Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/37/38352e3139332e37382e302f32342d3234203d3e203134363138.roa
File:                     38352e3139332e37382e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier:          qeUBNqX0cdTuUUSXV2MePCJ8eS8Tr53k1jxkWSOVxMQ=
Subject key identifier:   16:90:EE:22:DB:79:AA:99:E8:D4:3C:FB:F3:E4:66:DE:D7:1A:A1:70
Certificate issuer:       /CN=c8af62a54d23ce118fceb4a95e614c0b1df60351
Certificate serial:       6376D479189171166C34374B5373855E1D87778F
Authority key identifier: C8:AF:62:A5:4D:23:CE:11:8F:CE:B4:A9:5E:61:4C:0B:1D:F6:03:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yK9ipU0jzhGPzrSpXmFMCx32A1E.cer
Subject info access:      rsync://0.sb/repo/sb/37/38352e3139332e37382e302f32342d3234203d3e203134363138.roa
Signing time:             Tue 05 Nov 2024 06:51:47 +0000
ROA not before:           Tue 05 Nov 2024 06:46:47 +0000
ROA not after:            Tue 04 Nov 2025 06:51:47 +0000
asID:                     14618
IP address blocks:        85.193.78.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/37/C8AF62A54D23CE118FCEB4A95E614C0B1DF60351.crl
                          rsync://0.sb/repo/sb/37/C8AF62A54D23CE118FCEB4A95E614C0B1DF60351.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yK9ipU0jzhGPzrSpXmFMCx32A1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 05:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:76:d4:79:18:91:71:16:6c:34:37:4b:53:73:85:5e:1d:87:77:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8af62a54d23ce118fceb4a95e614c0b1df60351
        Validity
            Not Before: Nov  5 06:46:47 2024 GMT
            Not After : Nov  4 06:51:47 2025 GMT
        Subject: CN=1690EE22DB79AA99E8D43CFBF3E466DED71AA170
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e3:ec:fd:10:5a:5c:92:41:c0:e9:2e:7f:05:
                    1a:de:72:5f:38:4a:b7:df:c6:c9:ee:df:32:fe:c8:
                    d0:d4:c9:7f:44:3e:3c:d7:fe:17:03:56:48:a2:5e:
                    85:a4:24:68:8f:08:44:9f:6f:78:31:44:cf:ee:63:
                    05:ee:bc:b1:47:25:19:a3:4b:09:49:d1:0e:bc:ef:
                    86:a7:49:f4:8d:ae:66:b9:7e:83:25:26:a7:e4:a9:
                    9f:bf:2e:d5:c6:f2:1d:17:51:07:f1:00:20:50:30:
                    ca:b1:ae:43:ce:f8:20:4b:69:be:71:95:9d:36:a2:
                    de:50:93:5a:3a:77:43:f2:30:4f:26:0d:f5:83:97:
                    35:d5:32:8a:e9:de:ce:2e:08:f8:4b:0c:c6:d0:90:
                    1e:5f:35:dd:f7:0c:02:12:d5:8d:25:52:69:96:06:
                    a9:69:80:2e:59:0c:aa:06:9a:c7:38:0c:51:e5:ea:
                    12:09:28:e7:03:78:ff:7f:6b:1a:d8:e7:0d:c2:1b:
                    b6:f9:b7:5c:e2:92:f7:a7:f7:50:80:03:79:e7:31:
                    36:88:2b:cf:57:9d:3e:27:2f:fd:7f:d1:ba:f4:93:
                    3e:f9:47:58:1b:9a:e7:27:fd:3c:1c:88:ce:20:1a:
                    0d:aa:bf:0f:62:f0:d7:a6:0e:8b:78:77:cc:05:08:
                    ab:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:90:EE:22:DB:79:AA:99:E8:D4:3C:FB:F3:E4:66:DE:D7:1A:A1:70
            X509v3 Authority Key Identifier:
