Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xQuuhJkLMBmimANAlGbfRpr-SMU.roa
File:                     xQuuhJkLMBmimANAlGbfRpr-SMU.roa (raw, json)
Hash identifier:          NSaArkfdoVKWduHWIOyNY+1Axts9Di3/3/N0oQTeJbw=
Subject key identifier:   C5:0B:AE:84:99:0B:30:19:A2:98:03:40:94:66:DF:46:9A:FE:48:C5
Certificate issuer:       /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial:       018E514ADF675626788D1A1FF00BE817EAEB
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xQuuhJkLMBmimANAlGbfRpr-SMU.roa
Signing time:             Mon 18 Mar 2024 11:20:45 +0000
ROA not before:           Mon 18 Mar 2024 11:20:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57043
IP address blocks:        185.192.246.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 05:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:4a:df:67:56:26:78:8d:1a:1f:f0:0b:e8:17:ea:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
        Validity
            Not Before: Mar 18 11:20:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c50bae84990b3019a29803409466df469afe48c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:ee:40:86:04:9a:f5:62:38:fb:aa:73:a9:4f:
                    0b:89:c5:93:ad:c0:7b:62:f3:93:63:af:ac:a0:0e:
                    b7:84:c8:ba:62:40:1c:e7:aa:03:a1:cb:08:d7:22:
                    a6:fc:af:d1:c8:bc:92:ad:b4:de:5e:77:58:a9:0c:
                    ce:86:95:5d:f6:a7:7d:3f:af:3e:e3:89:3a:e7:75:
                    63:20:26:4a:c5:e8:5a:0a:d6:1b:63:58:c4:01:03:
                    8f:24:b6:b2:a4:70:60:7b:16:7d:92:5b:00:b6:13:
                    94:e0:19:ed:21:f7:d4:12:9c:d5:15:1b:c2:8a:f8:
                    17:83:12:fe:18:33:ae:ba:c4:41:4c:6b:61:c7:60:
                    2d:97:dc:93:81:3f:d3:6a:a2:62:a8:9c:74:de:4c:
                    a5:45:3f:da:ab:d2:c5:2a:cb:5f:23:d7:4f:d6:fd:
                    37:d5:f5:ae:18:c7:26:e5:83:9e:6e:d2:c8:f7:7c:
                    65:40:e8:16:27:2a:d5:a7:70:a9:e1:80:46:f3:c4:
                    4d:1b:8e:2f:a8:3d:7d:7f:12:ff:cb:3f:e1:3d:6b:
                    00:39:1a:4c:ff:93:5e:7a:28:76:45:82:9f:a0:e8:
                    32:f0:2f:44:10:dd:ca:42:a9:cd:ca:82:0f:75:13:
                    d5:43:81:d4:f8:ea:fe:2d:b1:eb:0b:57:d6:be:28:
                    6e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:0B:AE:84:99:0B:30:19:A2:98:03:40:94:66:DF:46:9A:FE:48:C5
            X509v3 Authority Key Identifier:
                keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xQuuhJkLMBmimANAlGbfRpr-SMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:bf:51:41:bc:2d:f6:27:ff:fa:99:90:59:80:71:f3:e7:3f:
         c1:a1:4d:ce:e8:f3:7c:b4:0a:83:84:12:dc:7b:ab:52:8c:a8:
         a4:f2:c5:5b:59:ae:fa:d8:63:44:42:58:6c:09:0d:1e:68:81:
         6e:ff:38:ef:e7:14:2b:43:4e:c0:95:da:f8:d7:80:43:b8:4b:
         64:79:9f:c5:29:ba:07:2a:8a:69:eb:9b:dc:2b:89:4d:8d:27:
         28:7d:2d:8b:10:f8:05:78:b2:bb:f6:75:75:0d:ba:30:b7:7a:
         f7:27:5e:72:16:3f:f5:dc:94:e1:45:86:75:ea:80:e5:b8:db:
         80:9f:5c:25:59:39:d6:1d:25:79:68:cf:96:c1:26:ff:67:46:
         82:f6:f1:04:09:ed:7a:a9:9d:5c:9f:92:59:ef:35:52:09:ec:
         34:51:cb:2b:ca:39:ce:18:c0:90:89:cf:9f:75:0c:c0:2b:10:
         dd:2c:6c:c8:b2:d3:18:6a:64:6d:1a:eb:0e:32:56:19:02:1f:
         bf:04:76:5b:90:1f:30:86:2c:c4:cf:a0:6a:8a:c9:38:f1:0f:
         5e:9b:2b:dd:73:e8:fc:2f:3c:27:0e:d6:a2:8c:9b:3b:e1:71:
         70:f7:ab:fc:bc:10:85:21:5d:8d:0b:2b:50:cc:b5:65:dc:22:
         47:4d:0d:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5RSt9nViZ4jRof8AvoF+rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMzE4MTEyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTBiYWU4NDk5MGIzMDE5YTI5ODAzNDA5NDY2ZGY0NjlhZmU0OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu5AhgSa9WI4+6pzqU8LicWTrcB7
YvOTY6+soA63hMi6YkAc56oDocsI1yKm/K/RyLySrbTeXndYqQzOhpVd9qd9P68+
44k653VjICZKxehaCtYbY1jEAQOPJLaypHBgexZ9klsAthOU4BntIffUEpzVFRvC
ivgXgxL+GDOuusRBTGthx2Atl9yTgT/TaqJiqJx03kylRT/aq9LFKstfI9dP1v03
1fWuGMcm5YOebtLI93xlQOgWJyrVp3Cp4YBG88RNG44vqD19fxL/yz/hPWsAORpM
/5Neeih2RYKfoOgy8C9EEN3KQqnNyoIPdRPVQ4HU+Or+LbHrC1fWvihuYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMULroSZCzAZopgDQJRm30aa/kjFMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEveFF1dWhKa0xNQm1pbUFOQWxHYmZScHItU01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucD2MA0G
CSqGSIb3DQEBCwUAA4IBAQBQv1FBvC32J//6mZBZgHHz5z/BoU3O6PN8tAqDhBLc
e6tSjKik8sVbWa762GNEQlhsCQ0eaIFu/zjv5xQrQ07Aldr414BDuEtkeZ/FKboH
Kopp65vcK4lNjScofS2LEPgFeLK79nV1Dbowt3r3J15yFj/13JThRYZ16oDluNuA
n1wlWTnWHSV5aM+WwSb/Z0aC9vEECe16qZ1cn5JZ7zVSCew0UcsryjnOGMCQic+f
dQzAKxDdLGzIstMYamRtGusOMlYZAh+/BHZbkB8whizEz6Bqisk48Q9emyvdc+j8
LzwnDtaijJs74XFw96v8vBCFIV2NCytQzLVl3CJHTQ0I
-----END CERTIFICATE-----