Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Jy4KNrjMLP97Qccl0dp2Gd37Dxs.roa
File:                     Jy4KNrjMLP97Qccl0dp2Gd37Dxs.roa (raw, json)
Hash identifier:          ZW1tujM3YPmw6DHejhhDtMkm/tjEYJXRnkXo4qgp2hI=
Subject key identifier:   27:2E:0A:36:B8:CC:2C:FF:7B:41:C7:25:D1:DA:76:19:DD:FB:0F:1B
Certificate issuer:       /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial:       018CC9BC901A64F089DED8227A81C4FC6E9F
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Jy4KNrjMLP97Qccl0dp2Gd37Dxs.roa
Signing time:             Tue 02 Jan 2024 10:33:47 +0000
ROA not before:           Tue 02 Jan 2024 10:33:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43486
IP address blocks:        81.93.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:90:1a:64:f0:89:de:d8:22:7a:81:c4:fc:6e:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
        Validity
            Not Before: Jan  2 10:33:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=272e0a36b8cc2cff7b41c725d1da7619ddfb0f1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:9a:6f:b3:96:ab:cf:91:c0:91:81:54:4d:d7:
                    ff:d1:11:a5:d6:e3:e8:ed:60:78:4d:79:c7:8f:33:
                    0a:72:3e:16:1b:91:76:7a:03:bf:bd:ff:89:4c:d9:
                    42:4d:b0:53:a8:79:de:27:58:51:bc:fb:d3:fa:5c:
                    df:2c:f2:5d:a6:db:c3:3b:98:7e:13:54:ad:8d:49:
                    25:1b:3a:f4:8a:b9:a1:27:f3:f9:67:9b:b3:3d:27:
                    46:52:be:18:d2:15:56:29:2f:64:3b:e4:84:b5:57:
                    0f:04:19:22:dc:77:cf:05:5c:71:38:52:cd:c7:5c:
                    f3:f9:68:60:88:e0:23:ac:41:8f:9c:91:80:a4:0f:
                    28:e7:d4:98:e5:16:66:81:46:9d:33:7b:37:ba:bd:
                    fb:4e:d0:13:0a:67:ef:49:0d:cd:0f:ea:3c:75:03:
                    40:d3:4c:6b:4b:c0:45:ff:f2:16:6b:b7:bc:df:4d:
                    24:9d:bd:94:0c:f4:29:f2:15:e8:bd:7d:b4:7c:69:
                    bd:b1:1f:02:33:c4:d5:96:55:fc:f4:61:61:8e:48:
                    56:d6:cb:f6:0f:c6:d7:a1:7a:7d:89:8d:f2:b2:c2:
                    f0:03:87:17:b5:2e:53:cf:6b:00:30:17:a1:40:97:
                    7a:b5:51:d4:58:f0:f0:b8:aa:bf:49:3c:65:d5:fc:
                    16:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:2E:0A:36:B8:CC:2C:FF:7B:41:C7:25:D1:DA:76:19:DD:FB:0F:1B
            X509v3 Authority Key Identifier:
                keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/Jy4KNrjMLP97Qccl0dp2Gd37Dxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.93.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:a5:de:fe:de:eb:ba:51:9f:94:66:2e:a7:22:1f:0d:04:80:
         ba:a0:8f:36:0b:b0:d4:c8:e8:2a:ec:96:19:d0:a6:89:4b:f5:
         fe:de:c8:c2:3d:fc:e3:20:4a:ec:d8:95:fe:fa:45:6a:01:db:
         06:77:ca:5f:92:4c:a8:06:b0:90:1b:3d:df:73:9f:ae:81:e2:
         be:5c:e7:54:a1:de:b1:93:0c:b9:34:60:b9:88:b7:99:81:0b:
         fc:fb:8f:11:6c:79:05:73:00:63:02:35:58:c1:83:e8:6a:c5:
         80:3c:90:2e:f3:ee:55:99:c5:6a:d4:93:8b:fb:2a:c2:cd:33:
         8b:06:d5:6b:21:59:c9:ff:41:05:b6:16:64:9b:00:1e:b8:7c:
         55:d5:b7:6b:e2:da:f9:d4:c0:5e:0d:68:05:c6:fc:60:df:4f:
         b0:f8:1f:a6:4f:67:33:5e:3c:e9:7a:ce:e6:91:a6:8f:82:ca:
         b5:ec:73:89:bd:4b:b7:ec:d8:be:08:04:d7:b1:99:95:3a:06:
         21:f1:f1:df:96:4a:bd:51:b9:dd:4d:62:f7:b3:98:93:76:85:
         a0:38:c8:3b:8e:24:63:03:5e:60:ba:7e:c2:19:fc:83:b4:ef:
         4c:7e:5e:aa:45:7e:60:fc:fb:29:ba:1f:58:d0:e5:65:4e:a7:
         73:d2:d8:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvJAaZPCJ3tgieoHE/G6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjQwMTAyMTAzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzJlMGEzNmI4Y2MyY2ZmN2I0MWM3MjVkMWRhNzYxOWRkZmIwZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJpvs5arz5HAkYFUTdf/0RGl1uPo
7WB4TXnHjzMKcj4WG5F2egO/vf+JTNlCTbBTqHneJ1hRvPvT+lzfLPJdptvDO5h+
E1StjUklGzr0irmhJ/P5Z5uzPSdGUr4Y0hVWKS9kO+SEtVcPBBki3HfPBVxxOFLN
x1zz+WhgiOAjrEGPnJGApA8o59SY5RZmgUadM3s3ur37TtATCmfvSQ3ND+o8dQNA
00xrS8BF//IWa7e8300knb2UDPQp8hXovX20fGm9sR8CM8TVllX89GFhjkhW1sv2
D8bXoXp9iY3yssLwA4cXtS5Tz2sAMBehQJd6tVHUWPDwuKq/STxl1fwWcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCcuCja4zCz/e0HHJdHadhnd+w8bMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvSnk0S05yak1MUDk3UWNjbDBkcDJHZDM3RHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUV2/MA0G
CSqGSIb3DQEBCwUAA4IBAQAlpd7+3uu6UZ+UZi6nIh8NBIC6oI82C7DUyOgq7JYZ
0KaJS/X+3sjCPfzjIErs2JX++kVqAdsGd8pfkkyoBrCQGz3fc5+ugeK+XOdUod6x
kwy5NGC5iLeZgQv8+48RbHkFcwBjAjVYwYPoasWAPJAu8+5VmcVq1JOL+yrCzTOL
BtVrIVnJ/0EFthZkmwAeuHxV1bdr4tr51MBeDWgFxvxg30+w+B+mT2czXjzpes7m
kaaPgsq17HOJvUu37Ni+CATXsZmVOgYh8fHflkq9UbndTWL3s5iTdoWgOMg7jiRj
A15gun7CGfyDtO9Mfl6qRX5g/Pspuh9Y0OVlTqdz0tg9
-----END CERTIFICATE-----