Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/eoUI00v5kHG-99ELxP-BBcjXoAc.roa
File:                     eoUI00v5kHG-99ELxP-BBcjXoAc.roa (raw, json)
Hash identifier:          wGk7AZgmxRmrZlb/Q0cgAj09IR2rbdkkeiUHejBRKws=
Subject key identifier:   7A:85:08:D3:4B:F9:90:71:BE:F7:D1:0B:C4:FF:81:05:C8:D7:A0:07
Certificate issuer:       /CN=298354861973728ce2be505f7270a4364d94e691
Certificate serial:       01942067F7E2AC0BC56E921979989ADDC390
Authority key identifier: 29:83:54:86:19:73:72:8C:E2:BE:50:5F:72:70:A4:36:4D:94:E6:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KYNUhhlzcozivlBfcnCkNk2U5pE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/eoUI00v5kHG-99ELxP-BBcjXoAc.roa
Signing time:             Wed 01 Jan 2025 05:47:52 +0000
ROA not before:           Wed 01 Jan 2025 05:47:52 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.94.0/24 maxlen: 24
                          2001:7f8:b6::/64 maxlen: 64
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/KYNUhhlzcozivlBfcnCkNk2U5pE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/KYNUhhlzcozivlBfcnCkNk2U5pE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KYNUhhlzcozivlBfcnCkNk2U5pE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 12 Apr 2025 17:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:67:f7:e2:ac:0b:c5:6e:92:19:79:98:9a:dd:c3:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298354861973728ce2be505f7270a4364d94e691
        Validity
            Not Before: Jan  1 05:47:52 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7a8508d34bf99071bef7d10bc4ff8105c8d7a007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:13:9c:5c:9b:2d:66:1f:9c:6c:a1:46:c6:9d:
                    4f:a5:f7:d8:13:9e:a0:41:76:1b:76:64:b5:0b:50:
                    99:d0:5b:a1:54:02:7d:92:b1:50:51:49:26:ac:5e:
                    58:84:4f:31:0c:b2:16:6e:94:b5:76:c9:a3:52:14:
                    38:e5:6b:37:b9:01:00:aa:ac:05:27:cf:5c:f3:e4:
                    81:01:9a:e0:01:86:3f:d5:77:6f:2c:9d:8f:8d:71:
                    5f:3f:71:dc:59:64:8e:81:fa:4c:51:03:6d:63:b4:
                    71:e4:d1:b4:12:ac:c6:58:54:db:fa:e3:1c:a4:92:
                    8e:44:a8:65:ea:b1:97:3c:bc:65:b9:15:f7:13:c0:
                    36:be:93:f6:ae:5b:dd:e4:3b:51:a1:d0:16:8c:39:
                    a1:81:91:58:05:6e:12:d2:97:0d:83:df:db:8f:ee:
                    7a:e1:93:0b:46:74:77:ed:47:9a:2d:0d:ac:e3:f7:
                    fd:93:88:b3:b5:92:f5:13:0b:d1:96:6b:5b:23:79:
                    1a:c0:6d:9c:a8:db:df:be:83:bb:a3:74:f9:09:a7:
                    2e:68:4a:51:5d:67:07:df:53:f9:a5:52:65:b7:10:
                    83:f4:ab:c2:6b:46:59:61:dc:5a:92:44:92:27:bf:
                    c6:b7:ef:76:b4:c0:22:81:75:b7:00:dc:c4:ae:4d:
                    cc:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:85:08:D3:4B:F9:90:71:BE:F7:D1:0B:C4:FF:81:05:C8:D7:A0:07
            X509v3 Authority Key Identifier:
