Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tegAuViW_-InTPRc5s49-ncshow.roa
File:                     tegAuViW_-InTPRc5s49-ncshow.roa (raw, json)
Hash identifier:          RgjJBILsZ2MOhEeTYIBE3Ymf976aISRUg9RdF3ihbW4=
Subject key identifier:   B5:E8:00:B9:58:96:FF:E2:27:4C:F4:5C:E6:CE:3D:FA:77:2C:86:8C
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018D3BF9A059118F172E95E87E447EABCC2E
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tegAuViW_-InTPRc5s49-ncshow.roa
Signing time:             Wed 24 Jan 2024 14:57:11 +0000
ROA not before:           Wed 24 Jan 2024 14:57:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215681
IP address blocks:        5.180.34.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:3b:f9:a0:59:11:8f:17:2e:95:e8:7e:44:7e:ab:cc:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jan 24 14:57:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b5e800b95896ffe2274cf45ce6ce3dfa772c868c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1e:41:0f:5d:92:81:e6:0d:cf:7a:34:4b:f6:
                    5d:a4:d3:f7:c2:95:52:88:b3:35:83:47:7f:25:57:
                    cc:c6:4b:26:b6:d4:f4:2e:61:f7:d6:68:59:7a:69:
                    c5:a2:01:e6:ce:65:c7:09:61:80:9f:d4:37:47:ee:
                    4f:0d:69:1b:8a:b7:17:d0:9d:15:40:dd:0d:a9:38:
                    8b:ef:92:37:5e:0a:bd:7c:54:c9:d3:3a:81:f9:17:
                    33:04:53:d3:4b:13:22:48:43:96:87:38:3a:90:b3:
                    22:16:e7:23:6d:31:8b:d2:ec:49:62:34:b6:77:65:
                    f4:15:cd:58:f7:57:d6:62:db:e5:83:1f:96:f1:28:
                    5a:50:07:57:b2:91:d1:1b:7d:93:7f:20:96:f0:a4:
                    64:db:ef:b3:a5:26:d1:e7:c8:2a:10:bf:07:82:20:
                    52:04:ed:ce:cf:46:f3:aa:8a:bf:e5:eb:a8:34:e4:
                    90:ce:12:7d:da:1a:7f:53:91:ad:56:a3:ba:53:bf:
                    1a:17:43:8f:df:02:e4:a3:2d:54:47:dc:7f:67:fa:
                    0e:a4:f0:39:54:fc:a2:bf:47:b7:b1:73:0e:69:ea:
                    45:19:7e:c8:7f:66:20:aa:df:19:09:30:34:82:64:
                    83:c3:4b:3e:9b:1b:3a:d8:00:8f:ec:48:54:72:01:
                    82:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:E8:00:B9:58:96:FF:E2:27:4C:F4:5C:E6:CE:3D:FA:77:2C:86:8C
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tegAuViW_-InTPRc5s49-ncshow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:c1:70:c9:0c:ab:f1:68:68:29:0a:c0:60:78:c3:c3:a5:e0:
         70:7e:12:2d:20:d4:e1:57:c4:ef:99:88:66:7e:27:8b:f6:e5:
         e6:9b:81:e4:ff:97:d6:96:c1:39:37:83:4c:69:13:16:79:7b:
         d1:66:fd:8a:5d:64:86:24:f8:48:93:cb:20:d5:d1:d0:46:97:
         32:6e:e8:ce:2d:b0:35:0b:c9:ed:65:2a:c8:33:29:1b:36:19:
         12:f2:52:65:28:e5:7b:e7:7e:80:29:32:73:37:24:ab:ce:3e:
         ef:36:48:64:c0:10:d8:1f:5c:9f:b3:a9:ac:7b:64:7a:f2:77:
         25:f9:fc:d6:25:e5:4b:e5:3f:85:e1:ae:d4:22:1d:c4:10:22:
         e2:0b:90:74:f1:aa:ad:88:56:9b:8f:6e:88:42:44:d9:20:de:
         f4:dd:82:f4:71:59:90:3f:43:70:03:d5:1c:0f:a5:be:f5:39:
         2e:bc:c7:e9:f1:a8:4e:73:ad:78:5c:c5:dd:8b:d2:16:cf:f9:
         4c:84:de:09:ba:cc:1f:2b:5d:94:20:d4:33:9e:84:ef:e0:09:
         10:2f:cf:3e:c5:8e:ff:2c:d3:ff:20:42:97:95:3a:26:91:fa:
         8f:a8:c7:10:10:81:8b:4e:61:c3:f6:40:aa:a0:c7:62:84:ec:
         1f:52:8d:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY07+aBZEY8XLpXofkR+q8wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTI0MTQ1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU4MDBiOTU4OTZmZmUyMjc0Y2Y0NWNlNmNlM2RmYTc3MmM4NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB5BD12SgeYNz3o0S/ZdpNP3wpVS
iLM1g0d/JVfMxksmttT0LmH31mhZemnFogHmzmXHCWGAn9Q3R+5PDWkbircX0J0V
QN0NqTiL75I3Xgq9fFTJ0zqB+RczBFPTSxMiSEOWhzg6kLMiFucjbTGL0uxJYjS2
d2X0Fc1Y91fWYtvlgx+W8ShaUAdXspHRG32TfyCW8KRk2++zpSbR58gqEL8HgiBS
BO3Oz0bzqoq/5euoNOSQzhJ92hp/U5GtVqO6U78aF0OP3wLkoy1UR9x/Z/oOpPA5
VPyiv0e3sXMOaepFGX7If2Ygqt8ZCTA0gmSDw0s+mxs62ACP7EhUcgGCJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXoALlYlv/iJ0z0XObOPfp3LIaMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdGVnQXVWaVdfLUluVFBSYzVzNDktbmNzaG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQiMA0G
CSqGSIb3DQEBCwUAA4IBAQC6wXDJDKvxaGgpCsBgeMPDpeBwfhItINThV8TvmYhm
fieL9uXmm4Hk/5fWlsE5N4NMaRMWeXvRZv2KXWSGJPhIk8sg1dHQRpcybujOLbA1
C8ntZSrIMykbNhkS8lJlKOV7536AKTJzNySrzj7vNkhkwBDYH1yfs6mse2R68ncl
+fzWJeVL5T+F4a7UIh3EECLiC5B08aqtiFabj26IQkTZIN703YL0cVmQP0NwA9Uc
D6W+9TkuvMfp8ahOc614XMXdi9IWz/lMhN4JuswfK12UINQznoTv4AkQL88+xY7/
LNP/IEKXlTomkfqPqMcQEIGLTmHD9kCqoMdihOwfUo0l
-----END CERTIFICATE-----