Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/S_9WwN4cj1q-gpjq2RM9QOq_ndU.roa
File:                     S_9WwN4cj1q-gpjq2RM9QOq_ndU.roa (raw, json)
Hash identifier:          iDGuUnJsT4LytJAbbVMwXFmniZKbU4YQ0gAly3QH160=
Subject key identifier:   4B:FF:56:C0:DE:1C:8F:5A:BE:82:98:EA:D9:13:3D:40:EA:BF:9D:D5
Certificate issuer:       /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial:       019251CEA0C0E24CDCD281531EF06210F556
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/S_9WwN4cj1q-gpjq2RM9QOq_ndU.roa
Signing time:             Thu 03 Oct 2024 09:55:48 +0000
ROA not before:           Thu 03 Oct 2024 09:55:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        188.95.69.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:51:ce:a0:c0:e2:4c:dc:d2:81:53:1e:f0:62:10:f5:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
        Validity
            Not Before: Oct  3 09:55:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4bff56c0de1c8f5abe8298ead9133d40eabf9dd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:9b:17:8a:81:a5:b0:85:a7:ad:3c:72:99:a9:
                    a9:70:60:8e:93:b6:5f:63:b6:e8:14:e3:35:c1:09:
                    f2:06:e8:1b:dc:92:a7:7a:9b:db:ec:ee:c8:dc:74:
                    5e:6a:4f:02:aa:9a:5a:fc:92:ed:5b:25:71:37:a9:
                    3e:0b:23:c3:a6:23:44:2a:59:ac:a2:90:9f:e4:ab:
                    6a:8d:7c:31:aa:e7:f7:e5:ae:70:d7:10:d7:79:0d:
                    e4:7a:bd:11:fb:a6:7b:16:fa:11:f5:2a:4c:59:25:
                    ca:fa:17:09:68:7d:38:72:66:a9:92:f2:b8:26:cf:
                    6d:8a:0e:ff:d8:58:64:7c:e7:0c:41:c0:82:27:f0:
                    81:07:d3:77:68:61:ef:af:8a:73:7e:ab:72:26:65:
                    e0:39:ef:4e:15:44:d4:34:15:53:a3:fc:a8:e9:aa:
                    8e:f6:b8:01:84:b2:ea:d5:d8:7f:0a:c6:fd:e4:76:
                    ab:32:b2:3b:d4:11:61:7f:26:fa:62:71:5f:08:b9:
                    ca:d3:98:62:6f:4d:ed:7d:09:f9:0e:85:72:7b:67:
                    b7:2f:98:db:23:2a:81:b7:e8:d8:38:c8:12:bb:75:
                    46:fb:77:b2:83:c0:62:07:b8:8c:3e:a0:3e:c5:08:
                    62:dc:2c:06:3c:ad:d0:33:f9:68:f9:43:ed:92:9f:
                    39:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:FF:56:C0:DE:1C:8F:5A:BE:82:98:EA:D9:13:3D:40:EA:BF:9D:D5
            X509v3 Authority Key Identifier:
                keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/S_9WwN4cj1q-gpjq2RM9QOq_ndU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.95.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:fa:fd:26:5d:b7:f9:e0:55:2f:f0:1f:f0:f1:2e:3d:b4:1e:
         ee:f6:5f:2e:a3:e7:b5:09:27:b0:99:07:03:25:a6:87:67:b7:
         90:ea:06:f9:ab:75:a3:11:b8:ae:ea:0a:74:42:0d:44:99:1f:
         05:2e:fb:89:31:a8:88:1f:07:eb:80:3c:c1:fc:30:10:6f:18:
         7b:13:a2:f3:79:e7:f4:7c:a9:a9:e8:c4:c9:7a:0d:11:52:cf:
         c6:89:41:52:b0:11:b4:dc:a2:55:59:b6:bf:b7:7c:e7:14:98:
         82:48:5b:e7:c1:e6:6d:23:ab:02:0d:1b:8e:da:13:19:66:11:
         ef:1d:79:cc:79:96:06:10:28:d9:d8:65:d8:45:83:e6:31:06:
         d7:c7:b0:6d:2c:c3:d8:0d:82:06:aa:be:aa:36:06:0c:5e:7b:
         89:9f:99:9e:fe:4b:6b:82:74:ed:82:39:ca:50:c5:a3:c3:69:
         18:53:46:fa:b3:d6:b0:49:72:13:45:6c:7e:ce:f8:8b:ae:2b:
         1a:59:2c:52:65:c3:5b:b3:91:93:16:cc:bc:a7:4d:b7:d9:5e:
         d8:94:8f:5a:82:d2:05:70:54:0a:47:29:ea:0a:e4:a1:4b:67:
         34:97:8c:0a:96:74:b8:62:7f:17:41:0c:ca:26:7e:0a:77:75:
         e5:22:a2:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRzqDA4kzc0oFTHvBiEPVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjQxMDAzMDk1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmZmNTZjMGRlMWM4ZjVhYmU4Mjk4ZWFkOTEzM2Q0MGVhYmY5ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZsXioGlsIWnrTxymampcGCOk7Zf
Y7boFOM1wQnyBugb3JKnepvb7O7I3HReak8Cqppa/JLtWyVxN6k+CyPDpiNEKlms
opCf5KtqjXwxquf35a5w1xDXeQ3ker0R+6Z7FvoR9SpMWSXK+hcJaH04cmapkvK4
Js9tig7/2FhkfOcMQcCCJ/CBB9N3aGHvr4pzfqtyJmXgOe9OFUTUNBVTo/yo6aqO
9rgBhLLq1dh/Csb95HarMrI71BFhfyb6YnFfCLnK05hib03tfQn5DoVye2e3L5jb
IyqBt+jYOMgSu3VG+3eyg8BiB7iMPqA+xQhi3CwGPK3QM/lo+UPtkp85yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEv/VsDeHI9avoKY6tkTPUDqv53VMB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvU185V3dONGNqMXEtZ3BqcTJSTTlRT3FfbmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9FMA0G
CSqGSIb3DQEBCwUAA4IBAQB/+v0mXbf54FUv8B/w8S49tB7u9l8uo+e1CSewmQcD
JaaHZ7eQ6gb5q3WjEbiu6gp0Qg1EmR8FLvuJMaiIHwfrgDzB/DAQbxh7E6Lzeef0
fKmp6MTJeg0RUs/GiUFSsBG03KJVWba/t3znFJiCSFvnweZtI6sCDRuO2hMZZhHv
HXnMeZYGECjZ2GXYRYPmMQbXx7BtLMPYDYIGqr6qNgYMXnuJn5me/ktrgnTtgjnK
UMWjw2kYU0b6s9awSXITRWx+zviLrisaWSxSZcNbs5GTFsy8p0232V7YlI9agtIF
cFQKRynqCuShS2c0l4wKlnS4Yn8XQQzKJn4Kd3XlIqLe
-----END CERTIFICATE-----