Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/AdJqJvlWVSQ_2sjUlxPnhKVvXgE.roa
File:                     AdJqJvlWVSQ_2sjUlxPnhKVvXgE.roa (raw, json)
Hash identifier:          rvwXexvACQ2KWhkVUmfkFIN6qH1hFBVmtLOZa/tj5cA=
Subject key identifier:   01:D2:6A:26:F9:56:55:24:3F:DA:C8:D4:97:13:E7:84:A5:6F:5E:01
Certificate issuer:       /CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
Certificate serial:       019427B53353BA560203E11C0210489B518A
Authority key identifier: A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/AdJqJvlWVSQ_2sjUlxPnhKVvXgE.roa
Signing time:             Thu 02 Jan 2025 15:49:33 +0000
ROA not before:           Thu 02 Jan 2025 15:49:33 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     2914
IP address blocks:        212.82.40.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 12 Apr 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b5:33:53:ba:56:02:03:e1:1c:02:10:48:9b:51:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
        Validity
            Not Before: Jan  2 15:49:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=01d26a26f95655243fdac8d49713e784a56f5e01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:22:30:3e:39:b5:5a:8c:48:7e:51:c0:d2:97:
                    e3:f6:62:de:cc:ef:04:98:c2:02:23:c3:5e:b6:b9:
                    c4:27:b8:85:d7:d0:0b:6a:3f:36:00:ae:fc:7f:8b:
                    8f:54:af:44:a9:d7:3f:a2:a8:b4:a6:ae:de:3e:62:
                    26:cc:16:a7:e9:78:ec:e9:54:3e:df:d1:29:23:40:
                    00:93:aa:1f:41:f1:9c:82:49:18:d4:12:37:45:a7:
                    6a:ba:88:0b:5d:7b:f2:f4:5c:47:30:a6:5d:91:f8:
                    81:28:a8:26:6a:25:97:cd:a2:3d:e0:7f:7f:b3:dd:
                    11:6e:e2:86:35:bf:ad:b9:e1:2b:6c:82:0f:f2:8e:
                    b5:0b:4d:b6:5f:3d:a8:63:cb:b3:61:dd:71:ab:dc:
                    bc:a1:bf:61:8f:0e:01:b7:e4:eb:9a:13:de:75:34:
                    4d:4d:c7:9c:a1:a0:16:11:88:92:5b:f9:b3:5c:14:
                    fb:24:89:d0:b9:8d:fe:b5:ed:da:f7:a3:b1:24:0f:
                    c5:a1:06:b7:6e:55:05:a0:e7:ca:81:5c:76:4f:88:
                    70:19:27:2d:c1:71:81:3c:48:71:f5:0c:92:b4:16:
                    dc:1c:ad:7f:97:0d:06:a3:f0:25:7a:85:0f:fd:70:
                    f9:12:72:d2:2f:e4:df:b1:86:81:99:ad:14:11:c8:
                    fb:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:D2:6A:26:F9:56:55:24:3F:DA:C8:D4:97:13:E7:84:A5:6F:5E:01
            X509v3 Authority Key Identifier:
                keyid:A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/AdJqJvlWVSQ_2sjUlxPnhKVvXgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.82.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:83:43:1b:f0:64:af:ba:e4:c7:71:9f:1e:12:36:1b:89:81:
         3a:fb:b8:a0:9f:c4:f1:32:45:bd:29:ad:4e:b6:c0:9f:b3:e7:
         d7:96:47:a1:c1:d4:7a:44:82:07:bf:44:e7:2d:88:ee:ab:c0:
         8c:1f:51:bf:d7:ad:47:af:7d:84:1d:56:f5:5d:08:59:1d:ee:
         85:d2:c5:44:49:03:f9:95:40:59:fc:c7:c5:28:2a:8e:d7:6a:
         82:85:7f:50:05:0d:aa:34:53:06:48:49:59:fc:0b:81:f8:41:
         f1:f5:00:2c:4f:ba:f9:09:ae:2e:a1:24:00:73:ff:37:fa:72:
         44:43:b2:dd:b4:eb:14:ef:2e:f2:88:0c:2d:99:bf:06:e0:d0:
         32:44:41:5c:cd:64:68:13:42:bd:d5:d4:0f:fd:81:2d:0e:ab:
         02:ed:2f:bb:41:90:cd:40:ea:d5:72:a4:af:b6:07:7e:2d:c0:
         04:50:0b:9e:ca:88:b5:a8:b6:b3:49:b5:1f:75:7f:fa:2b:cb:
         40:ed:a4:d1:28:a4:70:73:15:21:d9:82:79:dc:8e:80:81:36:
         c7:07:64:79:63:e9:f3:ce:87:b9:c8:5f:ca:6a:d0:3e:aa:37:
         1d:bf:ed:8a:9d:a0:7b:c4:a1:9b:06:2c:75:d0:be:a1:c9:9e:
         86:24:d7:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntTNTulYCA+EcAhBIm1GKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTdhMGQyZmM1N2E2N2JiMmI3ZTg1YzNlOGQ3ODE5MmJj
YTBmMTgwHhcNMjUwMTAyMTU0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQyNmEyNmY5NTY1NTI0M2ZkYWM4ZDQ5NzEzZTc4NGE1NmY1ZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yIwPjm1WoxIflHA0pfj9mLezO8E
mMICI8NetrnEJ7iF19ALaj82AK78f4uPVK9Eqdc/oqi0pq7ePmImzBan6Xjs6VQ+
39EpI0AAk6ofQfGcgkkY1BI3RadquogLXXvy9FxHMKZdkfiBKKgmaiWXzaI94H9/
s90RbuKGNb+tueErbIIP8o61C022Xz2oY8uzYd1xq9y8ob9hjw4Bt+TrmhPedTRN
TcecoaAWEYiSW/mzXBT7JInQuY3+te3a96OxJA/FoQa3blUFoOfKgVx2T4hwGSct
wXGBPEhx9QyStBbcHK1/lw0Go/AleoUP/XD5EnLSL+TfsYaBma0UEcj7HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHSaib5VlUkP9rI1JcT54Slb14BMB8GA1UdIwQY
MBaAFKTnoNL8V6Z7srfoXD6NeBkryg8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMt
YTYxMjZiNTQwOTRkLzEvQWRKcUp2bFdWU1FfMnNqVWx4UG5oS1Z2WGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMtYTYxMjZiNTQwOTRk
LzEvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FIoMA0G
CSqGSIb3DQEBCwUAA4IBAQAwg0Mb8GSvuuTHcZ8eEjYbiYE6+7ign8TxMkW9Ka1O
tsCfs+fXlkehwdR6RIIHv0TnLYjuq8CMH1G/161Hr32EHVb1XQhZHe6F0sVESQP5
lUBZ/MfFKCqO12qChX9QBQ2qNFMGSElZ/AuB+EHx9QAsT7r5Ca4uoSQAc/83+nJE
Q7LdtOsU7y7yiAwtmb8G4NAyREFczWRoE0K91dQP/YEtDqsC7S+7QZDNQOrVcqSv
tgd+LcAEUAueyoi1qLazSbUfdX/6K8tA7aTRKKRwcxUh2YJ53I6AgTbHB2R5Y+nz
zoe5yF/KatA+qjcdv+2KnaB7xKGbBix10L6hyZ6GJNfN
-----END CERTIFICATE-----