Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/Ei-k7RiW07sWpfPP67i23htmomc.roa
File:                     Ei-k7RiW07sWpfPP67i23htmomc.roa (raw, json)
Hash identifier:          NiFmAUaoToM3PE1q94mcr4KCSU+oRmSZyOhAcNpUk0I=
Subject key identifier:   12:2F:A4:ED:18:96:D3:BB:16:A5:F3:CF:EB:B8:B6:DE:1B:66:A2:67
Certificate issuer:       /CN=7a556c19a4556f36f7600006d8eacd1fa3f439f2
Certificate serial:       01942826E6AC9ACF86176FDF3EAE50A47673
Authority key identifier: 7A:55:6C:19:A4:55:6F:36:F7:60:00:06:D8:EA:CD:1F:A3:F4:39:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/elVsGaRVbzb3YAAG2OrNH6P0OfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/Ei-k7RiW07sWpfPP67i23htmomc.roa
Signing time:             Thu 02 Jan 2025 17:53:45 +0000
ROA not before:           Thu 02 Jan 2025 17:53:45 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     49223
IP address blocks:        62.122.220.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/elVsGaRVbzb3YAAG2OrNH6P0OfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/elVsGaRVbzb3YAAG2OrNH6P0OfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/elVsGaRVbzb3YAAG2OrNH6P0OfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:26:e6:ac:9a:cf:86:17:6f:df:3e:ae:50:a4:76:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a556c19a4556f36f7600006d8eacd1fa3f439f2
        Validity
            Not Before: Jan  2 17:53:45 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=122fa4ed1896d3bb16a5f3cfebb8b6de1b66a267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e9:31:ff:c4:b6:2c:4c:5c:08:77:a2:8b:22:
                    ac:30:08:ed:a3:29:44:20:85:3e:0b:af:0c:3a:bc:
                    40:0a:bf:f7:d4:0f:ba:7c:a3:f7:b3:9a:12:79:d5:
                    ba:fd:90:37:16:6e:8e:b2:51:8f:45:13:26:c3:56:
                    d7:a2:b9:97:f9:0c:98:3a:c6:09:28:15:b0:1e:92:
                    07:16:f6:c4:7f:67:22:01:6d:5b:b4:bd:71:99:95:
                    69:65:78:46:8e:b3:d7:f3:cb:a4:a0:d2:1e:0e:41:
                    6f:7c:47:7a:50:a9:17:18:2b:a9:c0:37:f8:33:58:
                    ad:02:30:ce:22:45:4f:02:28:b0:8a:84:55:7d:d2:
                    d6:b5:f8:b2:3a:a4:90:cb:c9:a0:fc:70:2d:69:a0:
                    b3:af:39:be:63:e7:dd:9f:a1:95:95:3d:0a:76:bd:
                    d9:02:c4:b0:51:0c:0d:d7:c9:e7:14:20:16:8e:1f:
                    e4:31:e6:00:38:e7:09:7d:a7:95:a6:28:68:8a:d0:
                    4e:f0:18:1a:76:71:c4:47:e2:8b:b9:00:42:5e:96:
                    5e:d4:ab:27:20:69:e0:ba:4b:d9:f3:ff:3f:d8:84:
                    2e:f6:03:04:18:61:9c:d9:6a:c5:45:3c:9e:f3:f2:
                    97:a1:d9:17:c6:9b:53:16:ba:41:a2:23:bf:2d:01:
                    c0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:2F:A4:ED:18:96:D3:BB:16:A5:F3:CF:EB:B8:B6:DE:1B:66:A2:67
            X509v3 Authority Key Identifier:
                keyid:7A:55:6C:19:A4:55:6F:36:F7:60:00:06:D8:EA:CD:1F:A3:F4:39:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/elVsGaRVbzb3YAAG2OrNH6P0OfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/Ei-k7RiW07sWpfPP67i23htmomc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/842046-3f5f-4f4e-930c-e3d0a0ace398/1/elVsGaRVbzb3YAAG2OrNH6P0OfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:f0:f1:4d:42:ef:e4:b7:b5:4b:01:72:b0:1f:b3:0f:f1:7f:
         3e:2e:51:e3:9f:17:15:b4:f7:82:ad:57:b7:91:0f:e1:8b:c0:
         ee:6e:13:23:89:b9:99:f2:2b:e6:ba:2a:98:82:73:4f:db:ce:
         91:fc:cc:6e:67:29:7f:90:b3:79:92:ed:66:ac:8d:49:c9:5a:
         6c:1a:48:0d:5e:f3:c4:e3:b5:1a:22:ea:76:b6:0d:75:69:8a:
         ca:5a:03:ab:bc:41:b4:3b:62:03:d7:99:09:4a:42:7a:de:2f:
         74:ef:e5:cd:5b:ab:65:20:72:8e:ec:93:02:78:5d:fe:10:e8:
         8c:01:4c:68:ee:9e:f6:a2:8d:35:31:75:fc:30:f4:8e:54:46:
         c0:9b:18:62:a8:4c:c1:c4:a5:72:50:f8:5f:71:b4:48:3e:ee:
         27:2a:9e:28:de:4b:9c:64:c9:8e:28:0f:d1:5c:4f:f5:1f:4c:
         90:ef:65:45:c7:33:bd:f2:36:a5:59:64:10:92:1a:45:7d:48:
         de:0b:86:e6:6b:6c:90:b8:16:68:17:47:5e:6d:bd:cd:4e:b2:
         d8:be:47:8d:f5:10:4d:8d:7f:98:51:67:28:d4:04:40:24:54:
         0c:ea:12:c8:f5:7c:81:52:44:b8:34:40:7b:33:02:b2:d8:6b:
         28:0a:90:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJuasms+GF2/fPq5QpHZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNTU2YzE5YTQ1NTZmMzZmNzYwMDAwNmQ4ZWFjZDFmYTNm
NDM5ZjIwHhcNMjUwMTAyMTc1MzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjJmYTRlZDE4OTZkM2JiMTZhNWYzY2ZlYmI4YjZkZTFiNjZhMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+kx/8S2LExcCHeiiyKsMAjtoylE
IIU+C68MOrxACr/31A+6fKP3s5oSedW6/ZA3Fm6OslGPRRMmw1bXormX+QyYOsYJ
KBWwHpIHFvbEf2ciAW1btL1xmZVpZXhGjrPX88ukoNIeDkFvfEd6UKkXGCupwDf4
M1itAjDOIkVPAiiwioRVfdLWtfiyOqSQy8mg/HAtaaCzrzm+Y+fdn6GVlT0Kdr3Z
AsSwUQwN18nnFCAWjh/kMeYAOOcJfaeVpihoitBO8BgadnHER+KLuQBCXpZe1Ksn
IGngukvZ8/8/2IQu9gMEGGGc2WrFRTye8/KXodkXxptTFrpBoiO/LQHA2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIvpO0YltO7FqXzz+u4tt4bZqJnMB8GA1UdIwQY
MBaAFHpVbBmkVW8292AABtjqzR+j9DnyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWxWc0dhUlZiemIzWUFBRzJPck5INlAwT2ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NDIwNDYtM2Y1Zi00ZjRlLTkzMGMt
ZTNkMGEwYWNlMzk4LzEvRWktazdSaVcwN3NXcGZQUDY3aTIzaHRtb21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NDIwNDYtM2Y1Zi00ZjRlLTkzMGMtZTNkMGEwYWNlMzk4
LzEvZWxWc0dhUlZiemIzWUFBRzJPck5INlAwT2ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPnrcMA0G
CSqGSIb3DQEBCwUAA4IBAQBg8PFNQu/kt7VLAXKwH7MP8X8+LlHjnxcVtPeCrVe3
kQ/hi8DubhMjibmZ8ivmuiqYgnNP286R/MxuZyl/kLN5ku1mrI1JyVpsGkgNXvPE
47UaIup2tg11aYrKWgOrvEG0O2ID15kJSkJ63i907+XNW6tlIHKO7JMCeF3+EOiM
AUxo7p72oo01MXX8MPSOVEbAmxhiqEzBxKVyUPhfcbRIPu4nKp4o3kucZMmOKA/R
XE/1H0yQ72VFxzO98jalWWQQkhpFfUjeC4bma2yQuBZoF0debb3NTrLYvkeN9RBN
jX+YUWco1ARAJFQM6hLI9XyBUkS4NEB7MwKy2GsoCpAK
-----END CERTIFICATE-----