Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/VNt3XbpCqd2PzdJAS7T-_RLuypY.roa
File:                     VNt3XbpCqd2PzdJAS7T-_RLuypY.roa (raw, json)
Hash identifier:          zL0RXX724mjJJROiHsVbJbw43kd35eRlMOUEoohTF3Q=
Subject key identifier:   54:DB:77:5D:BA:42:A9:DD:8F:CD:D2:40:4B:B4:FE:FD:12:EE:CA:96
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       018E0D430B1976AA0F7A634619A7985D3C77
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/VNt3XbpCqd2PzdJAS7T-_RLuypY.roa
Signing time:             Tue 05 Mar 2024 06:18:01 +0000
ROA not before:           Tue 05 Mar 2024 06:18:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51847
IP address blocks:        81.31.232.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 16:03:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0d:43:0b:19:76:aa:0f:7a:63:46:19:a7:98:5d:3c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Mar  5 06:18:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=54db775dba42a9dd8fcdd2404bb4fefd12eeca96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:95:7a:99:ed:83:8a:fe:4d:ce:66:03:45:47:
                    63:cb:c5:3f:b4:d6:35:01:c2:f0:62:29:53:d5:1c:
                    3c:1e:15:82:b7:3c:61:bd:8f:09:eb:bb:dd:0e:3a:
                    e7:32:2e:b7:89:99:ec:96:01:d5:57:0b:68:01:e0:
                    5b:35:27:a3:3b:3a:93:23:6c:39:4f:f9:8f:ce:bb:
                    ec:2d:ce:de:ec:ce:c0:70:30:0d:3c:df:26:45:ea:
                    43:b4:b4:77:53:52:c6:1d:7a:30:1d:7e:d5:c0:dd:
                    08:02:94:7a:d2:d2:81:b2:69:dc:f7:01:a8:8a:2c:
                    69:e4:9a:37:a9:b9:74:fb:1e:f8:95:d1:14:73:dd:
                    9b:bd:78:14:e0:f4:72:5a:51:d8:bd:e9:4a:da:4a:
                    53:87:20:1d:c5:3d:a6:11:42:37:be:a5:11:11:b0:
                    ce:3c:b0:e5:7e:eb:f0:0c:bf:f9:9b:8f:9c:c0:e6:
                    4a:14:63:8b:ea:30:b0:8d:3d:8a:1f:d6:6f:1e:66:
                    b6:44:32:a3:55:7e:f2:7f:e0:54:85:01:51:b3:1d:
                    16:d2:65:b1:c4:45:73:b1:68:f4:65:77:a7:77:24:
                    62:90:4e:60:08:f0:4e:4f:fc:e2:51:ad:cf:94:d4:
                    e5:9f:5d:85:e4:97:fc:4c:93:24:33:d4:91:d5:c4:
                    7c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:DB:77:5D:BA:42:A9:DD:8F:CD:D2:40:4B:B4:FE:FD:12:EE:CA:96
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/VNt3XbpCqd2PzdJAS7T-_RLuypY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:43:8b:38:3c:12:82:af:0c:71:53:e9:92:85:8f:8b:ac:9c:
         f1:3b:7f:ea:d5:5f:a6:1b:a0:81:51:1f:7a:5d:0b:20:24:5b:
         6b:97:6d:71:b9:f1:9d:27:f7:62:04:67:9d:4b:c8:b9:3e:d3:
         9c:23:19:6f:37:43:a0:f8:a1:ef:b7:31:96:83:aa:88:7c:89:
         cc:1b:2a:c7:0b:d3:1f:b6:90:d7:ed:5e:03:dc:60:9b:97:5d:
         37:06:dd:a7:5e:08:66:2d:35:a6:b5:c7:98:b2:32:56:ce:b6:
         81:4f:be:b2:52:ca:90:df:3e:7c:76:d5:6c:b2:52:58:41:b9:
         8b:3a:b6:05:c4:26:0d:a4:c0:2c:9b:23:ca:e8:e2:68:e1:66:
         59:bd:e7:35:4b:7c:a9:7a:cb:ef:1c:93:89:ec:33:69:b8:fc:
         b3:63:41:77:57:86:a5:84:7f:f7:54:c7:89:33:b8:30:da:54:
         ee:33:90:45:2b:df:9f:09:c1:9d:35:f3:02:1b:5d:24:a3:47:
         3a:e3:0c:74:4a:9f:87:d0:cf:66:31:a6:98:87:4b:0a:4d:2c:
         d0:15:f7:a1:23:4b:51:71:83:d3:74:42:3a:b4:0b:d8:bb:6a:
         b0:f2:f4:eb:ac:35:67:ed:6a:57:44:35:f8:21:1e:b0:b4:df:
         82:ca:b5:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4NQwsZdqoPemNGGaeYXTx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwMzA1MDYxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRiNzc1ZGJhNDJhOWRkOGZjZGQyNDA0YmI0ZmVmZDEyZWVjYTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJV6me2Div5NzmYDRUdjy8U/tNY1
AcLwYilT1Rw8HhWCtzxhvY8J67vdDjrnMi63iZnslgHVVwtoAeBbNSejOzqTI2w5
T/mPzrvsLc7e7M7AcDANPN8mRepDtLR3U1LGHXowHX7VwN0IApR60tKBsmnc9wGo
iixp5Jo3qbl0+x74ldEUc92bvXgU4PRyWlHYvelK2kpThyAdxT2mEUI3vqUREbDO
PLDlfuvwDL/5m4+cwOZKFGOL6jCwjT2KH9ZvHma2RDKjVX7yf+BUhQFRsx0W0mWx
xEVzsWj0ZXendyRikE5gCPBOT/ziUa3PlNTln12F5Jf8TJMkM9SR1cR8uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTbd126Qqndj83SQEu0/v0S7sqWMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvVk50M1hicENxZDJQemRKQVM3VC1fUkx1eXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/oMA0G
CSqGSIb3DQEBCwUAA4IBAQA2Q4s4PBKCrwxxU+mShY+LrJzxO3/q1V+mG6CBUR96
XQsgJFtrl21xufGdJ/diBGedS8i5PtOcIxlvN0Og+KHvtzGWg6qIfInMGyrHC9Mf
tpDX7V4D3GCbl103Bt2nXghmLTWmtceYsjJWzraBT76yUsqQ3z58dtVsslJYQbmL
OrYFxCYNpMAsmyPK6OJo4WZZvec1S3ypesvvHJOJ7DNpuPyzY0F3V4alhH/3VMeJ
M7gw2lTuM5BFK9+fCcGdNfMCG10ko0c64wx0Sp+H0M9mMaaYh0sKTSzQFfehI0tR
cYPTdEI6tAvYu2qw8vTrrDVn7WpXRDX4IR6wtN+CyrUl
-----END CERTIFICATE-----