Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9jb6N1juNxp-Lwk6-VwWiTWbZw4.roa
File:                     9jb6N1juNxp-Lwk6-VwWiTWbZw4.roa (raw, json)
Hash identifier:          oA709UWPH8Y4ZQKj6cTaLz40mSHHAj+gMnRZmNpQYsU=
Subject key identifier:   F6:36:FA:37:58:EE:37:1A:7E:2F:09:3A:F9:5C:16:89:35:9B:67:0E
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019428236A1FB7FA5AB1BB48FF30929D03C4
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9jb6N1juNxp-Lwk6-VwWiTWbZw4.roa
Signing time:             Thu 02 Jan 2025 17:49:57 +0000
ROA not before:           Thu 02 Jan 2025 17:49:57 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     213734
IP address blocks:        31.56.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Feb 2025 09:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:23:6a:1f:b7:fa:5a:b1:bb:48:ff:30:92:9d:03:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jan  2 17:49:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f636fa3758ee371a7e2f093af95c1689359b670e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:40:b0:05:ec:32:d2:4d:4c:02:fa:7f:46:39:
                    02:61:bc:93:0d:6e:8e:c6:c5:79:6b:bc:3b:6d:9e:
                    df:41:39:6e:ef:c8:20:18:0b:73:03:39:79:31:46:
                    43:cf:7c:3f:08:0b:2a:8d:ce:35:b8:c5:2f:a8:c8:
                    61:1a:21:bd:7a:05:76:88:c7:35:bf:db:07:e5:96:
                    84:29:96:45:37:41:d6:bf:5d:ce:e7:f6:73:c9:2a:
                    ce:75:b5:7e:f4:96:83:b9:7b:11:e5:18:af:c4:c2:
                    5b:ab:42:d6:11:3d:83:2c:f5:23:f7:2a:41:31:a1:
                    21:24:f8:e1:9e:c5:75:b2:f6:2d:c6:9e:57:8b:7c:
                    e1:e9:61:43:be:93:59:25:fc:8f:aa:f4:1a:99:27:
                    1b:8e:a3:c8:d8:41:20:59:9f:1b:ea:f7:c9:6f:55:
                    c3:f8:d2:25:13:0e:4b:c2:cb:00:89:ab:ce:45:28:
                    8a:a7:5c:6f:b4:f8:ad:e4:09:06:64:71:55:1c:8a:
                    f9:a8:5b:69:be:bb:18:28:30:80:cd:dd:3f:af:1d:
                    61:a2:d5:7f:21:cd:17:d3:3d:1e:81:ef:47:a1:d4:
                    85:13:ce:cf:7a:98:cb:6e:6a:ed:5c:01:ad:62:eb:
                    f6:42:74:5a:6f:a6:19:11:3d:fa:07:92:af:46:8d:
                    94:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:36:FA:37:58:EE:37:1A:7E:2F:09:3A:F9:5C:16:89:35:9B:67:0E
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9jb6N1juNxp-Lwk6-VwWiTWbZw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:b5:80:d6:a8:b3:9d:d8:c4:0e:94:54:8a:f2:c3:20:1e:a3:
         42:40:45:72:bc:e1:9a:06:53:fe:66:8d:2b:8b:9e:d6:ed:a9:
         d5:cf:0d:23:8c:c6:c4:76:d1:a0:bf:8b:d9:10:b8:4e:e5:fe:
         df:7c:05:b8:ed:6c:de:0a:f6:fd:6c:8b:a7:9b:9f:9e:7d:ac:
         8f:77:a5:de:cc:2a:df:f9:72:83:44:b6:a9:18:46:db:c0:10:
         30:e1:f2:7c:ce:f7:99:ea:e5:3b:4c:6e:81:52:f6:7b:dc:79:
         ac:3b:e7:db:13:3d:17:3f:66:ef:e4:de:0c:16:c1:c2:64:b4:
         0e:e9:dc:26:e0:7d:ae:0d:a7:91:c6:0e:32:c2:ec:7d:8b:6f:
         75:cb:2f:cc:54:69:6c:e0:01:f8:2f:41:b2:52:e5:99:82:81:
         b6:f0:95:92:d1:21:9f:cb:d6:ec:59:8d:2a:64:c2:78:d0:62:
         02:10:5e:76:37:ac:db:33:a4:ba:ae:17:62:4f:71:23:a8:83:
         f3:27:8c:b8:4a:d1:85:1f:ec:0d:6a:51:4e:63:9f:d2:03:da:
         ea:58:21:e1:a9:b6:35:06:fb:ff:38:ae:2f:3b:4b:83:ca:7c:
         02:ae:b0:b7:15:d2:4a:e8:38:6a:52:4d:10:2e:6c:b6:9e:bd:
         25:0a:4e:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI2oft/pasbtI/zCSnQPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM2ZmEzNzU4ZWUzNzFhN2UyZjA5M2FmOTVjMTY4OTM1OWI2NzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0CwBewy0k1MAvp/RjkCYbyTDW6O
xsV5a7w7bZ7fQTlu78ggGAtzAzl5MUZDz3w/CAsqjc41uMUvqMhhGiG9egV2iMc1
v9sH5ZaEKZZFN0HWv13O5/ZzySrOdbV+9JaDuXsR5RivxMJbq0LWET2DLPUj9ypB
MaEhJPjhnsV1svYtxp5Xi3zh6WFDvpNZJfyPqvQamScbjqPI2EEgWZ8b6vfJb1XD
+NIlEw5LwssAiavORSiKp1xvtPit5AkGZHFVHIr5qFtpvrsYKDCAzd0/rx1hotV/
Ic0X0z0ege9HodSFE87PepjLbmrtXAGtYuv2QnRab6YZET36B5KvRo2UuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPY2+jdY7jcafi8JOvlcFok1m2cOMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOWpiNk4xanVOeHAtTHdrNi1Wd1dpVFdiWnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzhpMA0G
CSqGSIb3DQEBCwUAA4IBAQAwtYDWqLOd2MQOlFSK8sMgHqNCQEVyvOGaBlP+Zo0r
i57W7anVzw0jjMbEdtGgv4vZELhO5f7ffAW47WzeCvb9bIunm5+efayPd6XezCrf
+XKDRLapGEbbwBAw4fJ8zveZ6uU7TG6BUvZ73HmsO+fbEz0XP2bv5N4MFsHCZLQO
6dwm4H2uDaeRxg4ywux9i291yy/MVGls4AH4L0GyUuWZgoG28JWS0SGfy9bsWY0q
ZMJ40GICEF52N6zbM6S6rhdiT3EjqIPzJ4y4StGFH+wNalFOY5/SA9rqWCHhqbY1
Bvv/OK4vO0uDynwCrrC3FdJK6DhqUk0QLmy2nr0lCk5m
-----END CERTIFICATE-----