Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Gb9DeZq3ORmkC4B9of3QhU8siNY.roa
File:                     Gb9DeZq3ORmkC4B9of3QhU8siNY.roa (raw, json)
Hash identifier:          aWlS8V6DWQcedMEk+BlI7OlDmost2D1zty4EZRaowvU=
Subject key identifier:   19:BF:43:79:9A:B7:39:19:A4:0B:80:7D:A1:FD:D0:85:4F:2C:88:D6
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       0190A535F3634D840338F898B348A89CE284
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Gb9DeZq3ORmkC4B9of3QhU8siNY.roa
Signing time:             Fri 12 Jul 2024 04:31:34 +0000
ROA not before:           Fri 12 Jul 2024 04:31:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     270187
IP address blocks:        83.147.48.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 15:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:a5:35:f3:63:4d:84:03:38:f8:98:b3:48:a8:9c:e2:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Jul 12 04:31:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=19bf43799ab73919a40b807da1fdd0854f2c88d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1d:4b:ce:95:9d:01:29:98:4d:64:3f:6b:fa:
                    fc:fa:ba:be:40:ee:b5:70:dd:16:16:fd:ed:20:27:
                    61:4a:d8:17:8e:04:27:c2:23:d6:d7:bd:b4:d5:47:
                    10:6c:cc:d8:46:54:37:51:7e:4d:f5:9e:01:0b:f0:
                    a3:13:43:7a:d4:12:8a:bb:b2:13:30:2d:c2:57:9b:
                    48:d3:88:f9:48:ac:3c:d7:b7:9c:fa:03:5a:d3:b1:
                    17:2e:76:07:80:d1:06:e4:52:92:f5:da:76:ca:16:
                    98:e7:f7:3c:73:8d:23:03:7d:05:2d:51:4e:50:34:
                    b6:5a:6a:ff:2d:14:d0:ec:fa:01:37:7f:36:e8:2b:
                    7e:e2:aa:d6:52:ec:24:36:e6:ad:9f:61:06:54:90:
                    c4:ad:d7:a6:a8:53:c5:07:97:e2:c3:df:8b:eb:59:
                    c9:d4:e8:67:af:07:63:c8:4a:6e:51:90:92:77:e7:
                    4a:db:42:3e:b3:2e:25:c2:84:97:2a:7b:c5:08:81:
                    ab:97:a3:18:4a:d5:d9:7c:2a:fd:09:df:04:81:23:
                    6d:81:9d:74:a8:ab:30:e1:95:6f:84:18:55:ce:f8:
                    e3:7d:42:61:3d:e3:56:a5:5a:d3:df:57:bc:17:9e:
                    a4:c0:cf:55:b9:d9:93:5e:2c:42:b1:11:e9:54:c1:
                    7e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:BF:43:79:9A:B7:39:19:A4:0B:80:7D:A1:FD:D0:85:4F:2C:88:D6
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Gb9DeZq3ORmkC4B9of3QhU8siNY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:3e:fe:5c:08:1a:8d:f6:50:e1:39:f6:d6:54:63:03:21:80:
         4c:e2:13:ae:2c:e4:22:29:56:fc:3a:27:e8:e8:f2:f0:4f:98:
         d8:bf:50:06:33:0d:ee:37:d5:81:da:34:39:4d:a8:e7:66:a2:
         e0:2a:56:ba:f8:72:30:b4:02:f4:85:df:25:b3:39:65:bc:e9:
         fc:b6:e9:88:d2:fc:ea:79:09:eb:75:01:7a:41:09:cb:39:e8:
         21:73:59:36:28:b4:f6:c1:9a:e8:04:0d:45:47:56:e0:35:75:
         2c:33:2d:a5:3c:3e:86:3e:c7:15:50:29:76:4b:6c:b9:d7:47:
         69:0a:85:26:83:56:65:f4:cb:69:69:43:e3:75:ab:0f:6a:b3:
         28:b8:46:5d:1e:66:db:23:d9:ec:c0:c4:e2:e3:e4:33:f6:2c:
         8b:e7:31:b6:f0:cc:2f:36:9b:60:2c:aa:c0:17:75:15:e6:11:
         a4:fa:0c:e4:9a:23:a4:0d:bd:cf:c2:8e:c4:7e:d4:29:f4:f8:
         01:d4:d8:53:dc:c3:ec:27:51:4f:8a:9c:fc:ae:ee:74:1a:db:
         93:57:10:73:ad:ea:4f:1d:66:5a:65:ad:0d:39:59:fc:74:e0:
         e6:72:d5:fe:5e:51:3c:0a:c4:f7:8c:ab:80:75:33:28:12:0f:
         22:c5:7d:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZClNfNjTYQDOPiYs0ionOKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwNzEyMDQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWJmNDM3OTlhYjczOTE5YTQwYjgwN2RhMWZkZDA4NTRmMmM4OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx1LzpWdASmYTWQ/a/r8+rq+QO61
cN0WFv3tICdhStgXjgQnwiPW17201UcQbMzYRlQ3UX5N9Z4BC/CjE0N61BKKu7IT
MC3CV5tI04j5SKw817ec+gNa07EXLnYHgNEG5FKS9dp2yhaY5/c8c40jA30FLVFO
UDS2Wmr/LRTQ7PoBN3826Ct+4qrWUuwkNuatn2EGVJDErdemqFPFB5fiw9+L61nJ
1OhnrwdjyEpuUZCSd+dK20I+sy4lwoSXKnvFCIGrl6MYStXZfCr9Cd8EgSNtgZ10
qKsw4ZVvhBhVzvjjfUJhPeNWpVrT31e8F56kwM9VudmTXixCsRHpVMF+mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBm/Q3matzkZpAuAfaH90IVPLIjWMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvR2I5RGVacTNPUm1rQzRCOW9mM1FoVThzaU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5MwMA0G
CSqGSIb3DQEBCwUAA4IBAQCwPv5cCBqN9lDhOfbWVGMDIYBM4hOuLOQiKVb8Oifo
6PLwT5jYv1AGMw3uN9WB2jQ5TajnZqLgKla6+HIwtAL0hd8lszllvOn8tumI0vzq
eQnrdQF6QQnLOeghc1k2KLT2wZroBA1FR1bgNXUsMy2lPD6GPscVUCl2S2y510dp
CoUmg1Zl9MtpaUPjdasParMouEZdHmbbI9nswMTi4+Qz9iyL5zG28MwvNptgLKrA
F3UV5hGk+gzkmiOkDb3Pwo7EftQp9PgB1NhT3MPsJ1FPipz8ru50GtuTVxBzrepP
HWZaZa0NOVn8dODmctX+XlE8CsT3jKuAdTMoEg8ixX1W
-----END CERTIFICATE-----