Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/92aLXAqYnMDYvrZfDyWaEYw4sG8.roa
File:                     92aLXAqYnMDYvrZfDyWaEYw4sG8.roa (raw, json)
Hash identifier:          gnIFbmCuSAA+tHTPdUP2Pj11seC+cyx+rSZvoo4t7cw=
Subject key identifier:   F7:66:8B:5C:0A:98:9C:C0:D8:BE:B6:5F:0F:25:9A:11:8C:38:B0:6F
Certificate issuer:       /CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
Certificate serial:       018CC8700EF5BAC505B1C1A6335A6A4555BE
Authority key identifier: D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/92aLXAqYnMDYvrZfDyWaEYw4sG8.roa
Signing time:             Tue 02 Jan 2024 04:30:36 +0000
ROA not before:           Tue 02 Jan 2024 04:30:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     52042
IP address blocks:        2a13:3fc1::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 19 Sep 2024 19:03:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:0e:f5:ba:c5:05:b1:c1:a6:33:5a:6a:45:55:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d83713fd7b4cdfa6cba016a87eaf8b31c891beb0
        Validity
            Not Before: Jan  2 04:30:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f7668b5c0a989cc0d8beb65f0f259a118c38b06f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:de:45:73:ea:44:b5:31:26:68:26:8a:dc:50:
                    fa:14:a7:57:b7:d5:82:c2:36:2c:43:af:9f:17:8e:
                    c4:d5:e1:36:aa:97:0a:b6:31:49:d6:b0:f8:4a:5f:
                    97:1c:7c:b9:72:2e:cc:64:24:09:9a:5f:1c:48:a1:
                    5d:5e:4c:3c:46:be:25:2c:aa:4d:4f:0a:76:90:67:
                    a5:6d:4d:ac:b8:35:b9:8e:d7:92:4a:41:36:0e:4a:
                    2f:03:a8:01:c5:a2:d9:b0:ef:26:af:44:1d:06:70:
                    27:85:67:c0:9d:19:0f:ea:ef:be:27:ac:e0:f4:a7:
                    04:b6:cf:8a:8d:f3:6d:1b:2f:ea:65:0f:70:c2:b5:
                    81:ba:e0:27:b8:9b:ab:00:4e:66:d4:e8:e3:e1:e2:
                    ae:cc:6f:4e:9a:2f:d4:40:57:ae:1e:37:91:fd:71:
                    e3:79:b2:d8:52:6f:f2:57:65:44:8d:fc:42:40:7f:
                    a6:57:a9:dc:a4:0c:e4:d0:33:32:dc:e3:f0:8c:30:
                    50:b7:49:6f:8e:ae:65:ae:1b:c3:c5:01:e3:1d:4a:
                    f6:93:ab:14:95:ad:49:f0:1c:d4:72:ce:c0:e5:a2:
                    14:cc:04:c8:96:c5:12:ef:ff:f9:a7:23:2a:3e:9f:
                    25:ba:13:c9:c4:a3:50:ba:f7:a3:58:cf:f7:29:07:
                    b0:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:66:8B:5C:0A:98:9C:C0:D8:BE:B6:5F:0F:25:9A:11:8C:38:B0:6F
            X509v3 Authority Key Identifier:
