Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/4/34362e3137352e3133332e302f32342d3234203d3e20323130393337.roa
File:                     34362e3137352e3133332e302f32342d3234203d3e20323130393337.roa (raw, json)
Hash identifier:          xh4BbpKLDbXFUfjVa673Jl3TxlRIw1s0VE6Wbg+eszE=
Subject key identifier:   D3:6E:37:82:FB:7B:46:80:25:16:30:AB:58:BD:1F:72:D3:93:6B:BF
Certificate issuer:       /CN=63df6923415fc62d1c49a5cb7d3d2505d61f065c
Certificate serial:       4B7B6DCDD76273BAC05E2AA861E0F6FA77182755
Authority key identifier: 63:DF:69:23:41:5F:C6:2D:1C:49:A5:CB:7D:3D:25:05:D6:1F:06:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer
Subject info access:      rsync://0.sb/repo/sb/4/34362e3137352e3133332e302f32342d3234203d3e20323130393337.roa
Signing time:             Fri 22 Sep 2023 10:19:37 +0000
ROA not before:           Fri 22 Sep 2023 10:14:37 +0000
ROA not after:            Fri 20 Sep 2024 10:19:37 +0000
asID:                     210937
IP address blocks:        46.175.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.crl
                          rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 01:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:7b:6d:cd:d7:62:73:ba:c0:5e:2a:a8:61:e0:f6:fa:77:18:27:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63df6923415fc62d1c49a5cb7d3d2505d61f065c
        Validity
            Not Before: Sep 22 10:14:37 2023 GMT
            Not After : Sep 20 10:19:37 2024 GMT
        Subject: CN=D36E3782FB7B4680251630AB58BD1F72D3936BBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:2e:bc:36:69:70:af:bf:8c:44:8e:d6:d3:0e:
                    be:ce:7d:63:a5:42:76:76:0a:74:2a:5e:f5:48:c7:
                    7a:de:4d:5b:5f:43:95:39:8f:3b:14:b5:3c:a3:d6:
                    a2:43:6e:3e:f4:46:9d:27:fa:30:06:9d:3f:06:d4:
                    0e:9a:59:ad:c9:e1:17:1b:ee:a5:58:ed:63:c3:80:
                    20:d1:30:a1:35:e1:f0:89:98:c2:a8:7d:26:78:70:
                    8b:2d:20:4b:d3:28:d0:16:2f:9b:0b:18:ce:77:c3:
                    5d:cf:9e:f8:b1:da:1a:c1:cc:77:26:f9:6b:8a:2a:
                    03:10:53:16:39:52:0a:10:44:6a:b1:0e:4b:d0:71:
                    e2:bd:08:43:12:01:fe:88:dc:e7:b3:74:ed:22:40:
                    20:fb:b5:e9:7e:6a:e0:74:88:8a:78:1f:37:2d:d1:
                    29:72:45:bf:75:a9:5b:ac:34:a5:e2:cc:92:8c:59:
                    17:94:9c:53:23:58:ab:71:b1:d6:51:8d:a5:c1:ec:
                    03:69:d2:c4:6d:fc:fe:8d:e2:00:4f:c2:55:bb:6b:
                    84:96:ca:1f:61:ec:7d:7a:11:9a:7b:61:d0:55:a5:
                    1d:c4:4b:67:0e:bd:9b:40:9a:3f:4c:6a:90:e7:91:
                    4b:14:da:dc:e1:aa:c5:33:78:6b:79:a9:4d:a5:ee:
                    c5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:6E:37:82:FB:7B:46:80:25:16:30:AB:58:BD:1F:72:D3:93:6B:BF
            X509v3 Authority Key Identifier:
                keyid:63:DF:69:23:41:5F:C6:2D:1C:49:A5:CB:7D:3D:25:05:D6:1F:06:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/4/63DF6923415FC62D1C49A5CB7D3D2505D61F065C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y99pI0Ffxi0cSaXLfT0lBdYfBlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/4/34362e3137352e3133332e302f32342d3234203d3e20323130393337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.175.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:13:c7:e4:15:fd:37:da:89:44:e9:e8:49:99:36:5e:fa:d3:
         77:54:e5:67:9c:a5:98:e0:64:57:b7:f1:10:e9:21:d8:67:d1:
         17:96:49:74:c4:a5:e1:d3:d8:d2:b4:66:5a:ee:1d:86:83:ab:
         9c:0a:55:a4:5e:0a:44:bd:37:67:4c:82:d9:e8:11:8f:9a:24:
         45:35:90:29:55:f0:b6:d5:81:91:31:a3:a7:40:fd:47:83:08:
         7b:80:f8:79:65:05:53:f8:9d:80:b8:ef:d3:60:28:fc:e2:e2:
         4f:c7:7a:0f:a3:e1:b6:2c:da:d3:31:80:b8:d2:1a:22:04:a2:
         99:5b:3a:b2:0b:f7:62:b0:3e:97:63:5b:93:4b:0a:c1:a2:d5:
         7b:df:2d:ce:89:58:a8:60:7c:e0:86:af:d2:a3:46:fc:38:2f:
         c8:7a:33:79:10:47:a2:5d:f6:5f:33:bf:37:34:03:1f:9d:99:
         89:60:ff:ae:ce:25:76:30:7c:79:0d:b7:b8:df:fc:bf:44:88:
         24:b2:2a:15:5e:7a:3c:aa:ed:10:0f:f2:e2:1c:d9:9e:b4:99:
         c5:6f:b4:eb:ac:e4:a1:6b:2d:2e:e6:cf:fc:e7:74:92:94:9c:
         d4:69:3f:bd:36:08:84:f0:8c:80:09:22:de:42:b6:8a:e0:b7:
         1f:f0:a2:1e
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUS3ttzddic7rAXiqoYeD2+ncYJ1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjNkZjY5MjM0MTVmYzYyZDFjNDlhNWNiN2QzZDI1MDVk
NjFmMDY1YzAeFw0yMzA5MjIxMDE0MzdaFw0yNDA5MjAxMDE5MzdaMDMxMTAvBgNV
BAMTKEQzNkUzNzgyRkI3QjQ2ODAyNTE2MzBBQjU4QkQxRjcyRDM5MzZCQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoLrw2aXCvv4xEjtbTDr7OfWOl
QnZ2CnQqXvVIx3reTVtfQ5U5jzsUtTyj1qJDbj70Rp0n+jAGnT8G1A6aWa3J4Rcb
7qVY7WPDgCDRMKE14fCJmMKofSZ4cIstIEvTKNAWL5sLGM53w13Pnvix2hrBzHcm
+WuKKgMQUxY5UgoQRGqxDkvQceK9CEMSAf6I3OezdO0iQCD7tel+auB0iIp4Hzct
0SlyRb91qVusNKXizJKMWReUnFMjWKtxsdZRjaXB7ANp0sRt/P6N4gBPwlW7a4SW
yh9h7H16EZp7YdBVpR3ES2cOvZtAmj9MapDnkUsU2tzhqsUzeGt5qU2l7sU5AgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQU0243gvt7RoAlFjCrWL0fctOTa78wHwYDVR0j
BBgwFoAUY99pI0Ffxi0cSaXLfT0lBdYfBlwwDgYDVR0PAQH/BAQDAgeAMFQGA1Ud
HwRNMEswSaBHoEWGQ3JzeW5jOi8vMC5zYi9yZXBvL3NiLzQvNjNERjY5MjM0MTVG
QzYyRDFDNDlBNUNCN0QzRDI1MDVENjFGMDY1Qy5jcmwwZAYIKwYBBQUHAQEEWDBW
MFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL1k5OXBJMEZmeGkwY1NhWExmVDBsQmRZZkJsdy5jZXIwbwYIKwYBBQUH
AQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovLzAuc2IvcmVwby9zYi80LzM0MzYy
ZTMxMzczNTJlMzEzMzMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzkz
MzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQALq+FMA0GCSqGSIb3DQEBCwUAA4IBAQCtE8fkFf032olE
6ehJmTZe+tN3VOVnnKWY4GRXt/EQ6SHYZ9EXlkl0xKXh09jStGZa7h2Gg6ucClWk
XgpEvTdnTILZ6BGPmiRFNZApVfC21YGRMaOnQP1Hgwh7gPh5ZQVT+J2AuO/TYCj8
4uJPx3oPo+G2LNrTMYC40hoiBKKZWzqyC/disD6XY1uTSwrBotV73y3OiVioYHzg
hq/So0b8OC/IejN5EEeiXfZfM783NAMfnZmJYP+uziV2MHx5Dbe43/y/RIgksioV
Xno8qu0QD/LiHNmetJnFb7TrrOShay0u5s/853SSlJzUaT+9NgiE8IyACSLeQraK
4Lcf8KIe
-----END CERTIFICATE-----