Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/x91LhsukgPAqfQYj3W2LlNBbAek.roa
File:                     x91LhsukgPAqfQYj3W2LlNBbAek.roa (raw, json)
Hash identifier:          F7uoWwJ/vYjK+zrUfHWPZS/ilKp/egTCjRgAcB55Dx0=
Subject key identifier:   C7:DD:4B:86:CB:A4:80:F0:2A:7D:06:23:DD:6D:8B:94:D0:5B:01:E9
Certificate issuer:       /CN=6137d2fcbd43a51e531bc98bfab5eaf7190090af
Certificate serial:       0194274791B545B91141F9D3991844F1C204
Authority key identifier: 61:37:D2:FC:BD:43:A5:1E:53:1B:C9:8B:FA:B5:EA:F7:19:00:90:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTfS_L1DpR5TG8mL-rXq9xkAkK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/x91LhsukgPAqfQYj3W2LlNBbAek.roa
Signing time:             Thu 02 Jan 2025 13:49:49 +0000
ROA not before:           Thu 02 Jan 2025 13:49:49 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     214431
IP address blocks:        195.200.77.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/YTfS_L1DpR5TG8mL-rXq9xkAkK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/YTfS_L1DpR5TG8mL-rXq9xkAkK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTfS_L1DpR5TG8mL-rXq9xkAkK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Mar 2025 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:47:91:b5:45:b9:11:41:f9:d3:99:18:44:f1:c2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6137d2fcbd43a51e531bc98bfab5eaf7190090af
        Validity
            Not Before: Jan  2 13:49:49 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c7dd4b86cba480f02a7d0623dd6d8b94d05b01e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c3:ee:93:73:96:55:4e:b6:95:b9:99:48:8f:
                    f6:a0:55:34:7f:e9:4c:e8:c6:51:84:31:03:e7:78:
                    71:a4:1f:fc:88:2d:be:06:2d:54:9d:b1:71:10:ce:
                    e3:81:ce:25:18:b3:12:85:ff:15:5e:71:9d:ea:0a:
                    fd:9b:a6:ea:7a:35:b7:b8:bb:ba:7d:a3:f4:94:fe:
                    36:73:62:ad:d0:5e:e5:93:4d:9e:04:1c:b0:b0:fd:
                    7d:d4:ae:08:c7:20:20:9c:4e:05:a0:7e:e1:a8:81:
                    bc:f4:28:c4:94:07:5d:29:4d:66:91:ae:cd:86:01:
                    31:75:cd:fe:3b:67:4f:3e:ad:da:61:ee:98:ac:3c:
                    f9:b6:59:e2:5d:d9:19:59:a2:75:d1:94:18:12:52:
                    cb:c8:b4:de:7c:bd:92:02:d3:3c:9b:b8:2c:67:b8:
                    ed:a6:3c:87:16:fb:e5:10:7f:da:9b:43:4a:17:40:
                    cd:cf:34:cb:78:1d:0f:c3:64:8b:79:bb:17:98:fb:
                    85:cd:33:5f:77:f0:46:88:e7:6c:2f:d9:7f:29:18:
                    c6:96:74:2d:b0:b3:7b:00:ff:16:03:09:45:e5:05:
                    ac:40:f8:d0:f8:13:5b:77:07:5f:d1:74:67:dd:34:
                    75:3f:6f:6d:bb:27:ce:3f:78:68:f1:bb:83:2f:f6:
                    86:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:DD:4B:86:CB:A4:80:F0:2A:7D:06:23:DD:6D:8B:94:D0:5B:01:E9
            X509v3 Authority Key Identifier:
                keyid:61:37:D2:FC:BD:43:A5:1E:53:1B:C9:8B:FA:B5:EA:F7:19:00:90:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTfS_L1DpR5TG8mL-rXq9xkAkK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/x91LhsukgPAqfQYj3W2LlNBbAek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e29ff2-8e63-4e6c-8aff-732653c4fe2c/1/YTfS_L1DpR5TG8mL-rXq9xkAkK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.200.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:1c:41:20:54:e4:7c:95:f4:ff:34:65:01:19:fc:a7:29:10:
         70:94:bf:b3:72:20:d3:9a:c0:7d:9d:52:d4:4c:cc:26:34:dd:
         96:1c:92:ac:3f:b3:44:ff:94:6b:24:bd:22:04:6d:02:b9:6b:
         02:14:50:25:2d:68:71:8b:53:f6:f8:be:8f:34:89:2f:b3:f4:
         dc:7f:44:7d:00:97:e8:49:11:a4:65:c9:17:95:dd:f7:7f:8d:
         a5:20:c7:9a:72:ba:3b:74:f9:57:c6:0c:e8:9a:39:86:c1:79:
         09:a4:5f:c3:5b:78:21:41:ca:b8:54:38:1f:12:9c:33:d7:69:
         dd:4c:95:1b:4e:04:bf:76:03:10:d3:e4:03:bb:f1:fa:5b:7d:
         dd:6f:59:17:90:4c:23:69:24:b1:37:50:17:f1:67:7d:96:16:
         d3:85:ae:e0:b5:35:46:f4:aa:a5:dd:65:26:91:d5:c1:91:8f:
         c9:6e:ad:43:6b:0b:be:66:e6:cb:28:40:58:cd:7f:41:ba:d9:
         d5:c2:01:af:ee:f7:bd:80:a8:70:a2:df:c9:93:54:fa:36:1f:
         3e:70:b1:24:8e:b8:35:93:81:c2:a2:30:80:16:e0:f3:1b:c2:
         4c:26:5d:b9:a9:43:cf:4a:d6:66:34:99:a4:ad:31:7a:9b:9a:
         af:ca:73:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5G1RbkRQfnTmRhE8cIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzdkMmZjYmQ0M2E1MWU1MzFiYzk4YmZhYjVlYWY3MTkw
MDkwYWYwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RkNGI4NmNiYTQ4MGYwMmE3ZDA2MjNkZDZkOGI5NGQwNWIwMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncPuk3OWVU62lbmZSI/2oFU0f+lM
6MZRhDED53hxpB/8iC2+Bi1UnbFxEM7jgc4lGLMShf8VXnGd6gr9m6bqejW3uLu6
faP0lP42c2Kt0F7lk02eBBywsP191K4IxyAgnE4FoH7hqIG89CjElAddKU1mka7N
hgExdc3+O2dPPq3aYe6YrDz5tlniXdkZWaJ10ZQYElLLyLTefL2SAtM8m7gsZ7jt
pjyHFvvlEH/am0NKF0DNzzTLeB0Pw2SLebsXmPuFzTNfd/BGiOdsL9l/KRjGlnQt
sLN7AP8WAwlF5QWsQPjQ+BNbdwdf0XRn3TR1P29tuyfOP3ho8buDL/aGZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfdS4bLpIDwKn0GI91ti5TQWwHpMB8GA1UdIwQY
MBaAFGE30vy9Q6UeUxvJi/q16vcZAJCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRmU19MMURwUjVURzhtTC1yWHE5eGtBa0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMjlmZjItOGU2My00ZTZjLThhZmYt
NzMyNjUzYzRmZTJjLzEveDkxTGhzdWtnUEFxZlFZajNXMkxsTkJiQWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMjlmZjItOGU2My00ZTZjLThhZmYtNzMyNjUzYzRmZTJj
LzEvWVRmU19MMURwUjVURzhtTC1yWHE5eGtBa0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8hNMA0G
CSqGSIb3DQEBCwUAA4IBAQAfHEEgVOR8lfT/NGUBGfynKRBwlL+zciDTmsB9nVLU
TMwmNN2WHJKsP7NE/5RrJL0iBG0CuWsCFFAlLWhxi1P2+L6PNIkvs/Tcf0R9AJfo
SRGkZckXld33f42lIMeacro7dPlXxgzomjmGwXkJpF/DW3ghQcq4VDgfEpwz12nd
TJUbTgS/dgMQ0+QDu/H6W33db1kXkEwjaSSxN1AX8Wd9lhbTha7gtTVG9Kql3WUm
kdXBkY/Jbq1Dawu+ZubLKEBYzX9ButnVwgGv7ve9gKhwot/Jk1T6Nh8+cLEkjrg1
k4HCojCAFuDzG8JMJl25qUPPStZmNJmkrTF6m5qvynP0
-----END CERTIFICATE-----