Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/7_8eegxQyLP71BAmskazel0YJyc.roa
File:                     7_8eegxQyLP71BAmskazel0YJyc.roa (raw, json)
Hash identifier:          NYmvQ/hnUv8GThLMHY/Fn4NRNuJobGMAd9a/vhWzZTw=
Subject key identifier:   EF:FF:1E:7A:0C:50:C8:B3:FB:D4:10:26:B2:46:B3:7A:5D:18:27:27
Certificate issuer:       /CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Certificate serial:       018CCA99E5C02EE4D077EEE20A9E76B916AE
Authority key identifier: EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/7_8eegxQyLP71BAmskazel0YJyc.roa
Signing time:             Tue 02 Jan 2024 14:35:32 +0000
ROA not before:           Tue 02 Jan 2024 14:35:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8075
IP address blocks:        80.64.222.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:e5:c0:2e:e4:d0:77:ee:e2:0a:9e:76:b9:16:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
        Validity
            Not Before: Jan  2 14:35:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=efff1e7a0c50c8b3fbd41026b246b37a5d182727
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:a3:a4:96:14:24:1f:6e:23:00:74:8e:c9:ea:
                    eb:4b:75:60:ea:37:05:ce:e8:fb:1b:8e:d7:ba:2a:
                    16:2f:52:dd:0f:5e:6b:b9:b9:fd:97:9b:d3:e6:38:
                    33:38:bb:ac:66:5b:44:4e:8f:92:dc:44:ea:1f:fe:
                    4c:5a:7c:2a:c3:ea:70:d9:a2:da:5f:f6:83:0b:33:
                    59:16:a8:37:1c:5a:30:00:98:18:82:05:13:b1:72:
                    62:ff:eb:a2:24:63:22:b6:ee:63:76:43:96:6f:c1:
                    7b:cb:c2:b9:57:a6:88:97:8e:71:da:9a:25:bc:7e:
                    28:9d:ad:55:19:1a:db:51:a7:d8:b0:db:e8:43:d4:
                    bb:f2:47:42:d1:3a:cf:ba:a5:cc:aa:26:b2:98:d7:
                    ea:dc:0a:6f:23:a7:dc:78:2e:20:1e:bb:2f:a9:21:
                    bd:80:06:8e:97:d0:65:c7:fe:79:08:40:d3:ac:90:
                    5e:19:a3:8e:89:02:07:7a:01:2d:f6:d0:f3:93:bb:
                    e2:74:9a:f2:5a:0d:f3:ac:71:b5:b4:f5:41:7f:f1:
                    9b:32:d0:07:79:7f:2f:b1:05:66:a4:2a:66:9a:93:
                    42:63:4c:2b:1b:52:80:de:70:2a:09:84:54:ef:d5:
                    f0:c4:74:4e:7a:6c:32:f4:bb:62:ab:ab:2c:87:14:
                    4b:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:FF:1E:7A:0C:50:C8:B3:FB:D4:10:26:B2:46:B3:7A:5D:18:27:27
            X509v3 Authority Key Identifier:
                keyid:EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/7_8eegxQyLP71BAmskazel0YJyc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.64.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:e7:e9:2b:f5:48:58:eb:bf:64:fa:3a:45:e5:59:69:7f:5e:
         3e:89:90:87:a7:6d:98:ad:b9:5b:2c:ab:ed:76:be:b4:56:8b:
         59:73:e8:c4:f3:b6:20:59:4f:bd:2d:d9:07:58:bf:a5:3f:7a:
         11:78:e4:00:1d:a8:ee:67:b8:16:8e:96:9d:00:80:85:68:9f:
         a5:84:91:4c:f7:41:a8:3d:e5:27:8b:fa:c8:9f:de:56:88:62:
         be:6d:bc:16:3c:c9:b5:ce:1d:05:86:fa:7f:32:72:d2:cb:1b:
         ba:02:01:38:5c:12:1c:d7:c2:bc:be:19:4f:55:9a:cf:65:0a:
         e9:05:79:9b:8d:23:e4:07:f1:ba:61:d1:1b:1c:34:bd:c0:52:
         d8:29:44:19:b3:e1:c0:cf:db:37:55:71:fe:eb:c7:dd:85:79:
         6c:f6:a6:f6:f0:47:08:a9:d3:39:95:94:5d:32:1d:8a:3a:e4:
         e1:77:5a:6a:b2:5b:5a:62:89:b0:b9:5d:f5:74:85:97:b3:cd:
         0f:fe:c9:33:d1:06:39:a3:55:24:5c:05:bc:c2:bf:cd:d3:58:
         e5:67:e9:34:66:74:f7:81:3b:c3:b3:46:cd:91:32:06:2e:cf:
         d8:d4:1c:e0:9c:ba:db:78:c7:0b:ab:3f:8a:24:b5:38:91:ab:
         23:c1:9d:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmeXALuTQd+7iCp52uRauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2YzMWJkNmQ5ODVlNDUyOTljMzFkMDUyY2E0YThlYmVm
NTU3OGIwHhcNMjQwMTAyMTQzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZmMWU3YTBjNTBjOGIzZmJkNDEwMjZiMjQ2YjM3YTVkMTgyNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKOklhQkH24jAHSOyerrS3Vg6jcF
zuj7G47XuioWL1LdD15rubn9l5vT5jgzOLusZltETo+S3ETqH/5MWnwqw+pw2aLa
X/aDCzNZFqg3HFowAJgYggUTsXJi/+uiJGMitu5jdkOWb8F7y8K5V6aIl45x2pol
vH4ona1VGRrbUafYsNvoQ9S78kdC0TrPuqXMqiaymNfq3ApvI6fceC4gHrsvqSG9
gAaOl9Blx/55CEDTrJBeGaOOiQIHegEt9tDzk7vidJryWg3zrHG1tPVBf/GbMtAH
eX8vsQVmpCpmmpNCY0wrG1KA3nAqCYRU79XwxHROemwy9Ltiq6sshxRLzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO//HnoMUMiz+9QQJrJGs3pdGCcnMB8GA1UdIwQY
MBaAFO9/Mb1tmF5FKZwx0FLKSo6+9VeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQt
YTc2M2RmM2FlZTZkLzEvN184ZWVneFF5TFA3MUJBbXNrYXplbDBZSnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQtYTc2M2RmM2FlZTZk
LzEvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEDeMA0G
CSqGSIb3DQEBCwUAA4IBAQBV5+kr9UhY679k+jpF5Vlpf14+iZCHp22YrblbLKvt
dr60VotZc+jE87YgWU+9LdkHWL+lP3oReOQAHajuZ7gWjpadAICFaJ+lhJFM90Go
PeUni/rIn95WiGK+bbwWPMm1zh0Fhvp/MnLSyxu6AgE4XBIc18K8vhlPVZrPZQrp
BXmbjSPkB/G6YdEbHDS9wFLYKUQZs+HAz9s3VXH+68fdhXls9qb28EcIqdM5lZRd
Mh2KOuThd1pqsltaYomwuV31dIWXs80P/skz0QY5o1UkXAW8wr/N01jlZ+k0ZnT3
gTvDs0bNkTIGLs/Y1BzgnLrbeMcLqz+KJLU4kasjwZ2v
-----END CERTIFICATE-----