Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/8Oz96SBlvVTn_J9Q5dTyP3hkGJI.roa
File:                     8Oz96SBlvVTn_J9Q5dTyP3hkGJI.roa (raw, json)
Hash identifier:          RgEFTRSbtRLU9HN5xlEKSPTusohvek7jqiTInftiP+c=
Subject key identifier:   F0:EC:FD:E9:20:65:BD:54:E7:FC:9F:50:E5:D4:F2:3F:78:64:18:92
Certificate issuer:       /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial:       0192054E94B3EA2037FB5E2FB19381E65529
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/8Oz96SBlvVTn_J9Q5dTyP3hkGJI.roa
Signing time:             Wed 18 Sep 2024 13:24:48 +0000
ROA not before:           Wed 18 Sep 2024 13:24:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29286
IP address blocks:        82.205.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:05:4e:94:b3:ea:20:37:fb:5e:2f:b1:93:81:e6:55:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
        Validity
            Not Before: Sep 18 13:24:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f0ecfde92065bd54e7fc9f50e5d4f23f78641892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ac:86:94:1b:82:2a:be:46:7c:68:92:50:86:
                    d9:03:d4:1f:b9:16:4e:a9:a4:11:df:42:42:e6:55:
                    4d:b4:c2:4e:d5:a8:00:94:c4:c7:f3:9a:39:a4:72:
                    ee:f4:18:15:75:28:55:3b:bc:51:55:91:ad:1b:9d:
                    35:1a:8b:2f:54:2c:8a:a6:a1:5a:11:78:00:2b:0c:
                    7e:b9:51:35:be:c0:51:40:1c:30:94:85:41:ee:ed:
                    ce:70:3a:8c:02:7d:b8:b9:b0:db:d9:b2:20:65:e0:
                    da:15:33:10:cc:b6:94:ce:10:3e:fe:e6:11:c9:ed:
                    38:e8:39:6b:c8:c8:11:37:6e:ed:e4:50:03:34:59:
                    26:bc:0f:00:f1:1d:1a:16:34:a5:13:d8:ea:ef:dd:
                    aa:35:bf:55:a5:df:39:90:04:ac:bc:5f:44:32:75:
                    18:f7:8a:50:0f:bb:52:a6:8e:14:b2:68:07:07:71:
                    a3:a4:74:4f:d0:43:c0:b5:18:8d:72:63:b0:8d:52:
                    6c:e6:ca:0d:d6:5c:81:34:b2:31:9c:25:08:dd:46:
                    5c:2f:42:21:11:cb:4b:59:8b:46:2f:1f:6d:44:4f:
                    8d:1f:0b:a8:2d:47:b8:32:1f:6e:a9:d4:2a:1f:c3:
                    03:7a:84:f2:74:e6:1e:53:2e:b0:42:5a:1a:4a:10:
                    13:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:EC:FD:E9:20:65:BD:54:E7:FC:9F:50:E5:D4:F2:3F:78:64:18:92
            X509v3 Authority Key Identifier:
                keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/8Oz96SBlvVTn_J9Q5dTyP3hkGJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.205.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:46:90:ed:c0:28:d2:d6:72:74:ec:cd:ac:5c:d4:76:7d:21:
         66:08:93:6b:60:e3:0f:92:e4:6f:ec:c5:f7:4e:b8:67:55:68:
         76:e9:15:37:90:e6:32:4d:e7:66:74:57:2a:4b:f6:e1:b1:f3:
         91:f0:f2:54:9f:34:d0:2b:2e:91:3d:47:45:94:c0:90:e0:ff:
         b2:7f:92:13:cb:fd:f9:99:b4:28:01:7c:38:38:a7:8b:32:e2:
         3b:73:f6:a8:ad:4a:93:0f:8a:84:93:89:3e:42:24:75:ab:11:
         28:89:4e:3e:79:3e:ac:c1:d2:68:d9:a7:37:0e:ed:25:c7:e7:
         08:22:1e:6e:95:4b:42:e0:6e:f7:ff:d8:9f:f5:da:2f:30:41:
         04:8d:b0:d2:b3:a0:07:df:ae:65:c2:a5:13:81:59:57:ba:3b:
         66:4f:22:86:65:fe:c3:04:31:67:2d:ba:fc:ae:34:aa:f1:07:
         d9:aa:2f:b8:06:8b:42:21:07:5e:90:db:4f:d0:65:05:14:a1:
         a0:62:df:f8:3d:b5:33:3e:38:70:74:0e:dc:fd:72:af:e9:cf:
         28:17:4c:29:19:77:12:5e:40:26:bb:d6:6e:53:2a:17:76:48:
         33:4f:d1:c8:73:91:40:74:08:ae:55:61:71:64:7b:6b:22:d6:
         a4:7c:f0:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIFTpSz6iA3+14vsZOB5lUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjQwOTE4MTMyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVjZmRlOTIwNjViZDU0ZTdmYzlmNTBlNWQ0ZjIzZjc4NjQxODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKyGlBuCKr5GfGiSUIbZA9QfuRZO
qaQR30JC5lVNtMJO1agAlMTH85o5pHLu9BgVdShVO7xRVZGtG501GosvVCyKpqFa
EXgAKwx+uVE1vsBRQBwwlIVB7u3OcDqMAn24ubDb2bIgZeDaFTMQzLaUzhA+/uYR
ye046DlryMgRN27t5FADNFkmvA8A8R0aFjSlE9jq792qNb9Vpd85kASsvF9EMnUY
94pQD7tSpo4UsmgHB3GjpHRP0EPAtRiNcmOwjVJs5soN1lyBNLIxnCUI3UZcL0Ih
EctLWYtGLx9tRE+NHwuoLUe4Mh9uqdQqH8MDeoTydOYeUy6wQloaShAT3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDs/ekgZb1U5/yfUOXU8j94ZBiSMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvOE96OTZTQmx2VlRuX0o5UTVkVHlQM2hrR0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUs25MA0G
CSqGSIb3DQEBCwUAA4IBAQBzRpDtwCjS1nJ07M2sXNR2fSFmCJNrYOMPkuRv7MX3
TrhnVWh26RU3kOYyTedmdFcqS/bhsfOR8PJUnzTQKy6RPUdFlMCQ4P+yf5ITy/35
mbQoAXw4OKeLMuI7c/aorUqTD4qEk4k+QiR1qxEoiU4+eT6swdJo2ac3Du0lx+cI
Ih5ulUtC4G73/9if9dovMEEEjbDSs6AH365lwqUTgVlXujtmTyKGZf7DBDFnLbr8
rjSq8QfZqi+4BotCIQdekNtP0GUFFKGgYt/4PbUzPjhwdA7c/XKv6c8oF0wpGXcS
XkAmu9ZuUyoXdkgzT9HIc5FAdAiuVWFxZHtrItakfPAb
-----END CERTIFICATE-----