Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/13N31proienxtkTuFjsxPmL_HUA.roa
File:                     13N31proienxtkTuFjsxPmL_HUA.roa (raw, json)
Hash identifier:          sTzTVbe9GrhW/r0FwUkRbi9ZHkQSqCRoVyCRR7ws9mA=
Subject key identifier:   D7:73:77:D6:9A:E8:89:E9:F1:B6:44:EE:16:3B:31:3E:62:FF:1D:40
Certificate issuer:       /CN=8d576a86ae3a3532e109c5cdf729ad478c1c697f
Certificate serial:       018CCA29F7B909376FEDFA5B26D3C88C8006
Authority key identifier: 8D:57:6A:86:AE:3A:35:32:E1:09:C5:CD:F7:29:AD:47:8C:1C:69:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jVdqhq46NTLhCcXN9ymtR4wcaX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/13N31proienxtkTuFjsxPmL_HUA.roa
Signing time:             Tue 02 Jan 2024 12:33:17 +0000
ROA not before:           Tue 02 Jan 2024 12:33:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43701
IP address blocks:        193.23.230.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/jVdqhq46NTLhCcXN9ymtR4wcaX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/jVdqhq46NTLhCcXN9ymtR4wcaX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jVdqhq46NTLhCcXN9ymtR4wcaX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 04:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:f7:b9:09:37:6f:ed:fa:5b:26:d3:c8:8c:80:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d576a86ae3a3532e109c5cdf729ad478c1c697f
        Validity
            Not Before: Jan  2 12:33:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d77377d69ae889e9f1b644ee163b313e62ff1d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2c:85:e2:36:d9:69:9c:98:0a:6a:f7:08:4b:
                    db:91:4a:c8:1e:7a:11:93:9f:83:46:ac:64:3c:f8:
                    ab:e9:13:6e:ba:1b:53:f4:de:a9:72:ff:8f:45:2e:
                    a6:5e:34:9e:c3:4f:a9:27:91:0b:9e:fc:2d:3a:68:
                    62:fd:c1:b3:48:74:41:1f:19:e4:0c:5e:49:32:67:
                    8f:0e:cd:74:49:79:1b:63:08:e0:92:83:1e:f3:4e:
                    7b:68:fe:6c:25:8b:56:ea:f8:a3:a9:de:2e:03:8a:
                    fe:3a:93:e8:a3:ee:35:16:8c:b2:71:de:35:e8:88:
                    c8:06:32:09:d1:eb:b5:7e:97:4e:52:52:0f:32:a5:
                    06:c5:4b:56:a8:13:88:b0:d3:62:80:4e:ef:d6:92:
                    0a:8e:7c:70:d5:c0:b8:df:56:02:88:24:cd:7d:d3:
                    e6:56:d9:3c:1d:a6:40:9d:4c:6c:b1:2b:12:49:c3:
                    51:a2:4c:79:7e:b8:4a:15:17:5c:ac:23:e2:b9:94:
                    04:b3:bf:dd:51:74:92:5d:86:10:90:66:73:c9:60:
                    54:a1:78:88:8d:40:17:b1:60:9e:5f:88:fe:26:0e:
                    8f:59:a8:cc:40:12:45:cd:d8:19:63:b7:c5:9c:28:
                    8c:49:dc:fd:68:c7:76:fd:9a:fe:11:02:86:09:aa:
                    77:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:73:77:D6:9A:E8:89:E9:F1:B6:44:EE:16:3B:31:3E:62:FF:1D:40
            X509v3 Authority Key Identifier:
