Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/dslFE3HuFr1W8EFmBHRRwoOuRuQ.roa
File:                     dslFE3HuFr1W8EFmBHRRwoOuRuQ.roa (raw, json)
Hash identifier:          2b2KRtQr3cdubUqOO/rkWFnohXc79cMTbSjPWr8hC90=
Subject key identifier:   76:C9:45:13:71:EE:16:BD:56:F0:41:66:04:74:51:C2:83:AE:46:E4
Certificate issuer:       /CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
Certificate serial:       0190399351B97AA54C4E1AE97AFEB5F8E361
Authority key identifier: A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/dslFE3HuFr1W8EFmBHRRwoOuRuQ.roa
Signing time:             Fri 21 Jun 2024 06:54:34 +0000
ROA not before:           Fri 21 Jun 2024 06:54:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59441
IP address blocks:        185.165.41.0/24 maxlen: 24
                          185.165.42.0/24 maxlen: 24
                          185.165.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/qC-5s0GMRYzbxs_WhFFL4krQw8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/qC-5s0GMRYzbxs_WhFFL4krQw8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:39:93:51:b9:7a:a5:4c:4e:1a:e9:7a:fe:b5:f8:e3:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a82fb9b3418c458cdbc6cfd684514be24ad0c3c9
        Validity
            Not Before: Jun 21 06:54:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=76c9451371ee16bd56f04166047451c283ae46e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:16:bb:03:ec:0a:01:5b:0e:89:de:3a:4f:92:
                    50:74:aa:db:06:45:93:16:2c:a6:32:9d:c9:39:8c:
                    8f:f5:00:27:59:77:52:22:00:38:0e:54:c7:7d:1a:
                    8c:f3:86:c4:7e:31:91:4b:e5:d4:49:ca:05:4e:32:
                    36:9c:fc:5d:f3:94:86:66:23:da:94:4d:55:a7:14:
                    96:32:44:14:a9:91:4e:80:50:9c:df:6e:78:9e:9f:
                    64:e8:26:08:e8:83:fb:96:d8:da:18:f1:4c:60:81:
                    1a:27:51:8b:4e:c0:63:7c:45:8f:20:e4:a7:dd:4c:
                    8b:2a:25:4b:bb:a4:8e:ab:f6:5f:51:9b:0e:de:14:
                    c4:84:9f:d3:5b:d7:2b:32:83:3a:5b:95:b4:26:78:
                    d5:d2:99:21:2a:e3:40:e6:15:b2:ac:b7:d6:1e:4a:
                    92:eb:bc:af:1b:8a:58:e3:ed:dd:49:1d:26:3c:e3:
                    a2:77:bd:49:78:e0:28:97:90:89:d8:0d:68:5b:f1:
                    1b:a5:7c:45:bc:62:c7:e4:ea:ac:9e:58:9c:73:f4:
                    b4:a4:85:2b:96:6b:2a:05:48:02:29:f2:6b:08:a1:
                    65:b4:8d:89:83:0d:a0:08:b2:32:cf:e0:ef:9b:63:
                    3f:20:83:ec:f2:19:bc:c6:67:18:50:7f:04:77:00:
                    40:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C9:45:13:71:EE:16:BD:56:F0:41:66:04:74:51:C2:83:AE:46:E4
            X509v3 Authority Key Identifier:
