Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/c-WV5CtI-578BdHxv0y_yqWiG0U.roa
File:                     c-WV5CtI-578BdHxv0y_yqWiG0U.roa (raw, json)
Hash identifier:          YVNpqPU/l1eLU/2WHyF7P6RCa/29XSuIiMYJk8cQYZw=
Subject key identifier:   73:E5:95:E4:2B:48:FB:9E:FC:05:D1:F1:BF:4C:BF:CA:A5:A2:1B:45
Certificate issuer:       /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial:       01926C339219CEF2ACF9242900B8DAEEE1DF
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/c-WV5CtI-578BdHxv0y_yqWiG0U.roa
Signing time:             Tue 08 Oct 2024 12:56:11 +0000
ROA not before:           Tue 08 Oct 2024 12:56:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137409
IP address blocks:        176.113.98.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:6c:33:92:19:ce:f2:ac:f9:24:29:00:b8:da:ee:e1:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
        Validity
            Not Before: Oct  8 12:56:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=73e595e42b48fb9efc05d1f1bf4cbfcaa5a21b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:a8:80:0c:32:6c:3b:76:1d:a6:cd:ed:f0:ee:
                    cb:6f:b5:99:c0:c4:f6:a6:36:92:0e:d9:a2:6c:4d:
                    78:47:32:cd:cb:09:8e:a6:ac:9e:b4:86:d8:8e:34:
                    01:0f:77:4f:b6:98:5d:73:67:64:c7:78:02:f8:a4:
                    f4:9c:36:df:4c:a0:7a:fa:ab:6a:f2:0e:f2:27:e3:
                    14:70:96:02:2b:1a:b8:b0:ca:e7:c0:ca:cd:20:af:
                    8a:81:dc:f6:03:3b:e0:58:26:43:67:1b:ce:7c:02:
                    94:cb:d1:d5:c8:c0:f4:4e:e5:ec:e4:da:b9:36:cb:
                    e6:96:b0:c4:b8:d7:19:b1:72:dd:49:df:82:5e:31:
                    b9:c5:97:dc:5b:74:bb:bc:08:58:f9:0b:ef:b9:19:
                    b6:05:e9:04:d7:a0:be:02:a5:ef:dc:c1:78:ec:41:
                    17:6e:1e:5a:54:48:9b:ba:19:24:a0:38:11:6e:33:
                    22:1d:b5:44:7c:57:3a:85:8c:4b:73:65:b2:b8:79:
                    b2:6c:63:f2:14:1d:db:0b:7c:33:eb:12:db:fe:97:
                    f9:90:d7:ce:eb:87:f9:11:ad:a2:76:dd:71:60:c0:
                    8d:95:65:64:e0:55:33:74:cc:fe:49:a2:74:dc:b3:
                    57:ac:66:8f:89:51:56:31:81:25:62:82:b7:43:ef:
                    10:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:E5:95:E4:2B:48:FB:9E:FC:05:D1:F1:BF:4C:BF:CA:A5:A2:1B:45
            X509v3 Authority Key Identifier:
                keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/c-WV5CtI-578BdHxv0y_yqWiG0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.113.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:94:67:c9:75:8b:30:2c:b1:da:d4:10:ab:c7:09:79:1a:68:
         d2:68:7b:9f:4e:1b:6b:ba:5d:62:87:bc:43:46:f8:29:d7:45:
         64:ae:cb:5d:c4:52:98:7a:03:b6:49:7f:57:6f:26:21:62:29:
         fe:8f:6f:80:80:b5:d7:f2:71:68:e3:b4:42:fd:36:c9:1d:40:
         86:fb:d2:af:39:84:fa:2a:e4:fb:a6:f3:fa:08:7f:60:ee:44:
         77:4d:4c:22:2e:02:c2:ab:9a:06:29:7c:09:01:29:d9:44:e0:
         71:60:fc:0c:36:e4:2a:60:a0:bc:21:3c:2d:a6:40:84:e5:f0:
         b4:15:34:24:05:b2:cb:fc:3a:2c:39:f7:7a:b2:6f:cf:ed:fb:
         a1:e7:7e:f3:40:87:4e:b9:f9:92:40:81:4d:c7:e8:73:2f:3d:
         54:e9:9e:70:86:36:fd:5d:0f:66:78:10:e7:66:6e:00:65:77:
         b0:38:91:5d:32:4d:2a:70:02:90:ea:e5:ec:de:9d:df:d9:4a:
         1e:0f:a9:cc:ee:85:a1:e1:0d:71:d4:45:f8:79:f0:3c:0c:45:
         c8:29:86:34:9a:33:6e:13:2d:02:e7:21:58:0f:10:1b:35:56:
         1f:f4:18:d8:a1:ed:16:5c:b3:69:9f:c3:43:3d:e0:be:2c:1a:
         b8:19:67:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJsM5IZzvKs+SQpALja7uHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQxMDA4MTI1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U1OTVlNDJiNDhmYjllZmMwNWQxZjFiZjRjYmZjYWE1YTIxYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86iADDJsO3Ydps3t8O7Lb7WZwMT2
pjaSDtmibE14RzLNywmOpqyetIbYjjQBD3dPtphdc2dkx3gC+KT0nDbfTKB6+qtq
8g7yJ+MUcJYCKxq4sMrnwMrNIK+Kgdz2AzvgWCZDZxvOfAKUy9HVyMD0TuXs5Nq5
NsvmlrDEuNcZsXLdSd+CXjG5xZfcW3S7vAhY+QvvuRm2BekE16C+AqXv3MF47EEX
bh5aVEibuhkkoDgRbjMiHbVEfFc6hYxLc2WyuHmybGPyFB3bC3wz6xLb/pf5kNfO
64f5Ea2idt1xYMCNlWVk4FUzdMz+SaJ03LNXrGaPiVFWMYElYoK3Q+8Q9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPlleQrSPue/AXR8b9Mv8qlohtFMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvYy1XVjVDdEktNTc4QmRIeHYweV95cVdpRzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHFiMA0G
CSqGSIb3DQEBCwUAA4IBAQAqlGfJdYswLLHa1BCrxwl5GmjSaHufThtrul1ih7xD
Rvgp10VkrstdxFKYegO2SX9XbyYhYin+j2+AgLXX8nFo47RC/TbJHUCG+9KvOYT6
KuT7pvP6CH9g7kR3TUwiLgLCq5oGKXwJASnZROBxYPwMNuQqYKC8ITwtpkCE5fC0
FTQkBbLL/DosOfd6sm/P7fuh537zQIdOufmSQIFNx+hzLz1U6Z5whjb9XQ9meBDn
Zm4AZXewOJFdMk0qcAKQ6uXs3p3f2UoeD6nM7oWh4Q1x1EX4efA8DEXIKYY0mjNu
Ey0C5yFYDxAbNVYf9BjYoe0WXLNpn8NDPeC+LBq4GWd9
-----END CERTIFICATE-----