Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wieAZeBDJgBRIxGBDGu27gRt6h0.roa
File:                     wieAZeBDJgBRIxGBDGu27gRt6h0.roa (raw, json)
Hash identifier:          HQ4mXNfBxnkjwIrvKmuxVmMnEt56OulF37cVQedSSg8=
Subject key identifier:   C2:27:80:65:E0:43:26:00:51:23:11:81:0C:6B:B6:EE:04:6D:EA:1D
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       0190C6C282D3D6415A7236BDAF44E4E654EF
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wieAZeBDJgBRIxGBDGu27gRt6h0.roa
Signing time:             Thu 18 Jul 2024 16:52:34 +0000
ROA not before:           Thu 18 Jul 2024 16:52:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62300
IP address blocks:        5.183.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 05:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:c6:c2:82:d3:d6:41:5a:72:36:bd:af:44:e4:e6:54:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: Jul 18 16:52:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c2278065e0432600512311810c6bb6ee046dea1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c1:4b:33:64:e8:69:32:42:23:af:e9:8c:bd:
                    1f:5a:19:5e:66:00:3b:43:b4:0a:5b:cb:55:37:fe:
                    eb:b9:b0:0d:51:ff:15:37:7d:aa:be:a8:43:ac:6d:
                    3e:94:8b:28:4c:c4:ce:a8:09:68:dd:5e:32:36:70:
                    20:90:d7:c4:04:fb:95:f2:e4:e8:f2:be:58:60:48:
                    17:3e:d4:8a:a6:10:b8:eb:86:dd:42:eb:a8:6e:e2:
                    c5:6c:ac:8d:6c:a0:98:a8:de:0c:85:4b:f0:ed:55:
                    0b:9d:65:dd:a3:8e:74:a5:ab:63:52:45:43:e5:97:
                    d6:a8:d6:96:61:ce:95:a7:e7:85:18:56:41:67:14:
                    d1:b0:3a:81:3b:1d:32:ce:5b:0d:0c:85:75:90:f9:
                    f2:6c:45:50:89:f6:ef:6a:f6:d1:24:71:ae:0b:92:
                    c9:6c:97:0e:1d:8b:98:1f:4c:fe:95:bc:66:6e:4d:
                    4e:28:26:49:96:b0:00:64:1e:fa:07:ba:d7:53:1d:
                    b6:fd:c2:92:90:51:8c:ec:f5:d6:df:9a:10:1c:64:
                    ad:9b:e7:b7:9f:d0:01:5c:13:f3:fc:94:46:46:2f:
                    63:ed:2e:3f:8d:9a:44:b8:28:e3:d4:6e:16:d8:29:
                    56:24:32:d5:3c:48:98:31:e5:ac:75:a6:17:2b:8e:
                    33:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:27:80:65:E0:43:26:00:51:23:11:81:0C:6B:B6:EE:04:6D:EA:1D
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wieAZeBDJgBRIxGBDGu27gRt6h0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:42:43:4e:41:85:b9:52:ae:98:5e:5a:f0:4b:01:fe:cd:36:
         f5:a7:44:9c:19:db:9d:9d:40:a0:44:e3:2b:c5:53:3d:ad:0c:
         0d:4e:8e:5b:92:10:96:67:76:92:f7:6c:bc:9a:73:4b:02:58:
         e7:a8:2a:69:74:12:98:99:57:3f:3f:d6:6e:fd:67:d6:dd:ee:
         99:ae:47:2a:f0:74:63:5c:75:67:ca:a4:c6:f6:d5:7f:ad:dc:
         44:d5:37:27:44:ba:50:0f:b1:13:39:3c:61:1d:53:56:8f:f8:
         97:a6:c6:8f:8a:32:5d:de:41:0c:9d:0c:29:4f:b7:44:56:80:
         b7:aa:77:38:d0:57:7d:94:1e:7c:48:b5:e6:a7:7b:91:9d:c7:
         49:1e:61:c8:11:f3:89:ab:1b:4a:85:d8:cb:b7:3d:69:a7:e2:
         de:f1:e7:8c:7f:54:b0:b1:73:3d:44:47:b5:26:eb:ab:19:c3:
         fd:7f:75:c7:34:43:d0:4e:77:37:74:9a:d4:e1:02:0f:1c:51:
         21:12:3e:d0:17:5a:c2:98:9c:ee:e9:3c:97:b9:60:93:cf:80:
         17:25:75:3f:20:db:cf:d4:8a:4b:2a:84:7e:95:21:02:5e:a7:
         06:67:08:47:3f:68:89:46:5c:82:e7:28:c5:10:bf:b4:ae:d1:
         8b:e8:82:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDGwoLT1kFacja9r0Tk5lTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwNzE4MTY1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjI3ODA2NWUwNDMyNjAwNTEyMzExODEwYzZiYjZlZTA0NmRlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsFLM2ToaTJCI6/pjL0fWhleZgA7
Q7QKW8tVN/7rubANUf8VN32qvqhDrG0+lIsoTMTOqAlo3V4yNnAgkNfEBPuV8uTo
8r5YYEgXPtSKphC464bdQuuobuLFbKyNbKCYqN4MhUvw7VULnWXdo450patjUkVD
5ZfWqNaWYc6Vp+eFGFZBZxTRsDqBOx0yzlsNDIV1kPnybEVQifbvavbRJHGuC5LJ
bJcOHYuYH0z+lbxmbk1OKCZJlrAAZB76B7rXUx22/cKSkFGM7PXW35oQHGStm+e3
n9ABXBPz/JRGRi9j7S4/jZpEuCjj1G4W2ClWJDLVPEiYMeWsdaYXK44zuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIngGXgQyYAUSMRgQxrtu4EbeodMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvd2llQVplQkRKZ0JSSXhHQkRHdTI3Z1J0NmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbeZMA0G
CSqGSIb3DQEBCwUAA4IBAQCSQkNOQYW5Uq6YXlrwSwH+zTb1p0ScGdudnUCgROMr
xVM9rQwNTo5bkhCWZ3aS92y8mnNLAljnqCppdBKYmVc/P9Zu/WfW3e6Zrkcq8HRj
XHVnyqTG9tV/rdxE1TcnRLpQD7ETOTxhHVNWj/iXpsaPijJd3kEMnQwpT7dEVoC3
qnc40Fd9lB58SLXmp3uRncdJHmHIEfOJqxtKhdjLtz1pp+Le8eeMf1SwsXM9REe1
JuurGcP9f3XHNEPQTnc3dJrU4QIPHFEhEj7QF1rCmJzu6TyXuWCTz4AXJXU/INvP
1IpLKoR+lSECXqcGZwhHP2iJRlyC5yjFEL+0rtGL6IKi
-----END CERTIFICATE-----