Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/l1-sejc-PWm4bZbwopMK5QDLIl0.roa
File:                     l1-sejc-PWm4bZbwopMK5QDLIl0.roa (raw, json)
Hash identifier:          q+WR4aU5XT0idrkPEYKCaemajti3rkpWSz9SOMgYq0c=
Subject key identifier:   97:5F:AC:7A:37:3E:3D:69:B8:6D:96:F0:A2:93:0A:E5:00:CB:22:5D
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       0192F752595EDC1E2F6F9270AA2ED13461F1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/l1-sejc-PWm4bZbwopMK5QDLIl0.roa
Signing time:             Mon 04 Nov 2024 13:17:02 +0000
ROA not before:           Mon 04 Nov 2024 13:17:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202656
IP address blocks:        93.113.255.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:f7:52:59:5e:dc:1e:2f:6f:92:70:aa:2e:d1:34:61:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Nov  4 13:17:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=975fac7a373e3d69b86d96f0a2930ae500cb225d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:c0:98:fc:bf:90:0b:14:77:32:22:72:3a:4b:
                    51:59:31:95:36:72:bd:88:a6:85:00:73:73:6d:3b:
                    13:e2:59:19:ad:a6:ae:dd:d4:e8:52:54:39:a9:16:
                    46:77:92:02:9f:5e:d2:6a:48:3f:2b:12:ec:03:b4:
                    e1:cc:27:43:d0:95:fe:c9:d3:3c:c2:c8:97:4b:ff:
                    9a:8e:ab:0d:08:03:e6:cb:1a:5e:c1:25:ca:53:59:
                    c5:2a:cc:a2:1e:85:4a:18:3f:df:3d:b1:df:e7:57:
                    be:f0:26:e1:02:a0:81:a4:de:d3:b8:ac:c7:eb:bf:
                    d3:03:a9:eb:61:5a:54:f7:7d:7d:98:f7:99:4a:c4:
                    26:a3:6c:2e:2e:6a:71:d2:3c:77:76:05:e9:7c:2e:
                    13:77:54:c5:62:0f:dd:f3:55:44:e0:1a:3c:f0:40:
                    cd:34:0f:f4:2f:39:f3:31:65:76:b1:9f:32:cc:09:
                    b7:bb:00:df:ea:e7:2e:9f:3b:62:db:16:da:81:ca:
                    9f:cf:00:3c:64:7e:ff:bc:3b:9f:a3:50:f0:93:68:
                    a6:ec:3f:f7:f8:51:41:2e:5c:25:6c:68:2d:99:b0:
                    21:e3:de:a5:c5:3d:58:7c:cc:c1:38:f5:59:8a:ab:
                    c6:4f:20:e4:a0:f6:86:86:f4:1d:6a:63:f1:33:f5:
                    57:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5F:AC:7A:37:3E:3D:69:B8:6D:96:F0:A2:93:0A:E5:00:CB:22:5D
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/l1-sejc-PWm4bZbwopMK5QDLIl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.113.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:50:f9:1c:45:a7:69:38:a7:d9:36:fa:b6:00:16:4c:dc:2b:
         46:70:39:ee:2f:52:bd:52:dc:96:ce:88:03:91:28:5f:7d:45:
         85:db:f3:1e:e9:90:97:12:4c:72:ea:26:2a:e6:b1:a4:d5:0d:
         55:7a:c3:57:6c:d8:fc:d3:96:5a:81:53:84:35:4a:e9:6b:0a:
         61:92:d8:ce:73:59:fb:5f:74:f3:90:1d:46:c3:04:ca:67:00:
         81:84:91:64:68:25:1f:3d:c4:12:7e:00:ef:27:ba:ed:16:89:
         8e:63:8a:f6:19:e2:f1:e0:f8:de:ec:73:74:e5:4e:c6:08:3b:
         0b:6a:e0:99:ec:fa:5a:29:2e:2e:d4:c6:23:a6:36:aa:96:34:
         2d:b9:e9:d7:ce:a0:c4:78:c4:7a:36:3c:15:b1:52:40:43:cb:
         73:91:2a:28:30:50:7d:3b:12:ef:82:1f:18:05:5c:d6:6a:eb:
         64:f5:9b:f0:df:87:c2:12:2c:ca:f6:02:55:e3:4f:6e:b8:ef:
         d8:bc:ff:73:da:36:27:6a:60:cc:a5:63:a0:61:39:de:0c:cb:
         d5:f6:12:eb:48:30:fc:8e:7e:95:17:36:bf:a8:e8:34:9c:79:
         1d:cb:fe:05:a6:b8:c0:aa:90:15:07:b2:9e:ee:0a:76:5a:b9:
         df:63:43:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL3Ulle3B4vb5Jwqi7RNGHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTA0MTMxNzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzVmYWM3YTM3M2UzZDY5Yjg2ZDk2ZjBhMjkzMGFlNTAwY2IyMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8CY/L+QCxR3MiJyOktRWTGVNnK9
iKaFAHNzbTsT4lkZraau3dToUlQ5qRZGd5ICn17Sakg/KxLsA7ThzCdD0JX+ydM8
wsiXS/+ajqsNCAPmyxpewSXKU1nFKsyiHoVKGD/fPbHf51e+8CbhAqCBpN7TuKzH
67/TA6nrYVpU9319mPeZSsQmo2wuLmpx0jx3dgXpfC4Td1TFYg/d81VE4Bo88EDN
NA/0LznzMWV2sZ8yzAm3uwDf6ucunzti2xbagcqfzwA8ZH7/vDufo1Dwk2im7D/3
+FFBLlwlbGgtmbAh496lxT1YfMzBOPVZiqvGTyDkoPaGhvQdamPxM/VXeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdfrHo3Pj1puG2W8KKTCuUAyyJdMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbDEtc2VqYy1QV200Ylpid29wTUs1UURMSWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXH/MA0G
CSqGSIb3DQEBCwUAA4IBAQAZUPkcRadpOKfZNvq2ABZM3CtGcDnuL1K9UtyWzogD
kShffUWF2/Me6ZCXEkxy6iYq5rGk1Q1VesNXbNj805ZagVOENUrpawphktjOc1n7
X3TzkB1GwwTKZwCBhJFkaCUfPcQSfgDvJ7rtFomOY4r2GeLx4Pje7HN05U7GCDsL
auCZ7PpaKS4u1MYjpjaqljQtuenXzqDEeMR6NjwVsVJAQ8tzkSooMFB9OxLvgh8Y
BVzWautk9Zvw34fCEizK9gJV409uuO/YvP9z2jYnamDMpWOgYTneDMvV9hLrSDD8
jn6VFza/qOg0nHkdy/4FprjAqpAVB7Ke7gp2WrnfY0Pc
-----END CERTIFICATE-----