Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/6dTT-rARhT9SKaU0Q5LyIvW6cuU.roa
File:                     6dTT-rARhT9SKaU0Q5LyIvW6cuU.roa (raw, json)
Hash identifier:          AGsDOWQR4BMJI4oi03KYaFPz/MqqxHtOCzcXxJU+zUU=
Subject key identifier:   E9:D4:D3:FA:B0:11:85:3F:52:29:A5:34:43:92:F2:22:F5:BA:72:E5
Certificate issuer:       /CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
Certificate serial:       01941F8CAA6AA46E724B581EADA8BB53EF28
Authority key identifier: 36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/6dTT-rARhT9SKaU0Q5LyIvW6cuU.roa
Signing time:             Wed 01 Jan 2025 01:48:19 +0000
ROA not before:           Wed 01 Jan 2025 01:48:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     199769
IP address blocks:        92.60.149.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/NpxxPFGYfh_6VIInf18cjLci9Es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/NpxxPFGYfh_6VIInf18cjLci9Es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Feb 2025 22:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:8c:aa:6a:a4:6e:72:4b:58:1e:ad:a8:bb:53:ef:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
        Validity
            Not Before: Jan  1 01:48:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e9d4d3fab011853f5229a5344392f222f5ba72e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:90:23:82:24:0f:b8:aa:69:eb:36:cc:f5:93:
                    0b:61:74:ca:67:fb:03:a5:62:1a:5e:e5:bd:2a:51:
                    a3:8c:b8:20:5f:c4:9a:2d:1a:1d:1e:f2:b8:8d:1b:
                    24:44:d5:41:46:cd:76:9f:be:e4:b3:e0:7b:2c:f1:
                    29:53:bb:9a:da:00:ac:cc:1e:32:6a:63:cc:eb:2e:
                    6e:06:ac:ea:21:76:4d:a0:09:a9:fb:95:25:08:83:
                    34:55:5f:27:a6:96:dc:cb:8c:0e:d9:0d:d0:85:3c:
                    b4:b2:7c:ef:e5:8a:29:e2:f7:b2:57:49:07:f1:08:
                    b2:f5:b5:d1:4c:41:47:b1:f9:89:ba:2d:d7:09:6c:
                    52:82:49:a7:05:fc:f1:73:14:67:ed:66:ef:77:4f:
                    4c:f5:bd:74:94:8a:78:77:1c:b2:d1:7a:03:8c:70:
                    f9:b7:02:3e:a0:b9:30:7e:e8:28:28:78:6d:3f:07:
                    53:89:eb:f4:4c:af:4f:69:80:13:34:a2:95:7b:9a:
                    5a:eb:1f:08:6b:ff:18:53:e2:0f:68:4a:48:cf:e5:
                    6d:e8:b4:a2:87:77:12:9b:9d:c0:54:dc:a8:1c:0d:
                    3d:32:d0:88:36:ee:82:0b:74:d6:c0:c2:7e:b2:ac:
                    0e:78:da:19:a0:92:9c:92:a2:a5:00:17:cf:26:8d:
                    eb:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D4:D3:FA:B0:11:85:3F:52:29:A5:34:43:92:F2:22:F5:BA:72:E5
            X509v3 Authority Key Identifier:
                keyid:36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/6dTT-rARhT9SKaU0Q5LyIvW6cuU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/NpxxPFGYfh_6VIInf18cjLci9Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:9e:53:1e:ed:5a:b0:d6:ab:fc:ed:77:d1:8a:b4:14:51:87:
         53:cc:77:c9:51:50:da:54:7e:0a:b2:34:de:bc:70:73:a9:98:
         69:6b:23:81:72:07:43:66:44:2e:41:8f:1c:8d:68:fa:08:5c:
         c3:cf:34:1f:fb:5d:57:50:38:c3:35:dd:bf:7f:82:27:4c:cd:
         f0:3b:13:22:35:09:ed:3e:27:8c:34:66:a8:f6:73:23:f4:1f:
         02:ec:32:4e:75:22:31:3a:e2:5a:9a:3f:7d:d5:47:52:8e:23:
         22:6e:4d:4e:03:23:a4:b1:22:dd:72:78:a0:01:6f:66:55:46:
         70:37:ad:97:17:ea:43:69:5f:2d:55:65:ac:00:7d:99:39:0d:
         c0:bc:12:cc:a7:b1:9f:94:d9:f9:05:c2:41:b0:af:e8:1d:6a:
         04:f5:cc:13:f3:66:38:f5:42:2d:37:23:0d:20:69:3d:93:cc:
         2a:81:3c:28:fc:a9:e6:04:22:91:79:3f:52:80:50:c9:3a:6e:
         97:13:11:ba:52:27:e8:f1:ec:ae:f9:fb:51:f8:33:de:63:d5:
         30:06:05:b6:88:37:56:82:80:17:e3:08:a8:55:b6:ca:7f:35:
         ee:60:c4:aa:35:ec:44:91:2e:a1:96:c1:3a:9c:18:2b:8e:6b:
         80:6c:55:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKpqpG5yS1gerai7U+8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OWM3MTNjNTE5ODdlMWZmYTU0ODIyNzdmNWYxYzhjYjcy
MmY0NGIwHhcNMjUwMTAxMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ0ZDNmYWIwMTE4NTNmNTIyOWE1MzQ0MzkyZjIyMmY1YmE3MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZAjgiQPuKpp6zbM9ZMLYXTKZ/sD
pWIaXuW9KlGjjLggX8SaLRodHvK4jRskRNVBRs12n77ks+B7LPEpU7ua2gCszB4y
amPM6y5uBqzqIXZNoAmp+5UlCIM0VV8nppbcy4wO2Q3QhTy0snzv5Yop4veyV0kH
8Qiy9bXRTEFHsfmJui3XCWxSgkmnBfzxcxRn7Wbvd09M9b10lIp4dxyy0XoDjHD5
twI+oLkwfugoKHhtPwdTiev0TK9PaYATNKKVe5pa6x8Ia/8YU+IPaEpIz+Vt6LSi
h3cSm53AVNyoHA09MtCINu6CC3TWwMJ+sqwOeNoZoJKckqKlABfPJo3rVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOnU0/qwEYU/UimlNEOS8iL1unLlMB8GA1UdIwQY
MBaAFDaccTxRmH4f+lSCJ39fHIy3IvRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAt
NzZjMDVjZjVmMmU2LzEvNmRUVC1yQVJoVDlTS2FVMFE1THlJdlc2Y3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAtNzZjMDVjZjVmMmU2
LzEvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXDyVMA0G
CSqGSIb3DQEBCwUAA4IBAQA5nlMe7Vqw1qv87XfRirQUUYdTzHfJUVDaVH4KsjTe
vHBzqZhpayOBcgdDZkQuQY8cjWj6CFzDzzQf+11XUDjDNd2/f4InTM3wOxMiNQnt
PieMNGao9nMj9B8C7DJOdSIxOuJamj991UdSjiMibk1OAyOksSLdcnigAW9mVUZw
N62XF+pDaV8tVWWsAH2ZOQ3AvBLMp7GflNn5BcJBsK/oHWoE9cwT82Y49UItNyMN
IGk9k8wqgTwo/KnmBCKReT9SgFDJOm6XExG6Uifo8eyu+ftR+DPeY9UwBgW2iDdW
goAX4wioVbbKfzXuYMSqNexEkS6hlsE6nBgrjmuAbFUR
-----END CERTIFICATE-----