Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wyy48ncZInS1iytgSRjTMWXnung.roa
File:                     wyy48ncZInS1iytgSRjTMWXnung.roa (raw, json)
Hash identifier:          u7jah/XxUWBl9ewwpsjB2TPBO2Phcz8TjJyD0SOl+LQ=
Subject key identifier:   C3:2C:B8:F2:77:19:22:74:B5:8B:2B:60:49:18:D3:31:65:E7:BA:78
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018D5F8F8DA1A86760FFC81DD97C0BC3BCC8
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wyy48ncZInS1iytgSRjTMWXnung.roa
Signing time:             Wed 31 Jan 2024 12:47:39 +0000
ROA not before:           Wed 31 Jan 2024 12:47:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62068
IP address blocks:        89.190.159.0/24 maxlen: 24
                          194.50.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 May 2024 14:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5f:8f:8d:a1:a8:67:60:ff:c8:1d:d9:7c:0b:c3:bc:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan 31 12:47:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c32cb8f277192274b58b2b604918d33165e7ba78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:df:c0:92:35:c2:87:de:3f:83:72:b3:3d:e3:
                    31:68:3f:9b:32:bf:a7:c7:da:e4:c5:3f:50:1a:aa:
                    f3:4e:9c:27:a0:0f:69:be:62:2b:1c:68:71:a6:99:
                    85:53:e8:34:c2:d2:d9:21:ba:3a:76:38:fd:76:a5:
                    f4:15:fd:7f:41:1f:3a:45:82:85:7e:43:10:fa:bd:
                    79:1b:d5:5f:e7:85:67:f4:31:41:1d:71:f2:b9:2a:
                    0f:44:b0:b8:19:10:90:6f:44:b8:64:eb:fc:5f:88:
                    0c:c6:80:96:92:18:bc:ef:e1:c4:30:2f:d1:a1:49:
                    3f:1f:a6:16:a0:81:80:21:e9:49:ed:64:cc:ca:38:
                    8d:ef:6b:0c:a7:35:45:54:12:0b:0b:d2:2f:42:d2:
                    68:db:35:a3:8c:96:2d:34:6f:a4:44:30:fc:09:6d:
                    81:5c:93:e9:d5:e5:3b:0f:43:b8:9e:d3:7e:53:9a:
                    49:ac:6b:d3:d7:92:f5:5b:99:5c:43:58:f7:80:ca:
                    fe:01:73:6d:1c:6b:cc:c8:61:2d:bd:79:94:60:6c:
                    80:b5:8f:32:14:e4:fa:b4:7c:be:ce:46:9f:3c:3c:
                    b4:04:d5:e8:f7:06:ab:d0:e1:ed:c1:22:c3:8a:5c:
                    00:62:e9:21:56:8b:80:18:fa:ca:07:67:b0:8d:6d:
                    bd:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2C:B8:F2:77:19:22:74:B5:8B:2B:60:49:18:D3:31:65:E7:BA:78
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/wyy48ncZInS1iytgSRjTMWXnung.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.190.159.0/24
                  194.50.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:89:6f:c3:fe:e5:da:ec:d3:b9:37:dc:5b:a9:cb:a5:be:6b:
         36:c2:fe:10:04:11:d5:58:9c:4a:bb:b8:b8:8f:a7:3c:25:1f:
         14:94:1b:a8:6e:87:28:03:e1:af:8d:fc:c0:04:04:61:50:cb:
         8b:b6:f8:92:21:8f:06:af:81:de:62:72:98:39:09:03:78:dc:
         a4:58:0e:68:f2:cb:c6:17:23:54:5c:fd:2d:e3:0d:46:43:70:
         01:8e:69:17:43:91:d1:9d:ed:d8:fc:01:c5:52:9f:bc:01:1b:
         da:10:e1:81:0b:70:a1:cf:b2:c2:22:ee:e5:19:c2:d8:ca:36:
         8a:9f:8b:d0:ea:df:f6:bd:aa:0b:f0:00:5b:52:97:98:54:97:
         f4:05:4a:36:33:3e:79:9c:10:d8:d9:99:fd:89:49:7e:07:43:
         c2:22:49:0d:b6:46:49:b0:22:bb:1b:7d:93:15:ef:ea:56:09:
         68:83:e4:b6:fc:d5:f1:0a:a1:62:ea:67:c8:5f:69:36:6d:46:
         4a:a7:31:a1:a0:c6:b7:92:0c:78:14:26:bc:1a:51:d8:1c:61:
         6a:6e:f3:92:92:6b:5c:47:2f:d3:91:96:11:c4:74:ad:69:07:
         b3:ac:a1:43:16:aa:f7:7f:13:b5:97:47:cb:d2:c7:a0:d3:24:
         5c:6c:51:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1fj42hqGdg/8gd2XwLw7zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTMxMTI0NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJjYjhmMjc3MTkyMjc0YjU4YjJiNjA0OTE4ZDMzMTY1ZTdiYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt/AkjXCh94/g3KzPeMxaD+bMr+n
x9rkxT9QGqrzTpwnoA9pvmIrHGhxppmFU+g0wtLZIbo6djj9dqX0Ff1/QR86RYKF
fkMQ+r15G9Vf54Vn9DFBHXHyuSoPRLC4GRCQb0S4ZOv8X4gMxoCWkhi87+HEMC/R
oUk/H6YWoIGAIelJ7WTMyjiN72sMpzVFVBILC9IvQtJo2zWjjJYtNG+kRDD8CW2B
XJPp1eU7D0O4ntN+U5pJrGvT15L1W5lcQ1j3gMr+AXNtHGvMyGEtvXmUYGyAtY8y
FOT6tHy+zkafPDy0BNXo9war0OHtwSLDilwAYukhVouAGPrKB2ewjW29cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMMsuPJ3GSJ0tYsrYEkY0zFl57p4MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvd3l5NDhuY1pJblMxaXl0Z1NSalRNV1hudW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWb6fAwQA
wjIQMA0GCSqGSIb3DQEBCwUAA4IBAQBgiW/D/uXa7NO5N9xbqculvms2wv4QBBHV
WJxKu7i4j6c8JR8UlBuobocoA+GvjfzABARhUMuLtviSIY8Gr4HeYnKYOQkDeNyk
WA5o8svGFyNUXP0t4w1GQ3ABjmkXQ5HRne3Y/AHFUp+8ARvaEOGBC3Chz7LCIu7l
GcLYyjaKn4vQ6t/2vaoL8ABbUpeYVJf0BUo2Mz55nBDY2Zn9iUl+B0PCIkkNtkZJ
sCK7G32TFe/qVglog+S2/NXxCqFi6mfIX2k2bUZKpzGhoMa3kgx4FCa8GlHYHGFq
bvOSkmtcRy/TkZYRxHStaQezrKFDFqr3fxO1l0fL0seg0yRcbFGz
-----END CERTIFICATE-----