Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/GdcGiC9cGsttiXPLTJXRuRsafS4.roa
File:                     GdcGiC9cGsttiXPLTJXRuRsafS4.roa (raw, json)
Hash identifier:          jX6hL3eYspX3B13+r321DXWWdI4PARGGEqjma/tuO3s=
Subject key identifier:   19:D7:06:88:2F:5C:1A:CB:6D:89:73:CB:4C:95:D1:B9:1B:1A:7D:2E
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       018CC49386BE850028809929CE8F5EA8B083
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/GdcGiC9cGsttiXPLTJXRuRsafS4.roa
Signing time:             Mon 01 Jan 2024 10:30:51 +0000
ROA not before:           Mon 01 Jan 2024 10:30:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199429
IP address blocks:        178.157.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:86:be:85:00:28:80:99:29:ce:8f:5e:a8:b0:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Jan  1 10:30:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19d706882f5c1acb6d8973cb4c95d1b91b1a7d2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e6:ca:bf:86:e0:55:70:5f:2e:3a:6f:a5:73:
                    f0:9e:da:54:40:58:da:8d:d6:f6:09:88:ed:00:4c:
                    36:ac:99:d2:37:fb:01:1c:13:04:20:64:67:65:a8:
                    47:63:fd:f7:79:e4:c1:93:5a:bc:12:2b:a8:43:30:
                    15:2c:9a:57:56:91:71:f7:21:ba:94:71:d6:88:ce:
                    3e:43:9a:c7:16:b8:c5:27:f3:01:b3:41:8f:ea:dd:
                    b1:df:fb:08:d8:89:d3:7f:cf:0f:34:0c:dd:55:fe:
                    90:55:55:2b:6b:34:13:42:77:16:26:f3:05:de:fe:
                    5b:91:6d:94:e9:14:32:63:68:58:a2:16:ed:f8:7e:
                    8d:58:5b:47:4e:26:56:06:b8:8e:30:0c:5f:a4:72:
                    b4:a9:10:89:99:60:e2:0f:4d:b0:75:5d:4b:bf:bf:
                    f4:1b:3d:96:32:af:af:53:c4:e9:ae:28:92:58:89:
                    67:53:e3:ae:3a:8f:dc:29:42:e2:a8:0c:25:69:3e:
                    8b:a7:01:39:00:96:2e:21:c3:52:93:46:a9:4f:f0:
                    b0:bd:0d:24:40:b4:95:59:26:e3:6e:ec:ca:0a:20:
                    0f:23:98:ce:88:c1:63:2b:08:76:db:73:95:2e:93:
                    0b:c8:54:f7:eb:75:58:77:74:c1:e6:0a:af:43:d7:
                    7b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:D7:06:88:2F:5C:1A:CB:6D:89:73:CB:4C:95:D1:B9:1B:1A:7D:2E
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/GdcGiC9cGsttiXPLTJXRuRsafS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.157.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:fd:3e:7a:87:74:06:2f:95:d2:78:69:69:76:f2:01:30:d3:
         da:5d:b9:84:b8:86:8c:5c:78:f2:fa:67:6b:55:18:e4:a7:62:
         10:93:3c:46:b2:f3:3d:81:cb:43:5b:7e:de:6d:a1:13:12:3e:
         63:24:f6:f9:1a:32:99:3d:ef:5a:f3:89:1c:5c:d4:38:83:90:
         5d:7c:d7:a8:a9:85:d0:b3:4f:c3:7a:00:e6:ba:33:aa:e3:30:
         2b:f4:fc:37:54:af:af:eb:a4:88:ef:e0:09:21:d8:b1:03:3e:
         93:36:fb:8c:b1:ea:13:38:02:e5:81:4a:65:1d:fe:33:35:4e:
         c2:65:39:7e:60:7c:e3:0c:65:60:c1:ae:cc:5e:65:aa:51:32:
         e2:9e:59:9f:37:0f:b1:af:14:29:4d:2c:d8:19:4d:5c:70:03:
         aa:54:a5:37:ff:02:df:d6:59:0e:c5:d3:34:e7:3e:ae:1a:3b:
         b3:12:c1:5c:12:1c:2b:8d:9c:ef:18:e5:32:bf:6d:97:5f:81:
         de:b8:54:84:75:f0:fd:32:94:58:07:ec:8c:8d:7d:b4:5f:96:
         67:01:4e:b2:54:6f:53:b1:ef:ca:0a:2f:b8:d8:e8:88:48:4e:
         09:b1:c2:20:6d:5b:cb:8e:20:9c:d8:f3:99:f4:4b:4f:06:00:
         d7:a7:2a:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4a+hQAogJkpzo9eqLCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ3MDY4ODJmNWMxYWNiNmQ4OTczY2I0Yzk1ZDFiOTFiMWE3ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnubKv4bgVXBfLjpvpXPwntpUQFja
jdb2CYjtAEw2rJnSN/sBHBMEIGRnZahHY/33eeTBk1q8EiuoQzAVLJpXVpFx9yG6
lHHWiM4+Q5rHFrjFJ/MBs0GP6t2x3/sI2InTf88PNAzdVf6QVVUrazQTQncWJvMF
3v5bkW2U6RQyY2hYohbt+H6NWFtHTiZWBriOMAxfpHK0qRCJmWDiD02wdV1Lv7/0
Gz2WMq+vU8TpriiSWIlnU+OuOo/cKULiqAwlaT6LpwE5AJYuIcNSk0apT/CwvQ0k
QLSVWSbjbuzKCiAPI5jOiMFjKwh223OVLpMLyFT363VYd3TB5gqvQ9d7/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnXBogvXBrLbYlzy0yV0bkbGn0uMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvR2RjR2lDOWNHc3R0aVhQTFRKWFJ1UnNhZlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsp1NMA0G
CSqGSIb3DQEBCwUAA4IBAQCp/T56h3QGL5XSeGlpdvIBMNPaXbmEuIaMXHjy+mdr
VRjkp2IQkzxGsvM9gctDW37ebaETEj5jJPb5GjKZPe9a84kcXNQ4g5BdfNeoqYXQ
s0/DegDmujOq4zAr9Pw3VK+v66SI7+AJIdixAz6TNvuMseoTOALlgUplHf4zNU7C
ZTl+YHzjDGVgwa7MXmWqUTLinlmfNw+xrxQpTSzYGU1ccAOqVKU3/wLf1lkOxdM0
5z6uGjuzEsFcEhwrjZzvGOUyv22XX4HeuFSEdfD9MpRYB+yMjX20X5ZnAU6yVG9T
se/KCi+42OiISE4JscIgbVvLjiCc2POZ9EtPBgDXpyoL
-----END CERTIFICATE-----