Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/4/326131313a316434303a3a2f32392d3438203d3e20323130393337.roa
File:                     326131313a316434303a3a2f32392d3438203d3e20323130393337.roa (raw, json)
Hash identifier:          LvwEJviLg0boyie5Hk5+nNmAJ3CgrC+RRd3MYncj4g8=
Subject key identifier:   4D:8B:5D:12:CF:C3:9D:C8:E8:3D:03:59:BC:56:83:9F:E7:27:74:D6
Certificate issuer:       /CN=63df6923415fc62d1c49a5cb7d3d2505d61f065c
Certificate serial:       6EACA82BAEB73B4EC3F8F11221859E3759BA73E6
Authority key identifier: 63:DF:69:23:41:5F:C6:2D:1C:49:A5:CB:7D:3D:25:05:D6:1F:06:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer
Subject info access:      rsync://0.sb/repo/sb/4/326131313a316434303a3a2f32392d3438203d3e20323130393337.roa
Signing time:             Fri 23 Aug 2024 10:47:06 +0000
ROA not before:           Fri 23 Aug 2024 10:42:06 +0000
ROA not after:            Fri 22 Aug 2025 10:47:06 +0000
asID:                     210937
IP address blocks:        2a11:1d40::/29 maxlen: 48
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.crl
                          rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 08:48:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:ac:a8:2b:ae:b7:3b:4e:c3:f8:f1:12:21:85:9e:37:59:ba:73:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63df6923415fc62d1c49a5cb7d3d2505d61f065c
        Validity
            Not Before: Aug 23 10:42:06 2024 GMT
            Not After : Aug 22 10:47:06 2025 GMT
        Subject: CN=4D8B5D12CFC39DC8E83D0359BC56839FE72774D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:3d:3b:30:ef:54:62:82:c2:07:34:43:22:0e:
                    3b:a1:a4:e9:cc:c1:4d:ac:04:a2:ae:5c:0b:5a:23:
                    e2:3f:d0:61:9b:d8:e6:31:65:fd:f4:72:74:ac:2a:
                    bd:53:bd:ef:88:6d:8e:2b:95:f8:a2:d4:9a:52:d9:
                    3f:0b:7b:5d:89:20:5c:22:bf:e2:04:65:0e:8a:7f:
                    e7:e3:b7:af:f5:49:1d:7d:62:65:a1:48:60:44:9e:
                    9a:37:19:e9:f2:30:33:65:a6:de:84:76:c0:b8:9f:
                    12:5d:3b:dc:9f:ac:e1:2e:13:69:68:85:38:06:5b:
                    e6:52:8f:d1:ee:b4:f2:b6:12:0e:3b:6d:d1:b8:fc:
                    01:67:e5:2a:aa:2a:c2:f0:54:25:a8:8c:12:db:ff:
                    7d:d1:66:f2:be:1b:6f:de:84:30:39:03:06:94:6a:
                    7e:71:60:3d:48:71:44:3c:6a:ac:48:54:2f:c7:d9:
                    1b:43:ea:b0:d9:c0:a3:9f:9a:05:d8:07:9a:18:87:
                    56:ab:13:30:73:4b:a9:99:8a:a4:58:e9:ca:1a:07:
                    73:25:db:11:23:ea:d7:6e:cd:ea:5a:18:68:4a:02:
                    a3:6f:09:02:19:d5:94:77:87:bb:a7:fd:8b:ee:a8:
                    99:f3:a6:da:50:b9:7b:3f:9d:d8:b3:97:4a:cc:41:
                    85:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:8B:5D:12:CF:C3:9D:C8:E8:3D:03:59:BC:56:83:9F:E7:27:74:D6
            X509v3 Authority Key Identifier:
