Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56913.roa
File:                     AS56913.roa (raw, json)
Hash identifier:          ChxmdM44X+vfzmsGzRLHBUuIjvl3eJZcmJFVPJDACqM=
Subject key identifier:   6A:D6:73:F7:C1:6F:60:26:61:BE:BA:AF:2B:1C:46:47:34:D4:11:68
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       22ED8BD37D43C5492BE97EC02013EE7F07BF5D8F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56913.roa
Signing time:             Tue 11 Jun 2024 00:00:09 +0000
ROA not before:           Mon 10 Jun 2024 23:55:09 +0000
ROA not after:            Tue 10 Jun 2025 00:00:09 +0000
asID:                     56913
IP address blocks:        146.103.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 11 Jun 2024 18:21:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:ed:8b:d3:7d:43:c5:49:2b:e9:7e:c0:20:13:ee:7f:07:bf:5d:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Jun 10 23:55:09 2024 GMT
            Not After : Jun 10 00:00:09 2025 GMT
        Subject: CN=6AD673F7C16F602661BEBAAF2B1C464734D41168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1a:06:86:e6:fa:22:9e:f3:5e:d0:1e:f8:71:
                    eb:88:46:16:88:7f:7d:f4:ed:c5:ed:73:86:4e:e7:
                    a7:4d:6e:44:ba:d9:95:b6:c0:92:2b:3a:03:6d:bf:
                    81:4b:75:85:d0:92:94:04:b1:26:e8:02:3c:e4:5e:
                    73:42:55:63:5c:f0:c1:99:5d:1c:bf:8e:4d:24:c7:
                    ca:de:b2:17:37:5a:f2:7d:1c:36:20:06:d5:51:92:
                    ce:bd:bb:a3:c7:17:8c:68:12:fb:2e:f5:af:97:6e:
                    4b:05:8c:13:4b:58:45:d4:ce:36:80:53:14:1b:0f:
                    91:18:87:b3:eb:c6:5e:7e:54:89:43:16:eb:f0:0e:
                    94:cd:44:f9:15:5a:38:cc:ef:d6:f0:bf:d1:cd:9a:
                    3c:cf:20:d3:6c:3e:45:2d:9c:18:24:30:cc:62:97:
                    8e:ed:dc:39:e2:ec:e2:4c:14:66:fa:9a:d2:22:0c:
                    f7:f7:ce:69:0f:9d:20:f1:b6:2c:e6:02:52:4f:28:
                    b5:fd:6e:ca:f8:23:70:fb:44:e1:5c:fd:20:69:aa:
                    66:be:b1:8e:26:f8:46:3f:e9:0d:79:5f:5d:26:8d:
                    36:52:5e:5b:3f:c5:9b:8e:74:1e:a4:0f:3d:1a:0c:
                    51:e1:b2:30:57:2e:c9:b4:4f:51:23:94:25:ec:75:
                    3b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D6:73:F7:C1:6F:60:26:61:BE:BA:AF:2B:1C:46:47:34:D4:11:68
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56913.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.103.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b9:1d:30:18:a4:de:44:61:0d:e7:d0:02:34:58:fc:9f:fd:54:
         d0:55:81:1a:b7:e4:b9:a8:6f:1e:69:1a:06:48:4b:4f:20:af:
         28:f3:bf:d9:ba:44:29:35:b2:e8:2b:06:d8:a4:31:db:5f:74:
         fa:f2:b7:98:2f:a6:1a:4b:8b:9f:0b:32:2c:dc:92:31:74:f5:
         2f:5e:a6:45:54:38:6c:bc:70:8f:98:92:65:37:66:a7:65:9f:
         38:d7:0e:97:43:87:1b:c9:66:ac:11:5a:0d:e3:0c:0e:f8:61:
         21:ed:05:b5:0e:d1:58:e9:01:e2:69:e9:87:34:d5:4c:8f:d2:
         16:25:b5:03:58:f8:5a:e9:40:69:19:a6:11:56:55:46:22:f6:
         15:d1:bf:be:2a:5d:e2:4f:ec:c9:a1:92:5d:66:58:f0:71:01:
         a1:6c:8e:10:84:00:00:8f:40:69:3a:bf:e6:f5:c7:f6:dd:ee:
         f5:5d:e7:df:4e:b7:6e:7f:91:e6:93:ed:1a:bd:64:5e:6e:a8:
         50:b0:0a:09:18:83:54:55:41:7f:f9:96:84:29:ba:cd:05:1f:
         f2:30:07:76:0c:27:a4:9a:d5:7b:64:65:41:60:9f:6b:60:65:
         a0:15:9e:1d:3b:1b:d5:b6:e8:d0:82:14:5c:7e:63:74:7a:b5:
         94:95:58:b4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIu2L031DxUkr6X7AIBPufwe/XY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA2MTAyMzU1MDlaFw0yNTA2MTAwMDAwMDlaMDMxMTAvBgNV
BAMTKDZBRDY3M0Y3QzE2RjYwMjY2MUJFQkFBRjJCMUM0NjQ3MzRENDExNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2GgaG5voinvNe0B74ceuIRhaI
f3307cXtc4ZO56dNbkS62ZW2wJIrOgNtv4FLdYXQkpQEsSboAjzkXnNCVWNc8MGZ
XRy/jk0kx8reshc3WvJ9HDYgBtVRks69u6PHF4xoEvsu9a+XbksFjBNLWEXUzjaA
UxQbD5EYh7Prxl5+VIlDFuvwDpTNRPkVWjjM79bwv9HNmjzPINNsPkUtnBgkMMxi
l47t3Dni7OJMFGb6mtIiDPf3zmkPnSDxtizmAlJPKLX9bsr4I3D7ROFc/SBpqma+
sY4m+EY/6Q15X10mjTZSXls/xZuOdB6kDz0aDFHhsjBXLsm0T1EjlCXsdTtxAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUatZz98FvYCZhvrqvKxxGRzTUEWgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTY5MTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACSZzww
DQYJKoZIhvcNAQELBQADggEBALkdMBik3kRhDefQAjRY/J/9VNBVgRq35Lmobx5p
GgZIS08gryjzv9m6RCk1sugrBtikMdtfdPryt5gvphpLi58LMizckjF09S9epkVU
OGy8cI+YkmU3ZqdlnzjXDpdDhxvJZqwRWg3jDA74YSHtBbUO0VjpAeJp6Yc01UyP
0hYltQNY+FrpQGkZphFWVUYi9hXRv74qXeJP7Mmhkl1mWPBxAaFsjhCEAACPQGk6
v+b1x/bd7vVd599Ot25/keaT7Rq9ZF5uqFCwCgkYg1RVQX/5loQpus0FH/IwB3YM
J6Sa1XtkZUFgn2tgZaAVnh07G9W26NCCFFx+Y3R6tZSVWLQ=
-----END CERTIFICATE-----