                keyid:D8:37:13:FD:7B:4C:DF:A6:CB:A0:16:A8:7E:AF:8B:31:C8:91:BE:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DcT_XtM36bLoBaofq-LMciRvrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/92aLXAqYnMDYvrZfDyWaEYw4sG8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/2d2109-cfb8-4325-a0e3-058785b4a96e/1/2DcT_XtM36bLoBaofq-LMciRvrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:3fc1::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:dc:89:33:6d:d9:7a:cb:30:3b:d5:00:78:6c:1e:e1:c3:c8:
         dd:e2:78:17:28:e6:48:72:36:e2:6d:c0:81:a3:2e:fb:07:21:
         92:54:2d:09:0b:26:30:53:32:04:8a:b7:1d:c7:62:80:d8:e8:
         71:59:3e:77:54:86:26:a6:ac:8d:6e:1d:a4:be:97:ca:29:fd:
         3d:04:43:cd:5c:4d:07:69:e5:c4:43:f8:aa:88:6a:21:fc:58:
         45:79:d8:18:a5:0b:65:bd:31:fb:d0:2e:16:a0:82:c1:4a:3e:
         42:d8:47:cf:67:4c:d7:63:5c:23:ce:67:52:69:ed:49:a6:81:
         d9:c4:01:51:82:29:97:99:c8:fa:a7:33:3f:bb:ce:a2:c0:cf:
         b0:f3:34:c2:e1:d9:7c:f1:e3:18:47:49:ac:13:67:ba:6c:cf:
         fa:ed:9f:5f:2e:76:52:20:72:9c:6a:7c:a5:32:32:f9:8f:b2:
         e1:1c:b3:0d:23:fd:6c:46:72:54:9a:1e:06:c8:f9:72:5a:9e:
         f7:0d:0f:ed:d1:da:e6:5a:57:c2:bc:a8:fa:37:6a:f7:2c:10:
         3b:91:6a:19:e2:e6:17:f0:ce:ad:75:dc:7a:85:0e:1c:a2:44:
         ac:5a:61:a3:2d:11:e9:b5:ee:12:9e:30:a3:6e:30:e1:b7:7c:
         75:96:c0:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcA71usUFscGmM1pqRVW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzcxM2ZkN2I0Y2RmYTZjYmEwMTZhODdlYWY4YjMxYzg5
MWJlYjAwHhcNMjQwMTAyMDQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzY2OGI1YzBhOTg5Y2MwZDhiZWI2NWYwZjI1OWExMThjMzhiMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN5Fc+pEtTEmaCaK3FD6FKdXt9WC
wjYsQ6+fF47E1eE2qpcKtjFJ1rD4Sl+XHHy5ci7MZCQJml8cSKFdXkw8Rr4lLKpN
Twp2kGelbU2suDW5jteSSkE2DkovA6gBxaLZsO8mr0QdBnAnhWfAnRkP6u++J6zg
9KcEts+KjfNtGy/qZQ9wwrWBuuAnuJurAE5m1Ojj4eKuzG9Omi/UQFeuHjeR/XHj
ebLYUm/yV2VEjfxCQH+mV6ncpAzk0DMy3OPwjDBQt0lvjq5lrhvDxQHjHUr2k6sU
la1J8BzUcs7A5aIUzATIlsUS7//5pyMqPp8luhPJxKNQuvejWM/3KQewXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPdmi1wKmJzA2L62Xw8lmhGMOLBvMB8GA1UdIwQY
MBaAFNg3E/17TN+my6AWqH6vizHIkb6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMt
MDU4Nzg1YjRhOTZlLzEvOTJhTFhBcVluTURZdnJaZkR5V2FFWXc0c0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yZDIxMDktY2ZiOC00MzI1LWEwZTMtMDU4Nzg1YjRhOTZl
LzEvMkRjVF9YdE0zNmJMb0Jhb2ZxLUxNY2lSdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhM/wTAN
BgkqhkiG9w0BAQsFAAOCAQEACtyJM23ZesswO9UAeGwe4cPI3eJ4FyjmSHI24m3A
gaMu+wchklQtCQsmMFMyBIq3HcdigNjocVk+d1SGJqasjW4dpL6Xyin9PQRDzVxN
B2nlxEP4qohqIfxYRXnYGKULZb0x+9AuFqCCwUo+QthHz2dM12NcI85nUmntSaaB
2cQBUYIpl5nI+qczP7vOosDPsPM0wuHZfPHjGEdJrBNnumzP+u2fXy52UiBynGp8
pTIy+Y+y4RyzDSP9bEZyVJoeBsj5clqe9w0P7dHa5lpXwryo+jdq9ywQO5FqGeLm
F/DOrXXceoUOHKJErFphoy0R6bXuEp4wo24w4bd8dZbAFw==
-----END CERTIFICATE-----