Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/7Q9yn768nB9F2sjNZhhO2QeXfDM.roa
File:                     7Q9yn768nB9F2sjNZhhO2QeXfDM.roa (raw, json)
Hash identifier:          D1P+fo+0AWvulxWPSuq6lNa7wTOm7njtGEBrJSf0zek=
Subject key identifier:   ED:0F:72:9F:BE:BC:9C:1F:45:DA:C8:CD:66:18:4E:D9:07:97:7C:33
Certificate issuer:       /CN=27484956736549eab3b06e23aab89ca5993a8076
Certificate serial:       0190A907BA4A4736F993A42330D3255EC64B
Authority key identifier: 27:48:49:56:73:65:49:EA:B3:B0:6E:23:AA:B8:9C:A5:99:3A:80:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/7Q9yn768nB9F2sjNZhhO2QeXfDM.roa
Signing time:             Fri 12 Jul 2024 22:19:34 +0000
ROA not before:           Fri 12 Jul 2024 22:19:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197555
IP address blocks:        45.84.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 10:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:a9:07:ba:4a:47:36:f9:93:a4:23:30:d3:25:5e:c6:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27484956736549eab3b06e23aab89ca5993a8076
        Validity
            Not Before: Jul 12 22:19:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ed0f729fbebc9c1f45dac8cd66184ed907977c33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:3b:6d:64:6d:d7:05:49:2a:d4:87:f6:56:5c:
                    44:31:e5:1a:37:3f:91:0d:d2:73:2e:3f:66:6b:ac:
                    31:1b:7f:c5:4f:00:e1:3b:4d:8a:27:92:86:dc:54:
                    3d:90:fe:e9:16:0b:65:26:be:42:4c:90:48:ef:05:
                    d4:d6:68:a2:6d:01:11:d0:1a:ce:d9:68:c2:ff:f9:
                    0b:e9:c7:ab:4c:ee:c3:f4:35:c6:0b:7e:75:7b:fc:
                    7b:35:39:44:64:dc:18:50:09:38:f8:85:41:a3:5b:
                    81:cf:3f:a5:58:d8:e1:9d:92:72:f8:80:bb:54:ad:
                    b6:19:f6:93:93:07:8e:2d:23:54:57:26:56:b7:30:
                    0e:12:de:22:b1:3a:a0:5a:66:c3:4f:16:a0:f5:4b:
                    92:3a:0f:fe:b3:ef:42:7a:84:fa:d4:c0:d4:6f:c0:
                    4e:65:5f:67:17:61:15:df:5b:33:45:c1:cf:5f:0a:
                    f6:29:6e:7c:b6:ff:a0:10:b8:11:58:1b:a6:5a:73:
                    d5:a7:15:fe:52:d0:6e:3a:73:f2:e2:ba:f7:fb:c6:
                    95:97:eb:1a:1f:08:eb:9b:6b:1d:19:cb:a4:82:af:
                    df:f2:19:4b:99:d8:86:a9:12:ff:37:ea:2b:69:0f:
                    f6:b7:1b:ef:7b:48:eb:14:3d:cd:bc:24:71:55:66:
                    12:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:0F:72:9F:BE:BC:9C:1F:45:DA:C8:CD:66:18:4E:D9:07:97:7C:33
            X509v3 Authority Key Identifier:
                keyid:27:48:49:56:73:65:49:EA:B3:B0:6E:23:AA:B8:9C:A5:99:3A:80:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J0hJVnNlSeqzsG4jqricpZk6gHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/7Q9yn768nB9F2sjNZhhO2QeXfDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/dee578-f2c6-41c0-b728-ad163ab354c8/1/J0hJVnNlSeqzsG4jqricpZk6gHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:3f:d2:5c:0a:28:7c:c6:c1:3d:a7:43:d9:05:4e:35:e0:87:
         62:58:4c:15:ad:44:0c:27:cf:b0:d0:81:c8:d2:e6:ed:6f:aa:
         89:f1:d8:e5:2b:8e:5c:04:e6:18:bd:64:31:4c:31:3d:02:99:
         60:1c:e7:33:f5:d3:ca:92:a5:2b:31:4c:40:99:e8:6e:06:9f:
         40:cb:2c:85:e2:40:a5:91:44:5a:a5:88:8d:23:09:b5:a2:df:
         83:78:ac:76:42:da:5a:03:5b:b2:5e:b9:6d:39:52:da:54:47:
         80:15:9f:2b:38:18:c4:67:33:61:ec:1a:84:f4:35:da:ae:9b:
         4c:fb:b1:08:f1:ce:55:11:be:dc:10:41:51:77:39:a0:a5:d8:
         c5:23:37:64:ed:bf:50:c4:3d:46:87:7e:20:a1:25:2f:1f:c8:
         62:9b:dc:ec:44:76:e4:98:12:7f:e6:ed:c8:3d:de:6f:f0:0c:
         b9:50:65:92:1b:f6:bd:4f:8b:73:5f:84:02:b5:07:e9:ad:a9:
         ef:62:69:54:1d:ec:fe:6a:b3:9f:8f:99:51:68:8d:79:6d:dd:
         55:c4:34:22:23:1f:8e:b4:95:4d:82:c3:06:19:a4:cc:e8:44:
         40:5a:d6:c2:7e:d7:34:c4:e1:78:b7:55:e5:02:fe:5b:39:36:
         bf:90:96:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCpB7pKRzb5k6QjMNMlXsZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NDg0OTU2NzM2NTQ5ZWFiM2IwNmUyM2FhYjg5Y2E1OTkz
YTgwNzYwHhcNMjQwNzEyMjIxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDBmNzI5ZmJlYmM5YzFmNDVkYWM4Y2Q2NjE4NGVkOTA3OTc3YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTttZG3XBUkq1If2VlxEMeUaNz+R
DdJzLj9ma6wxG3/FTwDhO02KJ5KG3FQ9kP7pFgtlJr5CTJBI7wXU1miibQER0BrO
2WjC//kL6cerTO7D9DXGC351e/x7NTlEZNwYUAk4+IVBo1uBzz+lWNjhnZJy+IC7
VK22GfaTkweOLSNUVyZWtzAOEt4isTqgWmbDTxag9UuSOg/+s+9CeoT61MDUb8BO
ZV9nF2EV31szRcHPXwr2KW58tv+gELgRWBumWnPVpxX+UtBuOnPy4rr3+8aVl+sa
Hwjrm2sdGcukgq/f8hlLmdiGqRL/N+oraQ/2txvve0jrFD3NvCRxVWYSrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0Pcp++vJwfRdrIzWYYTtkHl3wzMB8GA1UdIwQY
MBaAFCdISVZzZUnqs7BuI6q4nKWZOoB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjBoSlZuTmxTZXF6c0c0anFyaWNwWms2Z0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kZWU1NzgtZjJjNi00MWMwLWI3Mjgt
YWQxNjNhYjM1NGM4LzEvN1E5eW43NjhuQjlGMnNqTlpoaE8yUWVYZkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kZWU1NzgtZjJjNi00MWMwLWI3MjgtYWQxNjNhYjM1NGM4
LzEvSjBoSlZuTmxTZXF6c0c0anFyaWNwWms2Z0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVRnMA0G
CSqGSIb3DQEBCwUAA4IBAQA7P9JcCih8xsE9p0PZBU414IdiWEwVrUQMJ8+w0IHI
0ubtb6qJ8djlK45cBOYYvWQxTDE9AplgHOcz9dPKkqUrMUxAmehuBp9AyyyF4kCl
kURapYiNIwm1ot+DeKx2QtpaA1uyXrltOVLaVEeAFZ8rOBjEZzNh7BqE9DXarptM
+7EI8c5VEb7cEEFRdzmgpdjFIzdk7b9QxD1Gh34goSUvH8him9zsRHbkmBJ/5u3I
Pd5v8Ay5UGWSG/a9T4tzX4QCtQfpranvYmlUHez+arOfj5lRaI15bd1VxDQiIx+O
tJVNgsMGGaTM6ERAWtbCftc0xOF4t1XlAv5bOTa/kJbg
-----END CERTIFICATE-----