Route Origin Authorization

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/hbbr4VyRNZLTulgFG41-BhlF4tQ.roa
File:                     hbbr4VyRNZLTulgFG41-BhlF4tQ.roa (raw, json)
Hash identifier:          uKduIh1h5cfy0TDmDF58Wk5cJbO78RcYeKu6lFqHYvg=
Subject key identifier:   85:B6:EB:E1:5C:91:35:92:D3:BA:58:05:1B:8D:7E:06:19:45:E2:D4
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       011094
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
Subject info access:      rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/hbbr4VyRNZLTulgFG41-BhlF4tQ.roa
Signing time:             Sat 17 Jun 2023 00:00:38 +0000
ROA not before:           Sat 17 Jun 2023 00:00:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15562
IP address blocks:        2a0e:b240::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
                          rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Jul 2023 03:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 69780 (0x11094)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Jun 17 00:00:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85B6EBE15C913592D3BA58051B8D7E061945E2D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9d:d9:7d:85:e3:f6:64:9c:fa:ff:e4:45:52:
                    f4:28:b8:c7:69:70:db:71:c0:20:08:cf:64:36:f3:
                    c8:db:33:35:81:40:b1:44:08:85:00:59:d6:c7:dc:
                    d8:7b:f7:49:ac:26:b9:69:63:a8:37:7b:73:b0:ed:
                    8d:b8:69:ce:4a:0b:97:d1:4e:28:28:57:4b:2c:62:
                    ea:3e:9f:97:7f:94:f8:b9:65:11:8f:c3:ed:b2:0e:
                    cd:fd:42:7f:da:ac:16:4d:b4:45:7b:ed:a9:ed:74:
                    70:81:f5:78:f3:f7:c0:c4:5f:23:4f:cb:e9:5b:ec:
                    5e:bd:a2:2d:6f:fa:1d:b0:d4:45:d5:4c:5c:da:4a:
                    dd:18:75:70:94:fd:7c:e2:24:46:ac:d3:fe:c6:67:
                    7c:37:38:41:22:8b:18:37:1f:0b:cf:93:cb:3c:e7:
                    d6:83:74:1e:7f:00:d5:b9:85:83:4b:c3:24:5c:bf:
                    73:16:76:d9:89:c6:4b:ed:10:fe:c2:6c:cc:26:2c:
                    e6:06:be:4f:39:c0:de:f8:98:e5:6d:e0:b7:98:f0:
                    9f:01:19:5e:7e:9d:4c:ef:c8:a4:68:16:e5:d3:a0:
                    a4:f3:ae:dc:3f:44:b7:b6:26:04:e6:f3:d6:be:45:
                    3c:e0:16:38:69:3e:85:39:ce:7f:cb:15:43:f5:85:
                    7f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B6:EB:E1:5C:91:35:92:D3:BA:58:05:1B:8D:7E:06:19:45:E2:D4
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/hbbr4VyRNZLTulgFG41-BhlF4tQ.roa

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b240::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:83:f7:c2:b4:31:f3:75:87:a6:56:f0:8a:01:78:dd:9a:5b:
         d4:ea:ce:31:7e:d4:b6:13:b5:5b:05:8a:a1:2c:c7:28:9e:b8:
         ac:7f:4e:6d:c3:e8:f0:02:17:ad:ff:02:83:7c:5a:74:f4:d6:
         d0:96:4f:1e:72:f2:6b:24:76:2b:1d:a9:98:07:93:17:29:d8:
         32:26:61:28:9d:f8:f5:62:1e:37:4b:5b:ae:cb:6c:8a:b0:86:
         00:95:2a:37:de:40:a1:79:b5:32:37:e1:94:52:1e:7f:b9:58:
         94:a4:18:53:ed:ca:67:9b:ba:81:78:6f:b6:8f:15:26:6e:9d:
         a6:6e:b9:15:54:ce:ba:b5:e6:39:3d:c3:00:47:cd:e1:b7:e1:
         4a:32:9c:22:9e:06:8b:9a:71:1b:96:60:22:82:32:da:34:34:
         42:a1:f3:34:8b:4e:b3:26:0c:a4:a9:87:a5:37:46:da:0e:cf:
         62:89:4d:f5:fb:b8:33:43:68:ea:bd:6f:7d:a9:85:7f:83:49:
         d4:78:1a:2b:d1:69:50:a0:6c:dd:03:1c:69:7c:74:70:03:4c:
         20:d1:02:be:ea:ae:57:b0:f4:c8:1b:b2:d1:98:1b:27:b9:18:
         e2:3d:a0:06:6c:be:ce:d5:26:00:df:4f:d0:da:db:6f:1d:ba:
         ef:af:0c:c3
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIDARCUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjMwNjE3
MDAwMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NUI2RUJFMTVDOTEz
NTkyRDNCQTU4MDUxQjhEN0UwNjE5NDVFMkQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2Z3ZfYXj9mSc+v/kRVL0KLjHaXDbccAgCM9kNvPI2zM1gUCx
RAiFAFnWx9zYe/dJrCa5aWOoN3tzsO2NuGnOSguX0U4oKFdLLGLqPp+Xf5T4uWUR
j8Ptsg7N/UJ/2qwWTbRFe+2p7XRwgfV48/fAxF8jT8vpW+xevaItb/odsNRF1Uxc
2krdGHVwlP184iRGrNP+xmd8NzhBIosYNx8Lz5PLPOfWg3QefwDVuYWDS8MkXL9z
FnbZicZL7RD+wmzMJizmBr5POcDe+JjlbeC3mPCfARlefp1M78ikaBbl06Ck867c
P0S3tiYE5vPWvkU84BY4aT6FOc5/yxVD9YV/8wIDAQABo4IBzzCCAcswHQYDVR0O
BBYEFIW26+FckTWS07pYBRuNfgYZReLUMB8GA1UdIwQYMBaAFMqoBdusNkdJubEV
WQq27w+XDNvYMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwZAYDVR0fBF0wWzBZ
oFegVYZTcnN5bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpv
YnNuaWpkZXJzL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3lxZ0YyNncyUjBtNXNSVlpDcmJ2RDVjTTI5Zy5jZXIw
DgYDVR0PAQH/BAQDAgeAMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5
bmM6Ly9jaGxvZS5zb2Jvcm5vc3QubmV0L3Jwa2kvUklQRS1ubGpvYnNuaWpkZXJz
L2hiYnI0VnlSTlpMVHVsZ0ZHNDEtQmhsRjR0US5yb2EwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAqDrJAAAAwDQYJKoZIhvcNAQELBQADggEBADCD98K0MfN1
h6ZW8IoBeN2aW9TqzjF+1LYTtVsFiqEsxyieuKx/Tm3D6PACF63/AoN8WnT01tCW
Tx5y8mskdisdqZgHkxcp2DImYSid+PViHjdLW67LbIqwhgCVKjfeQKF5tTI34ZRS
Hn+5WJSkGFPtymebuoF4b7aPFSZunaZuuRVUzrq15jk9wwBHzeG34UoynCKeBoua
cRuWYCKCMto0NEKh8zSLTrMmDKSph6U3RtoOz2KJTfX7uDNDaOq9b32phX+DSdR4
GivRaVCgbN0DHGl8dHADTCDRAr7qrlew9MgbstGYGye5GOI9oAZsvs7VJgDfT9Da
228duu+vDMM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:19:50 2023 by rpki-client on console-ams.rpki-client.org