                keyid:C8:AF:62:A5:4D:23:CE:11:8F:CE:B4:A9:5E:61:4C:0B:1D:F6:03:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/37/C8AF62A54D23CE118FCEB4A95E614C0B1DF60351.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yK9ipU0jzhGPzrSpXmFMCx32A1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/37/38352e3139332e37382e302f32342d3234203d3e203134363138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.193.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:3a:ca:3b:d1:91:43:39:2b:51:fd:64:26:5b:bf:49:2d:cb:
         ce:d3:c4:c3:91:7f:e3:fe:ee:bd:84:93:ae:7b:e6:1b:eb:a4:
         95:0a:b2:bc:f1:62:b9:41:93:ee:19:9e:75:90:50:e0:45:71:
         ea:2b:a9:f8:5b:5c:ed:96:09:fe:36:33:0a:fe:7f:8d:ed:f8:
         4a:03:cf:0d:d6:ef:49:7e:af:ca:59:48:62:37:a7:83:1f:1f:
         d6:c5:75:e3:38:83:33:69:cc:eb:0c:e3:75:2a:98:f1:86:e9:
         e7:40:00:05:98:e5:30:83:30:5d:05:31:84:a0:1f:80:f6:05:
         4a:b4:33:9a:76:16:ce:35:9b:31:c7:46:eb:30:93:1c:58:e7:
         6c:5f:2f:4e:87:d5:80:2d:30:2c:90:fe:fc:1b:cd:eb:47:02:
         b4:00:c2:51:75:5b:5a:a5:9a:eb:f6:50:30:80:18:d0:36:88:
         03:fc:21:3e:b8:e8:b9:aa:a9:9c:e0:67:ca:85:be:1b:cd:90:
         4b:50:e0:2f:fa:a0:e5:95:b0:b8:37:6f:85:44:32:d0:2e:c2:
         c4:59:e4:55:30:0d:e1:22:1b:db:98:09:d9:e9:6d:0c:cd:ca:
         95:a7:ce:99:f5:69:fd:e6:04:b0:36:46:5d:db:3e:1b:3f:6c:
         e2:e8:83:f5
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIUY3bUeRiRcRZsNDdLU3OFXh2Hd48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzhhZjYyYTU0ZDIzY2UxMThmY2ViNGE5NWU2MTRjMGIx
ZGY2MDM1MTAeFw0yNDExMDUwNjQ2NDdaFw0yNTExMDQwNjUxNDdaMDMxMTAvBgNV
BAMTKDE2OTBFRTIyREI3OUFBOTlFOEQ0M0NGQkYzRTQ2NkRFRDcxQUExNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf4+z9EFpckkHA6S5/BRrecl84
Srffxsnu3zL+yNDUyX9EPjzX/hcDVkiiXoWkJGiPCESfb3gxRM/uYwXuvLFHJRmj
SwlJ0Q6874anSfSNrma5foMlJqfkqZ+/LtXG8h0XUQfxACBQMMqxrkPO+CBLab5x
lZ02ot5Qk1o6d0PyME8mDfWDlzXVMorp3s4uCPhLDMbQkB5fNd33DAIS1Y0lUmmW
BqlpgC5ZDKoGmsc4DFHl6hIJKOcDeP9/axrY5w3CG7b5t1zikven91CAA3nnMTaI
K89XnT4nL/1/0br0kz75R1gbmucn/TwciM4gGg2qvw9i8NemDot4d8wFCKs3AgMB
AAGjggG6MIIBtjAdBgNVHQ4EFgQUFpDuItt5qpno1Dz78+Rm3tcaoXAwHwYDVR0j
BBgwFoAUyK9ipU0jzhGPzrSpXmFMCx32A1EwDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzM3L0M4QUY2MkE1NEQy
M0NFMTE4RkNFQjRBOTVFNjE0QzBCMURGNjAzNTEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC95SzlpcFUwanpoR1B6clNwWG1GTUN4MzJBMUUuY2VyMGwGCCsGAQUF
BwELBGAwXjBcBggrBgEFBQcwC4ZQcnN5bmM6Ly8wLnNiL3JlcG8vc2IvMzcvMzgz
NTJlMzEzOTMzMmUzNzM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM2MzEz
OC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAFXBTjANBgkqhkiG9w0BAQsFAAOCAQEAJzrKO9GRQzkrUf1k
Jlu/SS3LztPEw5F/4/7uvYSTrnvmG+uklQqyvPFiuUGT7hmedZBQ4EVx6iup+Ftc
7ZYJ/jYzCv5/je34SgPPDdbvSX6vyllIYjengx8f1sV14ziDM2nM6wzjdSqY8Ybp
50AABZjlMIMwXQUxhKAfgPYFSrQzmnYWzjWbMcdG6zCTHFjnbF8vTofVgC0wLJD+
/BvN60cCtADCUXVbWqWa6/ZQMIAY0DaIA/whPrjouaqpnOBnyoW+G82QS1DgL/qg
5ZWwuDdvhUQy0C7CxFnkVTAN4SIb25gJ2eltDM3KlafOmfVp/eYEsDZGXds+Gz9s
4uiD9Q==
-----END CERTIFICATE-----