Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JlqzzEcJ610d1caS6-0bJGyiIc.roa
File:                     6JlqzzEcJ610d1caS6-0bJGyiIc.roa (raw, json)
Hash identifier:          vlbAlTEtbzCEgOlIouvOoEnNiCuyZCnyxfX2IeZ67Hc=
Subject key identifier:   E8:99:6A:CF:31:1C:27:AD:74:77:57:1A:4B:AF:B4:6C:91:B2:88:87
Certificate issuer:       /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial:       0194236A626328F8A92E4BE9DDEAD0CD76DF
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JlqzzEcJ610d1caS6-0bJGyiIc.roa
Signing time:             Wed 01 Jan 2025 19:49:21 +0000
ROA not before:           Wed 01 Jan 2025 19:49:21 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     16074
IP address blocks:        145.77.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 07 Apr 2025 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:6a:62:63:28:f8:a9:2e:4b:e9:dd:ea:d0:cd:76:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
        Validity
            Not Before: Jan  1 19:49:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e8996acf311c27ad7477571a4bafb46c91b28887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8f:2e:34:6d:24:53:ba:99:7d:95:fa:0e:1a:
                    1d:b6:4a:9f:ec:7c:18:e9:86:4f:57:bd:8e:2c:4f:
                    b3:52:b5:ba:2e:ba:19:94:77:60:4f:29:f3:cd:04:
                    27:65:d3:f1:f7:19:74:8d:5e:f3:57:eb:a9:9e:a6:
                    55:ff:07:9a:cb:62:bb:40:44:2a:3e:8e:f6:0b:8c:
                    6d:56:c2:4d:73:22:1d:c7:82:7d:b2:3d:8f:80:af:
                    cb:3e:10:5a:00:a4:37:45:02:7a:8e:d8:9b:fd:5a:
                    78:6c:c3:5b:e2:e2:dc:60:77:35:cd:c3:3e:06:ed:
                    d0:90:88:9f:b3:2a:25:5d:68:1c:8d:da:0b:d0:2b:
                    e2:90:20:7b:df:d2:44:56:b6:16:c9:e5:82:b0:97:
                    e3:b5:63:f4:5c:3e:c3:10:ca:45:41:74:0d:c9:92:
                    53:d2:38:b7:fc:a5:97:b1:74:78:2f:50:54:3c:af:
                    4c:2e:22:bf:bb:7b:e0:df:13:12:29:c4:40:ea:d0:
                    e0:eb:08:67:65:d7:66:ba:57:a2:2a:fc:ed:fc:8f:
                    90:77:1a:74:49:37:e4:fe:df:8b:3f:89:98:8b:b5:
                    96:a5:ec:3b:ff:9f:63:8d:cf:ff:f6:cc:08:0f:70:
                    ad:f7:05:ea:e0:57:63:e1:53:04:c5:26:ea:69:62:
                    da:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:99:6A:CF:31:1C:27:AD:74:77:57:1A:4B:AF:B4:6C:91:B2:88:87
            X509v3 Authority Key Identifier:
                keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/6JlqzzEcJ610d1caS6-0bJGyiIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  145.77.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         32:71:76:6e:0a:c8:d5:01:10:f7:1a:90:f1:ea:ce:13:21:aa:
         31:23:2b:b5:21:00:1a:35:a6:99:e8:b6:17:1e:cf:9d:a0:0e:
         ca:21:5c:eb:a3:18:2c:1a:32:e1:2a:f2:2c:af:43:20:e4:85:
         96:18:36:87:d8:64:12:b2:71:7b:9f:6c:3e:05:28:2e:26:24:
         6a:35:66:68:95:1b:c8:fe:96:ac:9c:0e:98:08:b4:25:ae:60:
         59:a4:f5:a7:7c:4b:23:7c:9c:61:85:9f:78:89:3e:48:30:0d:
         83:9d:87:a1:86:f9:3a:eb:9e:27:66:dc:aa:7e:18:2b:bf:45:
         af:2b:b7:63:d5:e9:a5:fe:08:9f:59:d6:29:20:56:20:05:fc:
         91:3c:df:8c:b0:26:33:a1:16:76:b0:32:a5:8c:7a:dc:83:b8:
         ea:e9:c2:35:3b:83:23:35:c2:6d:88:77:1d:34:09:19:64:ca:
         ed:cc:8d:0a:96:8e:c0:d4:45:9e:08:68:fe:bb:97:91:14:29:
         0e:37:7e:a7:d7:01:6c:ba:a5:d5:23:14:88:40:ea:19:ff:8f:
         87:0b:d6:dc:45:df:cc:a5:05:9b:ff:26:92:11:96:39:a6:ef:
         f7:0b:dc:1b:ce:c9:5c:1d:fb:2f:42:59:52:f6:a9:40:56:4a:
         cb:80:e4:69
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQjamJjKPipLkvp3erQzXbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwMTAxMTk0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk5NmFjZjMxMWMyN2FkNzQ3NzU3MWE0YmFmYjQ2YzkxYjI4ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I8uNG0kU7qZfZX6Dhodtkqf7HwY
6YZPV72OLE+zUrW6LroZlHdgTynzzQQnZdPx9xl0jV7zV+upnqZV/weay2K7QEQq
Po72C4xtVsJNcyIdx4J9sj2PgK/LPhBaAKQ3RQJ6jtib/Vp4bMNb4uLcYHc1zcM+
Bu3QkIifsyolXWgcjdoL0CvikCB739JEVrYWyeWCsJfjtWP0XD7DEMpFQXQNyZJT
0ji3/KWXsXR4L1BUPK9MLiK/u3vg3xMSKcRA6tDg6whnZddmuleiKvzt/I+Qdxp0
STfk/t+LP4mYi7WWpew7/59jjc//9swID3Ct9wXq4Fdj4VMExSbqaWLaAwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOiZas8xHCetdHdXGkuvtGyRsoiHMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvNkpscXp6RWNKNjEwZDFjYVM2LTBiSkd5aUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkU0wDQYJ
KoZIhvcNAQELBQADggEBADJxdm4KyNUBEPcakPHqzhMhqjEjK7UhABo1ppnothce
z52gDsohXOujGCwaMuEq8iyvQyDkhZYYNofYZBKycXufbD4FKC4mJGo1ZmiVG8j+
lqycDpgItCWuYFmk9ad8SyN8nGGFn3iJPkgwDYOdh6GG+Trrnidm3Kp+GCu/Ra8r
t2PV6aX+CJ9Z1ikgViAF/JE834ywJjOhFnawMqWMetyDuOrpwjU7gyM1wm2Idx00
CRlkyu3MjQqWjsDURZ4IaP67l5EUKQ43fqfXAWy6pdUjFIhA6hn/j4cL1txF38yl
BZv/JpIRljmm7/cL3BvOyVwd+y9CWVL2qUBWSsuA5Gk=
-----END CERTIFICATE-----