Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WowZDpg0BjdhUcfYEzzkweMOn9A.roa
File:                     WowZDpg0BjdhUcfYEzzkweMOn9A.roa (raw, json)
Hash identifier:          nWsMpYqLv7FW+atbiPAJuaJ0DOZ16yhF4W98z2iMhfQ=
Subject key identifier:   5A:8C:19:0E:98:34:06:37:61:51:C7:D8:13:3C:E4:C1:E3:0E:9F:D0
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       019428242F163155CB5DE310ADFDA8E25209
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WowZDpg0BjdhUcfYEzzkweMOn9A.roa
Signing time:             Thu 02 Jan 2025 17:50:47 +0000
ROA not before:           Thu 02 Jan 2025 17:50:47 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214812
IP address blocks:        79.124.82.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:24:2f:16:31:55:cb:5d:e3:10:ad:fd:a8:e2:52:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  2 17:50:47 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=5a8c190e983406376151c7d8133ce4c1e30e9fd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:29:71:63:cd:3f:51:ad:26:ae:fe:4d:5d:7a:
                    00:4f:1a:28:df:86:81:ae:75:1b:af:31:8c:71:ea:
                    1f:a0:f7:c6:dd:85:10:6b:10:16:de:8c:78:c4:36:
                    e2:7b:ac:46:81:10:db:09:16:64:d6:ef:2d:8a:00:
                    bc:9c:dd:3a:7f:37:33:d9:77:d5:24:6a:56:94:24:
                    59:51:32:35:d7:43:53:73:e2:d8:9d:49:40:83:f0:
                    03:b6:43:82:ad:4f:a4:67:50:ed:34:90:d0:8c:f0:
                    47:f6:6f:09:b9:14:74:f9:8c:ca:bc:19:ea:78:3e:
                    79:8e:f6:ab:86:ec:17:3c:ff:0d:ff:92:55:42:37:
                    b1:4e:0b:c7:ab:bf:27:73:d5:9d:7c:15:b3:c8:a6:
                    e4:f6:3e:b1:4b:2b:00:99:d4:13:1a:78:f1:80:ce:
                    5d:a6:52:4b:2b:8b:27:f8:ec:2d:2d:20:8f:65:c5:
                    ec:9f:79:13:89:9b:25:f2:77:0b:9f:ee:e7:ef:2c:
                    af:12:42:fc:33:c8:45:40:8e:b7:e1:bf:eb:95:66:
                    39:d6:ff:83:3a:36:2b:f5:0f:ae:34:8d:bf:b5:7d:
                    64:8b:08:7f:2a:af:0c:f6:ba:52:5e:f6:3c:c4:4b:
                    22:06:13:fd:ab:f3:ca:e5:09:36:2c:c7:6b:9a:56:
                    d2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:8C:19:0E:98:34:06:37:61:51:C7:D8:13:3C:E4:C1:E3:0E:9F:D0
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/WowZDpg0BjdhUcfYEzzkweMOn9A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.124.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:fb:cb:56:ed:c8:f7:d1:4b:4c:63:70:a1:f9:e8:6b:01:00:
         8f:6a:bb:77:db:cb:e2:40:a4:f0:04:16:9f:d1:12:c2:1a:18:
         7d:05:6b:3f:9b:25:61:bd:33:44:60:29:a9:bb:2e:8d:cf:ca:
         bb:be:1f:2a:c1:41:9c:9e:84:f1:c4:fd:a4:5b:93:97:86:fa:
         7b:fd:d3:3e:05:36:eb:4f:61:8b:99:90:79:61:57:ae:41:ff:
         dc:9c:65:85:d4:32:7c:f4:dc:72:34:e6:f3:68:9f:d0:51:70:
         83:fb:84:16:f4:bc:f9:c6:81:e1:b7:8f:09:4d:f9:3c:f4:43:
         aa:46:e0:d7:0e:39:58:e6:83:1f:ea:61:c1:ec:64:02:f5:bd:
         9d:11:b4:c3:5c:29:4a:8b:28:d3:7b:b4:43:5f:cb:89:22:10:
         ed:d0:fc:c9:dd:f3:7e:98:7e:49:ff:b7:79:51:ad:50:0d:b4:
         07:83:52:20:11:a1:e1:5c:7d:94:b5:1a:5a:47:4a:ee:91:5c:
         59:b9:93:43:60:a1:39:25:2f:52:a7:ec:19:54:b3:9a:23:d5:
         b5:db:d9:32:1a:17:cb:ba:eb:3c:98:10:2a:a9:b3:d9:5c:57:
         35:c3:3d:91:5b:58:89:b5:4d:15:2f:b2:3d:87:29:b1:4b:9e:
         59:3d:9a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJC8WMVXLXeMQrf2o4lIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThjMTkwZTk4MzQwNjM3NjE1MWM3ZDgxMzNjZTRjMWUzMGU5ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoClxY80/Ua0mrv5NXXoATxoo34aB
rnUbrzGMceofoPfG3YUQaxAW3ox4xDbie6xGgRDbCRZk1u8tigC8nN06fzcz2XfV
JGpWlCRZUTI110NTc+LYnUlAg/ADtkOCrU+kZ1DtNJDQjPBH9m8JuRR0+YzKvBnq
eD55jvarhuwXPP8N/5JVQjexTgvHq78nc9WdfBWzyKbk9j6xSysAmdQTGnjxgM5d
plJLK4sn+OwtLSCPZcXsn3kTiZsl8ncLn+7n7yyvEkL8M8hFQI634b/rlWY51v+D
OjYr9Q+uNI2/tX1kiwh/Kq8M9rpSXvY8xEsiBhP9q/PK5Qk2LMdrmlbSCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqMGQ6YNAY3YVHH2BM85MHjDp/QMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvV293WkRwZzBCamRoVWNmWUV6emt3ZU1PbjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT3xSMA0G
CSqGSIb3DQEBCwUAA4IBAQCT+8tW7cj30UtMY3Ch+ehrAQCPart328viQKTwBBaf
0RLCGhh9BWs/myVhvTNEYCmpuy6Nz8q7vh8qwUGcnoTxxP2kW5OXhvp7/dM+BTbr
T2GLmZB5YVeuQf/cnGWF1DJ89NxyNObzaJ/QUXCD+4QW9Lz5xoHht48JTfk89EOq
RuDXDjlY5oMf6mHB7GQC9b2dEbTDXClKiyjTe7RDX8uJIhDt0PzJ3fN+mH5J/7d5
Ua1QDbQHg1IgEaHhXH2UtRpaR0rukVxZuZNDYKE5JS9Sp+wZVLOaI9W129kyGhfL
uus8mBAqqbPZXFc1wz2RW1iJtU0VL7I9hymxS55ZPZoX
-----END CERTIFICATE-----