Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4muVJHWnLPBrveYCX1YpMyD9DX8.roa
File:                     4muVJHWnLPBrveYCX1YpMyD9DX8.roa (raw, json)
Hash identifier:          e/kazjz+jWWvXLL3UWG1DwFJOsyuD2HcSUDU9OAE/mU=
Subject key identifier:   E2:6B:95:24:75:A7:2C:F0:6B:BD:E6:02:5F:56:29:33:20:FD:0D:7F
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0192F2317A08FA8A8466CE135365AA915356
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4muVJHWnLPBrveYCX1YpMyD9DX8.roa
Signing time:             Sun 03 Nov 2024 13:23:01 +0000
ROA not before:           Sun 03 Nov 2024 13:23:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209768
IP address blocks:        31.58.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:f2:31:7a:08:fa:8a:84:66:ce:13:53:65:aa:91:53:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Nov  3 13:23:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e26b952475a72cf06bbde6025f56293320fd0d7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6a:b6:98:7b:3d:72:22:7e:93:4a:75:2f:83:
                    a8:6f:e0:6f:2b:5a:68:2e:c1:46:8f:ee:9d:80:bc:
                    b4:d7:2f:df:44:0a:96:6e:2a:f5:98:9d:a4:a4:49:
                    ad:81:92:24:4a:10:99:2b:05:01:90:48:f9:e2:e9:
                    f3:d2:3e:af:d4:ca:7e:85:09:7e:08:0b:a5:67:ff:
                    92:12:e9:3a:e0:51:cb:36:d0:ab:52:36:02:47:8d:
                    70:23:13:10:ba:80:ea:04:1f:d1:33:a9:c7:7f:a8:
                    ff:f2:67:1b:95:1c:1c:fe:eb:75:d9:07:6a:cc:e9:
                    60:e6:b4:06:a3:58:07:0f:21:51:b0:a2:e2:b5:06:
                    c0:1d:6b:7d:b5:6a:8b:e2:32:52:42:10:92:91:66:
                    fa:24:d9:cc:8c:b2:92:b4:63:d2:db:c7:91:e5:95:
                    69:d7:1f:f6:39:a1:93:db:4d:7b:db:1f:a2:eb:fe:
                    ce:c9:95:59:a2:be:76:db:99:be:b1:4e:40:7c:84:
                    30:a9:30:32:2d:ac:01:b2:51:89:23:05:54:0c:a8:
                    81:9b:ad:18:8f:1f:f2:ae:e4:52:17:1f:df:2c:b6:
                    ac:8f:a7:cc:1e:5f:d4:64:55:78:9b:19:2f:32:c2:
                    31:69:8d:d6:fb:70:1c:4e:de:24:76:b8:27:fc:2b:
                    2a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6B:95:24:75:A7:2C:F0:6B:BD:E6:02:5F:56:29:33:20:FD:0D:7F
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4muVJHWnLPBrveYCX1YpMyD9DX8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.58.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:fd:a6:41:47:81:14:58:1f:11:db:4c:d2:09:3b:ee:c9:e0:
         2d:2a:52:b7:68:23:c8:65:f6:7d:0e:76:18:33:b3:57:63:f6:
         11:f0:45:3e:de:d0:c2:d2:b4:31:a0:9e:5f:ba:ee:7f:4d:08:
         76:be:7b:53:21:a9:09:49:16:89:54:66:37:04:8b:bf:16:dd:
         f7:49:ca:53:5e:f9:ac:69:24:07:40:85:ed:4a:53:be:09:e9:
         78:fe:28:b9:a9:48:3a:ac:f3:60:a0:00:2e:5f:d2:cb:82:91:
         cd:7c:ea:37:cd:33:83:b7:dd:b5:5f:c7:7b:b5:13:ec:24:35:
         45:bb:9c:d1:8d:1a:34:a7:c2:59:a4:a9:06:88:80:60:cc:76:
         31:e6:6a:da:7f:16:94:0a:d8:d6:13:67:e3:16:77:20:a8:46:
         13:45:c9:d0:79:ba:e4:22:e9:58:99:d0:67:00:95:a5:81:95:
         19:78:47:34:c0:a3:b0:17:e8:d3:c1:a8:24:6a:81:a4:50:c5:
         2e:61:50:43:2d:6b:b0:2b:87:39:21:53:13:53:29:b3:b7:f3:
         3c:09:3a:c5:67:df:fb:b0:89:e2:d4:c8:27:fc:1a:c7:68:09:
         7a:7e:f2:46:f4:a2:3d:3c:91:c7:4f:56:65:97:1a:2f:aa:7c:
         74:d7:bb:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLyMXoI+oqEZs4TU2WqkVNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTAzMTMyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZiOTUyNDc1YTcyY2YwNmJiZGU2MDI1ZjU2MjkzMzIwZmQwZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2q2mHs9ciJ+k0p1L4Oob+BvK1po
LsFGj+6dgLy01y/fRAqWbir1mJ2kpEmtgZIkShCZKwUBkEj54unz0j6v1Mp+hQl+
CAulZ/+SEuk64FHLNtCrUjYCR41wIxMQuoDqBB/RM6nHf6j/8mcblRwc/ut12Qdq
zOlg5rQGo1gHDyFRsKLitQbAHWt9tWqL4jJSQhCSkWb6JNnMjLKStGPS28eR5ZVp
1x/2OaGT20172x+i6/7OyZVZor5225m+sU5AfIQwqTAyLawBslGJIwVUDKiBm60Y
jx/yruRSFx/fLLasj6fMHl/UZFV4mxkvMsIxaY3W+3AcTt4kdrgn/CsqTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJrlSR1pyzwa73mAl9WKTMg/Q1/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNG11VkpIV25MUEJydmVZQ1gxWXBNeUQ5RFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzqhMA0G
CSqGSIb3DQEBCwUAA4IBAQAE/aZBR4EUWB8R20zSCTvuyeAtKlK3aCPIZfZ9DnYY
M7NXY/YR8EU+3tDC0rQxoJ5fuu5/TQh2vntTIakJSRaJVGY3BIu/Ft33ScpTXvms
aSQHQIXtSlO+Cel4/ii5qUg6rPNgoAAuX9LLgpHNfOo3zTODt921X8d7tRPsJDVF
u5zRjRo0p8JZpKkGiIBgzHYx5mrafxaUCtjWE2fjFncgqEYTRcnQebrkIulYmdBn
AJWlgZUZeEc0wKOwF+jTwagkaoGkUMUuYVBDLWuwK4c5IVMTUymzt/M8CTrFZ9/7
sIni1Mgn/BrHaAl6fvJG9KI9PJHHT1Zllxovqnx017ua
-----END CERTIFICATE-----