUvwfbRjJLALkxXR/E/5w3jiviack7UyHg
Y/+ySV0wG59aZYS//CTtJoK6XPW8gfSx0v/JNIhI3/re8s+roeoukTeneWYH+dKR
i14dm45afpEaeXAovPmJ9zVc4BiafFcRG+RIGV7L3S20uwtNbc2I+XQPxvXQcqqL
eqbFehuDmoKbxtyckzIDKPVZIjDMMM1aPRVQKvZhvrG9Fs/cTMkHMRNR4xnrAgMB
AAGjggG6MIIBtjAdBgNVHQ4EFgQUyiptCH/rBlZi3PpCk3L7QVO6kEAwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMGwGCCsGAQUF
BwELBGAwXjBcBggrBgEFBQcwC4ZQcnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzQz
NTJlMzEzNDMyMmUzMTM2MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3Mzgz
NS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2OpTANBgkqhkiG9w0BAQsFAAOCAQEArktkgJiRH3pkDriV
HM5fIbHliKJt00FzFP2m+jSgkR78PTnu1Yax/SYMJXfE7v69p84GE6FhW9jLHx3V
5KMMdFI0ovU236anpjpD6fw8VKci3IrJU0uMfenDRerg4uaLDHoOHyzr2kbMSRD6
FQvlJx7lKQ42WLa9m4hPgVrZY0rzGE4DDWdOGFcaByf43theqFDpUZY2FeYJli6p
I06nsEbf/lCcYK3zuP8RrhjTw++YcB7nNmDsnBmEICQmt/EHDLugwa8xnKm1TTQW
H3ZfXPOn204kKh80x7WamxwPGH+fZLdz90RCYJlO99MZ7jW58xntVFKTGfShBO+t
UmO2Uw==
-----END CERTIFICATE-----