Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/_EbNwpReLUVNd1YP_0CwE7ZjiIE.roa
File:                     _EbNwpReLUVNd1YP_0CwE7ZjiIE.roa (raw, json)
Hash identifier:          h2xnKbmoWDr+VElZXTIO8MYVw2Dx5IJspYhOYFMtbaw=
Subject key identifier:   FC:46:CD:C2:94:5E:2D:45:4D:77:56:0F:FF:40:B0:13:B6:63:88:81
Certificate issuer:       /CN=69eb1c1d4930bfbfe25ea7f0a45d7d0b611e7f62
Certificate serial:       0194B78E4361CEDBEE5E93CD2CC72F4C62A0
Authority key identifier: 69:EB:1C:1D:49:30:BF:BF:E2:5E:A7:F0:A4:5D:7D:0B:61:1E:7F:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aescHUkwv7_iXqfwpF19C2Eef2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/_EbNwpReLUVNd1YP_0CwE7ZjiIE.roa
Signing time:             Thu 30 Jan 2025 14:12:21 +0000
ROA not before:           Thu 30 Jan 2025 14:12:21 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     29647
IP address blocks:        193.105.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/aescHUkwv7_iXqfwpF19C2Eef2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/aescHUkwv7_iXqfwpF19C2Eef2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aescHUkwv7_iXqfwpF19C2Eef2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:b7:8e:43:61:ce:db:ee:5e:93:cd:2c:c7:2f:4c:62:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb1c1d4930bfbfe25ea7f0a45d7d0b611e7f62
        Validity
            Not Before: Jan 30 14:12:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fc46cdc2945e2d454d77560fff40b013b6638881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7c:44:03:de:d3:76:4e:7f:1f:0a:c0:76:40:
                    e0:d3:35:13:6a:88:07:09:bc:de:44:f4:5c:dc:9e:
                    5b:36:00:e0:4b:92:81:fa:8b:64:92:5d:c1:df:2d:
                    f0:1a:de:32:7f:c6:7c:cb:94:9d:1b:ac:b4:ea:dd:
                    68:dc:3b:cd:72:cd:d7:5b:7b:76:d2:dd:11:c1:f0:
                    e5:ec:7c:e7:d4:8e:49:75:af:6f:37:fc:c9:16:12:
                    58:db:ba:03:76:54:71:13:25:73:d1:dd:ea:26:2d:
                    e5:91:5c:c4:81:89:32:10:db:ec:c6:8b:4f:75:cc:
                    7c:cc:2f:ae:9c:0c:52:8e:fb:e7:85:a4:64:05:e8:
                    b9:69:1f:1d:ba:49:9e:e4:44:9b:ae:b4:95:72:4e:
                    4b:a3:f5:19:2b:d7:5d:98:09:8d:a9:40:f2:c3:e0:
                    87:96:86:40:a9:b3:49:f9:27:24:21:06:e3:52:c4:
                    5f:0e:34:ca:81:b8:39:05:83:2f:29:1c:49:bf:26:
                    fc:73:ab:79:a2:cf:ae:95:a7:6a:b0:31:2d:7e:28:
                    57:ce:9d:fe:aa:7d:d6:d4:fa:d1:e2:71:60:ac:fd:
                    2e:21:84:26:e5:c2:a2:7e:2f:7f:27:dd:59:b2:c0:
                    41:b7:b1:3a:cd:49:83:6a:0d:43:8c:3d:91:d0:b7:
                    94:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:46:CD:C2:94:5E:2D:45:4D:77:56:0F:FF:40:B0:13:B6:63:88:81
            X509v3 Authority Key Identifier:
                keyid:69:EB:1C:1D:49:30:BF:BF:E2:5E:A7:F0:A4:5D:7D:0B:61:1E:7F:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aescHUkwv7_iXqfwpF19C2Eef2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/_EbNwpReLUVNd1YP_0CwE7ZjiIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4c0dcf-6439-411f-a104-e99ab2605a90/1/aescHUkwv7_iXqfwpF19C2Eef2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:dd:ed:f0:c6:a0:b6:cb:68:46:0b:ab:01:5e:7b:30:29:59:
         f1:d5:d9:52:21:f2:b2:b7:7f:d4:34:a4:2c:ef:07:d4:a2:dc:
         9b:d1:35:39:84:47:c0:91:b0:06:98:37:de:6e:e6:39:65:e0:
         00:76:fd:7c:a8:2d:02:d9:90:d8:d9:8c:ee:5e:d1:b9:f1:1f:
         de:18:c3:5d:b9:32:4e:b7:ed:b2:88:2f:b3:61:35:9c:91:cf:
         f1:d4:3e:7a:a7:21:60:fe:8c:31:80:52:c8:9b:e0:79:ed:69:
         3d:2d:5e:14:ec:ed:11:14:7f:fb:64:e4:de:ce:e4:56:7a:8a:
         ef:b5:49:94:a1:24:49:d2:08:31:e8:d4:48:6f:05:ff:9a:1b:
         ed:e9:4f:78:b2:59:fe:69:79:17:1c:65:be:07:fa:93:39:28:
         98:cb:0b:44:94:9a:93:53:06:82:ec:33:1b:b3:29:4d:56:c4:
         04:d2:9d:be:c5:f3:eb:07:83:36:ae:59:61:e9:f9:65:d0:f2:
         7c:2a:98:f4:d9:fb:b2:68:d6:68:69:d1:70:87:b6:75:09:07:
         45:25:9c:ff:95:ee:54:30:4d:f8:38:f4:5c:96:8d:5c:f8:8c:
         6d:79:bf:58:db:80:08:d1:ee:98:8c:76:49:23:b0:40:20:43:
         de:cb:ea:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS3jkNhztvuXpPNLMcvTGKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIxYzFkNDkzMGJmYmZlMjVlYTdmMGE0NWQ3ZDBiNjEx
ZTdmNjIwHhcNMjUwMTMwMTQxMjIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQ2Y2RjMjk0NWUyZDQ1NGQ3NzU2MGZmZjQwYjAxM2I2NjM4ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHxEA97Tdk5/HwrAdkDg0zUTaogH
CbzeRPRc3J5bNgDgS5KB+otkkl3B3y3wGt4yf8Z8y5SdG6y06t1o3DvNcs3XW3t2
0t0RwfDl7Hzn1I5Jda9vN/zJFhJY27oDdlRxEyVz0d3qJi3lkVzEgYkyENvsxotP
dcx8zC+unAxSjvvnhaRkBei5aR8dukme5ESbrrSVck5Lo/UZK9ddmAmNqUDyw+CH
loZAqbNJ+SckIQbjUsRfDjTKgbg5BYMvKRxJvyb8c6t5os+uladqsDEtfihXzp3+
qn3W1PrR4nFgrP0uIYQm5cKifi9/J91ZssBBt7E6zUmDag1DjD2R0LeUzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxGzcKUXi1FTXdWD/9AsBO2Y4iBMB8GA1UdIwQY
MBaAFGnrHB1JML+/4l6n8KRdfQthHn9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzY0hVa3d2N19pWHFmd3BGMTlDMkVlZjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YzBkY2YtNjQzOS00MTFmLWExMDQt
ZTk5YWIyNjA1YTkwLzEvX0ViTndwUmVMVVZOZDFZUF8wQ3dFN1pqaUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YzBkY2YtNjQzOS00MTFmLWExMDQtZTk5YWIyNjA1YTkw
LzEvYWVzY0hVa3d2N19pWHFmd3BGMTlDMkVlZjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWnBMA0G
CSqGSIb3DQEBCwUAA4IBAQCu3e3wxqC2y2hGC6sBXnswKVnx1dlSIfKyt3/UNKQs
7wfUotyb0TU5hEfAkbAGmDfebuY5ZeAAdv18qC0C2ZDY2YzuXtG58R/eGMNduTJO
t+2yiC+zYTWckc/x1D56pyFg/owxgFLIm+B57Wk9LV4U7O0RFH/7ZOTezuRWeorv
tUmUoSRJ0ggx6NRIbwX/mhvt6U94sln+aXkXHGW+B/qTOSiYywtElJqTUwaC7DMb
sylNVsQE0p2+xfPrB4M2rllh6fll0PJ8Kpj02fuyaNZoadFwh7Z1CQdFJZz/le5U
ME34OPRclo1c+Ixteb9Y24AI0e6YjHZJI7BAIEPey+r1
-----END CERTIFICATE-----