Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/f0cDNIJ4SLgZawl2rX10lhIxSsk.roa
File:                     f0cDNIJ4SLgZawl2rX10lhIxSsk.roa (raw, json)
Hash identifier:          2fC5FYzNc9n+soc1m75WQ6+SJE4VCP57yKPW+pF0xDQ=
Subject key identifier:   7F:47:03:34:82:78:48:B8:19:6B:09:76:AD:7D:74:96:12:31:4A:C9
Certificate issuer:       /CN=5a1829ad467b4e73ffe691ec146b56b36909f51a
Certificate serial:       018CC26D528E479DC0C6764C1131CD70FF20
Authority key identifier: 5A:18:29:AD:46:7B:4E:73:FF:E6:91:EC:14:6B:56:B3:69:09:F5:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/f0cDNIJ4SLgZawl2rX10lhIxSsk.roa
Signing time:             Mon 01 Jan 2024 00:29:53 +0000
ROA not before:           Mon 01 Jan 2024 00:29:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206454
IP address blocks:        185.183.226.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:52:8e:47:9d:c0:c6:76:4c:11:31:cd:70:ff:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a1829ad467b4e73ffe691ec146b56b36909f51a
        Validity
            Not Before: Jan  1 00:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7f470334827848b8196b0976ad7d749612314ac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f4:e6:27:b4:c3:b8:07:1c:0c:f3:05:e9:33:
                    f9:db:39:a6:af:7d:cb:e8:24:48:7e:be:c4:4d:e6:
                    fa:43:62:17:34:55:e5:8d:88:e8:5c:5f:f9:06:99:
                    32:c8:d8:62:39:c5:85:58:9a:98:16:e5:e8:e4:af:
                    3d:6d:76:d9:56:e5:d0:5f:65:d0:b2:54:57:1a:1d:
                    90:06:fb:c6:72:58:7e:32:f3:0a:64:1a:4a:03:7f:
                    7b:00:f3:b1:0b:08:bb:2a:b4:60:ce:94:99:3c:47:
                    f4:68:fe:6c:0e:be:19:db:ee:2b:c7:e7:b4:a9:72:
                    ef:9e:c7:95:0f:51:a5:18:cd:bc:f3:a3:e4:9e:fd:
                    f3:1d:7d:83:54:15:7d:ed:11:83:df:4e:17:16:c2:
                    df:e5:f6:f9:3b:a4:e6:6b:9e:f2:01:36:1f:7a:34:
                    af:6d:fd:ab:6e:d7:f9:23:55:09:37:8e:08:a9:94:
                    19:d9:f8:a5:dd:35:c6:6e:3d:3a:d1:13:be:ff:d7:
                    4a:1c:79:97:42:32:81:c5:52:29:d4:61:f0:0f:fd:
                    d5:5e:2c:d5:47:cc:96:f3:75:c5:5d:a8:46:00:63:
                    f4:18:99:86:3e:2f:30:65:99:30:fe:94:b8:d6:83:
                    06:9e:85:08:63:4e:1a:9a:72:34:1c:a6:05:a7:87:
                    30:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:47:03:34:82:78:48:B8:19:6B:09:76:AD:7D:74:96:12:31:4A:C9
            X509v3 Authority Key Identifier:
                keyid:5A:18:29:AD:46:7B:4E:73:FF:E6:91:EC:14:6B:56:B3:69:09:F5:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/f0cDNIJ4SLgZawl2rX10lhIxSsk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32f453-f797-4019-a086-74b6faa3c877/1/WhgprUZ7TnP_5pHsFGtWs2kJ9Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.183.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a0:e5:7f:4a:ff:38:e8:39:ba:b2:36:29:d1:f9:ac:34:32:11:
         74:e4:8f:ae:9b:6c:2a:5c:58:70:95:b9:d2:44:10:ed:13:67:
         1c:bc:78:03:dd:e5:bf:bf:4e:a4:ee:1b:f8:1b:9c:20:03:9e:
         85:be:ac:ba:79:58:1e:cf:0c:5c:80:28:b9:ec:b8:2a:3a:89:
         92:e8:f4:9c:57:c7:4e:2e:f2:8c:bc:fd:53:cf:28:69:59:d3:
         69:dc:2b:ef:a8:31:0d:4d:8f:fc:76:50:fa:f2:97:37:98:c9:
         00:c1:ee:17:59:d4:1b:38:d2:0e:fa:ff:6d:03:de:4a:56:c0:
         1a:95:aa:0c:4c:5d:de:82:2f:9f:1f:23:ba:8b:59:39:25:a9:
         40:f1:75:ae:80:57:b5:2b:ae:9b:29:4b:10:80:34:28:97:71:
         96:7e:1d:35:c4:a3:0b:1f:e2:c9:b1:92:cd:b2:14:96:3a:d1:
         35:09:c7:81:c1:03:b0:dc:2f:7a:e1:53:91:2d:45:81:23:c1:
         53:41:14:f3:ce:b7:0d:5b:25:fb:4f:31:4d:e3:95:0c:e3:bd:
         08:a9:f6:b2:02:f4:6d:48:73:cb:d0:85:cd:5d:ee:18:f0:4b:
         dd:02:e2:30:31:34:a3:06:5f:23:cc:18:ee:8c:50:a9:e4:7c:
         16:df:ba:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVKOR53AxnZMETHNcP8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTgyOWFkNDY3YjRlNzNmZmU2OTFlYzE0NmI1NmIzNjkw
OWY1MWEwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ3MDMzNDgyNzg0OGI4MTk2YjA5NzZhZDdkNzQ5NjEyMzE0YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/TmJ7TDuAccDPMF6TP52zmmr33L
6CRIfr7ETeb6Q2IXNFXljYjoXF/5BpkyyNhiOcWFWJqYFuXo5K89bXbZVuXQX2XQ
slRXGh2QBvvGclh+MvMKZBpKA397APOxCwi7KrRgzpSZPEf0aP5sDr4Z2+4rx+e0
qXLvnseVD1GlGM2886Pknv3zHX2DVBV97RGD304XFsLf5fb5O6Tma57yATYfejSv
bf2rbtf5I1UJN44IqZQZ2fil3TXGbj060RO+/9dKHHmXQjKBxVIp1GHwD/3VXizV
R8yW83XFXahGAGP0GJmGPi8wZZkw/pS41oMGnoUIY04amnI0HKYFp4cw+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9HAzSCeEi4GWsJdq19dJYSMUrJMB8GA1UdIwQY
MBaAFFoYKa1Ge05z/+aR7BRrVrNpCfUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hncHJVWjdUblBfNXBIc0ZHdFdzMmtKOVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMmY0NTMtZjc5Ny00MDE5LWEwODYt
NzRiNmZhYTNjODc3LzEvZjBjRE5JSjRTTGdaYXdsMnJYMTBsaEl4U3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMmY0NTMtZjc5Ny00MDE5LWEwODYtNzRiNmZhYTNjODc3
LzEvV2hncHJVWjdUblBfNXBIc0ZHdFdzMmtKOVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubfiMA0G
CSqGSIb3DQEBCwUAA4IBAQCg5X9K/zjoObqyNinR+aw0MhF05I+um2wqXFhwlbnS
RBDtE2ccvHgD3eW/v06k7hv4G5wgA56Fvqy6eVgezwxcgCi57LgqOomS6PScV8dO
LvKMvP1TzyhpWdNp3CvvqDENTY/8dlD68pc3mMkAwe4XWdQbONIO+v9tA95KVsAa
laoMTF3egi+fHyO6i1k5JalA8XWugFe1K66bKUsQgDQol3GWfh01xKMLH+LJsZLN
shSWOtE1CceBwQOw3C964VORLUWBI8FTQRTzzrcNWyX7TzFN45UM470IqfayAvRt
SHPL0IXNXe4Y8EvdAuIwMTSjBl8jzBjujFCp5HwW37o4
-----END CERTIFICATE-----