Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/OpK0v9QBtgmFVDXHs8B8FdZ3Z30.roa
File:                     OpK0v9QBtgmFVDXHs8B8FdZ3Z30.roa (raw, json)
Hash identifier:          OtWR9OEjIiaNKpaM9MqRh8Kjj6sdznH5K4eU+gNnYKI=
Subject key identifier:   3A:92:B4:BF:D4:01:B6:09:85:54:35:C7:B3:C0:7C:15:D6:77:67:7D
Certificate issuer:       /CN=55fe50ccfcef0e87cc19f82cc092bb9b79a3e3af
Certificate serial:       0190B886B59F710CC548D0BF4471C36B93AE
Authority key identifier: 55:FE:50:CC:FC:EF:0E:87:CC:19:F8:2C:C0:92:BB:9B:79:A3:E3:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vf5QzPzvDofMGfgswJK7m3mj468.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/OpK0v9QBtgmFVDXHs8B8FdZ3Z30.roa
Signing time:             Mon 15 Jul 2024 22:32:34 +0000
ROA not before:           Mon 15 Jul 2024 22:32:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51098
IP address blocks:        194.116.136.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/Vf5QzPzvDofMGfgswJK7m3mj468.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/Vf5QzPzvDofMGfgswJK7m3mj468.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vf5QzPzvDofMGfgswJK7m3mj468.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Sep 2024 19:03:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:b8:86:b5:9f:71:0c:c5:48:d0:bf:44:71:c3:6b:93:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55fe50ccfcef0e87cc19f82cc092bb9b79a3e3af
        Validity
            Not Before: Jul 15 22:32:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3a92b4bfd401b609855435c7b3c07c15d677677d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:86:28:55:99:f1:03:9d:9d:75:ed:2a:8a:13:
                    f0:5f:fc:86:1b:fa:0b:d4:5c:81:c5:f6:ec:85:5c:
                    87:5c:ec:d7:65:4b:63:51:bd:49:fd:f9:2c:0b:fd:
                    33:b8:9b:7d:d7:1b:a5:65:43:77:d3:2b:c2:9a:20:
                    fa:9c:03:8c:f5:ef:a3:0d:1b:66:e4:42:08:35:59:
                    13:af:d4:67:18:18:23:22:48:5e:58:a6:57:8e:78:
                    11:ea:07:01:2a:c5:b8:11:de:7d:b8:64:4f:7f:50:
                    34:7a:62:a4:87:67:a5:55:11:db:c9:8b:ea:11:d9:
                    64:22:ef:f0:37:f4:2d:45:78:f7:49:fd:1d:3e:c9:
                    b1:a8:d4:aa:16:0d:f9:25:d7:51:2b:a0:67:6a:56:
                    98:0a:33:8d:88:f8:bd:3d:e4:ae:1e:96:0c:86:54:
                    b9:e9:dc:e3:98:3f:b3:f1:ae:b0:a7:2a:bd:1d:59:
                    7d:f6:83:47:38:5c:65:7d:c8:42:55:d1:2c:be:c9:
                    67:7b:07:c3:8f:79:f0:98:b7:e1:a5:3c:9b:10:5c:
                    79:3e:37:3f:8a:6c:07:66:93:51:58:b1:dc:be:74:
                    bb:e5:1b:34:ca:30:09:71:6b:10:9e:00:59:aa:1a:
                    a3:c0:bf:95:5a:dc:93:be:86:86:ff:af:bd:81:55:
                    65:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:92:B4:BF:D4:01:B6:09:85:54:35:C7:B3:C0:7C:15:D6:77:67:7D
            X509v3 Authority Key Identifier:
