Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/RqqoRhrceWuGtnIZV1wEsLPQhgk.roa
File:                     RqqoRhrceWuGtnIZV1wEsLPQhgk.roa (raw, json)
Hash identifier:          jzrbAEyVJmFxV63wyqB8uezAjQ9VoPcM08NXbt0HI+k=
Subject key identifier:   46:AA:A8:46:1A:DC:79:6B:86:B6:72:19:57:5C:04:B0:B3:D0:86:09
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018E3227613FACAA157A68333BC70D1D750C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/RqqoRhrceWuGtnIZV1wEsLPQhgk.roa
Signing time:             Tue 12 Mar 2024 10:13:45 +0000
ROA not before:           Tue 12 Mar 2024 10:13:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211114
IP address blocks:        45.8.196.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:32:27:61:3f:ac:aa:15:7a:68:33:3b:c7:0d:1d:75:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Mar 12 10:13:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=46aaa8461adc796b86b67219575c04b0b3d08609
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:76:45:b2:94:e7:4a:7e:bc:c3:e7:05:30:3a:
                    94:ce:94:ce:31:9c:9c:73:05:c6:c0:55:ef:c2:26:
                    18:a4:25:5a:5e:2a:73:36:d0:12:9f:44:6c:8a:26:
                    f5:b1:5d:51:c9:93:ac:fa:a3:d9:ca:73:f2:c9:ee:
                    6b:1a:6f:11:45:e8:f0:60:bf:eb:f8:70:4a:3a:fd:
                    ae:61:b2:7a:d7:d5:d7:b6:5b:cb:84:91:95:ed:20:
                    3e:d3:bf:c7:04:fe:01:f0:a9:66:aa:dd:fe:98:e3:
                    be:ae:56:90:43:51:d5:73:9c:03:20:8a:fe:c9:a6:
                    ff:7c:ec:29:0a:6a:3e:49:63:a7:1a:4d:6e:7b:38:
                    5f:31:e3:a4:04:43:c9:2e:96:fc:09:9c:d6:17:f2:
                    a5:c1:af:55:b7:e6:bc:5a:35:68:d0:6e:3a:1c:d6:
                    09:a7:aa:13:90:62:d9:58:b9:25:52:a2:8b:75:86:
                    cd:81:6e:f5:69:99:33:b2:ed:ee:7f:80:71:5f:a3:
                    b1:b2:b8:de:f5:a7:72:c0:b9:88:08:41:03:31:86:
                    c8:99:40:45:e8:1d:5b:da:8a:36:52:5c:d1:8f:cc:
                    a3:9d:89:1e:67:4a:92:14:35:7f:c5:9d:25:59:25:
                    46:3e:33:e0:f8:58:42:ae:d1:c8:4e:35:df:18:ef:
                    90:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:AA:A8:46:1A:DC:79:6B:86:B6:72:19:57:5C:04:B0:B3:D0:86:09
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/RqqoRhrceWuGtnIZV1wEsLPQhgk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:8c:06:e9:f8:aa:67:40:fb:4c:eb:37:5f:e4:74:da:1e:7e:
         70:0d:0e:0f:7e:7f:04:11:11:cc:ae:2f:47:44:5b:e0:6b:d0:
         a1:51:49:61:1a:e9:43:ba:8b:9f:ba:63:ca:03:50:2e:29:c6:
         89:e5:b8:8a:59:30:5b:99:fd:bf:da:5f:31:9e:b0:56:60:04:
         74:f5:c0:b5:44:13:ea:a5:f0:c1:12:c5:8b:ee:10:e5:a9:90:
         50:08:0e:ae:82:73:47:b3:9a:77:6c:ba:c9:6d:e4:31:2f:73:
         a4:35:1d:ca:f7:fa:27:3a:4e:34:58:dd:f2:af:ff:8d:2c:db:
         3a:20:cd:17:97:5e:ad:12:92:32:01:88:3d:78:3e:95:34:bd:
         97:d3:7a:1e:e7:94:86:38:61:91:b7:4e:ac:2d:25:8b:32:4a:
         b0:c9:61:8d:5f:18:88:07:c1:c2:2b:e8:3e:39:39:22:0f:3c:
         80:b1:20:12:34:79:63:89:03:8f:e2:44:f9:40:c7:e8:47:8f:
         4c:c0:3e:a6:83:fc:4d:2d:6e:eb:74:1c:ac:4b:7f:c3:8e:72:
         38:5e:5c:2b:e4:ff:e7:ee:2f:fb:05:3d:ea:f4:d9:80:4b:f6:
         b4:c4:b5:37:f5:32:4a:e6:32:f6:e4:bb:34:f9:9d:28:92:24:
         77:81:20:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yJ2E/rKoVemgzO8cNHXUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMzEyMTAxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFhYTg0NjFhZGM3OTZiODZiNjcyMTk1NzVjMDRiMGIzZDA4NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnZFspTnSn68w+cFMDqUzpTOMZyc
cwXGwFXvwiYYpCVaXipzNtASn0Rsiib1sV1RyZOs+qPZynPyye5rGm8RRejwYL/r
+HBKOv2uYbJ619XXtlvLhJGV7SA+07/HBP4B8Klmqt3+mOO+rlaQQ1HVc5wDIIr+
yab/fOwpCmo+SWOnGk1uezhfMeOkBEPJLpb8CZzWF/Klwa9Vt+a8WjVo0G46HNYJ
p6oTkGLZWLklUqKLdYbNgW71aZkzsu3uf4BxX6Oxsrje9adywLmICEEDMYbImUBF
6B1b2oo2UlzRj8yjnYkeZ0qSFDV/xZ0lWSVGPjPg+FhCrtHITjXfGO+QDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEaqqEYa3HlrhrZyGVdcBLCz0IYJMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUnFxb1JocmNlV3VHdG5JWlYxd0VzTFBRaGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjEMA0G
CSqGSIb3DQEBCwUAA4IBAQBKjAbp+KpnQPtM6zdf5HTaHn5wDQ4Pfn8EERHMri9H
RFvga9ChUUlhGulDuoufumPKA1AuKcaJ5biKWTBbmf2/2l8xnrBWYAR09cC1RBPq
pfDBEsWL7hDlqZBQCA6ugnNHs5p3bLrJbeQxL3OkNR3K9/onOk40WN3yr/+NLNs6
IM0Xl16tEpIyAYg9eD6VNL2X03oe55SGOGGRt06sLSWLMkqwyWGNXxiIB8HCK+g+
OTkiDzyAsSASNHljiQOP4kT5QMfoR49MwD6mg/xNLW7rdBysS3/DjnI4Xlwr5P/n
7i/7BT3q9NmAS/a0xLU39TJK5jL25Ls0+Z0okiR3gSB3
-----END CERTIFICATE-----