                keyid:8D:57:6A:86:AE:3A:35:32:E1:09:C5:CD:F7:29:AD:47:8C:1C:69:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVdqhq46NTLhCcXN9ymtR4wcaX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/13N31proienxtkTuFjsxPmL_HUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b8648-5e96-4cef-8055-64e729ef302d/1/jVdqhq46NTLhCcXN9ymtR4wcaX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.23.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:90:a2:97:4a:b9:ba:92:d5:14:12:69:55:13:30:a3:e9:b5:
         a6:4c:50:7c:69:b3:16:8b:c7:b6:03:b7:86:28:e8:88:8a:f5:
         bf:34:00:53:69:0c:13:b6:75:63:47:d8:3d:4f:3b:92:3a:71:
         98:e9:fe:79:83:88:8d:3d:87:f4:c2:96:92:c5:08:b0:9e:fe:
         85:3a:d2:87:7d:b0:32:11:56:a1:13:b8:38:e5:f4:54:ed:1b:
         70:ac:45:83:66:09:84:b9:af:df:80:9c:71:05:bf:35:9a:19:
         ef:7b:6d:21:93:72:a6:69:01:f6:14:4d:3a:68:30:02:71:e3:
         7b:2c:ac:76:63:bc:4c:65:54:d4:e5:95:02:42:0e:77:7f:24:
         ff:46:44:17:c8:83:50:7c:1e:a0:fe:e4:db:78:cd:f7:50:c3:
         f1:16:97:b8:06:03:bd:57:6f:a5:fd:3c:15:5a:90:8c:a0:be:
         4a:ff:d4:55:27:68:23:17:3e:a2:44:39:0c:c8:50:5b:6c:e6:
         d3:8d:43:3d:fb:10:a3:f5:ea:51:81:55:52:2d:b2:7e:63:d3:
         7f:f3:9a:26:cc:b8:b4:fd:53:22:f0:5e:ff:98:0d:1d:a7:02:
         4c:36:fd:f5:71:b8:ee:e8:82:f7:4d:0c:3d:3b:e5:37:c5:69:
         21:03:38:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKfe5CTdv7fpbJtPIjIAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTc2YTg2YWUzYTM1MzJlMTA5YzVjZGY3MjlhZDQ3OGMx
YzY5N2YwHhcNMjQwMTAyMTIzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzczNzdkNjlhZTg4OWU5ZjFiNjQ0ZWUxNjNiMzEzZTYyZmYxZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiyF4jbZaZyYCmr3CEvbkUrIHnoR
k5+DRqxkPPir6RNuuhtT9N6pcv+PRS6mXjSew0+pJ5ELnvwtOmhi/cGzSHRBHxnk
DF5JMmePDs10SXkbYwjgkoMe8057aP5sJYtW6vijqd4uA4r+OpPoo+41Foyycd41
6IjIBjIJ0eu1fpdOUlIPMqUGxUtWqBOIsNNigE7v1pIKjnxw1cC431YCiCTNfdPm
Vtk8HaZAnUxssSsSScNRokx5frhKFRdcrCPiuZQEs7/dUXSSXYYQkGZzyWBUoXiI
jUAXsWCeX4j+Jg6PWajMQBJFzdgZY7fFnCiMSdz9aMd2/Zr+EQKGCap3eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdzd9aa6Inp8bZE7hY7MT5i/x1AMB8GA1UdIwQY
MBaAFI1XaoauOjUy4QnFzfcprUeMHGl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZkcWhxNDZOVExoQ2NYTjl5bXRSNHdjYVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xYjg2NDgtNWU5Ni00Y2VmLTgwNTUt
NjRlNzI5ZWYzMDJkLzEvMTNOMzFwcm9pZW54dGtUdUZqc3hQbUxfSFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xYjg2NDgtNWU5Ni00Y2VmLTgwNTUtNjRlNzI5ZWYzMDJk
LzEvalZkcWhxNDZOVExoQ2NYTjl5bXRSNHdjYVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRfmMA0G
CSqGSIb3DQEBCwUAA4IBAQCTkKKXSrm6ktUUEmlVEzCj6bWmTFB8abMWi8e2A7eG
KOiIivW/NABTaQwTtnVjR9g9TzuSOnGY6f55g4iNPYf0wpaSxQiwnv6FOtKHfbAy
EVahE7g45fRU7RtwrEWDZgmEua/fgJxxBb81mhnve20hk3KmaQH2FE06aDACceN7
LKx2Y7xMZVTU5ZUCQg53fyT/RkQXyINQfB6g/uTbeM33UMPxFpe4BgO9V2+l/TwV
WpCMoL5K/9RVJ2gjFz6iRDkMyFBbbObTjUM9+xCj9epRgVVSLbJ+Y9N/85omzLi0
/VMi8F7/mA0dpwJMNv31cbju6IL3TQw9O+U3xWkhAziw
-----END CERTIFICATE-----