Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ikaUmAUKLiQCahxuiIxKeRaaRP0.roa
File:                     ikaUmAUKLiQCahxuiIxKeRaaRP0.roa (raw, json)
Hash identifier:          zwDYco+s1Er1QJ0wUR19DflX6oMTZzeD3vbXO9rPhnk=
Subject key identifier:   8A:46:94:98:05:0A:2E:24:02:6A:1C:6E:88:8C:4A:79:16:9A:44:FD
Certificate issuer:       /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial:       0194228D3FBA8E5EE6AF9BC56D8CF4330575
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ikaUmAUKLiQCahxuiIxKeRaaRP0.roa
Signing time:             Wed 01 Jan 2025 15:47:49 +0000
ROA not before:           Wed 01 Jan 2025 15:47:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     212967
IP address blocks:        5.8.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 23:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8d:3f:ba:8e:5e:e6:af:9b:c5:6d:8c:f4:33:05:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
        Validity
            Not Before: Jan  1 15:47:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8a469498050a2e24026a1c6e888c4a79169a44fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:35:ac:41:06:a7:4f:e4:f8:57:89:53:5f:c3:
                    fc:f7:1f:7b:cc:9a:b4:06:12:08:f2:38:b6:c0:05:
                    e0:cb:54:c8:ab:fd:55:87:cc:e6:d2:e0:cc:d7:8b:
                    a3:7f:3f:09:27:d4:2c:b9:38:bc:5e:b3:59:b9:7d:
                    bf:9f:69:08:dc:c9:f3:ef:fd:00:48:41:94:00:95:
                    55:0f:6b:dd:3b:34:00:db:21:74:26:66:88:c9:d2:
                    01:75:d6:56:76:02:dd:c8:38:c4:74:ca:eb:04:6c:
                    2f:15:0c:61:dc:03:16:94:51:87:cc:a4:87:9e:d6:
                    a4:28:ea:85:d2:fb:17:67:aa:15:ff:1d:da:f6:69:
                    8f:9b:02:3d:6e:26:0d:ee:20:ff:e1:ca:80:2e:b4:
                    17:5b:12:57:2c:1e:61:4f:45:7b:61:6a:ba:7b:9d:
                    f2:d7:2e:3d:94:36:8b:96:73:fc:9b:f5:83:aa:54:
                    c5:1c:7a:88:6f:82:fd:a0:f8:4f:87:62:62:a5:b6:
                    b8:20:aa:3a:ef:07:bf:1a:5d:91:a7:40:1d:40:b0:
                    7e:a5:c3:51:d5:8c:7a:90:93:64:87:29:57:f7:67:
                    27:67:07:7c:e7:bb:31:bc:c6:11:f9:bd:d5:06:de:
                    01:b9:b8:80:45:00:07:60:82:5c:98:16:ed:b9:79:
                    3a:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:46:94:98:05:0A:2E:24:02:6A:1C:6E:88:8C:4A:79:16:9A:44:FD
            X509v3 Authority Key Identifier:
                keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ikaUmAUKLiQCahxuiIxKeRaaRP0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:06:29:a3:d0:bc:22:d0:66:19:53:0b:6c:18:4b:47:f1:4e:
         b5:92:0b:f4:57:51:aa:a5:a5:6e:ca:8d:ae:85:b9:c1:5d:eb:
         75:ac:6b:cf:4a:22:8d:9c:56:6f:cb:c5:98:df:ff:76:7c:10:
         18:43:76:f4:98:56:15:1e:ed:f1:c5:bc:c5:9f:56:95:3e:70:
         32:5c:ef:de:13:4b:fa:c5:c4:43:0d:64:de:ff:b7:4d:f2:93:
         25:2f:36:50:97:75:bb:e4:a1:59:98:7a:e7:72:fd:66:a8:fa:
         11:fd:4a:23:b0:52:23:85:3f:76:e9:6d:6b:48:0e:2c:19:82:
         db:51:bb:b1:92:cc:e3:86:64:c7:28:eb:06:8a:6f:4e:f6:38:
         11:5b:2e:38:7d:b5:76:ae:8a:c0:2f:54:f6:ce:9b:73:c0:b8:
         91:fc:84:d8:53:ba:9d:fc:3f:07:13:72:59:de:cf:39:8f:b1:
         5f:0f:83:e1:78:d2:2c:c6:22:2e:b5:f6:61:47:6a:63:b2:a2:
         a0:17:19:38:aa:b8:01:fd:43:8b:57:7e:fd:5e:41:56:0e:eb:
         14:90:bb:1f:5c:95:3f:9b:59:ca:bb:a2:ba:14:37:2f:9d:bf:
         ea:79:9f:5e:e9:88:11:be:88:c7:21:98:bc:b0:c7:25:b6:93:
         ec:d8:59:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijT+6jl7mr5vFbYz0MwV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ2OTQ5ODA1MGEyZTI0MDI2YTFjNmU4ODhjNGE3OTE2OWE0NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzWsQQanT+T4V4lTX8P89x97zJq0
BhII8ji2wAXgy1TIq/1Vh8zm0uDM14ujfz8JJ9QsuTi8XrNZuX2/n2kI3Mnz7/0A
SEGUAJVVD2vdOzQA2yF0JmaIydIBddZWdgLdyDjEdMrrBGwvFQxh3AMWlFGHzKSH
ntakKOqF0vsXZ6oV/x3a9mmPmwI9biYN7iD/4cqALrQXWxJXLB5hT0V7YWq6e53y
1y49lDaLlnP8m/WDqlTFHHqIb4L9oPhPh2Jipba4IKo67we/Gl2Rp0AdQLB+pcNR
1Yx6kJNkhylX92cnZwd857sxvMYR+b3VBt4BubiARQAHYIJcmBbtuXk6jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpGlJgFCi4kAmocboiMSnkWmkT9MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaWthVW1BVUtMaVFDYWh4dWlJeEtlUmFhUlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQi3MA0G
CSqGSIb3DQEBCwUAA4IBAQCiBimj0Lwi0GYZUwtsGEtH8U61kgv0V1GqpaVuyo2u
hbnBXet1rGvPSiKNnFZvy8WY3/92fBAYQ3b0mFYVHu3xxbzFn1aVPnAyXO/eE0v6
xcRDDWTe/7dN8pMlLzZQl3W75KFZmHrncv1mqPoR/UojsFIjhT926W1rSA4sGYLb
UbuxkszjhmTHKOsGim9O9jgRWy44fbV2rorAL1T2zptzwLiR/ITYU7qd/D8HE3JZ
3s85j7FfD4PheNIsxiIutfZhR2pjsqKgFxk4qrgB/UOLV379XkFWDusUkLsfXJU/
m1nKu6K6FDcvnb/qeZ9e6YgRvojHIZi8sMcltpPs2Flq
-----END CERTIFICATE-----