Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/Adme2qf4ksDZ-6oCIlrNbBCgXlU.roa
File:                     Adme2qf4ksDZ-6oCIlrNbBCgXlU.roa (raw, json)
Hash identifier:          Wc3GOSjcrd2VFj704HdUOXmnp4XgayfLYKOQEVu24sU=
Subject key identifier:   01:D9:9E:DA:A7:F8:92:C0:D9:FB:AA:02:22:5A:CD:6C:10:A0:5E:55
Certificate issuer:       /CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
Certificate serial:       01942220129CD8BFF8ACDDBC400E8FE6403A
Authority key identifier: B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/Adme2qf4ksDZ-6oCIlrNbBCgXlU.roa
Signing time:             Wed 01 Jan 2025 13:48:34 +0000
ROA not before:           Wed 01 Jan 2025 13:48:34 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     2116
IP address blocks:        77.223.160.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/uaxJ0czcrt2aE_SAPfGu3ObcERI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/uaxJ0czcrt2aE_SAPfGu3ObcERI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 12:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:20:12:9c:d8:bf:f8:ac:dd:bc:40:0e:8f:e6:40:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9ac49d1ccdcaedd9a13f4803df1aedce6dc1112
        Validity
            Not Before: Jan  1 13:48:34 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=01d99edaa7f892c0d9fbaa02225acd6c10a05e55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4e:0d:30:6a:33:1b:01:17:a1:27:53:e0:d4:
                    95:bb:c5:3c:4d:1f:24:36:1c:e5:c9:00:92:85:b0:
                    35:2a:5e:2b:bf:15:05:bf:db:c5:f0:87:f5:9f:36:
                    a0:0c:6b:8e:8c:39:95:da:43:0c:ac:ee:fa:17:85:
                    83:cc:53:43:1f:66:95:91:32:e6:94:2a:7e:ba:19:
                    e3:b7:e2:03:c6:4d:e8:79:b5:d0:56:ff:d0:6d:2d:
                    f3:88:0e:67:a8:df:1b:36:90:20:7e:1d:46:f9:82:
                    7a:d2:d0:a0:d5:e0:63:06:57:2d:1c:a8:23:41:a9:
                    e8:15:9c:ee:2d:d4:88:ed:e3:91:80:ff:4a:0e:0d:
                    40:30:19:06:84:94:39:04:a7:b4:26:0d:e0:33:9e:
                    40:7e:88:c7:57:f7:3d:27:02:b7:63:2d:44:68:71:
                    13:ed:76:af:f8:ea:93:46:a2:99:cd:3a:90:36:4a:
                    50:80:9c:cb:5a:30:f6:f6:ac:db:1d:49:3e:38:2d:
                    29:b4:33:0f:66:36:af:22:cc:84:67:5d:4d:17:ef:
                    67:7e:64:c5:57:5b:54:5b:f9:9a:ec:f4:30:42:48:
                    b2:7d:b3:83:38:c5:b0:a3:11:36:da:e0:98:1a:07:
                    35:3e:77:67:1b:f8:98:d8:3d:1e:0c:e9:94:37:e5:
                    b3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:D9:9E:DA:A7:F8:92:C0:D9:FB:AA:02:22:5A:CD:6C:10:A0:5E:55
            X509v3 Authority Key Identifier:
                keyid:B9:AC:49:D1:CC:DC:AE:DD:9A:13:F4:80:3D:F1:AE:DC:E6:DC:11:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uaxJ0czcrt2aE_SAPfGu3ObcERI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/Adme2qf4ksDZ-6oCIlrNbBCgXlU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/537191-1179-48ec-ad9f-ffe43a52d3f6/1/uaxJ0czcrt2aE_SAPfGu3ObcERI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.223.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:7e:ad:35:57:02:f7:12:8c:90:d9:e9:55:d7:c5:4d:49:11:
         82:de:4c:7e:2d:a2:a2:ef:90:81:d2:d2:ea:02:47:1d:c6:dd:
         92:f1:57:b9:40:e5:75:f6:fe:96:32:c4:55:a3:b0:e4:c4:e7:
         4c:40:53:da:d5:bd:49:1b:fe:dc:ec:68:82:f3:06:e7:ad:97:
         ca:06:4a:9d:7d:62:a7:1c:fa:e0:fc:6b:06:a9:4f:84:7d:00:
         4d:9f:d4:50:fd:1e:a0:fd:ae:e7:73:d0:76:c9:09:a5:96:71:
         08:40:c4:bd:62:15:bf:f4:b3:64:9a:92:46:90:cf:49:e8:86:
         46:40:12:99:ff:62:03:e9:f1:86:e0:0d:22:98:ae:67:30:c8:
         ee:28:5c:1f:02:4d:a1:42:d2:9b:d0:18:f3:db:fc:ba:e8:4d:
         9d:73:8a:6a:c9:5f:ff:ff:25:d9:75:4b:bd:c2:86:f4:43:c1:
         b2:78:e1:70:e4:80:1c:3c:0d:c6:73:5d:9c:e6:1b:1b:eb:ae:
         4d:c6:4a:69:b0:0a:1b:db:c3:51:ac:0a:ad:73:20:02:c6:65:
         23:d1:dc:65:94:0d:bc:62:1f:a7:d2:08:59:7b:5d:49:b7:63:
         e3:65:fb:26:34:a4:75:81:49:0f:90:70:19:1f:96:53:dc:1f:
         4e:8f:12:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBKc2L/4rN28QA6P5kA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWM0OWQxY2NkY2FlZGQ5YTEzZjQ4MDNkZjFhZWRjZTZk
YzExMTIwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ5OWVkYWE3Zjg5MmMwZDlmYmFhMDIyMjVhY2Q2YzEwYTA1ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo04NMGozGwEXoSdT4NSVu8U8TR8k
NhzlyQCShbA1Kl4rvxUFv9vF8If1nzagDGuOjDmV2kMMrO76F4WDzFNDH2aVkTLm
lCp+uhnjt+IDxk3oebXQVv/QbS3ziA5nqN8bNpAgfh1G+YJ60tCg1eBjBlctHKgj
QanoFZzuLdSI7eORgP9KDg1AMBkGhJQ5BKe0Jg3gM55AfojHV/c9JwK3Yy1EaHET
7Xav+OqTRqKZzTqQNkpQgJzLWjD29qzbHUk+OC0ptDMPZjavIsyEZ11NF+9nfmTF
V1tUW/ma7PQwQkiyfbODOMWwoxE22uCYGgc1PndnG/iY2D0eDOmUN+WzmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHZntqn+JLA2fuqAiJazWwQoF5VMB8GA1UdIwQY
MBaAFLmsSdHM3K7dmhP0gD3xrtzm3BESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWF4SjBjemNydDJhRV9TQVBmR3UzT2JjRVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MzcxOTEtMTE3OS00OGVjLWFkOWYt
ZmZlNDNhNTJkM2Y2LzEvQWRtZTJxZjRrc0RaLTZvQ0lsck5iQkNnWGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MzcxOTEtMTE3OS00OGVjLWFkOWYtZmZlNDNhNTJkM2Y2
LzEvdWF4SjBjemNydDJhRV9TQVBmR3UzT2JjRVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATd+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBBfq01VwL3EoyQ2elV18VNSRGC3kx+LaKi75CB0tLq
Akcdxt2S8Ve5QOV19v6WMsRVo7DkxOdMQFPa1b1JG/7c7GiC8wbnrZfKBkqdfWKn
HPrg/GsGqU+EfQBNn9RQ/R6g/a7nc9B2yQmllnEIQMS9YhW/9LNkmpJGkM9J6IZG
QBKZ/2ID6fGG4A0imK5nMMjuKFwfAk2hQtKb0Bjz2/y66E2dc4pqyV///yXZdUu9
wob0Q8GyeOFw5IAcPA3Gc12c5hsb665NxkppsAob28NRrAqtcyACxmUj0dxllA28
Yh+n0ghZe11Jt2PjZfsmNKR1gUkPkHAZH5ZT3B9OjxIj
-----END CERTIFICATE-----