Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/svdWIAv3UPfHCbMie6sKd4CyClM.roa
File:                     svdWIAv3UPfHCbMie6sKd4CyClM.roa (raw, json)
Hash identifier:          YiWdF+1VyKx7XWJZeV1dzzEZk9dFooFBTnfJG+2FMkQ=
Subject key identifier:   B2:F7:56:20:0B:F7:50:F7:C7:09:B3:22:7B:AB:0A:77:80:B2:0A:53
Certificate issuer:       /CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
Certificate serial:       0192D70F9A6D4DE79CF0B76030E1C58F4B3C
Authority key identifier: 04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/svdWIAv3UPfHCbMie6sKd4CyClM.roa
Signing time:             Tue 29 Oct 2024 06:56:16 +0000
ROA not before:           Tue 29 Oct 2024 06:56:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208555
IP address blocks:        185.3.124.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:d7:0f:9a:6d:4d:e7:9c:f0:b7:60:30:e1:c5:8f:4b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
        Validity
            Not Before: Oct 29 06:56:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2f756200bf750f7c709b3227bab0a7780b20a53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:82:d4:4e:f9:ab:95:92:ef:9b:44:df:c2:bc:
                    8b:fa:da:35:a2:08:5c:72:8f:6c:34:31:f4:e9:3e:
                    02:d4:59:da:b7:7c:9d:50:49:7d:a1:54:34:30:2a:
                    64:41:c1:5d:a9:64:8d:41:f0:02:0a:f3:3d:03:39:
                    79:23:11:ba:d0:45:06:e0:f4:03:2b:3c:f3:71:56:
                    26:0c:72:aa:09:7b:ea:31:33:0f:f0:b5:00:5c:75:
                    14:9d:d6:5e:35:41:18:7a:b7:45:74:e9:ea:7a:85:
                    48:cf:0c:c3:0e:11:73:4c:b4:84:6f:18:cd:0a:9c:
                    73:13:c8:9d:01:9f:4c:28:96:24:1d:99:91:45:51:
                    26:9f:f2:64:66:ac:e8:c6:dd:92:80:da:9a:bf:fb:
                    ee:e7:63:b3:01:7c:b4:05:3f:66:ea:eb:dc:6d:98:
                    2c:f6:03:a9:c1:16:d7:d4:41:20:5d:e6:80:58:0f:
                    7c:fa:2f:77:c4:ca:80:22:dc:c1:47:84:cf:bc:a5:
                    7c:e0:43:ff:aa:ef:e4:88:c0:a7:ba:67:42:36:e2:
                    2a:af:01:fb:5f:8b:9a:f3:29:51:36:d7:05:e2:3d:
                    c9:73:da:e2:e6:8e:6d:4a:e2:8f:de:ee:bf:97:c5:
                    bf:91:fa:9b:2b:4f:92:9d:c6:4f:b2:b4:9a:f9:aa:
                    1e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F7:56:20:0B:F7:50:F7:C7:09:B3:22:7B:AB:0A:77:80:B2:0A:53
            X509v3 Authority Key Identifier:
                keyid:04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/svdWIAv3UPfHCbMie6sKd4CyClM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.3.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:8b:55:50:c4:38:7b:c5:5b:f4:c8:a0:f9:7c:32:69:be:cf:
         8b:0a:b2:d7:fe:13:7a:43:88:70:cf:80:59:01:c8:01:ae:5e:
         6d:7c:f8:36:69:23:e6:fb:39:3d:af:33:ab:b1:ae:60:f3:54:
         ff:bf:be:82:e8:30:90:61:85:5e:bb:a1:c0:14:5c:c4:e5:12:
         4b:a7:1c:b7:f6:84:14:e3:05:bd:0d:d8:2f:87:b7:51:9a:dd:
         a1:56:b0:a1:87:05:07:d9:f6:35:2e:e3:b3:35:a4:84:55:56:
         40:ee:46:e4:d1:5d:d6:fd:00:c5:14:a9:06:6e:d3:17:8b:1c:
         b6:eb:0d:c5:61:b4:92:0a:0b:f4:83:3f:7d:e8:2f:89:52:a9:
         28:8b:ed:71:e9:1e:d9:20:4f:4c:f9:5f:8d:ad:a1:61:e5:4e:
         8b:1a:fe:ca:21:84:c9:0a:0e:a1:77:98:4b:cf:50:ba:5b:41:
         0c:ca:65:14:94:ce:f8:b4:c9:d1:a6:b7:f9:23:1e:ad:23:6f:
         de:f9:1e:22:24:09:16:bf:8c:66:22:9f:98:70:94:c7:41:03:
         b4:6f:a8:f8:4c:a3:0b:6f:61:57:7e:8b:29:9a:b9:ca:07:b0:
         4d:aa:35:0e:b3:df:e2:71:3e:c8:86:19:42:3b:61:41:53:18:
         1e:ad:c6:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLXD5ptTeec8LdgMOHFj0s8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NWM1ZjNiYjgxMTkxNzIwYzBkZGY4YjNjZjM0ZDkxZGFi
NGUxZDMwHhcNMjQxMDI5MDY1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmY3NTYyMDBiZjc1MGY3YzcwOWIzMjI3YmFiMGE3NzgwYjIwYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4LUTvmrlZLvm0TfwryL+to1oghc
co9sNDH06T4C1Fnat3ydUEl9oVQ0MCpkQcFdqWSNQfACCvM9Azl5IxG60EUG4PQD
KzzzcVYmDHKqCXvqMTMP8LUAXHUUndZeNUEYerdFdOnqeoVIzwzDDhFzTLSEbxjN
CpxzE8idAZ9MKJYkHZmRRVEmn/JkZqzoxt2SgNqav/vu52OzAXy0BT9m6uvcbZgs
9gOpwRbX1EEgXeaAWA98+i93xMqAItzBR4TPvKV84EP/qu/kiMCnumdCNuIqrwH7
X4ua8ylRNtcF4j3Jc9ri5o5tSuKP3u6/l8W/kfqbK0+SncZPsrSa+aoegQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLL3ViAL91D3xwmzInurCneAsgpTMB8GA1UdIwQY
MBaAFARcXzu4EZFyDA3fizzzTZHatOHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2Mt
ZmJiODA4NTNjMWJlLzEvc3ZkV0lBdjNVUGZIQ2JNaWU2c0tkNEN5Q2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2MtZmJiODA4NTNjMWJl
LzEvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQN8MA0G
CSqGSIb3DQEBCwUAA4IBAQB+i1VQxDh7xVv0yKD5fDJpvs+LCrLX/hN6Q4hwz4BZ
AcgBrl5tfPg2aSPm+zk9rzOrsa5g81T/v76C6DCQYYVeu6HAFFzE5RJLpxy39oQU
4wW9Ddgvh7dRmt2hVrChhwUH2fY1LuOzNaSEVVZA7kbk0V3W/QDFFKkGbtMXixy2
6w3FYbSSCgv0gz996C+JUqkoi+1x6R7ZIE9M+V+NraFh5U6LGv7KIYTJCg6hd5hL
z1C6W0EMymUUlM74tMnRprf5Ix6tI2/e+R4iJAkWv4xmIp+YcJTHQQO0b6j4TKML
b2FXfospmrnKB7BNqjUOs9/icT7IhhlCO2FBUxgercbu
-----END CERTIFICATE-----