Route Origin Authorization

$ rpki-client -vvf rpki.athene-center.net/repo/rpki-athene-center/0/34352e3135352e3132382e302f32342d3234203d3e20323132373935.roa
File:                     34352e3135352e3132382e302f32342d3234203d3e20323132373935.roa (raw, json)
Hash identifier:          8JIhT96CpO6D+bGzffc5dICZ9gRVA6sN19o3xHsnp1o=
Subject key identifier:   28:DD:D7:B3:6D:E9:FA:D3:26:B1:25:75:31:0B:27:DE:3D:3C:A0:06
Certificate issuer:       /CN=ee092d6ecb52bc99a39fa6677afbee9e41bae0d9
Certificate serial:       15003E3F0BE4507CAA8F98F1F801A9026521F785
Authority key identifier: EE:09:2D:6E:CB:52:BC:99:A3:9F:A6:67:7A:FB:EE:9E:41:BA:E0:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer
Subject info access:      rsync://rpki.athene-center.net/repo/rpki-athene-center/0/34352e3135352e3132382e302f32342d3234203d3e20323132373935.roa
Signing time:             Tue 18 Feb 2025 14:54:00 +0000
ROA not before:           Tue 18 Feb 2025 14:49:00 +0000
ROA not after:            Tue 17 Feb 2026 14:54:00 +0000
asID:                     212795
IP address blocks:        45.155.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.crl
                          rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 16:51:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:00:3e:3f:0b:e4:50:7c:aa:8f:98:f1:f8:01:a9:02:65:21:f7:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee092d6ecb52bc99a39fa6677afbee9e41bae0d9
        Validity
            Not Before: Feb 18 14:49:00 2025 GMT
            Not After : Feb 17 14:54:00 2026 GMT
        Subject: CN=28DDD7B36DE9FAD326B12575310B27DE3D3CA006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:01:bb:bc:fe:5e:84:ec:59:c2:a8:65:f9:00:
                    93:5b:78:e3:df:8b:2c:eb:85:b5:77:96:ef:e3:aa:
                    79:23:dc:14:1d:32:d0:ad:75:4a:5b:4c:54:91:81:
                    1d:da:b1:a8:a4:22:f3:44:3c:df:b2:17:e9:a8:27:
                    eb:2a:25:8b:99:d6:e1:7e:62:8d:b1:c6:41:46:08:
                    a3:2f:f7:e2:e6:4d:4e:a5:a1:79:a5:ca:be:27:3d:
                    2a:b9:60:8a:60:8a:bd:cb:ca:b3:ac:45:bb:ae:88:
                    e7:1c:01:51:5a:60:a3:f6:74:cf:60:09:95:3b:8c:
                    33:9c:c6:71:e0:cf:48:48:ba:cd:0f:d4:88:03:d7:
                    2a:7c:db:07:c0:e4:bc:14:49:5b:04:70:3b:fe:42:
                    73:e6:a4:57:f6:c1:59:2a:85:f4:9b:61:41:4c:28:
                    95:f1:e3:2f:78:2d:72:88:16:e0:44:fc:22:07:07:
                    3c:d1:d0:af:e7:31:3a:b9:be:3a:63:3c:8b:5c:7f:
                    a0:3d:13:d4:f8:70:ee:07:34:85:39:a2:ca:9b:41:
                    b6:51:36:1b:1e:64:f8:fe:1d:5d:a4:be:49:bd:bc:
                    76:53:26:70:a7:58:6c:c2:63:6c:06:56:84:47:0f:
                    50:9a:d8:58:e7:ee:11:88:ac:71:e5:9b:a2:49:1a:
                    0b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:DD:D7:B3:6D:E9:FA:D3:26:B1:25:75:31:0B:27:DE:3D:3C:A0:06
            X509v3 Authority Key Identifier:
