Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa
File:                     me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa (raw, json)
Hash identifier:          tYVEJGut5EYuY1ModgQaLg7X4qmwmMq/WQ0U5q4HKWI=
Subject key identifier:   99:EE:27:0C:03:AF:24:64:BD:42:5C:F4:3A:33:B7:2B:7C:C4:9A:B5
Certificate issuer:       /CN=5c92b9a92c7eb913c3da558002c673e8238db1c7
Certificate serial:       018CC649E583FA2A17A5A389777B74BFB961
Authority key identifier: 5C:92:B9:A9:2C:7E:B9:13:C3:DA:55:80:02:C6:73:E8:23:8D:B1:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XJK5qSx-uRPD2lWAAsZz6CONscc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa
Signing time:             Mon 01 Jan 2024 18:29:40 +0000
ROA not before:           Mon 01 Jan 2024 18:29:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        194.35.240.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/XJK5qSx-uRPD2lWAAsZz6CONscc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/XJK5qSx-uRPD2lWAAsZz6CONscc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XJK5qSx-uRPD2lWAAsZz6CONscc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:e5:83:fa:2a:17:a5:a3:89:77:7b:74:bf:b9:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c92b9a92c7eb913c3da558002c673e8238db1c7
        Validity
            Not Before: Jan  1 18:29:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99ee270c03af2464bd425cf43a33b72b7cc49ab5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e5:ab:8d:00:30:41:5f:05:20:86:be:5d:77:
                    1b:78:5c:4d:7e:ea:a3:29:32:7c:91:7c:4f:5a:8a:
                    2b:71:30:97:5c:47:db:86:8a:8e:b3:bc:43:c1:50:
                    42:9a:22:7f:33:eb:6c:dd:5a:0b:c5:f7:38:c3:74:
                    e0:1f:32:e3:2e:c2:12:ac:29:dc:9d:83:f1:74:e0:
                    14:68:ce:35:01:2a:17:d6:61:ea:cc:8f:d7:b6:f9:
                    cd:e7:17:9e:8c:96:d8:1d:7a:19:ff:32:84:8c:77:
                    dc:4c:da:f7:8d:23:09:da:91:9a:b6:ec:ea:71:d8:
                    49:eb:52:a8:47:ca:9f:c6:af:ed:ea:33:4d:a9:fd:
                    5a:eb:cd:1f:98:a0:c3:75:7f:32:f0:9f:83:23:b9:
                    ff:95:67:f4:06:7b:d0:77:5f:76:b7:de:bd:de:82:
                    84:1f:90:c1:c9:59:01:33:0b:4c:bb:7c:97:8d:6f:
                    36:67:d8:4d:25:8b:79:d8:18:ef:9b:ae:54:07:79:
                    32:e8:24:34:21:ba:c7:66:a1:83:82:e9:2e:c2:4a:
                    7f:95:a1:5a:58:ac:44:4c:e2:6d:e1:a9:1e:d4:ef:
                    fb:f7:b4:c2:64:3c:fc:a8:c7:47:56:a4:ed:1d:a9:
                    b7:d9:f0:4c:47:06:ac:57:14:4a:f9:15:99:44:93:
                    21:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:EE:27:0C:03:AF:24:64:BD:42:5C:F4:3A:33:B7:2B:7C:C4:9A:B5
            X509v3 Authority Key Identifier:
                keyid:5C:92:B9:A9:2C:7E:B9:13:C3:DA:55:80:02:C6:73:E8:23:8D:B1:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJK5qSx-uRPD2lWAAsZz6CONscc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/XJK5qSx-uRPD2lWAAsZz6CONscc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.35.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:92:39:0a:f5:e8:09:ed:f5:73:09:78:71:c4:88:6e:a7:9d:
         94:21:74:87:ba:57:53:05:35:7f:d8:21:7e:c6:45:25:a5:e7:
         0f:35:d7:51:93:55:23:36:9a:a5:1d:36:80:35:83:7f:73:50:
         ef:4f:08:1a:cc:3f:4e:41:dc:a7:7d:7d:6c:0b:06:8f:7b:23:
         f5:bb:12:5a:3c:27:2c:ed:bb:50:63:39:04:1d:bc:99:c7:5d:
         e7:64:5c:3f:84:29:ce:fc:3c:38:d3:b4:03:ce:0e:a7:a0:c7:
         99:97:88:7b:52:ef:14:9c:d6:ee:74:3c:c4:78:f7:e4:55:82:
         1d:70:fb:0a:ae:b3:34:70:1b:6c:f9:72:38:82:dc:26:1e:f9:
         dc:33:24:76:b8:85:d0:a0:a1:1f:45:dd:6a:6f:1c:ea:60:7b:
         e5:46:27:92:ab:43:b3:52:ee:3b:26:97:e2:da:c8:5b:bf:94:
         74:b8:05:b9:49:cf:83:61:1b:dc:e0:44:3b:b6:3f:39:28:42:
         a8:6c:2d:5b:fe:d4:43:fe:6c:a6:1e:a7:40:f5:1a:3c:f5:c8:
         92:08:d0:8f:46:9a:4f:3f:f4:fd:2d:5d:54:ea:f1:3e:34:4d:
         4a:ce:1d:25:14:a7:fa:15:00:73:d2:6f:12:0a:c2:2c:8d:4b:
         b4:ec:ec:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSeWD+ioXpaOJd3t0v7lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOTJiOWE5MmM3ZWI5MTNjM2RhNTU4MDAyYzY3M2U4MjM4
ZGIxYzcwHhcNMjQwMTAxMTgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWVlMjcwYzAzYWYyNDY0YmQ0MjVjZjQzYTMzYjcyYjdjYzQ5YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuWrjQAwQV8FIIa+XXcbeFxNfuqj
KTJ8kXxPWoorcTCXXEfbhoqOs7xDwVBCmiJ/M+ts3VoLxfc4w3TgHzLjLsISrCnc
nYPxdOAUaM41ASoX1mHqzI/XtvnN5xeejJbYHXoZ/zKEjHfcTNr3jSMJ2pGatuzq
cdhJ61KoR8qfxq/t6jNNqf1a680fmKDDdX8y8J+DI7n/lWf0BnvQd192t9693oKE
H5DByVkBMwtMu3yXjW82Z9hNJYt52Bjvm65UB3ky6CQ0IbrHZqGDgukuwkp/laFa
WKxETOJt4ake1O/797TCZDz8qMdHVqTtHam32fBMRwasVxRK+RWZRJMh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnuJwwDryRkvUJc9Doztyt8xJq1MB8GA1UdIwQY
MBaAFFySuaksfrkTw9pVgALGc+gjjbHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEpLNXFTeC11UlBEMmxXQUFzWno2Q09Oc2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Njk0NjMtN2Y2YS00NTAzLWFiYzQt
ZDZiNTZhYmEzZWI3LzEvbWU0bkRBT3ZKR1M5UWx6ME9qTzNLM3pFbXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Njk0NjMtN2Y2YS00NTAzLWFiYzQtZDZiNTZhYmEzZWI3
LzEvWEpLNXFTeC11UlBEMmxXQUFzWno2Q09Oc2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiPwMA0G
CSqGSIb3DQEBCwUAA4IBAQClkjkK9egJ7fVzCXhxxIhup52UIXSHuldTBTV/2CF+
xkUlpecPNddRk1UjNpqlHTaANYN/c1DvTwgazD9OQdynfX1sCwaPeyP1uxJaPCcs
7btQYzkEHbyZx13nZFw/hCnO/Dw407QDzg6noMeZl4h7Uu8UnNbudDzEePfkVYId
cPsKrrM0cBts+XI4gtwmHvncMyR2uIXQoKEfRd1qbxzqYHvlRieSq0OzUu47Jpfi
2shbv5R0uAW5Sc+DYRvc4EQ7tj85KEKobC1b/tRD/mymHqdA9Ro89ciSCNCPRppP
P/T9LV1U6vE+NE1Kzh0lFKf6FQBz0m8SCsIsjUu07Ozo
-----END CERTIFICATE-----