Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/79fUImlWMWhi2l-V6gWw5Y3z6gg.roa
File:                     79fUImlWMWhi2l-V6gWw5Y3z6gg.roa (raw, json)
Hash identifier:          vIZA84VABd82PJVrh/qkjpDpmgR0lSA2sFJ8sd1qOTE=
Subject key identifier:   EF:D7:D4:22:69:56:31:68:62:DA:5F:95:EA:05:B0:E5:8D:F3:EA:08
Certificate issuer:       /CN=27484956736549eab3b06e23aab89ca5993a8076
Certificate serial:       018CC3B6FFC4112DB2FB52F7BB5938DB29CA
Authority key identifier: 27:48:49:56:73:65:49:EA:B3:B0:6E:23:AA:B8:9C:A5:99:3A:80:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/79fUImlWMWhi2l-V6gWw5Y3z6gg.roa
Signing time:             Mon 01 Jan 2024 06:29:59 +0000
ROA not before:           Mon 01 Jan 2024 06:29:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215821
IP address blocks:        45.84.101.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 21:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:ff:c4:11:2d:b2:fb:52:f7:bb:59:38:db:29:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27484956736549eab3b06e23aab89ca5993a8076
        Validity
            Not Before: Jan  1 06:29:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=efd7d4226956316862da5f95ea05b0e58df3ea08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:2e:e1:66:ea:18:38:0f:92:a7:23:59:da:a0:
                    ca:4c:6a:f9:e2:97:7a:86:2d:fc:f3:d6:18:12:5e:
                    1d:43:14:94:28:33:35:86:1f:da:8a:98:60:1b:24:
                    49:54:d7:25:b2:06:55:e6:5c:3a:52:b4:9c:2d:89:
                    68:a7:f9:56:ad:63:2b:3c:01:52:ec:4b:f0:fa:a5:
                    ed:a8:a5:2c:96:26:63:33:2f:68:1e:c2:55:53:b4:
                    25:e0:2e:97:17:37:45:5a:db:38:8a:7a:1a:e9:69:
                    70:cd:c5:c4:f0:23:23:62:8c:8e:f8:7f:f9:d4:64:
                    bc:ae:0c:d1:a6:80:0f:f1:3f:3e:19:1f:cd:6d:a3:
                    3b:de:d4:c5:c1:eb:be:f7:20:ad:9e:4d:f3:35:9a:
                    59:00:75:59:38:1c:a6:c9:25:21:50:1d:ca:39:04:
                    a6:e2:ae:61:2d:b8:61:ee:5d:55:23:17:c7:eb:af:
                    f4:ed:44:cc:87:7f:a2:24:36:78:7e:c8:3c:8f:fc:
                    91:0a:a1:97:0e:e4:c5:a7:75:5c:78:04:5d:7d:6a:
                    6f:2a:35:06:72:b2:8a:f5:68:00:df:0a:6d:68:f2:
                    3c:4e:25:05:75:3d:0b:24:db:54:47:e5:82:e1:14:
                    67:4b:09:9b:8e:d1:b3:e0:15:7e:64:04:58:2d:cc:
                    3a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:D7:D4:22:69:56:31:68:62:DA:5F:95:EA:05:B0:E5:8D:F3:EA:08
            X509v3 Authority Key Identifier:
