Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/DjsbeUScAR9EUfRE070QFYOZXx0.roa
File:                     DjsbeUScAR9EUfRE070QFYOZXx0.roa (raw, json)
Hash identifier:          Jj0CL6iZxJ5XW4ZpctnqFGBbj6Ygbs9fspzlTAigxwY=
Subject key identifier:   0E:3B:1B:79:44:9C:01:1F:44:51:F4:44:D3:BD:10:15:83:99:5F:1D
Certificate issuer:       /CN=2213007596493802fb93a326731fd3329eae2dac
Certificate serial:       0194258F62F070818283D3760214EEBAB27F
Authority key identifier: 22:13:00:75:96:49:38:02:FB:93:A3:26:73:1F:D3:32:9E:AE:2D:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/DjsbeUScAR9EUfRE070QFYOZXx0.roa
Signing time:             Thu 02 Jan 2025 05:49:01 +0000
ROA not before:           Thu 02 Jan 2025 05:49:01 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     58186
IP address blocks:        91.192.226.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:8f:62:f0:70:81:82:83:d3:76:02:14:ee:ba:b2:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2213007596493802fb93a326731fd3329eae2dac
        Validity
            Not Before: Jan  2 05:49:01 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=0e3b1b79449c011f4451f444d3bd101583995f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:49:36:1d:20:d3:4b:bf:2b:cf:ca:a5:24:7f:
                    22:4a:8c:ad:0d:cd:fa:c5:22:e1:a0:73:c0:86:2a:
                    8f:2d:3a:46:de:dc:6f:c5:9f:86:13:b4:7d:88:32:
                    06:d9:f5:08:88:2c:54:94:2f:b6:e7:13:ad:58:18:
                    52:5e:90:c1:d2:99:85:29:6f:a5:d0:24:9c:ff:25:
                    aa:1c:0c:17:c2:6b:a4:84:16:c2:88:5e:1e:65:dd:
                    0e:91:77:73:f9:e6:63:ff:1b:b0:d0:a4:36:77:19:
                    6f:50:b4:18:7c:49:e1:d7:67:c3:50:bb:79:9b:72:
                    22:48:64:51:35:a3:8f:03:2f:46:85:f8:3f:de:7e:
                    cf:41:37:c6:4e:2f:0f:dc:42:9a:a9:45:2e:1a:b0:
                    16:1e:55:3d:ac:b9:ee:b1:31:80:f6:5e:79:a8:94:
                    30:c2:7a:1c:30:7e:2c:98:b2:59:24:6c:17:08:07:
                    3a:18:e7:75:a9:69:16:19:4d:6f:b3:67:3f:d9:0c:
                    0b:4a:a0:85:14:27:86:c5:f3:ea:bd:1d:7e:b8:39:
                    2c:6c:9c:30:0d:77:d3:b9:30:a3:dc:11:80:12:9e:
                    79:89:26:7d:2f:80:6e:66:04:0b:f3:c9:5e:74:52:
                    e2:d5:68:9d:dd:fc:fa:54:fc:6d:a0:d7:91:0b:50:
                    bd:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:3B:1B:79:44:9C:01:1F:44:51:F4:44:D3:BD:10:15:83:99:5F:1D
            X509v3 Authority Key Identifier:
                keyid:22:13:00:75:96:49:38:02:FB:93:A3:26:73:1F:D3:32:9E:AE:2D:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/DjsbeUScAR9EUfRE070QFYOZXx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a80963-3089-4ac4-af4f-3c8717414d80/1/IhMAdZZJOAL7k6Mmcx_TMp6uLaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.192.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:7b:84:4d:ee:1a:50:42:ab:78:41:ee:78:64:e8:e8:08:bc:
         40:88:74:ce:cf:3d:38:ba:d1:46:28:6b:db:be:0a:73:c1:22:
         6b:67:83:b5:0c:bf:52:15:d0:7f:28:16:b3:c3:e7:b4:80:28:
         68:e3:a6:ea:9f:fb:1c:22:e9:8c:c3:cc:d1:4b:33:39:1b:fa:
         13:95:05:52:43:5c:35:36:b5:54:f1:16:5d:59:b1:e3:d8:ac:
         ed:f2:8c:2e:12:18:ec:8a:c2:72:5f:22:76:98:ea:e5:c6:ec:
         47:d6:12:7a:ff:91:56:93:1b:34:f2:7b:58:6f:b0:87:7e:2a:
         dc:e1:f9:c2:fb:40:a9:58:a1:01:4f:f7:64:21:2f:8a:05:a4:
         81:4c:f6:73:46:4f:2e:15:c9:b4:6c:12:fc:9a:92:e5:d7:71:
         b7:41:fc:6a:45:c4:dd:9a:7d:10:f1:ae:a4:91:a7:91:e3:42:
         0c:64:a4:5d:30:72:dd:91:da:ba:69:84:a5:cc:9f:70:85:b5:
         c3:4d:81:a5:43:be:9d:15:ca:cf:b2:b6:e4:d3:15:69:b5:fd:
         82:f7:62:70:d5:50:b5:a0:e4:10:72:05:7c:23:cd:5f:ed:37:
         1d:02:2f:79:0d:82:dd:2a:6f:3f:3c:27:67:ba:36:58:f0:4d:
         3e:f2:34:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj2LwcIGCg9N2AhTuurJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTMwMDc1OTY0OTM4MDJmYjkzYTMyNjczMWZkMzMyOWVh
ZTJkYWMwHhcNMjUwMTAyMDU0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNiMWI3OTQ0OWMwMTFmNDQ1MWY0NDRkM2JkMTAxNTgzOTk1ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kk2HSDTS78rz8qlJH8iSoytDc36
xSLhoHPAhiqPLTpG3txvxZ+GE7R9iDIG2fUIiCxUlC+25xOtWBhSXpDB0pmFKW+l
0CSc/yWqHAwXwmukhBbCiF4eZd0OkXdz+eZj/xuw0KQ2dxlvULQYfEnh12fDULt5
m3IiSGRRNaOPAy9Ghfg/3n7PQTfGTi8P3EKaqUUuGrAWHlU9rLnusTGA9l55qJQw
wnocMH4smLJZJGwXCAc6GOd1qWkWGU1vs2c/2QwLSqCFFCeGxfPqvR1+uDksbJww
DXfTuTCj3BGAEp55iSZ9L4BuZgQL88ledFLi1Wid3fz6VPxtoNeRC1C9uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA47G3lEnAEfRFH0RNO9EBWDmV8dMB8GA1UdIwQY
MBaAFCITAHWWSTgC+5OjJnMf0zKeri2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhNQWRaWkpPQUw3azZNbWN4X1RNcDZ1TGF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hODA5NjMtMzA4OS00YWM0LWFmNGYt
M2M4NzE3NDE0ZDgwLzEvRGpzYmVVU2NBUjlFVWZSRTA3MFFGWU9aWHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hODA5NjMtMzA4OS00YWM0LWFmNGYtM2M4NzE3NDE0ZDgw
LzEvSWhNQWRaWkpPQUw3azZNbWN4X1RNcDZ1TGF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8DiMA0G
CSqGSIb3DQEBCwUAA4IBAQAHe4RN7hpQQqt4Qe54ZOjoCLxAiHTOzz04utFGKGvb
vgpzwSJrZ4O1DL9SFdB/KBazw+e0gCho46bqn/scIumMw8zRSzM5G/oTlQVSQ1w1
NrVU8RZdWbHj2Kzt8owuEhjsisJyXyJ2mOrlxuxH1hJ6/5FWkxs08ntYb7CHfirc
4fnC+0CpWKEBT/dkIS+KBaSBTPZzRk8uFcm0bBL8mpLl13G3QfxqRcTdmn0Q8a6k
kaeR40IMZKRdMHLdkdq6aYSlzJ9whbXDTYGlQ76dFcrPsrbk0xVptf2C92Jw1VC1
oOQQcgV8I81f7TcdAi95DYLdKm8/PCdnujZY8E0+8jTq
-----END CERTIFICATE-----