Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/l1RqEgbrkRN7B6cgHsvRAj0q15E.roa
File:                     l1RqEgbrkRN7B6cgHsvRAj0q15E.roa (raw, json)
Hash identifier:          N7VZMQr5ObDc4XTpo/lztaWinL28cw+r8GkFRgNLwAo=
Subject key identifier:   97:54:6A:12:06:EB:91:13:7B:07:A7:20:1E:CB:D1:02:3D:2A:D7:91
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       0191FF644B8A946E5C41FC31C90B98D40083
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/l1RqEgbrkRN7B6cgHsvRAj0q15E.roa
Signing time:             Tue 17 Sep 2024 09:50:48 +0000
ROA not before:           Tue 17 Sep 2024 09:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16276
IP address blocks:        80.87.206.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 12:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:ff:64:4b:8a:94:6e:5c:41:fc:31:c9:0b:98:d4:00:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: Sep 17 09:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=97546a1206eb91137b07a7201ecbd1023d2ad791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:aa:36:db:9d:ae:07:dc:a3:72:83:4d:7d:ca:
                    d7:8d:8f:1c:36:52:04:58:83:83:a6:dc:0d:7b:fb:
                    4d:22:89:40:bc:15:89:65:92:46:83:0b:af:c4:8e:
                    09:74:6c:5f:1d:0c:89:b6:f9:13:fe:56:ea:59:58:
                    04:ea:7d:6b:13:96:9a:e3:53:1d:d0:6b:f9:b4:2b:
                    56:7c:3b:b3:44:d6:16:48:a5:1c:ef:cb:6a:66:88:
                    7f:db:d6:10:1c:49:70:93:f0:a6:93:e0:d8:be:fb:
                    8f:6a:58:a0:fd:b2:96:50:79:91:05:38:68:2c:8a:
                    98:5a:e9:1a:b2:00:f3:a9:b8:95:df:4e:95:3b:e9:
                    18:61:ef:d6:2e:12:23:cd:da:87:e1:cf:df:19:82:
                    77:5b:12:2d:3a:ee:11:9c:d5:89:a3:59:8b:e1:98:
                    81:64:01:29:8b:60:e2:c8:b3:a9:29:b4:11:5e:90:
                    a8:b5:84:d5:22:55:94:b4:e7:0c:e5:04:58:a0:ad:
                    6b:83:40:64:78:59:29:9e:58:fb:c5:b0:23:1d:d8:
                    e7:43:4e:e2:ef:f7:8c:f2:35:3b:1a:6c:f8:28:6c:
                    60:af:6c:12:c4:89:38:62:c8:f2:21:2a:e5:f6:11:
                    37:3d:f7:48:08:51:d9:3e:62:2b:ab:03:03:8f:66:
                    0c:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:54:6A:12:06:EB:91:13:7B:07:A7:20:1E:CB:D1:02:3D:2A:D7:91
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/l1RqEgbrkRN7B6cgHsvRAj0q15E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.87.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:85:38:9e:f5:37:2c:30:12:66:61:12:6b:ca:10:0a:22:d3:
         06:7d:38:57:d5:af:2a:75:f3:91:ea:ff:a0:b5:d4:4d:0b:73:
         dc:d3:ff:90:86:8a:2f:f1:57:8e:22:97:df:4b:ed:06:6b:6f:
         83:91:7d:ba:26:58:56:7c:d5:c4:32:d9:34:b6:39:7e:df:fe:
         cc:d2:11:3a:e5:52:aa:f2:41:fb:2a:f3:51:03:a7:e2:9e:e7:
         45:73:9c:2c:89:61:8e:a6:82:48:26:1a:82:75:7e:aa:b8:d5:
         3b:45:37:0b:1a:d1:81:d3:a0:e1:a8:26:e3:78:20:bb:fe:67:
         43:fc:8a:94:00:4a:57:a8:ea:ea:b5:29:34:46:7f:84:53:40:
         34:5d:4f:2a:a2:6f:d8:55:12:70:e0:1c:13:73:cf:40:ba:0f:
         aa:0e:c7:ce:79:44:05:e3:30:b7:f7:22:90:ce:dd:ff:64:4d:
         fb:25:c9:58:a6:26:e0:26:4e:80:01:47:06:6a:d7:f7:9b:ae:
         b6:e3:6e:68:9d:7e:ef:fb:af:d4:0d:03:06:63:a7:fa:b1:09:
         db:e0:d8:d9:4b:cd:2d:ac:8c:a7:95:2e:30:36:f8:d1:42:02:
         c1:45:77:28:93:98:0e:3f:84:a3:81:9b:31:87:33:ab:13:cb:
         2b:12:e9:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH/ZEuKlG5cQfwxyQuY1ACDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwOTE3MDk1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzU0NmExMjA2ZWI5MTEzN2IwN2E3MjAxZWNiZDEwMjNkMmFkNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKo2252uB9yjcoNNfcrXjY8cNlIE
WIODptwNe/tNIolAvBWJZZJGgwuvxI4JdGxfHQyJtvkT/lbqWVgE6n1rE5aa41Md
0Gv5tCtWfDuzRNYWSKUc78tqZoh/29YQHElwk/Cmk+DYvvuPalig/bKWUHmRBTho
LIqYWukasgDzqbiV306VO+kYYe/WLhIjzdqH4c/fGYJ3WxItOu4RnNWJo1mL4ZiB
ZAEpi2DiyLOpKbQRXpCotYTVIlWUtOcM5QRYoK1rg0BkeFkpnlj7xbAjHdjnQ07i
7/eM8jU7Gmz4KGxgr2wSxIk4YsjyISrl9hE3PfdICFHZPmIrqwMDj2YM/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdUahIG65ETewenIB7L0QI9KteRMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvbDFScUVnYnJrUk43QjZjZ0hzdlJBajBxMTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFfOMA0G
CSqGSIb3DQEBCwUAA4IBAQBjhTie9TcsMBJmYRJryhAKItMGfThX1a8qdfOR6v+g
tdRNC3Pc0/+Qhoov8VeOIpffS+0Ga2+DkX26JlhWfNXEMtk0tjl+3/7M0hE65VKq
8kH7KvNRA6finudFc5wsiWGOpoJIJhqCdX6quNU7RTcLGtGB06DhqCbjeCC7/mdD
/IqUAEpXqOrqtSk0Rn+EU0A0XU8qom/YVRJw4BwTc89Aug+qDsfOeUQF4zC39yKQ
zt3/ZE37JclYpibgJk6AAUcGatf3m662425onX7v+6/UDQMGY6f6sQnb4NjZS80t
rIynlS4wNvjRQgLBRXcok5gOP4SjgZsxhzOrE8srEunx
-----END CERTIFICATE-----