Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/DN_LzUjWjePswxKOdbOhYNqDtJ0.roa
File:                     DN_LzUjWjePswxKOdbOhYNqDtJ0.roa (raw, json)
Hash identifier:          Wem1I0QV0qZXp9EOkHkj66A6zn6ZoUUMHLMi6RCHcJM=
Subject key identifier:   0C:DF:CB:CD:48:D6:8D:E3:EC:C3:12:8E:75:B3:A1:60:DA:83:B4:9D
Certificate issuer:       /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial:       0192FE8D88D51DFFE9835809EC2158C8A14A
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/DN_LzUjWjePswxKOdbOhYNqDtJ0.roa
Signing time:             Tue 05 Nov 2024 22:59:01 +0000
ROA not before:           Tue 05 Nov 2024 22:59:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48883
IP address blocks:        2a13:e3c1:9b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 07:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:fe:8d:88:d5:1d:ff:e9:83:58:09:ec:21:58:c8:a1:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
        Validity
            Not Before: Nov  5 22:59:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0cdfcbcd48d68de3ecc3128e75b3a160da83b49d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:96:42:dc:5d:a6:41:d3:4e:19:31:54:fc:33:
                    1a:fb:3c:b0:ef:d2:29:a1:e0:c9:8a:ef:00:f2:7a:
                    c4:98:6c:12:4c:78:a3:1f:e3:f7:07:52:08:8b:6e:
                    52:a3:70:69:64:c8:38:fa:13:9e:6e:44:34:61:e7:
                    89:13:47:4f:57:3f:d3:30:8a:5a:36:e1:fd:dd:d5:
                    3e:d0:e2:1c:1e:de:a4:f1:37:f4:8b:58:79:45:8c:
                    10:c1:e9:26:9f:07:18:be:46:90:b0:00:76:19:fa:
                    e2:b9:66:0b:d8:1f:f3:6b:2a:56:37:ba:ca:aa:cf:
                    99:af:73:7e:5d:73:48:92:04:42:40:04:1f:4a:fb:
                    3a:cc:b3:28:e3:8b:32:50:4e:58:73:ca:e1:83:97:
                    7e:c1:65:aa:68:df:20:fc:55:c3:8e:6a:1c:f4:78:
                    27:2c:a1:ab:be:83:08:fe:ec:26:a4:8e:7e:0d:4e:
                    14:52:dd:6a:ef:01:88:4b:d0:6f:5a:52:3a:83:27:
                    d6:6d:46:be:75:27:7c:e4:00:34:24:84:6c:46:4a:
                    22:83:e1:88:11:30:61:5b:ac:76:a2:24:3d:4f:05:
                    6b:b0:c5:13:27:8f:b3:07:5c:fc:92:47:da:6c:ce:
                    fe:b8:56:c7:60:31:d2:03:7e:40:a3:1f:75:d0:0e:
                    99:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DF:CB:CD:48:D6:8D:E3:EC:C3:12:8E:75:B3:A1:60:DA:83:B4:9D
            X509v3 Authority Key Identifier:
                keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/DN_LzUjWjePswxKOdbOhYNqDtJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:e3c1:9b::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:a5:10:b4:03:4a:47:91:40:00:1e:0b:41:f6:e8:87:44:1d:
         71:09:0c:37:c1:3e:3e:9a:d1:ef:51:0f:07:04:5d:84:61:b8:
         cf:a9:7c:b7:4b:d8:48:2e:2f:da:d8:41:f9:b0:46:51:a5:ba:
         69:2d:5c:cf:ed:65:07:76:26:48:8c:49:c9:c5:71:13:a1:37:
         a9:70:3b:24:1b:03:4f:cb:50:0c:6d:b4:65:91:aa:39:dc:48:
         e5:d6:46:27:e4:99:26:f5:eb:1b:03:d9:51:25:11:89:94:31:
         de:32:1e:f9:65:c6:b7:3d:73:b9:df:88:17:b5:81:7a:a3:77:
         dc:1a:3c:f8:7b:06:30:a5:fd:27:51:2c:91:d8:d6:fe:c8:f3:
         78:1e:8d:2f:07:d0:5d:81:8e:00:01:ef:c9:65:5f:bd:1d:38:
         98:6e:cf:d0:ed:8d:22:b1:11:34:79:55:85:fd:bb:21:8e:cb:
         91:95:7c:9e:7e:dd:91:75:e7:24:66:c2:94:0e:41:66:bf:c0:
         4d:0b:be:50:81:67:79:c9:35:b6:b6:de:32:ea:5b:3f:6f:04:
         c9:ca:1c:4b:27:91:b3:b0:38:e8:43:2a:73:a4:08:74:34:1a:
         ff:ce:06:5d:e0:43:91:ff:e6:69:cf:6b:9f:7f:89:36:95:33:
         cd:ff:d8:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZL+jYjVHf/pg1gJ7CFYyKFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjQxMTA1MjI1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RmY2JjZDQ4ZDY4ZGUzZWNjMzEyOGU3NWIzYTE2MGRhODNiNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5ZC3F2mQdNOGTFU/DMa+zyw79Ip
oeDJiu8A8nrEmGwSTHijH+P3B1IIi25So3BpZMg4+hOebkQ0YeeJE0dPVz/TMIpa
NuH93dU+0OIcHt6k8Tf0i1h5RYwQwekmnwcYvkaQsAB2GfriuWYL2B/zaypWN7rK
qs+Zr3N+XXNIkgRCQAQfSvs6zLMo44syUE5Yc8rhg5d+wWWqaN8g/FXDjmoc9Hgn
LKGrvoMI/uwmpI5+DU4UUt1q7wGIS9BvWlI6gyfWbUa+dSd85AA0JIRsRkoig+GI
ETBhW6x2oiQ9TwVrsMUTJ4+zB1z8kkfabM7+uFbHYDHSA35Aox910A6Z1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAzfy81I1o3j7MMSjnWzoWDag7SdMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvRE5fTHpValdqZVBzd3hLT2RiT2hZTnFEdEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPjwQCb
MA0GCSqGSIb3DQEBCwUAA4IBAQBWpRC0A0pHkUAAHgtB9uiHRB1xCQw3wT4+mtHv
UQ8HBF2EYbjPqXy3S9hILi/a2EH5sEZRpbppLVzP7WUHdiZIjEnJxXEToTepcDsk
GwNPy1AMbbRlkao53Ejl1kYn5Jkm9esbA9lRJRGJlDHeMh75Zca3PXO534gXtYF6
o3fcGjz4ewYwpf0nUSyR2Nb+yPN4Ho0vB9BdgY4AAe/JZV+9HTiYbs/Q7Y0isRE0
eVWF/bshjsuRlXyeft2RdeckZsKUDkFmv8BNC75QgWd5yTW2tt4y6ls/bwTJyhxL
J5GzsDjoQypzpAh0NBr/zgZd4EOR/+Zpz2uff4k2lTPN/9jj
-----END CERTIFICATE-----