Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UVSIND1ZuJjrPEEgiI4bwOFPZno.roa
File:                     UVSIND1ZuJjrPEEgiI4bwOFPZno.roa (raw, json)
Hash identifier:          xPjGFU5QkhfTpJW3IMyqXePCjBZHsI+zh/RKTwnI9Xw=
Subject key identifier:   51:54:88:34:3D:59:B8:98:EB:3C:41:20:88:8E:1B:C0:E1:4F:66:7A
Certificate issuer:       /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial:       018ED7BBB4F24CE37708A83F276C13D41BB1
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UVSIND1ZuJjrPEEgiI4bwOFPZno.roa
Signing time:             Sat 13 Apr 2024 13:53:06 +0000
ROA not before:           Sat 13 Apr 2024 13:53:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215256
IP address blocks:        2a12:3fc5::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d7:bb:b4:f2:4c:e3:77:08:a8:3f:27:6c:13:d4:1b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
        Validity
            Not Before: Apr 13 13:53:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=515488343d59b898eb3c4120888e1bc0e14f667a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9b:15:81:05:57:8b:6b:c7:54:01:02:4b:f6:
                    44:20:28:74:a3:59:d5:7b:fa:ca:75:29:9d:31:9a:
                    93:ff:e0:28:47:a8:a7:e8:ef:89:da:25:9a:90:6c:
                    8d:48:29:b3:4d:a5:71:31:a0:33:b2:e2:e3:80:70:
                    fe:14:2e:ff:ab:89:76:d6:11:96:c6:83:f5:26:ba:
                    21:59:15:29:fd:42:61:01:62:87:22:05:1b:2d:a5:
                    12:45:5b:a5:04:2d:1b:da:b6:1e:52:53:1f:09:97:
                    50:f6:44:78:71:d2:f7:5d:bf:65:19:4b:89:94:ba:
                    43:7b:0a:1b:14:a8:42:45:b7:3e:2e:49:62:52:25:
                    34:62:36:93:3d:5b:b8:67:3f:51:7c:8f:60:7d:3f:
                    70:c6:0d:ec:24:88:46:72:ce:9b:a9:23:12:99:92:
                    65:a2:94:88:7d:2f:7a:60:84:46:23:28:3a:ca:b7:
                    a7:3c:b6:be:16:cb:1e:e2:83:ca:11:b5:2a:29:ce:
                    2a:89:e1:6f:8c:e2:b5:fd:b9:94:d3:e4:58:5b:a2:
                    94:66:57:0a:a5:4d:25:79:e3:4c:47:66:97:6a:bb:
                    21:29:06:c1:d6:17:2f:e7:3b:a7:aa:08:70:b9:4b:
                    27:d7:a5:f5:f5:c5:0b:12:06:22:fa:18:9b:1a:ff:
                    59:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:54:88:34:3D:59:B8:98:EB:3C:41:20:88:8E:1B:C0:E1:4F:66:7A
            X509v3 Authority Key Identifier:
                keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UVSIND1ZuJjrPEEgiI4bwOFPZno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:3fc5::/32

    Signature Algorithm: sha256WithRSAEncryption
         d2:ea:81:e3:16:ac:94:34:9d:a6:71:08:b5:85:d1:55:09:0e:
         41:ea:a1:61:ce:e3:8a:f3:c0:8e:6e:a3:dd:5c:ab:1f:b9:b6:
         00:82:ea:6c:ae:09:96:ef:2a:e3:2e:80:27:f1:e3:c2:39:0a:
         0e:7d:1f:f5:7f:a4:36:3e:d6:23:43:58:d8:84:ab:a7:02:c9:
         bd:1c:68:e5:6a:f1:b0:c4:be:07:7a:74:ac:d2:2e:68:61:2f:
         55:75:11:c7:d8:19:82:3e:ed:b2:35:83:54:f7:ec:1f:35:8b:
         fc:b2:4b:d6:0a:b0:d5:ef:75:94:06:c6:de:ae:ac:18:f7:83:
         8d:3e:f5:a1:fe:64:95:b0:dd:1c:ee:3e:7f:ef:80:d0:d9:a3:
         13:fa:f0:34:44:22:e4:65:9d:79:91:dd:00:76:f6:37:d8:00:
         ad:6a:9e:03:82:20:12:52:8a:33:d8:02:ea:3c:b6:b8:1e:a9:
         bc:47:8b:d3:dc:84:49:2a:59:fb:5e:e4:9c:cf:8f:dc:66:de:
         0a:1c:1c:5e:30:a5:52:24:9f:f6:4a:2e:3a:8f:be:96:ce:60:
         81:2d:47:d2:dd:27:5e:b6:83:e7:47:65:54:72:e8:11:a8:67:
         e7:63:8b:77:d7:41:c6:7c:e3:a3:01:57:c8:1c:7d:dc:97:5d:
         63:66:70:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7Xu7TyTON3CKg/J2wT1BuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwNDEzMTM1MzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTU0ODgzNDNkNTliODk4ZWIzYzQxMjA4ODhlMWJjMGUxNGY2NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZsVgQVXi2vHVAECS/ZEICh0o1nV
e/rKdSmdMZqT/+AoR6in6O+J2iWakGyNSCmzTaVxMaAzsuLjgHD+FC7/q4l21hGW
xoP1JrohWRUp/UJhAWKHIgUbLaUSRVulBC0b2rYeUlMfCZdQ9kR4cdL3Xb9lGUuJ
lLpDewobFKhCRbc+LkliUiU0YjaTPVu4Zz9RfI9gfT9wxg3sJIhGcs6bqSMSmZJl
opSIfS96YIRGIyg6yrenPLa+Fsse4oPKEbUqKc4qieFvjOK1/bmU0+RYW6KUZlcK
pU0leeNMR2aXarshKQbB1hcv5zunqghwuUsn16X19cULEgYi+hibGv9ZqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFFUiDQ9WbiY6zxBIIiOG8DhT2Z6MB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvVVZTSU5EMVp1SmpyUEVFZ2lJNGJ3T0ZQWm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhI/xTAN
BgkqhkiG9w0BAQsFAAOCAQEA0uqB4xaslDSdpnEItYXRVQkOQeqhYc7jivPAjm6j
3VyrH7m2AILqbK4Jlu8q4y6AJ/HjwjkKDn0f9X+kNj7WI0NY2ISrpwLJvRxo5Wrx
sMS+B3p0rNIuaGEvVXURx9gZgj7tsjWDVPfsHzWL/LJL1gqw1e91lAbG3q6sGPeD
jT71of5klbDdHO4+f++A0NmjE/rwNEQi5GWdeZHdAHb2N9gArWqeA4IgElKKM9gC
6jy2uB6pvEeL09yESSpZ+17knM+P3GbeChwcXjClUiSf9kouOo++ls5ggS1H0t0n
XraD50dlVHLoEahn52OLd9dBxnzjowFXyBx93JddY2ZwCg==
-----END CERTIFICATE-----