Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/YnJ26bGDXX1huMvr8EfEnzAcB78.roa
File:                     YnJ26bGDXX1huMvr8EfEnzAcB78.roa (raw, json)
Hash identifier:          k0PljRyemCupKRxSVAifU5D7QGL/CooV0WFr/NbUXsk=
Subject key identifier:   62:72:76:E9:B1:83:5D:7D:61:B8:CB:EB:F0:47:C4:9F:30:1C:07:BF
Certificate issuer:       /CN=77bdd75f2efc244f86a321b150e62936a14029db
Certificate serial:       01942444DCA3AD24C3842369195F485BCDFE
Authority key identifier: 77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/YnJ26bGDXX1huMvr8EfEnzAcB78.roa
Signing time:             Wed 01 Jan 2025 23:48:00 +0000
ROA not before:           Wed 01 Jan 2025 23:48:00 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     14618
IP address blocks:        195.234.155.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Feb 2025 14:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:44:dc:a3:ad:24:c3:84:23:69:19:5f:48:5b:cd:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77bdd75f2efc244f86a321b150e62936a14029db
        Validity
            Not Before: Jan  1 23:48:00 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=627276e9b1835d7d61b8cbebf047c49f301c07bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:01:5f:bf:75:43:4d:3a:55:53:3d:5c:04:b5:
                    a4:a0:6d:90:3b:27:a7:da:5f:7d:b8:42:59:4f:7e:
                    e8:fd:d4:f4:80:20:6c:5e:20:b8:88:d3:6e:8e:99:
                    d1:47:f1:b9:64:21:d2:77:42:db:c6:15:c6:81:c8:
                    c9:58:16:f7:9d:6a:d8:d9:67:2f:54:83:e6:8f:4d:
                    28:1e:27:19:c8:16:77:43:16:7a:78:a9:0e:1a:cc:
                    42:45:c9:67:b7:d6:7c:66:b0:2b:df:a8:3b:75:93:
                    b8:94:ea:66:fc:51:be:32:b5:96:e8:2c:74:a3:2f:
                    45:09:3e:d3:24:55:39:fa:b4:58:ea:d7:f8:98:24:
                    63:c8:e8:fb:f1:24:9e:3d:3d:77:32:e2:2a:82:21:
                    68:f4:a3:0a:12:15:b9:64:c8:84:a0:bf:05:73:1a:
                    5b:93:27:d6:b9:40:e2:e7:bf:59:14:f2:cd:3a:b0:
                    8c:f2:4a:0e:18:fc:1f:37:1d:86:41:81:c0:de:d4:
                    9b:07:86:28:f6:6c:92:ae:af:43:7a:0e:a3:91:72:
                    89:ea:5a:b1:e7:ef:0a:2d:b7:bf:47:b9:11:8f:c8:
                    93:cd:45:2b:25:4b:98:39:c6:e6:76:92:8b:9a:b5:
                    7b:b2:ae:21:3b:0a:43:83:14:62:5c:57:3a:84:c2:
                    a6:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:72:76:E9:B1:83:5D:7D:61:B8:CB:EB:F0:47:C4:9F:30:1C:07:BF
            X509v3 Authority Key Identifier:
                keyid:77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/YnJ26bGDXX1huMvr8EfEnzAcB78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.234.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:cd:c4:b9:72:38:2c:d7:f3:cf:8a:db:0a:a6:a8:68:cc:02:
         89:7e:7d:3a:8a:ea:b3:e7:7f:a6:7f:f7:03:18:0d:b2:e1:78:
         3c:98:10:a2:8b:ee:a4:f2:c2:27:c6:d1:d4:20:5f:4b:fd:e3:
         d1:41:94:72:9b:de:5e:92:c1:6d:f7:ca:6d:7b:47:3a:60:d1:
         55:c7:7e:05:71:81:cc:2b:75:1d:2b:91:be:70:6f:f6:9e:a8:
         b1:8b:b1:de:78:d7:d9:2d:03:44:cb:87:27:9b:06:d8:fc:f0:
         07:cc:e2:f1:82:10:cf:28:15:b1:2f:5d:7d:45:e0:7d:a3:75:
         fc:d5:d6:b1:d5:73:30:a7:f3:1a:f4:e5:cd:5b:79:8c:c4:dc:
         b9:82:27:f7:10:a5:59:ab:2b:23:ef:1e:70:32:f8:ce:1b:48:
         88:08:ae:ae:01:2e:f5:4c:7e:45:02:45:2f:58:fe:34:98:12:
         42:a4:a0:9c:a1:66:52:dd:44:26:b5:7b:7a:ea:57:0e:33:0d:
         92:67:21:0c:38:c5:53:55:60:70:fd:dd:4c:4f:54:94:c1:d2:
         1e:88:77:df:97:a9:c1:0b:99:a7:92:a4:cb:77:ee:6a:81:d8:
         e8:19:eb:91:b4:8b:8a:ff:97:cf:2f:c3:d2:5f:a8:42:62:2a:
         60:33:4f:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNyjrSTDhCNpGV9IW83+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmRkNzVmMmVmYzI0NGY4NmEzMjFiMTUwZTYyOTM2YTE0
MDI5ZGIwHhcNMjUwMTAxMjM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjcyNzZlOWIxODM1ZDdkNjFiOGNiZWJmMDQ3YzQ5ZjMwMWMwN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgFfv3VDTTpVUz1cBLWkoG2QOyen
2l99uEJZT37o/dT0gCBsXiC4iNNujpnRR/G5ZCHSd0LbxhXGgcjJWBb3nWrY2Wcv
VIPmj00oHicZyBZ3QxZ6eKkOGsxCRclnt9Z8ZrAr36g7dZO4lOpm/FG+MrWW6Cx0
oy9FCT7TJFU5+rRY6tf4mCRjyOj78SSePT13MuIqgiFo9KMKEhW5ZMiEoL8Fcxpb
kyfWuUDi579ZFPLNOrCM8koOGPwfNx2GQYHA3tSbB4Yo9mySrq9Deg6jkXKJ6lqx
5+8KLbe/R7kRj8iTzUUrJUuYOcbmdpKLmrV7sq4hOwpDgxRiXFc6hMKmvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJydumxg119YbjL6/BHxJ8wHAe/MB8GA1UdIwQY
MBaAFHe9118u/CRPhqMhsVDmKTahQCnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEt
MWRlZGJlN2I1YmFmLzEvWW5KMjZiR0RYWDFodU12cjhFZkVuekFjQjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEtMWRlZGJlN2I1YmFm
LzEvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qbMA0G
CSqGSIb3DQEBCwUAA4IBAQCdzcS5cjgs1/PPitsKpqhozAKJfn06iuqz53+mf/cD
GA2y4Xg8mBCii+6k8sInxtHUIF9L/ePRQZRym95eksFt98pte0c6YNFVx34FcYHM
K3UdK5G+cG/2nqixi7HeeNfZLQNEy4cnmwbY/PAHzOLxghDPKBWxL119ReB9o3X8
1dax1XMwp/Ma9OXNW3mMxNy5gif3EKVZqysj7x5wMvjOG0iICK6uAS71TH5FAkUv
WP40mBJCpKCcoWZS3UQmtXt66lcOMw2SZyEMOMVTVWBw/d1MT1SUwdIeiHffl6nB
C5mnkqTLd+5qgdjoGeuRtIuK/5fPL8PSX6hCYipgM09/
-----END CERTIFICATE-----