Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5ub0vjj3efMJJLhAW5ie3Vpmk8o.roa
File:                     5ub0vjj3efMJJLhAW5ie3Vpmk8o.roa (raw, json)
Hash identifier:          w71xO0wX5PJO+wFBOEr4nTrR10Edovfr0bT4J+3ALfI=
Subject key identifier:   E6:E6:F4:BE:38:F7:79:F3:09:24:B8:40:5B:98:9E:DD:5A:66:93:CA
Certificate issuer:       /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial:       0194258EFAD7BC0AF108E71FECDED084F189
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5ub0vjj3efMJJLhAW5ie3Vpmk8o.roa
Signing time:             Thu 02 Jan 2025 05:48:34 +0000
ROA not before:           Thu 02 Jan 2025 05:48:34 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     41782
IP address blocks:        151.237.18.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 07 Apr 2025 03:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:8e:fa:d7:bc:0a:f1:08:e7:1f:ec:de:d0:84:f1:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
        Validity
            Not Before: Jan  2 05:48:34 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e6e6f4be38f779f30924b8405b989edd5a6693ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b8:76:76:fa:b8:39:51:cf:40:d9:18:fa:56:
                    44:fa:39:13:6a:28:f1:27:7f:b7:f7:3a:60:1f:a5:
                    a7:27:7a:10:8a:a7:d7:ba:29:f1:ba:b6:ab:81:7c:
                    db:a8:46:83:4a:d1:a9:8f:8c:d3:94:09:e8:89:6c:
                    5c:db:93:3e:61:c8:3c:57:02:cb:00:91:36:3c:88:
                    b1:8b:b6:28:19:dd:77:61:21:9d:da:fd:b7:91:de:
                    bd:a3:0e:72:75:7b:28:8c:d5:27:ce:00:8a:71:30:
                    38:88:c4:69:73:ca:6f:7c:13:aa:ce:a2:4f:99:71:
                    b0:6a:89:a7:29:7b:79:2d:81:f2:c2:0b:e1:cc:c9:
                    c9:ea:bb:f5:c7:59:2b:e3:f4:81:8a:e5:04:d6:b0:
                    51:20:9d:29:b2:db:68:04:f5:44:72:9f:f5:6c:9c:
                    72:9c:53:ce:f4:df:de:72:f6:12:77:60:c6:9e:d0:
                    72:20:cd:7b:82:88:f8:65:f0:1c:34:11:75:7a:1a:
                    d4:f5:51:1e:9d:8b:d0:de:43:f0:e0:b1:6b:7d:17:
                    08:f5:67:c4:20:0c:3a:9a:6a:54:ce:0e:b8:e1:eb:
                    f4:f8:06:24:04:0b:58:eb:6b:e9:70:7f:08:56:cc:
                    c3:8d:e7:48:b1:19:b0:8d:f1:20:ae:14:f5:d3:16:
                    bf:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:E6:F4:BE:38:F7:79:F3:09:24:B8:40:5B:98:9E:DD:5A:66:93:CA
            X509v3 Authority Key Identifier:
                keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5ub0vjj3efMJJLhAW5ie3Vpmk8o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.237.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:a4:39:17:d0:47:cc:fa:9c:f0:8e:f0:ad:e3:47:03:9b:b8:
         f8:33:f1:e9:fe:f8:71:19:a2:a1:88:e6:9d:d4:70:8e:18:cd:
         7f:0f:45:71:03:d3:5b:0d:74:e1:a7:ee:74:53:2c:fd:39:98:
         d6:5c:99:00:d7:34:4a:7a:74:06:2c:8e:d5:cf:c7:19:e5:9b:
         15:1e:57:56:82:a7:9c:9c:ed:3b:cc:df:3d:1a:ee:c9:ab:04:
         90:b2:4f:73:ff:c7:b2:c2:40:ce:06:61:4f:48:33:c3:c3:f0:
         9f:d6:3a:e0:ff:3a:30:f5:7e:87:7a:70:68:44:5e:4a:ec:be:
         49:98:55:6d:bc:97:3d:ba:fa:8b:53:ca:8b:0f:cb:7d:47:2e:
         38:e5:7d:3b:1a:00:c0:59:75:04:2b:ae:e8:fc:75:62:ca:10:
         4d:8a:71:22:8c:72:75:6c:02:0b:3f:47:d8:3c:7e:7d:57:4b:
         70:09:35:bf:cd:fa:7c:ee:bc:b1:8d:b7:a0:90:97:1d:a2:97:
         fc:89:2c:fa:df:85:0a:7c:ac:db:43:18:4f:f1:17:f5:2e:62:
         d0:dd:aa:68:b2:54:19:28:72:72:d9:76:aa:8b:4f:1d:5f:ba:
         2a:76:c1:2b:3c:3e:86:19:02:e4:78:69:bf:c3:fc:d5:fc:03:
         82:8e:70:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljvrXvArxCOcf7N7QhPGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTAyMDU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmU2ZjRiZTM4Zjc3OWYzMDkyNGI4NDA1Yjk4OWVkZDVhNjY5M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbh2dvq4OVHPQNkY+lZE+jkTaijx
J3+39zpgH6WnJ3oQiqfXuinxurargXzbqEaDStGpj4zTlAnoiWxc25M+Ycg8VwLL
AJE2PIixi7YoGd13YSGd2v23kd69ow5ydXsojNUnzgCKcTA4iMRpc8pvfBOqzqJP
mXGwaomnKXt5LYHywgvhzMnJ6rv1x1kr4/SBiuUE1rBRIJ0psttoBPVEcp/1bJxy
nFPO9N/ecvYSd2DGntByIM17goj4ZfAcNBF1ehrU9VEenYvQ3kPw4LFrfRcI9WfE
IAw6mmpUzg644ev0+AYkBAtY62vpcH8IVszDjedIsRmwjfEgrhT10xa/CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObm9L4493nzCSS4QFuYnt1aZpPKMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvNXViMHZqajNlZk1KSkxoQVc1aWUzVnBtazhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl+0SMA0G
CSqGSIb3DQEBCwUAA4IBAQCtpDkX0EfM+pzwjvCt40cDm7j4M/Hp/vhxGaKhiOad
1HCOGM1/D0VxA9NbDXThp+50Uyz9OZjWXJkA1zRKenQGLI7Vz8cZ5ZsVHldWgqec
nO07zN89Gu7JqwSQsk9z/8eywkDOBmFPSDPDw/Cf1jrg/zow9X6HenBoRF5K7L5J
mFVtvJc9uvqLU8qLD8t9Ry445X07GgDAWXUEK67o/HViyhBNinEijHJ1bAILP0fY
PH59V0twCTW/zfp87ryxjbegkJcdopf8iSz634UKfKzbQxhP8Rf1LmLQ3aposlQZ
KHJy2Xaqi08dX7oqdsErPD6GGQLkeGm/w/zV/AOCjnCW
-----END CERTIFICATE-----