Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FXMeaT7mqLaeoQKo6gjW0hUo-Kg.roa
File:                     FXMeaT7mqLaeoQKo6gjW0hUo-Kg.roa (raw, json)
Hash identifier:          ai3NnXxTZaMRdq2X8gaZ6slmnlshdaCfmTM1E9B0TBc=
Subject key identifier:   15:73:1E:69:3E:E6:A8:B6:9E:A1:02:A8:EA:08:D6:D2:15:28:F8:A8
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       019424B271E83F2BFD98E5E0A91DFB3F8776
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FXMeaT7mqLaeoQKo6gjW0hUo-Kg.roa
Signing time:             Thu 02 Jan 2025 01:47:41 +0000
ROA not before:           Thu 02 Jan 2025 01:47:41 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     61138
IP address blocks:        193.57.165.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 12 Apr 2025 23:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:b2:71:e8:3f:2b:fd:98:e5:e0:a9:1d:fb:3f:87:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Jan  2 01:47:41 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=15731e693ee6a8b69ea102a8ea08d6d21528f8a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ce:3e:64:88:77:95:52:26:51:cc:11:fc:05:
                    dd:d3:97:b6:3d:55:90:78:df:24:f4:a6:b6:bd:06:
                    68:00:32:80:0d:64:d0:91:ef:bd:c4:43:b6:23:f6:
                    a9:cc:71:fd:1a:cb:6c:90:d5:73:18:d0:e0:8b:05:
                    d8:3c:3b:61:3a:f9:75:7f:f7:74:2b:06:93:2d:4a:
                    a3:22:ab:86:0a:56:4d:cd:cd:a6:ef:df:8c:61:32:
                    60:04:26:13:0f:77:1a:84:3a:88:66:c7:89:ec:4e:
                    9c:65:a1:4c:39:95:15:0f:08:4a:1a:dc:08:d2:47:
                    f9:04:cf:f5:91:f2:42:22:14:6a:79:36:c0:3c:b5:
                    e6:bd:22:e3:d8:f0:72:87:12:df:8c:b8:e6:db:43:
                    6b:d7:5e:5d:5d:db:6d:4c:de:0e:ab:84:83:95:24:
                    4f:79:9b:a6:ac:68:b3:6d:a7:a0:75:f9:56:45:02:
                    7a:68:75:e0:d2:f9:7c:2a:e8:9a:d2:73:cd:ad:0b:
                    43:e8:ec:1d:a9:3c:3e:af:b7:bf:82:a3:f4:e4:49:
                    a0:96:f7:19:06:ee:1f:95:ac:69:31:80:f8:30:fa:
                    eb:40:35:d6:34:20:1f:54:b9:c3:f0:ac:b0:f3:e2:
                    c0:66:14:53:c8:9d:59:b2:55:77:46:32:65:b7:69:
                    33:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:73:1E:69:3E:E6:A8:B6:9E:A1:02:A8:EA:08:D6:D2:15:28:F8:A8
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FXMeaT7mqLaeoQKo6gjW0hUo-Kg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:66:04:8a:d6:b4:c9:d9:44:54:78:01:d7:c7:18:e4:62:33:
         16:23:8b:bd:90:83:d6:22:77:69:93:20:97:07:dd:54:c8:f9:
         2a:fb:7f:5b:58:3a:e2:a7:5f:02:ec:41:53:c9:93:c4:3f:a1:
         bc:75:e2:de:18:20:32:6c:66:04:7d:f3:ea:9d:0b:53:68:98:
         33:af:02:90:15:9a:54:dc:1e:93:da:38:b2:02:ec:9b:71:9a:
         30:63:dd:86:7c:54:ff:b2:8b:9d:34:71:70:f1:8e:08:fe:71:
         0c:bd:bb:1f:6c:3c:db:c9:d8:77:f4:1f:8e:85:2a:96:7a:4c:
         31:37:b0:70:72:d7:16:c1:50:a1:d2:3b:99:99:56:07:bb:45:
         22:98:d1:09:58:91:0e:9c:1d:95:fa:6a:cd:b6:1b:ac:5b:50:
         94:7c:58:a8:eb:e1:a4:10:ad:86:e8:71:5f:06:82:d1:09:73:
         cf:95:5e:60:c8:29:78:db:80:e3:6f:b2:98:89:c7:53:f7:0c:
         aa:a8:2d:e7:3b:32:e4:f2:95:77:74:c4:90:d5:a9:ad:31:7a:
         5d:ab:11:8c:30:3b:be:74:d9:37:6c:2b:6b:e0:30:1a:e3:d2:
         2c:42:30:64:f4:6c:cb:82:cc:d0:f5:57:c0:d7:59:83:f3:68:
         a3:21:df:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksnHoPyv9mOXgqR37P4d2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwMTAyMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTczMWU2OTNlZTZhOGI2OWVhMTAyYThlYTA4ZDZkMjE1MjhmOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM4+ZIh3lVImUcwR/AXd05e2PVWQ
eN8k9Ka2vQZoADKADWTQke+9xEO2I/apzHH9GstskNVzGNDgiwXYPDthOvl1f/d0
KwaTLUqjIquGClZNzc2m79+MYTJgBCYTD3cahDqIZseJ7E6cZaFMOZUVDwhKGtwI
0kf5BM/1kfJCIhRqeTbAPLXmvSLj2PByhxLfjLjm20Nr115dXdttTN4Oq4SDlSRP
eZumrGizbaegdflWRQJ6aHXg0vl8Kuia0nPNrQtD6OwdqTw+r7e/gqP05EmglvcZ
Bu4flaxpMYD4MPrrQDXWNCAfVLnD8Kyw8+LAZhRTyJ1ZslV3RjJlt2kzaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVzHmk+5qi2nqECqOoI1tIVKPioMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvRlhNZWFUN21xTGFlb1FLbzZnalcwaFVvLUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTmlMA0G
CSqGSIb3DQEBCwUAA4IBAQAdZgSK1rTJ2URUeAHXxxjkYjMWI4u9kIPWIndpkyCX
B91UyPkq+39bWDrip18C7EFTyZPEP6G8deLeGCAybGYEffPqnQtTaJgzrwKQFZpU
3B6T2jiyAuybcZowY92GfFT/soudNHFw8Y4I/nEMvbsfbDzbydh39B+OhSqWekwx
N7BwctcWwVCh0juZmVYHu0UimNEJWJEOnB2V+mrNthusW1CUfFio6+GkEK2G6HFf
BoLRCXPPlV5gyCl424Djb7KYicdT9wyqqC3nOzLk8pV3dMSQ1amtMXpdqxGMMDu+
dNk3bCtr4DAa49IsQjBk9GzLgszQ9VfA11mD82ijId87
-----END CERTIFICATE-----