Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/VXp3FaJ6UMOKbyHWXOaArP0jPJw.roa
File:                     VXp3FaJ6UMOKbyHWXOaArP0jPJw.roa (raw, json)
Hash identifier:          tYQYSxuzvXfS6kF3P0yvpSS8+Gelx8IUCneK9fxOT0c=
Subject key identifier:   55:7A:77:15:A2:7A:50:C3:8A:6F:21:D6:5C:E6:80:AC:FD:23:3C:9C
Certificate issuer:       /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial:       018CC8DF1D5E07230BD435F98EEF85043C03
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/VXp3FaJ6UMOKbyHWXOaArP0jPJw.roa
Signing time:             Tue 02 Jan 2024 06:31:54 +0000
ROA not before:           Tue 02 Jan 2024 06:31:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42724
IP address blocks:        93.177.100.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 08:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:1d:5e:07:23:0b:d4:35:f9:8e:ef:85:04:3c:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
        Validity
            Not Before: Jan  2 06:31:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=557a7715a27a50c38a6f21d65ce680acfd233c9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ba:0b:81:4d:6e:b3:bb:b4:1b:65:cc:ba:1c:
                    f0:3e:fb:61:db:05:cf:52:f4:b9:bb:7c:13:3e:cf:
                    3e:0a:9f:09:96:3d:c0:2a:fe:df:1d:a8:60:1a:c4:
                    c8:79:40:09:d6:b4:40:b5:40:3a:1e:17:b7:75:59:
                    47:02:2c:6b:b7:d5:15:aa:e1:3f:a6:6b:e8:d5:d6:
                    e0:73:d8:ed:42:99:1b:8f:44:ad:6c:b9:ec:34:5b:
                    56:ee:76:65:67:1b:0f:bb:61:55:e8:38:73:a2:1c:
                    b7:3f:96:ee:fa:19:4a:2c:91:de:7b:67:cd:2d:2e:
                    73:4f:ca:25:d7:b3:02:64:74:95:30:2a:bc:84:09:
                    75:dd:e9:b2:0d:a2:48:f3:95:76:62:ea:af:83:4c:
                    0c:7a:35:46:04:55:25:3a:ec:87:ba:4c:88:67:85:
                    ab:05:07:51:d0:b5:e5:c4:a3:5f:65:26:dc:8b:1a:
                    e8:c1:cf:1d:3a:59:61:98:1b:24:7d:82:6c:60:ba:
                    06:be:0b:03:a7:51:8f:3d:5a:0a:4c:66:23:4e:5c:
                    1e:e1:d2:60:00:e7:62:64:46:43:fd:05:52:73:4a:
                    49:da:9c:da:10:f4:40:9f:4a:7d:e7:01:98:99:a5:
                    b9:37:2d:af:b1:2a:a2:d0:31:dd:2e:ca:e0:b8:7b:
                    f4:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:7A:77:15:A2:7A:50:C3:8A:6F:21:D6:5C:E6:80:AC:FD:23:3C:9C
            X509v3 Authority Key Identifier:
                keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/VXp3FaJ6UMOKbyHWXOaArP0jPJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.177.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:97:d8:f5:c1:7d:18:93:58:a6:cb:41:4c:ee:53:93:12:5d:
         26:be:b9:cf:30:b3:46:0e:b5:29:54:c4:31:0d:bf:50:98:a0:
         f1:82:e8:8c:92:52:0f:cb:75:68:de:5b:de:ed:43:8d:a9:0e:
         21:73:4f:1a:35:fb:b6:33:09:86:eb:a7:ad:87:60:57:76:8d:
         bc:b6:49:85:45:53:5d:63:ef:1e:45:d7:b3:16:a2:72:a0:5c:
         23:63:f4:cd:94:04:78:3c:77:ec:dc:4e:0e:21:65:8f:25:17:
         9c:f6:61:7a:1c:44:be:e3:88:ac:22:52:e5:9b:03:e3:45:dc:
         eb:47:37:63:41:64:a6:04:c0:31:e0:fb:ed:50:8e:82:6d:72:
         0d:07:07:a4:ee:be:eb:15:1b:1f:31:da:0e:47:1c:a4:38:58:
         d7:b4:a0:59:2c:ee:49:16:39:3e:6d:cc:3f:f0:c2:c3:63:6f:
         16:82:47:4f:9c:d7:04:30:da:69:34:d3:54:a4:60:95:aa:5e:
         3f:f8:a7:50:60:88:a7:04:80:6a:44:c8:16:6d:00:05:df:53:
         da:14:b0:bf:bc:ac:be:03:ef:34:6a:ea:2a:a0:6d:00:ac:1e:
         a0:09:ab:f8:3e:fb:ff:25:d8:f6:9d:62:12:b1:5a:81:0a:c3:
         52:2f:6f:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3x1eByML1DX5ju+FBDwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjQwMTAyMDYzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdhNzcxNWEyN2E1MGMzOGE2ZjIxZDY1Y2U2ODBhY2ZkMjMzYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsroLgU1us7u0G2XMuhzwPvth2wXP
UvS5u3wTPs8+Cp8Jlj3AKv7fHahgGsTIeUAJ1rRAtUA6Hhe3dVlHAixrt9UVquE/
pmvo1dbgc9jtQpkbj0StbLnsNFtW7nZlZxsPu2FV6Dhzohy3P5bu+hlKLJHee2fN
LS5zT8ol17MCZHSVMCq8hAl13emyDaJI85V2Yuqvg0wMejVGBFUlOuyHukyIZ4Wr
BQdR0LXlxKNfZSbcixrowc8dOllhmBskfYJsYLoGvgsDp1GPPVoKTGYjTlwe4dJg
AOdiZEZD/QVSc0pJ2pzaEPRAn0p95wGYmaW5Ny2vsSqi0DHdLsrguHv0gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFV6dxWielDDim8h1lzmgKz9IzycMB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvVlhwM0ZhSjZVTU9LYnlIV1hPYUFyUDBqUEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbFkMA0G
CSqGSIb3DQEBCwUAA4IBAQC0l9j1wX0Yk1imy0FM7lOTEl0mvrnPMLNGDrUpVMQx
Db9QmKDxguiMklIPy3Vo3lve7UONqQ4hc08aNfu2MwmG66eth2BXdo28tkmFRVNd
Y+8eRdezFqJyoFwjY/TNlAR4PHfs3E4OIWWPJRec9mF6HES+44isIlLlmwPjRdzr
RzdjQWSmBMAx4PvtUI6CbXINBwek7r7rFRsfMdoORxykOFjXtKBZLO5JFjk+bcw/
8MLDY28WgkdPnNcEMNppNNNUpGCVql4/+KdQYIinBIBqRMgWbQAF31PaFLC/vKy+
A+80auoqoG0ArB6gCav4Pvv/Jdj2nWISsVqBCsNSL293
-----END CERTIFICATE-----