Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/E-NVE7fu8xBcgcZPmIUjqyGCCSs.roa
File:                     E-NVE7fu8xBcgcZPmIUjqyGCCSs.roa (raw, json)
Hash identifier:          52eecbjzD7npjX5gUDlJFiftJDX5WAP93g2RLDEGOGo=
Subject key identifier:   13:E3:55:13:B7:EE:F3:10:5C:81:C6:4F:98:85:23:AB:21:82:09:2B
Certificate issuer:       /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial:       018CC2DAE19019F16AA13614C18218596145
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/E-NVE7fu8xBcgcZPmIUjqyGCCSs.roa
Signing time:             Mon 01 Jan 2024 02:29:33 +0000
ROA not before:           Mon 01 Jan 2024 02:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205017
IP address blocks:        82.177.58.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 01:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:e1:90:19:f1:6a:a1:36:14:c1:82:18:59:61:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
        Validity
            Not Before: Jan  1 02:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=13e35513b7eef3105c81c64f988523ab2182092b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:75:58:d1:20:bc:02:9c:ea:5c:31:b9:75:2f:
                    7e:be:b1:dd:dc:b7:7b:a8:47:d8:fc:2d:ec:45:52:
                    fe:09:95:de:aa:8d:19:86:76:7c:bc:4c:6d:8e:67:
                    df:d0:7b:4f:ac:c0:cd:f6:db:d5:a4:07:00:60:34:
                    69:6c:18:b5:92:be:20:58:41:06:36:cc:90:2f:33:
                    80:75:61:82:91:dc:4c:70:b7:b5:3e:72:cd:16:20:
                    00:a1:3c:01:1e:c3:4a:b8:5d:d3:3b:6d:84:d1:1f:
                    13:fd:62:33:d1:08:b5:d6:7f:81:ed:e0:dd:25:0e:
                    0c:bb:8f:fd:6e:92:67:70:8f:84:00:77:84:d7:86:
                    b3:6e:2b:0b:48:1a:e2:72:fb:ef:5e:51:3f:1d:7c:
                    5e:02:40:b2:6f:7b:e5:12:57:e7:ee:51:e6:9f:96:
                    de:c3:cf:3c:22:2f:55:27:3b:4d:cd:55:3b:94:ae:
                    46:a4:c4:4c:55:37:4d:50:47:4c:7b:f0:11:a3:da:
                    9f:3a:8b:f7:12:a0:d2:c3:8e:72:bf:93:26:a7:a0:
                    da:2e:cd:52:98:40:48:3c:d7:54:5b:97:cb:6a:b6:
                    04:7e:b5:05:40:d4:d5:1a:4a:82:c2:64:55:42:45:
                    0d:27:e2:6b:38:ac:4a:ee:48:8b:4c:1b:77:20:75:
                    25:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:E3:55:13:B7:EE:F3:10:5C:81:C6:4F:98:85:23:AB:21:82:09:2B
            X509v3 Authority Key Identifier:
                keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/E-NVE7fu8xBcgcZPmIUjqyGCCSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.177.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:06:f7:05:89:58:7b:52:60:5d:6b:8b:e2:cc:47:0d:ab:7f:
         86:e6:8e:18:b9:f6:e3:56:a1:ba:d7:49:46:7e:98:27:b5:d1:
         21:d5:ec:c2:6c:0f:18:a4:42:3a:26:5b:57:d1:89:72:2e:84:
         d7:7a:43:1f:a7:25:72:9a:7d:81:39:c0:5d:a1:23:21:07:d6:
         70:0e:04:df:43:ca:97:d4:8c:9c:50:17:9c:ae:28:b9:4e:6f:
         ed:d2:39:9d:c8:c2:99:2a:c6:ee:53:0f:eb:87:4c:2f:80:ca:
         8b:65:64:28:7d:6c:d9:ff:d4:f6:b7:df:68:2a:97:36:7c:4c:
         f0:31:92:2d:f9:24:fa:bc:5b:ab:3a:47:3a:34:48:ac:5e:72:
         d6:d7:8b:4d:12:bf:f6:8a:f4:1c:b6:ae:d2:3d:76:25:31:14:
         00:3f:93:d7:e7:53:bd:92:ee:1b:c3:fc:36:51:79:ec:e7:04:
         f4:99:b4:a7:65:57:9d:52:52:56:98:81:b9:17:3f:52:33:9e:
         6a:70:bc:a8:cc:ee:c2:16:23:d2:40:04:1c:c3:98:80:5b:89:
         dc:6d:71:a8:ad:65:bd:2a:97:1e:60:be:ca:85:f9:00:0e:dd:
         9c:41:85:37:2b:1c:03:18:72:f5:d3:ff:4b:67:ba:f5:03:ed:
         97:11:7c:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2uGQGfFqoTYUwYIYWWFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2UzNTUxM2I3ZWVmMzEwNWM4MWM2NGY5ODg1MjNhYjIxODIwOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinVY0SC8ApzqXDG5dS9+vrHd3Ld7
qEfY/C3sRVL+CZXeqo0ZhnZ8vExtjmff0HtPrMDN9tvVpAcAYDRpbBi1kr4gWEEG
NsyQLzOAdWGCkdxMcLe1PnLNFiAAoTwBHsNKuF3TO22E0R8T/WIz0Qi11n+B7eDd
JQ4Mu4/9bpJncI+EAHeE14azbisLSBricvvvXlE/HXxeAkCyb3vlElfn7lHmn5be
w888Ii9VJztNzVU7lK5GpMRMVTdNUEdMe/ARo9qfOov3EqDSw45yv5Mmp6DaLs1S
mEBIPNdUW5fLarYEfrUFQNTVGkqCwmRVQkUNJ+JrOKxK7kiLTBt3IHUlAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPjVRO37vMQXIHGT5iFI6shggkrMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvRS1OVkU3ZnU4eEJjZ2NaUG1JVWpxeUdDQ1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUrE6MA0G
CSqGSIb3DQEBCwUAA4IBAQBZBvcFiVh7UmBda4vizEcNq3+G5o4YufbjVqG610lG
fpgntdEh1ezCbA8YpEI6JltX0YlyLoTXekMfpyVymn2BOcBdoSMhB9ZwDgTfQ8qX
1IycUBecrii5Tm/t0jmdyMKZKsbuUw/rh0wvgMqLZWQofWzZ/9T2t99oKpc2fEzw
MZIt+ST6vFurOkc6NEisXnLW14tNEr/2ivQctq7SPXYlMRQAP5PX51O9ku4bw/w2
UXns5wT0mbSnZVedUlJWmIG5Fz9SM55qcLyozO7CFiPSQAQcw5iAW4ncbXGorWW9
KpceYL7KhfkADt2cQYU3KxwDGHL10/9LZ7r1A+2XEXwu
-----END CERTIFICATE-----