                keyid:EE:09:2D:6E:CB:52:BC:99:A3:9F:A6:67:7A:FB:EE:9E:41:BA:E0:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.athene-center.net/repo/rpki-athene-center/0/EE092D6ECB52BC99A39FA6677AFBEE9E41BAE0D9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gktbstSvJmjn6ZnevvunkG64Nk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.athene-center.net/repo/rpki-athene-center/0/34352e3135352e3132382e302f32342d3234203d3e20323132373935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:ea:60:67:34:92:f7:c4:67:39:43:45:a7:52:fe:9b:da:5a:
         9a:2c:3e:34:95:de:00:58:f8:da:e2:ed:c9:e6:0f:b2:4d:4f:
         57:60:e2:0d:5b:83:b4:eb:30:ae:45:20:18:41:9a:81:16:ec:
         50:6d:07:a3:b4:e5:25:e2:5d:0c:b4:2c:3d:2c:86:03:b8:7d:
         76:17:1c:36:8c:b4:f0:2b:1e:9f:53:e4:43:2a:bb:40:e3:43:
         52:e8:a1:a7:56:c5:85:0e:92:d0:97:f1:04:18:95:bd:5e:56:
         d5:23:c5:95:25:9b:5e:2a:a1:21:64:8c:34:a9:eb:36:b8:05:
         57:2c:a2:a8:19:c6:97:d6:c8:61:73:c2:74:1c:59:26:a9:1f:
         cc:51:92:b8:52:b6:36:e3:6d:97:0a:62:5e:77:da:c8:b1:95:
         99:0b:df:a8:93:66:3e:7f:a9:37:24:02:03:81:90:62:1a:dc:
         aa:45:38:20:d2:a9:da:57:f1:11:42:ac:a6:0d:38:3c:c3:1d:
         4a:7a:88:87:50:c0:cc:7e:a8:27:23:18:8a:8c:43:25:13:ad:
         15:39:80:f7:b8:56:64:4a:59:70:bd:4b:db:f6:dc:d0:0f:8e:
         fb:cf:08:b0:9c:91:f0:8f:56:ff:3f:b5:28:d5:91:08:c7:ce:
         e3:7e:16:ce
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUFQA+PwvkUHyqj5jx+AGpAmUh94UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWUwOTJkNmVjYjUyYmM5OWEzOWZhNjY3N2FmYmVlOWU0
MWJhZTBkOTAeFw0yNTAyMTgxNDQ5MDBaFw0yNjAyMTcxNDU0MDBaMDMxMTAvBgNV
BAMTKDI4REREN0IzNkRFOUZBRDMyNkIxMjU3NTMxMEIyN0RFM0QzQ0EwMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuAbu8/l6E7FnCqGX5AJNbeOPf
iyzrhbV3lu/jqnkj3BQdMtCtdUpbTFSRgR3asaikIvNEPN+yF+moJ+sqJYuZ1uF+
Yo2xxkFGCKMv9+LmTU6loXmlyr4nPSq5YIpgir3LyrOsRbuuiOccAVFaYKP2dM9g
CZU7jDOcxnHgz0hIus0P1IgD1yp82wfA5LwUSVsEcDv+QnPmpFf2wVkqhfSbYUFM
KJXx4y94LXKIFuBE/CIHBzzR0K/nMTq5vjpjPItcf6A9E9T4cO4HNIU5osqbQbZR
NhseZPj+HV2kvkm9vHZTJnCnWGzCY2wGVoRHD1Ca2Fjn7hGIrHHlm6JJGgs/AgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUKN3Xs23p+tMmsSV1MQsn3j08oAYwHwYDVR0j
BBgwFoAU7gktbstSvJmjn6ZnevvunkG64NkwDgYDVR0PAQH/BAQDAgeAMHYGA1Ud
HwRvMG0wa6BpoGeGZXJzeW5jOi8vcnBraS5hdGhlbmUtY2VudGVyLm5ldC9yZXBv
L3Jwa2ktYXRoZW5lLWNlbnRlci8wL0VFMDkyRDZFQ0I1MkJDOTlBMzlGQTY2NzdB
RkJFRTlFNDFCQUUwRDkuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZI
cnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Z2t0YnN0
U3ZKbWpuNlpuZXZ2dW5rRzY0TmsuY2VyMIGUBggrBgEFBQcBCwSBhzCBhDCBgQYI
KwYBBQUHMAuGdXJzeW5jOi8vcnBraS5hdGhlbmUtY2VudGVyLm5ldC9yZXBvL3Jw
a2ktYXRoZW5lLWNlbnRlci8wLzM0MzUyZTMxMzUzNTJlMzEzMjM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzMTMyMzczOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAJ6mBnNJL3xGc5Q0WnUv6b2lqaLD40ld4AWPja4u3J5g+y
TU9XYOINW4O06zCuRSAYQZqBFuxQbQejtOUl4l0MtCw9LIYDuH12Fxw2jLTwKx6f
U+RDKrtA40NS6KGnVsWFDpLQl/EEGJW9XlbVI8WVJZteKqEhZIw0qes2uAVXLKKo
GcaX1shhc8J0HFkmqR/MUZK4UrY2422XCmJed9rIsZWZC9+ok2Y+f6k3JAIDgZBi
GtyqRTgg0qnaV/ERQqymDTg8wx1KeoiHUMDMfqgnIxiKjEMlE60VOYD3uFZkSllw
vUvb9tzQD477zwiwnJHwj1b/P7Uo1ZEIx87jfhbO
-----END CERTIFICATE-----