Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pu8qds1FAIq3hV4zVKF-P5VeYBE.roa
File:                     pu8qds1FAIq3hV4zVKF-P5VeYBE.roa (raw, json)
Hash identifier:          xOynbR8neAO7FFYBNHw6wavABG7MtWkHqqJcROSBiU0=
Subject key identifier:   A6:EF:2A:76:CD:45:00:8A:B7:85:5E:33:54:A1:7E:3F:95:5E:60:11
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       0191578FAE5EEC0A796D210AB11A7CCFA39D
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pu8qds1FAIq3hV4zVKF-P5VeYBE.roa
Signing time:             Thu 15 Aug 2024 19:41:59 +0000
ROA not before:           Thu 15 Aug 2024 19:41:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215362
IP address blocks:        88.80.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:57:8f:ae:5e:ec:0a:79:6d:21:0a:b1:1a:7c:cf:a3:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Aug 15 19:41:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a6ef2a76cd45008ab7855e3354a17e3f955e6011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:bb:c9:43:f8:6b:93:ab:05:ba:d1:43:93:c3:
                    0a:93:c3:39:d5:22:28:00:87:3c:2a:c6:f3:a4:3b:
                    b2:cc:8a:ee:83:1f:f5:66:5d:95:8d:70:68:e3:b2:
                    0f:55:a4:9a:de:c8:25:60:c5:a1:cd:12:0d:6a:ae:
                    06:9a:86:b1:3a:ef:30:8e:cd:e5:e9:a6:ac:5e:2c:
                    92:70:fe:a6:4f:23:72:46:91:90:1a:49:05:a3:d8:
                    98:ec:35:04:8b:c0:37:e8:26:11:f0:c7:91:19:d7:
                    d4:1c:c6:09:52:a0:67:65:4b:13:4d:c4:55:10:a5:
                    bc:dc:c2:19:24:21:d2:5c:05:f9:23:44:10:4c:18:
                    4c:5f:57:ff:33:da:0c:29:8d:d3:c1:ae:a4:d7:48:
                    07:10:e1:91:18:17:7c:e5:ec:2c:6a:a0:9b:5b:1b:
                    39:1b:07:21:92:da:88:84:88:97:4e:90:c0:1f:1d:
                    38:d9:24:da:bc:31:27:d9:57:e7:4a:56:40:e8:ee:
                    52:25:20:a0:37:e4:73:04:a9:08:36:07:80:fe:59:
                    e3:0c:a6:61:d6:75:1a:4d:60:40:ce:42:a2:0e:11:
                    d6:72:d6:17:8b:00:9b:a5:ce:4e:93:92:00:f4:3b:
                    4c:ba:38:a0:df:ca:61:60:7f:ae:d5:0f:ab:bb:ca:
                    91:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:EF:2A:76:CD:45:00:8A:B7:85:5E:33:54:A1:7E:3F:95:5E:60:11
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/pu8qds1FAIq3hV4zVKF-P5VeYBE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.80.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:48:2a:96:d9:55:ea:f9:06:2b:10:08:d8:f8:ef:22:05:8f:
         91:ee:8b:31:d2:a2:64:36:97:c9:1d:61:8f:ab:1a:72:bd:fb:
         d4:e3:54:34:ac:1f:54:28:98:1d:5e:c3:d3:a6:48:3f:56:cb:
         eb:9c:e0:a6:4c:97:c0:60:26:6e:dd:8f:1e:d3:02:43:64:f4:
         15:ea:2f:b6:4e:dc:a4:a9:29:2a:2d:af:19:61:6c:66:d1:6f:
         db:06:77:c5:9e:eb:3a:00:f0:ca:11:10:35:1c:07:e5:20:78:
         ca:64:76:f4:bc:c7:ef:22:1b:62:71:75:1d:c9:36:f7:ce:f3:
         8d:e7:c0:68:0d:a5:92:12:6d:1e:70:91:5f:85:80:a0:d6:8d:
         62:57:1a:b9:c0:48:ac:72:17:ee:27:64:4e:63:fe:52:01:97:
         b1:76:8e:a3:83:27:6f:d4:65:aa:c0:41:87:1b:ad:4e:aa:c9:
         6f:9b:f0:6c:e6:de:96:f3:d0:6e:48:36:63:75:9d:f6:ff:18:
         0d:6a:3a:9f:c6:09:ec:05:54:42:d2:cb:36:03:c8:ee:18:52:
         a4:ad:af:a8:80:28:ae:3c:14:d6:92:a3:86:09:0d:a3:0f:55:
         b2:a7:4b:d7:5a:18:fd:de:2d:a8:e3:f1:71:d7:2c:cd:eb:84:
         99:22:37:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFXj65e7Ap5bSEKsRp8z6OdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwODE1MTk0MTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVmMmE3NmNkNDUwMDhhYjc4NTVlMzM1NGExN2UzZjk1NWU2MDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rvJQ/hrk6sFutFDk8MKk8M51SIo
AIc8KsbzpDuyzIrugx/1Zl2VjXBo47IPVaSa3sglYMWhzRINaq4GmoaxOu8wjs3l
6aasXiyScP6mTyNyRpGQGkkFo9iY7DUEi8A36CYR8MeRGdfUHMYJUqBnZUsTTcRV
EKW83MIZJCHSXAX5I0QQTBhMX1f/M9oMKY3Twa6k10gHEOGRGBd85ewsaqCbWxs5
GwchktqIhIiXTpDAHx042STavDEn2VfnSlZA6O5SJSCgN+RzBKkINgeA/lnjDKZh
1nUaTWBAzkKiDhHWctYXiwCbpc5Ok5IA9DtMujig38phYH+u1Q+ru8qRwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbvKnbNRQCKt4VeM1Shfj+VXmARMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvcHU4cWRzMUZBSXEzaFY0elZLRi1QNVZlWUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCHMA0G
CSqGSIb3DQEBCwUAA4IBAQCDSCqW2VXq+QYrEAjY+O8iBY+R7osx0qJkNpfJHWGP
qxpyvfvU41Q0rB9UKJgdXsPTpkg/VsvrnOCmTJfAYCZu3Y8e0wJDZPQV6i+2Ttyk
qSkqLa8ZYWxm0W/bBnfFnus6APDKERA1HAflIHjKZHb0vMfvIhticXUdyTb3zvON
58BoDaWSEm0ecJFfhYCg1o1iVxq5wEischfuJ2ROY/5SAZexdo6jgydv1GWqwEGH
G61Oqslvm/Bs5t6W89BuSDZjdZ32/xgNajqfxgnsBVRC0ss2A8juGFKkra+ogCiu
PBTWkqOGCQ2jD1Wyp0vXWhj93i2o4/Fx1yzN64SZIjfT
-----END CERTIFICATE-----