Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e7WpCY8-z6sf6c8pS1N7-OeTciY.roa
File:                     e7WpCY8-z6sf6c8pS1N7-OeTciY.roa (raw, json)
Hash identifier:          QP0zekDCFF/sCXgp5VWoxOmillqT0/uRNj5KbLgs594=
Subject key identifier:   7B:B5:A9:09:8F:3E:CF:AB:1F:E9:CF:29:4B:53:7B:F8:E7:93:72:26
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019428235130C2C5D5D4B65303C644CB0177
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e7WpCY8-z6sf6c8pS1N7-OeTciY.roa
Signing time:             Thu 02 Jan 2025 17:49:50 +0000
ROA not before:           Thu 02 Jan 2025 17:49:50 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     132335
IP address blocks:        31.59.184.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Feb 2025 09:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:23:51:30:c2:c5:d5:d4:b6:53:03:c6:44:cb:01:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jan  2 17:49:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7bb5a9098f3ecfab1fe9cf294b537bf8e7937226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:46:14:f7:f5:ff:91:64:38:43:ac:5c:b5:9b:
                    75:47:14:55:ad:f0:32:1e:c6:7e:a7:a9:86:95:b1:
                    77:57:5e:eb:01:b5:1b:e2:a4:7a:44:fc:ed:f6:92:
                    c8:3c:ec:33:88:c5:14:88:92:97:10:58:fa:75:0e:
                    c4:4b:6e:59:0b:ff:05:c9:c8:a2:b5:15:79:0a:98:
                    c1:ea:63:0b:97:c1:8a:cf:5b:ee:89:06:7b:eb:4b:
                    29:3a:ab:47:bc:dc:e6:d0:11:88:9e:64:db:fd:60:
                    64:62:3e:15:bf:56:15:ce:b8:13:62:3e:28:33:55:
                    67:96:ef:c5:15:fa:6d:96:fd:c0:5d:b6:00:f6:64:
                    60:99:57:f9:57:97:fa:d2:84:0c:7e:e5:88:ba:43:
                    b7:dc:62:1f:d0:6d:0a:a4:12:4f:1d:75:a7:f5:16:
                    54:68:73:61:9e:bc:5c:eb:27:61:68:f4:3d:04:c7:
                    cc:e7:3d:d6:08:27:40:9c:7c:02:88:aa:24:8e:90:
                    70:d6:fd:a6:dc:e4:db:d9:f5:b6:44:f6:23:52:a5:
                    4d:e0:d8:7e:bb:05:42:fe:84:db:41:09:b7:73:e5:
                    83:dd:4c:ff:9e:ba:ca:50:69:4e:2e:5f:64:bc:4c:
                    1a:3d:5f:98:48:9f:e8:c1:7a:99:0c:2c:a4:9c:26:
                    1e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:B5:A9:09:8F:3E:CF:AB:1F:E9:CF:29:4B:53:7B:F8:E7:93:72:26
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e7WpCY8-z6sf6c8pS1N7-OeTciY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.59.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:83:a6:96:ea:93:0d:ef:a2:96:51:36:c6:95:db:37:61:f3:
         dd:82:d0:65:06:26:13:78:5f:de:ec:ca:89:65:3b:bb:76:69:
         d4:08:e9:22:4c:a4:c4:6e:ce:1a:76:a7:29:8a:50:75:a7:d6:
         9b:e2:49:bb:74:d1:ac:72:1d:7d:e0:6f:5d:96:f5:a2:cd:47:
         60:e8:92:3b:d7:8e:95:b4:85:43:ac:28:2d:eb:13:56:48:1b:
         44:d1:92:f1:e8:72:96:46:d7:47:25:86:10:ab:f7:0c:a6:93:
         49:cd:48:7b:b0:ee:a6:f4:89:44:68:89:ea:80:d9:5b:65:8a:
         e3:0c:74:ac:6b:6d:41:ea:cd:c7:9f:23:7c:78:55:61:e5:22:
         4a:cf:4a:05:ce:c0:54:ca:d3:12:b8:a1:15:7f:d9:88:03:ab:
         11:5b:73:b9:fd:dd:95:34:02:a1:84:e2:93:56:e3:e5:2f:34:
         34:2c:38:42:d5:ef:8b:3d:6a:08:5d:cb:e6:67:a3:23:15:29:
         65:bf:07:7d:5d:ec:40:1b:ea:e8:eb:26:8c:c2:ca:43:c8:25:
         7d:e3:c5:14:18:e8:64:47:6a:e4:81:63:a5:ce:1e:1f:ed:1f:
         5d:e5:ea:a3:d9:a1:17:a7:9e:61:79:cb:25:f6:10:50:ff:73:
         49:a2:07:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI1EwwsXV1LZTA8ZEywF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI1YTkwOThmM2VjZmFiMWZlOWNmMjk0YjUzN2JmOGU3OTM3MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskYU9/X/kWQ4Q6xctZt1RxRVrfAy
HsZ+p6mGlbF3V17rAbUb4qR6RPzt9pLIPOwziMUUiJKXEFj6dQ7ES25ZC/8Fycii
tRV5CpjB6mMLl8GKz1vuiQZ760spOqtHvNzm0BGInmTb/WBkYj4Vv1YVzrgTYj4o
M1Vnlu/FFfptlv3AXbYA9mRgmVf5V5f60oQMfuWIukO33GIf0G0KpBJPHXWn9RZU
aHNhnrxc6ydhaPQ9BMfM5z3WCCdAnHwCiKokjpBw1v2m3OTb2fW2RPYjUqVN4Nh+
uwVC/oTbQQm3c+WD3Uz/nrrKUGlOLl9kvEwaPV+YSJ/owXqZDCyknCYeWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHu1qQmPPs+rH+nPKUtTe/jnk3ImMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZTdXcENZOC16NnNmNmM4cFMxTjctT2VUY2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzu4MA0G
CSqGSIb3DQEBCwUAA4IBAQAug6aW6pMN76KWUTbGlds3YfPdgtBlBiYTeF/e7MqJ
ZTu7dmnUCOkiTKTEbs4adqcpilB1p9ab4km7dNGsch194G9dlvWizUdg6JI7146V
tIVDrCgt6xNWSBtE0ZLx6HKWRtdHJYYQq/cMppNJzUh7sO6m9IlEaInqgNlbZYrj
DHSsa21B6s3HnyN8eFVh5SJKz0oFzsBUytMSuKEVf9mIA6sRW3O5/d2VNAKhhOKT
VuPlLzQ0LDhC1e+LPWoIXcvmZ6MjFSllvwd9XexAG+ro6yaMwspDyCV948UUGOhk
R2rkgWOlzh4f7R9d5eqj2aEXp55hecsl9hBQ/3NJogdl
-----END CERTIFICATE-----