Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dSk6DMDDQYm6S_hsU4AxeWrA2Nk.roa
File:                     dSk6DMDDQYm6S_hsU4AxeWrA2Nk.roa (raw, json)
Hash identifier:          6OCHUlBT9Ol53KzOqGz5FUpWcmZ5PDLtL9N/mI/bEZw=
Subject key identifier:   75:29:3A:0C:C0:C3:41:89:BA:4B:F8:6C:53:80:31:79:6A:C0:D8:D9
Certificate issuer:       /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial:       018DC553891053E8144E54D4D690C9949CED
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dSk6DMDDQYm6S_hsU4AxeWrA2Nk.roa
Signing time:             Tue 20 Feb 2024 07:03:22 +0000
ROA not before:           Tue 20 Feb 2024 07:03:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215503
IP address blocks:        185.178.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 15:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:c5:53:89:10:53:e8:14:4e:54:d4:d6:90:c9:94:9c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
        Validity
            Not Before: Feb 20 07:03:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=75293a0cc0c34189ba4bf86c538031796ac0d8d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e1:9a:40:9a:5d:d3:f0:e3:92:92:86:fc:25:
                    4b:72:eb:a4:40:c8:0c:ed:11:23:0b:da:e6:d3:41:
                    c7:5d:7b:73:22:d1:de:fc:9e:97:62:9b:eb:1c:c9:
                    63:5f:72:40:c6:37:0d:86:c0:df:cd:0c:66:c0:31:
                    dc:0d:b7:02:50:23:eb:7b:f4:5b:13:fa:47:b7:d1:
                    e0:08:fc:41:08:16:47:8c:d2:01:c8:62:92:0e:6d:
                    bd:df:b9:98:82:85:1b:42:10:93:3c:b1:e3:81:d6:
                    5a:82:14:b6:17:95:20:bc:54:43:3a:1b:6a:56:16:
                    73:ce:d2:22:97:d7:f6:c1:85:4a:11:f2:48:7c:fe:
                    92:c9:f5:d5:9a:bb:2c:82:c3:20:f7:d9:0b:91:68:
                    41:3f:92:21:56:0d:b3:d1:88:81:4e:59:75:8d:53:
                    de:b5:4f:be:38:0f:c0:5e:fb:0d:25:8a:f0:73:c3:
                    82:fe:71:38:b7:81:77:44:30:88:d2:8d:30:59:f8:
                    60:0e:09:4e:75:d1:22:53:21:ca:41:5d:04:56:02:
                    6a:79:7d:08:33:bf:f8:f9:03:46:73:ff:15:c4:31:
                    f0:45:5a:74:c4:dc:59:27:d7:0a:69:d1:cc:3c:83:
                    d6:06:8d:9e:ee:ab:d7:e2:d9:3b:10:29:02:66:e8:
                    1a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:29:3A:0C:C0:C3:41:89:BA:4B:F8:6C:53:80:31:79:6A:C0:D8:D9
            X509v3 Authority Key Identifier:
                keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/dSk6DMDDQYm6S_hsU4AxeWrA2Nk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.178.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:e1:fa:84:60:c9:ae:b6:82:fc:2c:35:f8:f8:28:2d:87:d3:
         55:99:38:54:05:17:f2:43:c5:52:23:33:f5:90:13:ce:86:62:
         db:a5:ff:c1:bd:b5:eb:3d:60:f5:a9:ce:34:54:a2:f7:db:e1:
         70:3d:3e:fe:d5:a6:09:1e:00:e5:7e:22:62:00:a4:e3:71:ae:
         97:d5:6f:bf:b2:79:0f:81:64:67:35:2a:7e:12:0e:07:00:cf:
         8e:14:42:34:63:dc:3d:c2:ac:b1:19:ed:e5:09:c1:ed:d2:7d:
         a5:91:14:1f:dd:2b:c3:d8:9f:9b:53:56:6d:1b:f7:e8:7f:2a:
         aa:bb:83:66:01:d2:46:28:b4:f8:e6:d5:ce:a4:45:32:13:05:
         2d:3e:7d:33:ff:15:7d:de:aa:0b:1a:0a:4d:9a:37:20:51:48:
         56:ca:4f:bb:07:0d:29:8f:ba:b2:6f:05:43:d0:c1:e5:fd:cb:
         d8:1c:f4:f7:30:a7:57:b0:a6:a1:5e:12:09:e2:1f:00:f1:ed:
         fd:b8:58:bb:bb:28:7b:32:61:56:67:4f:b2:b4:dd:74:ee:80:
         f6:bf:7d:d8:c6:c1:0f:fa:e2:43:89:dd:78:19:33:ea:11:c1:
         c4:15:a3:4c:a2:f2:20:fc:8c:ef:3f:45:90:d3:73:3c:ba:e7:
         30:b1:5d:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3FU4kQU+gUTlTU1pDJlJztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwMjIwMDcwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI5M2EwY2MwYzM0MTg5YmE0YmY4NmM1MzgwMzE3OTZhYzBkOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuGaQJpd0/DjkpKG/CVLcuukQMgM
7REjC9rm00HHXXtzItHe/J6XYpvrHMljX3JAxjcNhsDfzQxmwDHcDbcCUCPre/Rb
E/pHt9HgCPxBCBZHjNIByGKSDm2937mYgoUbQhCTPLHjgdZaghS2F5UgvFRDOhtq
VhZzztIil9f2wYVKEfJIfP6SyfXVmrssgsMg99kLkWhBP5IhVg2z0YiBTll1jVPe
tU++OA/AXvsNJYrwc8OC/nE4t4F3RDCI0o0wWfhgDglOddEiUyHKQV0EVgJqeX0I
M7/4+QNGc/8VxDHwRVp0xNxZJ9cKadHMPIPWBo2e7qvX4tk7ECkCZuganwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUpOgzAw0GJukv4bFOAMXlqwNjZMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvZFNrNkRNRERRWW02U19oc1U0QXhlV3JBMk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubL0MA0G
CSqGSIb3DQEBCwUAA4IBAQC34fqEYMmutoL8LDX4+Cgth9NVmThUBRfyQ8VSIzP1
kBPOhmLbpf/BvbXrPWD1qc40VKL32+FwPT7+1aYJHgDlfiJiAKTjca6X1W+/snkP
gWRnNSp+Eg4HAM+OFEI0Y9w9wqyxGe3lCcHt0n2lkRQf3SvD2J+bU1ZtG/fofyqq
u4NmAdJGKLT45tXOpEUyEwUtPn0z/xV93qoLGgpNmjcgUUhWyk+7Bw0pj7qybwVD
0MHl/cvYHPT3MKdXsKahXhIJ4h8A8e39uFi7uyh7MmFWZ0+ytN107oD2v33YxsEP
+uJDid14GTPqEcHEFaNMovIg/IzvP0WQ03M8uucwsV1u
-----END CERTIFICATE-----