                keyid:27:48:49:56:73:65:49:EA:B3:B0:6E:23:AA:B8:9C:A5:99:3A:80:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/79fUImlWMWhi2l-V6gWw5Y3z6gg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:42:c2:3d:59:62:95:c7:a2:b6:75:10:24:bb:da:1c:3c:84:
         4b:f1:73:f3:de:3b:25:fb:40:b5:46:a3:ac:ea:6d:e8:a0:47:
         f0:2b:c5:40:15:67:41:4f:00:47:0e:a0:73:30:78:ee:82:81:
         b5:d0:6a:71:73:35:25:29:b7:40:c2:cb:13:9a:c1:11:0e:d5:
         6c:9b:30:96:9b:f1:6b:92:b5:90:2c:63:32:8e:52:6d:ed:f9:
         7b:d0:9b:e4:03:62:a0:42:a6:8e:3d:82:f3:03:98:cb:fc:63:
         b1:5b:b6:26:83:7a:33:11:f6:ff:67:be:2b:ac:48:3f:62:4d:
         d9:b9:43:23:7f:45:37:0f:0e:90:64:22:93:03:f5:e2:20:83:
         27:d4:11:da:80:8a:3f:3d:1f:ed:b7:0e:ea:f2:51:dc:24:ae:
         28:ce:5b:49:93:ec:9b:e2:f5:3a:6d:2c:c7:88:ba:e0:e2:58:
         58:93:b8:fe:7e:5d:bb:ac:46:eb:32:51:6e:60:1e:45:49:9a:
         81:84:fa:f2:68:b0:5a:f4:68:3b:05:8d:6b:c1:84:70:8d:e3:
         28:ee:1f:83:a3:07:d8:5b:f8:b6:5e:a5:f7:0c:dd:5c:d2:bc:
         89:43:b3:22:51:18:85:aa:74:4e:2d:91:e6:da:84:c7:21:2c:
         46:6f:b3:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtv/EES2y+1L3u1k42ynKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NDg0OTU2NzM2NTQ5ZWFiM2IwNmUyM2FhYjg5Y2E1OTkz
YTgwNzYwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQ3ZDQyMjY5NTYzMTY4NjJkYTVmOTVlYTA1YjBlNThkZjNlYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli7hZuoYOA+SpyNZ2qDKTGr54pd6
hi3889YYEl4dQxSUKDM1hh/aiphgGyRJVNclsgZV5lw6UrScLYlop/lWrWMrPAFS
7Evw+qXtqKUsliZjMy9oHsJVU7Ql4C6XFzdFWts4inoa6WlwzcXE8CMjYoyO+H/5
1GS8rgzRpoAP8T8+GR/NbaM73tTFweu+9yCtnk3zNZpZAHVZOBymySUhUB3KOQSm
4q5hLbhh7l1VIxfH66/07UTMh3+iJDZ4fsg8j/yRCqGXDuTFp3VceARdfWpvKjUG
crKK9WgA3wptaPI8TiUFdT0LJNtUR+WC4RRnSwmbjtGz4BV+ZARYLcw6kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO/X1CJpVjFoYtpfleoFsOWN8+oIMB8GA1UdIwQY
MBaAFCdISVZzZUnqs7BuI6q4nKWZOoB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjBoSlZuTmxTZXF6c0c0anFyaWNwWms2Z0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kZWU1NzgtZjJjNi00MWMwLWI3Mjgt
YWQxNjNhYjM1NGM4LzEvNzlmVUltbFdNV2hpMmwtVjZnV3c1WTN6NmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kZWU1NzgtZjJjNi00MWMwLWI3MjgtYWQxNjNhYjM1NGM4
LzEvSjBoSlZuTmxTZXF6c0c0anFyaWNwWms2Z0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVRlMA0G
CSqGSIb3DQEBCwUAA4IBAQCmQsI9WWKVx6K2dRAku9ocPIRL8XPz3jsl+0C1RqOs
6m3ooEfwK8VAFWdBTwBHDqBzMHjugoG10GpxczUlKbdAwssTmsERDtVsmzCWm/Fr
krWQLGMyjlJt7fl70JvkA2KgQqaOPYLzA5jL/GOxW7Ymg3ozEfb/Z74rrEg/Yk3Z
uUMjf0U3Dw6QZCKTA/XiIIMn1BHagIo/PR/ttw7q8lHcJK4ozltJk+yb4vU6bSzH
iLrg4lhYk7j+fl27rEbrMlFuYB5FSZqBhPryaLBa9Gg7BY1rwYRwjeMo7h+DowfY
W/i2XqX3DN1c0ryJQ7MiURiFqnROLZHm2oTHISxGb7Mh
-----END CERTIFICATE-----