                keyid:29:83:54:86:19:73:72:8C:E2:BE:50:5F:72:70:A4:36:4D:94:E6:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYNUhhlzcozivlBfcnCkNk2U5pE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/eoUI00v5kHG-99ELxP-BBcjXoAc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/a6dcf1-97f4-45af-bb48-3db6f0570d48/1/KYNUhhlzcozivlBfcnCkNk2U5pE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.94.0/24
                IPv6:
                  2001:7f8:b6::/64

    Signature Algorithm: sha256WithRSAEncryption
         be:94:c1:46:d8:90:4b:6f:47:7f:53:ec:f4:0c:4f:74:48:4f:
         c6:bf:52:45:a0:68:34:bf:27:10:08:1f:d9:16:29:cb:ea:8c:
         0d:28:7a:29:c7:dd:c4:d0:f3:1e:73:22:7d:67:62:5e:dc:4d:
         c8:7e:56:e9:db:36:5a:b8:b5:3e:56:5b:04:9a:e6:5f:44:ed:
         9c:a1:59:04:6e:c8:d2:68:4c:36:04:a8:24:04:fb:67:b2:6b:
         59:76:85:39:72:4d:f6:cd:df:db:db:2d:3f:f7:34:18:5b:04:
         14:d1:63:f6:11:41:f6:c7:10:65:ad:e6:48:52:83:40:93:35:
         9e:7b:7a:e6:3a:ae:5e:13:b5:ec:54:75:6a:ce:e1:40:29:23:
         97:93:f3:82:df:97:17:2c:9e:cb:41:d5:a2:bf:ca:d1:fa:42:
         0c:fe:c8:af:76:bf:30:10:2a:24:78:74:be:df:62:a6:42:3d:
         e8:28:c8:83:1c:26:e3:a7:22:a4:f4:56:e3:0c:c2:07:c4:87:
         5b:f7:be:26:cb:c8:19:af:b6:35:61:49:cf:84:02:ea:9a:21:
         7f:df:43:cf:2a:81:b7:d2:ee:01:77:24:21:c6:fb:71:20:2e:
         80:ae:51:b0:a2:ac:16:bb:43:80:0c:c2:c4:72:a3:6f:1a:1f:
         15:0b:9e:8c
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQgZ/firAvFbpIZeZia3cOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODM1NDg2MTk3MzcyOGNlMmJlNTA1ZjcyNzBhNDM2NGQ5
NGU2OTEwHhcNMjUwMTAxMDU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTg1MDhkMzRiZjk5MDcxYmVmN2QxMGJjNGZmODEwNWM4ZDdhMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxOcXJstZh+cbKFGxp1PpffYE56g
QXYbdmS1C1CZ0FuhVAJ9krFQUUkmrF5YhE8xDLIWbpS1dsmjUhQ45Ws3uQEAqqwF
J89c8+SBAZrgAYY/1XdvLJ2PjXFfP3HcWWSOgfpMUQNtY7Rx5NG0EqzGWFTb+uMc
pJKORKhl6rGXPLxluRX3E8A2vpP2rlvd5DtRodAWjDmhgZFYBW4S0pcNg9/bj+56
4ZMLRnR37UeaLQ2s4/f9k4iztZL1EwvRlmtbI3kawG2cqNvfvoO7o3T5CacuaEpR
XWcH31P5pVJltxCD9KvCa0ZZYdxakkSSJ7/Gt+92tMAigXW3ANzErk3M2wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFHqFCNNL+ZBxvvfRC8T/gQXI16AHMB8GA1UdIwQY
MBaAFCmDVIYZc3KM4r5QX3JwpDZNlOaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lOVWhobHpjb3ppdmxCZmNuQ2tOazJVNXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hNmRjZjEtOTdmNC00NWFmLWJiNDgt
M2RiNmYwNTcwZDQ4LzEvZW9VSTAwdjVrSEctOTlFTHhQLUJCY2pYb0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hNmRjZjEtOTdmNC00NWFmLWJiNDgtM2RiNmYwNTcwZDQ4
LzEvS1lOVWhobHpjb3ppdmxCZmNuQ2tOazJVNXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQAuQFeMBEE
AgACMAsDCQAgAQf4ALYAADANBgkqhkiG9w0BAQsFAAOCAQEAvpTBRtiQS29Hf1Ps
9AxPdEhPxr9SRaBoNL8nEAgf2RYpy+qMDSh6KcfdxNDzHnMifWdiXtxNyH5W6ds2
Wri1PlZbBJrmX0TtnKFZBG7I0mhMNgSoJAT7Z7JrWXaFOXJN9s3f29stP/c0GFsE
FNFj9hFB9scQZa3mSFKDQJM1nnt65jquXhO17FR1as7hQCkjl5Pzgt+XFyyey0HV
or/K0fpCDP7Ir3a/MBAqJHh0vt9ipkI96CjIgxwm46cipPRW4wzCB8SHW/e+JsvI
Ga+2NWFJz4QC6pohf99DzyqBt9LuAXckIcb7cSAugK5RsKKsFrtDgAzCxHKjbxof
FQuejA==
-----END CERTIFICATE-----