                keyid:63:DF:69:23:41:5F:C6:2D:1C:49:A5:CB:7D:3D:25:05:D6:1F:06:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/4/326131313a316434303a3a2f32392d3438203d3e20323130393337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:1d40::/29

    Signature Algorithm: sha256WithRSAEncryption
         36:29:21:ac:e5:b4:cf:d0:64:74:e9:59:94:b2:25:35:67:4e:
         53:e3:3a:08:c7:33:df:c6:07:4b:ff:64:e0:3f:0e:ab:38:55:
         33:19:6e:51:91:b1:e9:3d:ce:5e:5a:ae:35:52:93:36:3a:fa:
         d0:78:18:5f:d3:ae:fb:39:06:ee:58:c0:2b:c7:da:9a:a9:ee:
         55:8b:0f:c4:b8:7a:c7:d4:89:6f:8c:67:03:29:55:80:51:c1:
         14:8c:3e:19:86:32:09:89:2e:cd:53:c5:90:d7:26:2a:6a:35:
         59:55:1b:70:f1:51:a5:ab:1d:3e:05:38:81:50:f4:dc:07:fc:
         08:dc:81:6c:28:8b:5d:cf:2b:bc:b4:61:db:c5:db:83:e0:22:
         af:72:5e:b9:64:04:01:74:05:e9:48:8a:43:8d:45:e7:15:fa:
         dd:41:e0:5c:7e:ba:3c:08:96:b4:3e:43:70:58:82:73:cd:57:
         0a:41:e6:d6:6a:90:1b:b1:77:5d:ab:86:74:b3:80:a0:a2:f8:
         02:3a:0d:d8:5b:a6:bb:e0:cb:ab:8b:d6:36:80:d6:a6:70:63:
         22:44:3e:25:ca:24:0e:31:31:cd:4b:f9:c9:02:bd:f8:07:84:
         0f:96:6c:96:2b:5a:cb:df:9a:35:18:91:3a:6f:05:7e:03:ae:
         55:8b:77:1f
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIUbqyoK663O07D+PESIYWeN1m6c+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjNkZjY5MjM0MTVmYzYyZDFjNDlhNWNiN2QzZDI1MDVk
NjFmMDY1YzAeFw0yNDA4MjMxMDQyMDZaFw0yNTA4MjIxMDQ3MDZaMDMxMTAvBgNV
BAMTKDREOEI1RDEyQ0ZDMzlEQzhFODNEMDM1OUJDNTY4MzlGRTcyNzc0RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxPTsw71RigsIHNEMiDjuhpOnM
wU2sBKKuXAtaI+I/0GGb2OYxZf30cnSsKr1Tve+IbY4rlfii1JpS2T8Le12JIFwi
v+IEZQ6Kf+fjt6/1SR19YmWhSGBEnpo3GenyMDNlpt6EdsC4nxJdO9yfrOEuE2lo
hTgGW+ZSj9HutPK2Eg47bdG4/AFn5SqqKsLwVCWojBLb/33RZvK+G2/ehDA5AwaU
an5xYD1IcUQ8aqxIVC/H2RtD6rDZwKOfmgXYB5oYh1arEzBzS6mZiqRY6coaB3Ml
2xEj6tduzepaGGhKAqNvCQIZ1ZR3h7un/YvuqJnzptpQuXs/ndizl0rMQYW1AgMB
AAGjggG7MIIBtzAdBgNVHQ4EFgQUTYtdEs/DncjoPQNZvFaDn+cndNYwHwYDVR0j
BBgwFoAUY99pI0Ffxi0cSaXLfT0lBdYfBlwwDgYDVR0PAQH/BAQDAgeAMFQGA1Ud
HwRNMEswSaBHoEWGQ3JzeW5jOi8vMC5zYi9yZXBvL3NiLzQvNjNERjY5MjM0MTVG
QzYyRDFDNDlBNUNCN0QzRDI1MDVENjFGMDY1Qy5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL1k5OXBJMEZmeGkwY1NhWExmVDBsQmRZZkJsdy5jZXIwbQYIKwYBBQUH
AQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovLzAuc2IvcmVwby9zYi80LzMyNjEz
MTMxM2EzMTY0MzQzMDNhM2EyZjMyMzkyZDM0MzgyMDNkM2UyMDMyMzEzMDM5MzMz
Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFAyoRHUAwDQYJKoZIhvcNAQELBQADggEBADYpIazltM/QZHTp
WZSyJTVnTlPjOgjHM9/GB0v/ZOA/Dqs4VTMZblGRsek9zl5arjVSkzY6+tB4GF/T
rvs5Bu5YwCvH2pqp7lWLD8S4esfUiW+MZwMpVYBRwRSMPhmGMgmJLs1TxZDXJipq
NVlVG3DxUaWrHT4FOIFQ9NwH/AjcgWwoi13PK7y0YdvF24PgIq9yXrlkBAF0BelI
ikONRecV+t1B4Fx+ujwIlrQ+Q3BYgnPNVwpB5tZqkBuxd12rhnSzgKCi+AI6Ddhb
prvgy6uL1jaA1qZwYyJEPiXKJA4xMc1L+ckCvfgHhA+WbJYrWsvfmjUYkTpvBX4D
rlWLdx8=
-----END CERTIFICATE-----