                keyid:55:FE:50:CC:FC:EF:0E:87:CC:19:F8:2C:C0:92:BB:9B:79:A3:E3:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vf5QzPzvDofMGfgswJK7m3mj468.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/OpK0v9QBtgmFVDXHs8B8FdZ3Z30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/067e3d-2858-482e-99dc-c07e715c81c9/1/Vf5QzPzvDofMGfgswJK7m3mj468.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.116.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:ca:52:13:26:4d:f4:6a:0d:81:14:68:6d:b8:3c:8f:93:8b:
         40:fd:5f:92:e7:84:cc:bb:ae:b6:1c:3c:c6:af:9d:40:19:b1:
         1b:af:75:dc:df:e4:27:2d:13:c3:83:ed:c4:1e:36:11:f2:94:
         47:9a:15:53:bc:3e:27:03:a4:56:5e:d4:19:6f:27:bd:19:32:
         5a:f3:6a:f4:16:1f:86:77:55:d1:a5:fb:ff:82:ac:28:90:57:
         a5:45:72:01:f7:87:e2:95:81:35:b5:09:c5:68:86:37:97:e8:
         eb:b1:e2:c0:92:48:2c:83:ec:50:ee:aa:c6:06:f1:d3:36:a9:
         9e:e7:5e:cc:a3:cf:3f:d8:b8:3d:ee:ad:86:77:d1:f2:dd:c2:
         c0:d8:72:47:90:14:1e:64:36:99:77:5d:e6:95:c4:55:ef:ac:
         79:8f:3f:c2:ce:c3:1b:be:5a:25:6d:21:c5:47:62:cf:2d:78:
         b9:83:6d:1b:71:e4:0a:0a:f9:8d:28:4f:12:2c:b9:dd:75:c2:
         8b:73:90:3c:28:35:fe:b8:09:12:05:7a:52:79:01:cf:56:ea:
         0a:9c:d4:8d:ae:3c:f6:9b:d2:89:b0:72:d6:5b:70:54:88:d1:
         77:4d:26:d8:15:c7:0a:fe:43:ec:8f:0c:30:59:76:6f:8c:95:
         48:d7:a1:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC4hrWfcQzFSNC/RHHDa5OuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZmU1MGNjZmNlZjBlODdjYzE5ZjgyY2MwOTJiYjliNzlh
M2UzYWYwHhcNMjQwNzE1MjIzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkyYjRiZmQ0MDFiNjA5ODU1NDM1YzdiM2MwN2MxNWQ2Nzc2NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4YoVZnxA52dde0qihPwX/yGG/oL
1FyBxfbshVyHXOzXZUtjUb1J/fksC/0zuJt91xulZUN30yvCmiD6nAOM9e+jDRtm
5EIINVkTr9RnGBgjIkheWKZXjngR6gcBKsW4Ed59uGRPf1A0emKkh2elVRHbyYvq
EdlkIu/wN/QtRXj3Sf0dPsmxqNSqFg35JddRK6BnalaYCjONiPi9PeSuHpYMhlS5
6dzjmD+z8a6wpyq9HVl99oNHOFxlfchCVdEsvslnewfDj3nwmLfhpTybEFx5Pjc/
imwHZpNRWLHcvnS75Rs0yjAJcWsQngBZqhqjwL+VWtyTvoaG/6+9gVVllQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqStL/UAbYJhVQ1x7PAfBXWd2d9MB8GA1UdIwQY
MBaAFFX+UMz87w6HzBn4LMCSu5t5o+OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmY1UXpQenZEb2ZNR2Znc3dKSzdtM21qNDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNjdlM2QtMjg1OC00ODJlLTk5ZGMt
YzA3ZTcxNWM4MWM5LzEvT3BLMHY5UUJ0Z21GVkRYSHM4QjhGZFozWjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8wNjdlM2QtMjg1OC00ODJlLTk5ZGMtYzA3ZTcxNWM4MWM5
LzEvVmY1UXpQenZEb2ZNR2Znc3dKSzdtM21qNDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwnSIMA0G
CSqGSIb3DQEBCwUAA4IBAQB7ylITJk30ag2BFGhtuDyPk4tA/V+S54TMu662HDzG
r51AGbEbr3Xc3+QnLRPDg+3EHjYR8pRHmhVTvD4nA6RWXtQZbye9GTJa82r0Fh+G
d1XRpfv/gqwokFelRXIB94filYE1tQnFaIY3l+jrseLAkkgsg+xQ7qrGBvHTNqme
517Mo88/2Lg97q2Gd9Hy3cLA2HJHkBQeZDaZd13mlcRV76x5jz/CzsMbvlolbSHF
R2LPLXi5g20bceQKCvmNKE8SLLnddcKLc5A8KDX+uAkSBXpSeQHPVuoKnNSNrjz2
m9KJsHLWW3BUiNF3TSbYFccK/kPsjwwwWXZvjJVI16E4
-----END CERTIFICATE-----