                keyid:A8:2F:B9:B3:41:8C:45:8C:DB:C6:CF:D6:84:51:4B:E2:4A:D0:C3:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qC-5s0GMRYzbxs_WhFFL4krQw8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/dslFE3HuFr1W8EFmBHRRwoOuRuQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8b7fe9-5df2-473e-8018-b26341d38c3f/1/qC-5s0GMRYzbxs_WhFFL4krQw8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.41.0-185.165.43.255

    Signature Algorithm: sha256WithRSAEncryption
         6b:b3:d8:ed:8c:c3:7b:6d:99:3e:a9:82:16:2f:b6:2f:bd:a8:
         7e:4f:73:43:88:18:16:24:be:2f:7a:20:7b:5d:63:cc:95:64:
         b3:a6:d9:d4:b5:26:27:60:bd:02:cb:7a:94:4a:82:86:58:50:
         4b:da:4f:e2:f3:bc:19:94:63:3e:a4:8c:31:0c:56:fc:2b:b2:
         14:45:be:4e:cb:1b:96:49:7a:67:d6:d0:83:a2:5a:f9:00:0f:
         87:69:55:4a:67:3d:3c:2d:42:40:05:5e:a2:c5:b6:17:a4:a7:
         1b:69:7c:d8:8b:6c:d1:29:a6:8f:4e:17:c4:55:45:39:1a:c8:
         aa:96:59:71:56:61:5f:94:07:f1:94:2e:41:c5:a8:ac:e9:b3:
         43:b8:74:c9:ee:7b:cc:a4:e1:74:c8:6a:78:58:5b:e3:9a:15:
         12:c7:7c:69:33:38:f6:b2:c5:0f:a4:0f:20:12:0f:ad:31:cc:
         e3:70:97:5b:43:d5:1d:12:92:d7:cb:ba:d6:26:e2:33:d4:be:
         78:75:d6:7d:aa:84:13:9c:ca:74:ac:50:20:11:82:0d:92:5a:
         55:e9:e2:d6:36:2b:9e:95:a3:67:65:62:07:a6:3f:69:79:b6:
         94:97:03:60:d7:fd:58:5a:be:f5:d6:76:c0:ac:21:bb:62:f2:
         43:87:e4:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZA5k1G5eqVMThrpev61+ONhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmZiOWIzNDE4YzQ1OGNkYmM2Y2ZkNjg0NTE0YmUyNGFk
MGMzYzkwHhcNMjQwNjIxMDY1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmM5NDUxMzcxZWUxNmJkNTZmMDQxNjYwNDc0NTFjMjgzYWU0NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ra7A+wKAVsOid46T5JQdKrbBkWT
FiymMp3JOYyP9QAnWXdSIgA4DlTHfRqM84bEfjGRS+XUScoFTjI2nPxd85SGZiPa
lE1VpxSWMkQUqZFOgFCc3254np9k6CYI6IP7ltjaGPFMYIEaJ1GLTsBjfEWPIOSn
3UyLKiVLu6SOq/ZfUZsO3hTEhJ/TW9crMoM6W5W0JnjV0pkhKuNA5hWyrLfWHkqS
67yvG4pY4+3dSR0mPOOid71JeOAol5CJ2A1oW/EbpXxFvGLH5Oqsnlicc/S0pIUr
lmsqBUgCKfJrCKFltI2Jgw2gCLIyz+Dvm2M/IIPs8hm8xmcYUH8EdwBA5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHbJRRNx7ha9VvBBZgR0UcKDrkbkMB8GA1UdIwQY
MBaAFKgvubNBjEWM28bP1oRRS+JK0MPJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgt
YjI2MzQxZDM4YzNmLzEvZHNsRkUzSHVGcjFXOEVGbUJIUlJ3b091UnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84YjdmZTktNWRmMi00NzNlLTgwMTgtYjI2MzQxZDM4YzNm
LzEvcUMtNXMwR01SWXpieHNfV2hGRkw0a3JRdzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5pSkD
BAK5pSgwDQYJKoZIhvcNAQELBQADggEBAGuz2O2Mw3ttmT6pghYvti+9qH5Pc0OI
GBYkvi96IHtdY8yVZLOm2dS1JidgvQLLepRKgoZYUEvaT+LzvBmUYz6kjDEMVvwr
shRFvk7LG5ZJemfW0IOiWvkAD4dpVUpnPTwtQkAFXqLFthekpxtpfNiLbNEppo9O
F8RVRTkayKqWWXFWYV+UB/GULkHFqKzps0O4dMnue8yk4XTIanhYW+OaFRLHfGkz
OPayxQ+kDyASD60xzONwl1tD1R0SktfLutYm4jPUvnh11n2qhBOcynSsUCARgg2S
WlXp4tY2K56Vo2dlYgemP2l5tpSXA2DX/VhavvXWdsCsIbti8kOH5MM=
-----END CERTIFICATE-----