Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS51791.roa
File:                     AS51791.roa (raw, json)
Hash identifier:          vXuw/cDdA5RDd8tJbpB4gPrQg+IdcUhgrF7OhG9uW34=
Subject key identifier:   68:07:B8:C0:9E:3E:9F:FB:46:FA:84:DA:76:9E:87:5E:92:86:CB:0A
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       41EE9486BFD7E9A8781228B94A682633FAC86C57
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS51791.roa
Signing time:             Tue 24 Oct 2023 22:00:00 +0000
ROA not before:           Tue 24 Oct 2023 21:55:00 +0000
ROA not after:            Tue 22 Oct 2024 22:00:00 +0000
asID:                     51791
IP address blocks:        181.215.193.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:ee:94:86:bf:d7:e9:a8:78:12:28:b9:4a:68:26:33:fa:c8:6c:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Oct 24 21:55:00 2023 GMT
            Not After : Oct 22 22:00:00 2024 GMT
        Subject: CN=6807B8C09E3E9FFB46FA84DA769E875E9286CB0A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d3:a8:49:73:e9:29:78:ef:2b:b4:35:59:39:
                    3c:8f:ad:29:8a:e8:0b:76:fc:ac:b6:36:64:78:38:
                    8c:c7:11:a8:05:de:aa:43:f6:2c:27:ae:54:f9:27:
                    11:af:90:02:b6:a8:de:b2:57:1e:a0:dd:c1:7d:61:
                    f8:27:06:42:30:d6:a1:79:2c:6c:e5:63:c8:e9:5d:
                    40:43:57:f0:66:30:00:c6:ed:d5:17:09:3a:f4:be:
                    04:e2:69:df:82:33:38:90:a2:57:a8:2c:e7:6e:fb:
                    0f:38:00:54:cb:7f:85:98:8b:5e:93:ac:c8:f3:59:
                    db:bc:5c:d7:d6:3e:ca:6e:f9:68:ed:dc:58:ab:94:
                    48:e4:d3:2e:02:a3:c4:36:4b:e0:e4:68:a6:df:83:
                    c5:5d:9a:1c:d5:13:82:52:02:7b:e5:7d:74:76:7a:
                    63:6e:34:e9:c2:cb:84:aa:b7:34:f3:cd:0a:3a:a8:
                    93:ca:72:74:ef:0c:17:f2:be:16:53:89:6f:67:81:
                    d7:32:70:93:ca:90:85:e5:bf:72:b8:f8:39:ae:1f:
                    7c:56:66:a7:c8:b4:84:cb:e0:9c:e8:c3:e0:64:96:
                    3b:7a:23:44:78:dd:df:ba:bd:c1:1c:49:e6:6b:80:
                    d6:51:5e:19:4a:77:eb:81:6d:b4:e5:f4:91:99:98:
                    4c:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:07:B8:C0:9E:3E:9F:FB:46:FA:84:DA:76:9E:87:5E:92:86:CB:0A
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS51791.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.215.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:4e:f3:77:86:1c:b6:79:15:df:ec:33:da:5f:17:fc:fe:46:
         6d:8f:cb:6c:e4:00:f8:b4:1c:be:8c:a1:90:de:f3:d6:a7:67:
         08:eb:26:ee:d2:ae:59:59:15:3c:47:64:8a:b8:87:f2:c5:00:
         35:06:7e:38:cb:cf:f5:55:35:06:6c:05:2e:78:c8:3c:da:10:
         d6:a3:6f:ab:ca:c6:a6:4a:68:d0:0d:2b:6c:e2:12:17:6a:bb:
         45:9e:90:e9:81:59:a3:c5:53:18:82:7f:49:92:fc:ee:9f:c9:
         fd:29:8f:0f:71:73:99:98:ed:79:1e:3f:d6:3a:8c:25:fb:77:
         d1:af:d3:63:1c:31:59:2e:5f:48:f2:83:e6:27:70:1d:2c:f2:
         ba:93:e8:f5:00:c1:43:97:dc:d0:e7:d6:ab:b7:8c:f6:38:13:
         de:75:70:27:71:a2:8b:85:8d:63:66:22:e5:b0:9f:72:5e:72:
         e4:73:f3:3a:55:9f:ee:ac:27:06:c0:67:72:fd:3f:2b:00:8c:
         89:75:9c:8b:e5:83:0c:8a:e5:c8:81:80:01:81:cd:7e:31:2e:
         a6:04:be:70:78:72:c7:e9:50:b6:8d:27:f2:24:1b:e0:4d:17:
         a2:8b:c2:31:20:09:57:7c:52:b1:9b:76:e2:6e:b9:48:b7:ea:
         99:5a:66:78
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUQe6Uhr/X6ah4Eii5SmgmM/rIbFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMjQyMTU1MDBaFw0yNDEwMjIyMjAwMDBaMDMxMTAvBgNV
BAMTKDY4MDdCOEMwOUUzRTlGRkI0NkZBODREQTc2OUU4NzVFOTI4NkNCMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC806hJc+kpeO8rtDVZOTyPrSmK
6At2/Ky2NmR4OIzHEagF3qpD9iwnrlT5JxGvkAK2qN6yVx6g3cF9YfgnBkIw1qF5
LGzlY8jpXUBDV/BmMADG7dUXCTr0vgTiad+CMziQoleoLOdu+w84AFTLf4WYi16T
rMjzWdu8XNfWPspu+Wjt3FirlEjk0y4Co8Q2S+DkaKbfg8VdmhzVE4JSAnvlfXR2
emNuNOnCy4SqtzTzzQo6qJPKcnTvDBfyvhZTiW9ngdcycJPKkIXlv3K4+DmuH3xW
ZqfItITL4Jzow+Bkljt6I0R43d+6vcEcSeZrgNZRXhlKd+uBbbTl9JGZmEwrAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUaAe4wJ4+n/tG+oTadp6HXpKGywowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTE3OTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC118Ew
DQYJKoZIhvcNAQELBQADggEBAKhO83eGHLZ5Fd/sM9pfF/z+Rm2Py2zkAPi0HL6M
oZDe89anZwjrJu7SrllZFTxHZIq4h/LFADUGfjjLz/VVNQZsBS54yDzaENajb6vK
xqZKaNANK2ziEhdqu0WekOmBWaPFUxiCf0mS/O6fyf0pjw9xc5mY7XkeP9Y6jCX7
d9Gv02McMVkuX0jyg+YncB0s8rqT6PUAwUOX3NDn1qu3jPY4E951cCdxoouFjWNm
IuWwn3JecuRz8zpVn+6sJwbAZ3L9PysAjIl1nIvlgwyK5ciBgAGBzX4xLqYEvnB4
csfpULaNJ/IkG+BNF6KLwjEgCVd8UrGbduJuuUi36plaZng=
-----END CERTIFICATE-----