Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/e1JiciVaOfpVCHAFcvyGphPl63I.roa
File:                     e1JiciVaOfpVCHAFcvyGphPl63I.roa (raw, json)
Hash identifier:          elNIyWiN5O0gjoKi9lxb83cVwQjaVM2/UKdFeIafZD4=
Subject key identifier:   7B:52:62:72:25:5A:39:FA:55:08:70:05:72:FC:86:A6:13:E5:EB:72
Certificate issuer:       /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial:       0190CCDD6208374E0515A4414C718806A9A0
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/e1JiciVaOfpVCHAFcvyGphPl63I.roa
Signing time:             Fri 19 Jul 2024 21:19:38 +0000
ROA not before:           Fri 19 Jul 2024 21:19:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214506
IP address blocks:        81.31.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:cc:dd:62:08:37:4e:05:15:a4:41:4c:71:88:06:a9:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
        Validity
            Not Before: Jul 19 21:19:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7b526272255a39fa5508700572fc86a613e5eb72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c3:50:eb:5c:ac:aa:93:bd:92:54:eb:b0:d5:
                    54:d2:f4:cf:dd:ec:a8:56:53:0b:9e:ee:af:61:68:
                    84:35:bd:3a:70:61:73:69:5c:c3:e9:20:42:f4:51:
                    f7:49:a1:1d:a9:d0:e6:6c:41:42:2e:b5:41:d9:1d:
                    b7:15:f2:15:4d:29:a0:0a:84:ea:c9:34:f9:1e:b8:
                    ec:4d:e2:01:00:78:4c:51:c9:ca:f2:49:fd:3b:64:
                    26:3e:07:76:77:67:01:0e:da:55:f9:4b:3b:c8:60:
                    03:86:ef:60:ae:29:69:f1:0a:bc:16:5e:76:03:1f:
                    04:a6:6a:c1:5f:9a:45:e8:2e:5c:ba:22:c4:67:98:
                    df:68:05:55:63:ce:34:76:ed:e1:78:79:4c:2b:a3:
                    23:82:8a:0d:cc:9b:06:ac:ae:fc:99:b5:9f:50:34:
                    de:72:64:c3:92:99:30:8b:bf:c5:27:87:33:84:ea:
                    4f:a2:39:4c:d0:90:1b:5b:48:bc:8f:8c:cc:7a:1c:
                    0d:48:2c:6b:0a:6e:6d:b3:24:fa:40:9b:3c:fb:62:
                    f0:6d:44:95:64:41:61:9c:83:ce:93:cf:66:2c:39:
                    f8:5c:0c:63:93:97:17:39:a8:0d:7d:20:32:af:c3:
                    99:e5:29:1a:6a:6b:9e:ae:4d:09:43:b0:9f:07:66:
                    a6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:52:62:72:25:5A:39:FA:55:08:70:05:72:FC:86:A6:13:E5:EB:72
            X509v3 Authority Key Identifier:
                keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/e1JiciVaOfpVCHAFcvyGphPl63I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:ae:f6:dc:bf:1f:31:4d:5b:19:a5:90:96:23:b4:03:5c:ac:
         d1:30:56:d3:00:eb:39:bc:b1:b0:71:42:b7:43:7f:b8:bc:61:
         6b:5a:4d:06:bf:87:9f:34:1c:c8:f9:ce:e9:24:9d:77:22:c1:
         cd:94:e9:3c:68:c1:4a:ad:1e:d7:08:7a:07:44:24:f9:2a:40:
         a7:7a:07:14:1e:c8:5a:ff:2e:a8:d1:1e:3e:37:d0:e1:d4:22:
         6b:28:0f:cb:1b:51:c0:4e:d2:c8:91:cb:e9:f6:6a:31:20:00:
         31:6e:f8:a8:e6:9f:d1:3d:56:92:d4:9d:08:65:f4:12:72:65:
         b6:00:19:18:16:c0:d5:e1:f1:ad:fa:1f:b5:1c:ab:ea:06:a6:
         2d:aa:8d:d8:c7:da:86:79:7b:91:59:bb:23:13:55:af:5d:f9:
         b2:25:8e:a7:f9:6e:2d:a6:3a:8e:c7:94:ce:a6:c2:47:17:5a:
         05:ff:04:3e:01:ad:a5:a1:8a:b7:ef:f6:c7:39:a3:ee:b1:e4:
         a2:36:91:2f:25:33:d3:c4:20:c8:18:51:11:f8:95:13:e7:21:
         3e:a6:b6:ff:dc:d8:9a:28:ef:d0:49:b9:65:8f:ad:da:81:31:
         dc:e3:cf:2a:c7:b1:07:3d:65:7f:a6:fc:32:32:4f:3d:b8:f7:
         5a:7b:1e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDM3WIIN04FFaRBTHGIBqmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwNzE5MjExOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjUyNjI3MjI1NWEzOWZhNTUwODcwMDU3MmZjODZhNjEzZTVlYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8NQ61ysqpO9klTrsNVU0vTP3eyo
VlMLnu6vYWiENb06cGFzaVzD6SBC9FH3SaEdqdDmbEFCLrVB2R23FfIVTSmgCoTq
yTT5HrjsTeIBAHhMUcnK8kn9O2QmPgd2d2cBDtpV+Us7yGADhu9grilp8Qq8Fl52
Ax8EpmrBX5pF6C5cuiLEZ5jfaAVVY840du3heHlMK6MjgooNzJsGrK78mbWfUDTe
cmTDkpkwi7/FJ4czhOpPojlM0JAbW0i8j4zMehwNSCxrCm5tsyT6QJs8+2LwbUSV
ZEFhnIPOk89mLDn4XAxjk5cXOagNfSAyr8OZ5Skaamuerk0JQ7CfB2am7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtSYnIlWjn6VQhwBXL8hqYT5etyMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvZTFKaWNpVmFPZnBWQ0hBRmN2eUdwaFBsNjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR/nMA0G
CSqGSIb3DQEBCwUAA4IBAQCfrvbcvx8xTVsZpZCWI7QDXKzRMFbTAOs5vLGwcUK3
Q3+4vGFrWk0Gv4efNBzI+c7pJJ13IsHNlOk8aMFKrR7XCHoHRCT5KkCnegcUHsha
/y6o0R4+N9Dh1CJrKA/LG1HATtLIkcvp9moxIAAxbvio5p/RPVaS1J0IZfQScmW2
ABkYFsDV4fGt+h+1HKvqBqYtqo3Yx9qGeXuRWbsjE1WvXfmyJY6n+W4tpjqOx5TO
psJHF1oF/wQ+Aa2loYq37/bHOaPuseSiNpEvJTPTxCDIGFER+JUT5yE+prb/3Nia
KO/QSbllj63agTHc488qx7EHPWV/pvwyMk89uPdaex4b
-----END CERTIFICATE-----