Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/EEqFreyuk1BLSkK25wlTWTEs2K4.roa
File:                     EEqFreyuk1BLSkK25wlTWTEs2K4.roa (raw, json)
Hash identifier:          tsKHQD8d3lNIrvZsRJtjg9CjH/SmreJLklQC8Ih14Jk=
Subject key identifier:   10:4A:85:AD:EC:AE:93:50:4B:4A:42:B6:E7:09:53:59:31:2C:D8:AE
Certificate issuer:       /CN=c0f92571108958786b65ffa241b1f11f6d058b56
Certificate serial:       018CC4932F8C1FE7E52C73261A1214026BE8
Authority key identifier: C0:F9:25:71:10:89:58:78:6B:65:FF:A2:41:B1:F1:1F:6D:05:8B:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wPklcRCJWHhrZf-iQbHxH20Fi1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/EEqFreyuk1BLSkK25wlTWTEs2K4.roa
Signing time:             Mon 01 Jan 2024 10:30:29 +0000
ROA not before:           Mon 01 Jan 2024 10:30:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        185.79.74.0/24 maxlen: 24
                          185.79.75.0/24 maxlen: 24
                          185.79.72.0/24 maxlen: 24
                          185.79.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/wPklcRCJWHhrZf-iQbHxH20Fi1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/wPklcRCJWHhrZf-iQbHxH20Fi1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wPklcRCJWHhrZf-iQbHxH20Fi1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 22:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:2f:8c:1f:e7:e5:2c:73:26:1a:12:14:02:6b:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0f92571108958786b65ffa241b1f11f6d058b56
        Validity
            Not Before: Jan  1 10:30:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=104a85adecae93504b4a42b6e7095359312cd8ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:fb:cb:df:a3:63:ea:9d:f7:20:a1:48:2b:ad:
                    f6:d4:da:aa:76:6c:44:4e:af:ae:27:1d:e3:72:3b:
                    21:97:57:e0:f4:59:78:14:23:62:5a:62:a5:27:b4:
                    a7:13:c1:80:71:84:fd:a2:97:ce:1f:3c:8f:78:be:
                    63:f3:05:9f:a6:f0:75:c2:32:b1:bb:c6:a1:53:6a:
                    ca:11:96:6e:2c:f3:69:73:99:ba:91:a4:81:0b:95:
                    a0:bf:89:d9:5b:c3:0a:60:9b:e9:d1:34:ab:3b:65:
                    1d:a0:b4:7e:0e:8e:e3:51:86:ab:75:81:58:b6:10:
                    ca:3c:e2:c0:5f:ce:d8:f5:a8:8d:a9:89:75:40:de:
                    1e:2a:2e:ab:c4:49:09:08:23:a6:c3:3a:69:4a:f4:
                    d2:7a:e5:d2:48:02:fc:95:9c:74:92:47:57:47:0e:
                    67:76:e0:cf:d9:9a:6d:ba:08:17:50:7f:7d:52:76:
                    e1:24:8d:76:78:93:a9:b3:53:ec:d5:a2:29:c9:ab:
                    37:98:b6:51:33:a1:d1:25:a7:d3:9a:0e:f3:db:70:
                    bc:97:1f:df:1e:53:fb:2c:c5:cd:7f:90:05:ec:04:
                    e0:34:fd:3e:6e:77:cb:47:f6:01:d1:a5:d6:7d:0a:
                    d4:78:37:54:a9:53:a0:59:5f:c4:64:f5:66:5d:8e:
                    74:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:4A:85:AD:EC:AE:93:50:4B:4A:42:B6:E7:09:53:59:31:2C:D8:AE
            X509v3 Authority Key Identifier:
                keyid:C0:F9:25:71:10:89:58:78:6B:65:FF:A2:41:B1:F1:1F:6D:05:8B:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPklcRCJWHhrZf-iQbHxH20Fi1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/EEqFreyuk1BLSkK25wlTWTEs2K4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/bf1ccb-9f32-4f41-8dad-9b2b9ea95535/1/wPklcRCJWHhrZf-iQbHxH20Fi1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:e4:ff:0a:ae:45:34:35:ec:a9:cb:8a:52:c8:b4:04:ad:86:
         59:0b:9d:f5:aa:4d:17:7e:58:a6:45:99:3b:a6:d2:39:b8:3b:
         cf:28:4d:2c:cc:89:13:d0:ae:2b:92:89:03:51:7e:25:b7:d7:
         d7:0c:73:82:98:5b:58:e6:5f:cc:83:db:4d:cd:f7:ad:91:19:
         27:bb:de:65:4a:46:37:f2:2f:1c:e8:8b:5e:53:9f:5d:da:3a:
         8c:f8:7b:a2:18:57:d0:dc:f0:4e:73:ed:df:a0:14:a5:9d:8e:
         7e:9b:12:a1:c3:2a:0a:7d:08:d6:c3:25:a1:17:8f:45:c1:7d:
         59:eb:81:82:bf:b0:4f:78:b1:75:05:fb:6c:d8:66:18:fa:52:
         b3:e6:cf:d9:c5:2a:66:64:ec:bc:d4:ef:55:f1:41:97:70:d8:
         56:ce:37:81:e6:8f:a6:0c:34:3f:db:49:b8:a2:e6:fe:a7:2a:
         cd:5f:8a:a7:f2:ac:63:f2:e2:b1:56:fc:b0:48:5e:38:13:ac:
         73:4f:7a:8a:8e:cd:7c:8c:99:1d:5c:11:dc:dd:a4:dd:8d:14:
         59:73:1d:1b:8f:5e:9b:f0:a3:0b:73:5e:b2:65:f3:4a:ae:32:
         41:ff:27:1b:fa:10:6d:b1:c0:be:3c:cf:f4:37:29:3f:e8:8d:
         34:9f:6a:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEky+MH+flLHMmGhIUAmvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZjkyNTcxMTA4OTU4Nzg2YjY1ZmZhMjQxYjFmMTFmNmQw
NThiNTYwHhcNMjQwMTAxMTAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRhODVhZGVjYWU5MzUwNGI0YTQyYjZlNzA5NTM1OTMxMmNkOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPvL36Nj6p33IKFIK6321NqqdmxE
Tq+uJx3jcjshl1fg9Fl4FCNiWmKlJ7SnE8GAcYT9opfOHzyPeL5j8wWfpvB1wjKx
u8ahU2rKEZZuLPNpc5m6kaSBC5Wgv4nZW8MKYJvp0TSrO2UdoLR+Do7jUYardYFY
thDKPOLAX87Y9aiNqYl1QN4eKi6rxEkJCCOmwzppSvTSeuXSSAL8lZx0kkdXRw5n
duDP2ZptuggXUH99UnbhJI12eJOps1Ps1aIpyas3mLZRM6HRJafTmg7z23C8lx/f
HlP7LMXNf5AF7ATgNP0+bnfLR/YB0aXWfQrUeDdUqVOgWV/EZPVmXY50HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBKha3srpNQS0pCtucJU1kxLNiuMB8GA1UdIwQY
MBaAFMD5JXEQiVh4a2X/okGx8R9tBYtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1BrbGNSQ0pXSGhyWmYtaVFiSHhIMjBGaTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9iZjFjY2ItOWYzMi00ZjQxLThkYWQt
OWIyYjllYTk1NTM1LzEvRUVxRnJleXVrMUJMU2tLMjV3bFRXVEVzMks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9iZjFjY2ItOWYzMi00ZjQxLThkYWQtOWIyYjllYTk1NTM1
LzEvd1BrbGNSQ0pXSGhyWmYtaVFiSHhIMjBGaTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU9IMA0G
CSqGSIb3DQEBCwUAA4IBAQBp5P8KrkU0Neypy4pSyLQErYZZC531qk0XflimRZk7
ptI5uDvPKE0szIkT0K4rkokDUX4lt9fXDHOCmFtY5l/Mg9tNzfetkRknu95lSkY3
8i8c6IteU59d2jqM+HuiGFfQ3PBOc+3foBSlnY5+mxKhwyoKfQjWwyWhF49FwX1Z
64GCv7BPeLF1Bfts2GYY+lKz5s/ZxSpmZOy81O9V8UGXcNhWzjeB5o+mDDQ/20m4
oub+pyrNX4qn8qxj8uKxVvywSF44E6xzT3qKjs18jJkdXBHc3aTdjRRZcx0bj16b
8KMLc16yZfNKrjJB/ycb+hBtscC+PM/0Nyk/6I00n2qQ
-----END CERTIFICATE-----