Route Origin Authorization

$ rpki-client -vvf rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/3138352e302e322e302f32342d3234203d3e20323032303736.roa
File:                     3138352e302e322e302f32342d3234203d3e20323032303736.roa (raw, json)
Hash identifier:          jzmaL7vznyCWfJC1wZxaT0v2xQSYnaDhojfUh335NyM=
Subject key identifier:   4E:44:32:A9:B9:2E:9B:B0:D3:E3:65:71:BE:0B:A9:83:A1:6A:0C:CB
Certificate issuer:       /CN=07a07847df0c2164988fe0ee39e4dd07d85980aa
Certificate serial:       05D31A2DE89F9C2979973DD4C06F80186FF87698
Authority key identifier: 07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B6B4R98MIWSYj-DuOeTdB9hZgKo.cer
Subject info access:      rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/3138352e302e322e302f32342d3234203d3e20323032303736.roa
Signing time:             Sun 07 Jul 2024 19:01:25 +0000
ROA not before:           Sun 07 Jul 2024 18:56:25 +0000
ROA not after:            Sun 06 Jul 2025 19:01:25 +0000
asID:                     202076
IP address blocks:        185.0.2.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.crl
                          rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/B6B4R98MIWSYj-DuOeTdB9hZgKo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Sep 2024 13:20:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:d3:1a:2d:e8:9f:9c:29:79:97:3d:d4:c0:6f:80:18:6f:f8:76:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a07847df0c2164988fe0ee39e4dd07d85980aa
        Validity
            Not Before: Jul  7 18:56:25 2024 GMT
            Not After : Jul  6 19:01:25 2025 GMT
        Subject: CN=4E4432A9B92E9BB0D3E36571BE0BA983A16A0CCB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a3:17:45:96:7d:c0:2f:8b:ab:2e:d5:30:6c:
                    88:fb:9e:17:d9:11:33:e3:26:93:f8:f3:f2:ec:d8:
                    16:0d:9e:33:34:1b:d9:54:72:f5:c8:a9:2f:bd:d7:
                    f4:6a:d7:37:34:03:d7:b7:63:11:48:4f:fa:f0:bc:
                    6a:db:a9:d6:0a:39:0c:e3:67:e8:f8:83:8d:b5:a9:
                    39:09:15:bd:aa:cd:73:a4:2a:56:db:a6:21:93:10:
                    7a:f7:f7:18:00:1d:08:1a:6e:5f:18:0f:cd:d8:2f:
                    05:1f:4f:56:57:62:75:0c:2d:5a:b3:cf:2c:2f:37:
                    28:12:0b:79:12:6a:0f:33:2f:ea:82:75:75:83:f6:
                    7b:f6:bf:92:d3:1b:f7:f9:50:a5:dd:30:72:1c:82:
                    c4:24:ff:2a:7c:60:50:82:7a:64:21:d0:83:55:0d:
                    0b:b2:7f:33:67:28:83:ff:65:c5:e3:92:40:b8:e4:
                    65:a8:3a:7a:6c:6e:44:32:8d:49:92:fb:aa:41:d0:
                    e1:72:63:2f:76:06:42:e0:ea:15:f3:54:88:b3:31:
                    3b:21:ce:e9:dd:80:17:56:52:96:43:67:21:0b:e8:
                    4b:9a:cd:40:f3:c3:5e:96:0a:37:d2:05:5f:70:63:
                    69:05:c9:19:8a:03:05:dc:61:67:04:81:ca:e8:85:
                    04:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:44:32:A9:B9:2E:9B:B0:D3:E3:65:71:BE:0B:A9:83:A1:6A:0C:CB
            X509v3 Authority Key Identifier:
                keyid:07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6B4R98MIWSYj-DuOeTdB9hZgKo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/3138352e302e322e302f32342d3234203d3e20323032303736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.0.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:63:8a:f6:eb:c5:37:78:e1:c7:75:ea:ea:ef:fa:60:6a:c9:
         36:17:fc:e2:26:ec:d1:24:58:83:6f:7b:a4:4c:b6:69:ce:68:
         97:bb:aa:98:b4:fa:61:1d:a7:24:7d:c1:6a:ce:b1:c6:e7:57:
         d1:72:5f:b1:15:1b:a4:43:a6:4b:dd:2a:d4:25:ab:26:5f:59:
         35:38:8f:44:99:49:39:0b:1f:19:98:76:64:5c:4d:f9:32:82:
         df:eb:9c:2f:79:18:a4:6b:1e:43:48:a6:3a:f4:b3:55:82:de:
         75:62:8a:dd:46:e5:c4:3b:3b:6c:40:3e:e1:00:20:69:a2:9c:
         c9:d9:b8:1b:cb:76:e2:83:bb:5c:32:b8:3f:77:fc:f7:64:0d:
         4f:12:f1:58:25:8b:c8:bb:52:7f:d6:08:23:42:5f:89:cf:7e:
         f5:b8:14:d0:a5:7d:19:fc:1a:d1:44:31:0c:5e:58:5c:ec:bd:
         0f:7d:c7:31:89:2a:e9:de:1f:5a:e7:8e:f5:76:5f:83:87:2b:
         26:ef:24:da:3e:41:9a:77:d8:0a:94:cd:24:fa:29:de:92:6e:
         55:62:26:43:fa:0f:d0:5b:f4:65:a6:18:d3:5c:e2:2a:64:00:
         22:75:69:32:0c:03:97:e7:07:7a:08:a6:56:e2:b2:76:bb:11:
         cc:35:14:0a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUBdMaLeifnCl5lz3UwG+AGG/4dpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdhMDc4NDdkZjBjMjE2NDk4OGZlMGVlMzllNGRkMDdk
ODU5ODBhYTAeFw0yNDA3MDcxODU2MjVaFw0yNTA3MDYxOTAxMjVaMDMxMTAvBgNV
BAMTKDRFNDQzMkE5QjkyRTlCQjBEM0UzNjU3MUJFMEJBOTgzQTE2QTBDQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEoxdFln3AL4urLtUwbIj7nhfZ
ETPjJpP48/Ls2BYNnjM0G9lUcvXIqS+91/Rq1zc0A9e3YxFIT/rwvGrbqdYKOQzj
Z+j4g421qTkJFb2qzXOkKlbbpiGTEHr39xgAHQgabl8YD83YLwUfT1ZXYnUMLVqz
zywvNygSC3kSag8zL+qCdXWD9nv2v5LTG/f5UKXdMHIcgsQk/yp8YFCCemQh0INV
DQuyfzNnKIP/ZcXjkkC45GWoOnpsbkQyjUmS+6pB0OFyYy92BkLg6hXzVIizMTsh
zundgBdWUpZDZyEL6EuazUDzw16WCjfSBV9wY2kFyRmKAwXcYWcEgcrohQS5AgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUTkQyqbkum7DT42Vxvgupg6FqDMswHwYDVR0j
BBgwFoAUB6B4R98MIWSYj+DuOeTdB9hZgKowDgYDVR0PAQH/BAQDAgeAMIGPBgNV
HR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQv
cmVwby9ycGtpX2NhX2IzZGE1Nzg1ZjBjODQxYWM4ZGQ4MTViNzM1NDYyM2RmLzEv
MDdBMDc4NDdERjBDMjE2NDk4OEZFMEVFMzlFNEREMDdEODU5ODBBQS5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL0I2QjRSOThNSVdTWWotRHVPZVRkQjloWmdLby5j
ZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5jOi8vcnBr
aS1yZXBvLmFzMjA3OTYwLm5ldC9yZXBvL3Jwa2lfY2FfYjNkYTU3ODVmMGM4NDFh
YzhkZDgxNWI3MzU0NjIzZGYvMS8zMTM4MzUyZTMwMmUzMjJlMzAyZjMyMzQyZDMy
MzQyMDNkM2UyMDMyMzAzMjMwMzczNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkAAjANBgkqhkiG9w0B
AQsFAAOCAQEAC2OK9uvFN3jhx3Xq6u/6YGrJNhf84ibs0SRYg297pEy2ac5ol7uq
mLT6YR2nJH3Bas6xxudX0XJfsRUbpEOmS90q1CWrJl9ZNTiPRJlJOQsfGZh2ZFxN
+TKC3+ucL3kYpGseQ0imOvSzVYLedWKK3UblxDs7bEA+4QAgaaKcydm4G8t24oO7
XDK4P3f892QNTxLxWCWLyLtSf9YII0Jfic9+9bgU0KV9Gfwa0UQxDF5YXOy9D33H
MYkq6d4fWueO9XZfg4crJu8k2j5BmnfYCpTNJPop3pJuVWImQ/oP0Fv0ZaYY01zi
KmQAInVpMgwDl+cHegimVuKydrsRzDUUCg==
-----END CERTIFICATE-----