Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/vupzTyCy_--tL2jrZ5sK7bhNjfY.roa
File:                     vupzTyCy_--tL2jrZ5sK7bhNjfY.roa (raw, json)
Hash identifier:          Qk/yUT/uHcFhkLNF8oLRH0Xp5Jlfju/7wiK458KAEi4=
Subject key identifier:   BE:EA:73:4F:20:B2:FF:EF:AD:2F:68:EB:67:9B:0A:ED:B8:4D:8D:F6
Certificate issuer:       /CN=a2900e4655ab349a4632b140719dc97230431725
Certificate serial:       018CC6B799248A67F7DB29CEE38155367103
Authority key identifier: A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/vupzTyCy_--tL2jrZ5sK7bhNjfY.roa
Signing time:             Mon 01 Jan 2024 20:29:30 +0000
ROA not before:           Mon 01 Jan 2024 20:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51369
IP address blocks:        80.77.161.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:99:24:8a:67:f7:db:29:ce:e3:81:55:36:71:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2900e4655ab349a4632b140719dc97230431725
        Validity
            Not Before: Jan  1 20:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=beea734f20b2ffefad2f68eb679b0aedb84d8df6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:2f:8c:71:85:c4:aa:bb:29:8f:a6:80:aa:7c:
                    c3:82:a7:41:76:7f:4b:5a:66:46:43:9e:c3:d2:60:
                    41:53:1d:1f:36:7b:41:37:4a:ab:36:08:1c:de:ec:
                    28:2f:49:f0:72:61:71:9c:16:b8:81:7f:dc:10:30:
                    0a:e3:ec:8f:41:98:3d:0a:be:76:91:e5:39:29:ff:
                    9b:bb:35:4e:0b:86:e0:0f:f1:79:92:0f:8c:a5:07:
                    a0:2e:b8:c0:b8:8c:a6:05:6c:ba:e3:d4:39:b2:ba:
                    19:c5:ed:5b:86:28:58:e7:c3:db:8c:d9:a7:cb:cd:
                    47:15:58:7f:14:fd:27:22:9d:a0:91:c5:45:de:90:
                    d5:9d:41:04:11:f4:85:d1:e1:f7:35:c2:33:b2:0a:
                    1b:fd:60:46:26:35:90:3e:9a:c5:d3:f1:9a:fb:e0:
                    81:48:12:52:0b:4f:05:57:fd:74:99:81:6c:31:c9:
                    e9:af:d4:d7:6f:1d:04:b5:8a:cc:32:11:29:9e:b1:
                    33:2d:72:ef:25:ca:1a:2d:4c:b0:7a:7f:32:9f:da:
                    23:f6:cc:eb:8e:93:c3:32:9c:af:23:ae:41:25:fc:
                    8e:d6:3c:3e:3c:78:81:7f:bb:32:e3:7b:92:8a:86:
                    73:8c:89:18:d5:da:ef:00:ef:4c:cf:c8:b9:af:f7:
                    1c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:EA:73:4F:20:B2:FF:EF:AD:2F:68:EB:67:9B:0A:ED:B8:4D:8D:F6
            X509v3 Authority Key Identifier:
                keyid:A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/vupzTyCy_--tL2jrZ5sK7bhNjfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.77.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:4b:36:bb:c3:2f:09:37:63:ee:7c:f0:9a:e1:e8:aa:d8:25:
         57:55:67:6b:a4:27:82:8c:35:a0:41:cc:8e:01:0a:cc:06:5a:
         29:a3:2a:14:2f:ac:56:f4:88:b4:f8:a2:70:57:6a:6b:bd:d1:
         cc:83:c1:f6:9f:b7:60:66:49:57:c0:b1:12:f7:7e:74:bb:92:
         65:e2:fd:b6:26:6a:21:51:44:ff:6a:62:47:1f:cb:c6:1f:49:
         2f:42:80:1f:05:b3:a4:54:a3:64:be:1a:55:70:a3:fa:38:34:
         b9:59:11:aa:ad:fd:24:ca:52:3b:c8:1b:2e:93:1d:d9:cc:f6:
         fe:b3:34:af:9b:58:d9:38:98:21:f0:85:77:95:ba:68:e1:5c:
         0c:37:e3:39:5c:04:7b:a8:29:79:12:2d:29:9a:6c:e3:21:d0:
         c6:da:3c:4f:b7:a5:12:a0:f3:47:72:0a:63:2a:9d:69:67:3e:
         79:11:93:a8:1d:de:f5:3f:8b:3d:de:66:c4:e7:81:7e:78:d8:
         1d:e7:0a:9a:df:9a:a3:74:06:7c:88:96:7b:06:de:d8:66:02:
         38:37:2c:e8:e7:76:95:bc:9c:8b:aa:9f:d5:c8:80:48:2f:d8:
         cb:13:c0:4c:ce:3f:a9:27:fe:13:6c:96:eb:31:0c:c2:1a:d5:
         7b:a7:37:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5kkimf32ynO44FVNnEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTAwZTQ2NTVhYjM0OWE0NjMyYjE0MDcxOWRjOTcyMzA0
MzE3MjUwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVhNzM0ZjIwYjJmZmVmYWQyZjY4ZWI2NzliMGFlZGI4NGQ4ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS+McYXEqrspj6aAqnzDgqdBdn9L
WmZGQ57D0mBBUx0fNntBN0qrNggc3uwoL0nwcmFxnBa4gX/cEDAK4+yPQZg9Cr52
keU5Kf+buzVOC4bgD/F5kg+MpQegLrjAuIymBWy649Q5sroZxe1bhihY58PbjNmn
y81HFVh/FP0nIp2gkcVF3pDVnUEEEfSF0eH3NcIzsgob/WBGJjWQPprF0/Ga++CB
SBJSC08FV/10mYFsMcnpr9TXbx0EtYrMMhEpnrEzLXLvJcoaLUywen8yn9oj9szr
jpPDMpyvI65BJfyO1jw+PHiBf7sy43uSioZzjIkY1drvAO9Mz8i5r/ccGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7qc08gsv/vrS9o62ebCu24TY32MB8GA1UdIwQY
MBaAFKKQDkZVqzSaRjKxQHGdyXIwQxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMt
ZjRjNWZjM2NhMmM0LzEvdnVwelR5Q3lfLS10TDJqclo1c0s3YmhOamZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMtZjRjNWZjM2NhMmM0
LzEvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUE2hMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Sza7wy8JN2PufPCa4eiq2CVXVWdrpCeCjDWgQcyO
AQrMBlopoyoUL6xW9Ii0+KJwV2prvdHMg8H2n7dgZklXwLES9350u5Jl4v22Jmoh
UUT/amJHH8vGH0kvQoAfBbOkVKNkvhpVcKP6ODS5WRGqrf0kylI7yBsukx3ZzPb+
szSvm1jZOJgh8IV3lbpo4VwMN+M5XAR7qCl5Ei0pmmzjIdDG2jxPt6USoPNHcgpj
Kp1pZz55EZOoHd71P4s93mbE54F+eNgd5wqa35qjdAZ8iJZ7Bt7YZgI4Nyzo53aV
vJyLqp/VyIBIL9jLE8BMzj+pJ/4TbJbrMQzCGtV7pzfT
-----END CERTIFICATE-----