Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS53356.roa
File:                     AS53356.roa (raw, json)
Hash identifier:          fMTKAyd22g7cLG7dBcNgm+FCh5N5GASyjVBWEZY2iFo=
Subject key identifier:   5F:A7:EC:14:49:03:DC:39:08:EC:8E:3A:BD:A7:DA:D6:AD:3F:4B:7F
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       1EF230CE5B43519DFCFAA0DA2B401ACF49453AB5
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS53356.roa
Signing time:             Fri 21 Jun 2024 09:56:20 +0000
ROA not before:           Fri 21 Jun 2024 09:51:20 +0000
ROA not after:            Fri 20 Jun 2025 09:56:20 +0000
asID:                     53356
IP address blocks:        181.214.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:f2:30:ce:5b:43:51:9d:fc:fa:a0:da:2b:40:1a:cf:49:45:3a:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jun 21 09:51:20 2024 GMT
            Not After : Jun 20 09:56:20 2025 GMT
        Subject: CN=5FA7EC144903DC3908EC8E3ABDA7DAD6AD3F4B7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:0e:7f:1c:cd:36:1c:14:38:d5:55:73:bc:3b:
                    e3:60:80:6f:10:4b:68:1a:1b:c8:95:83:fd:17:90:
                    13:70:99:c7:50:15:43:5e:1b:7e:5c:3b:13:81:99:
                    65:bf:ae:17:80:98:31:c1:b8:2c:2c:4f:73:26:a6:
                    23:50:9e:c1:5a:ae:7a:f5:dd:1e:a7:b2:4a:c1:c9:
                    ed:ea:19:c6:db:7a:f9:6c:a8:cc:65:cd:e2:49:c7:
                    20:94:be:ab:59:d8:8a:c7:bd:5d:1a:34:09:5d:84:
                    ea:3b:2f:22:1f:1e:ee:40:4d:dc:b7:f5:c6:f8:4b:
                    bf:7a:0f:f5:de:50:63:4f:6b:00:ff:da:dd:a2:1f:
                    5a:dc:cf:c4:9c:5e:2e:4f:34:73:46:08:2f:4c:1b:
                    c5:8f:a8:4d:5a:cb:5a:79:48:9e:fe:b5:21:4a:5b:
                    e7:a6:e7:76:a3:1f:b1:7f:d8:4b:0b:4e:b2:e9:1e:
                    99:c1:d5:5b:4b:67:e0:69:8d:ad:7c:8c:fa:f4:ad:
                    5a:2b:cd:5e:2c:2d:1b:10:1e:4c:ac:38:d5:bc:42:
                    5b:b2:28:fe:8f:95:d2:74:28:56:51:d1:79:96:36:
                    ea:eb:1b:6d:7b:fa:dc:75:c6:d3:35:f3:24:4f:67:
                    a7:0c:d6:7c:4b:aa:de:69:f3:87:29:93:71:11:dc:
                    fc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A7:EC:14:49:03:DC:39:08:EC:8E:3A:BD:A7:DA:D6:AD:3F:4B:7F
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS53356.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:99:fe:fb:87:49:05:3c:90:85:90:4f:70:76:76:f1:db:b0:
         33:a2:e9:4e:74:60:21:95:30:df:db:55:f4:99:f1:23:11:2a:
         4c:18:a9:0f:8c:41:c3:61:b9:3b:9c:b6:0b:73:90:e3:2f:7c:
         05:bd:73:0a:9c:b5:6f:bd:84:f4:86:7a:50:95:d3:2e:c7:f4:
         15:b7:f1:9a:bb:75:ff:dc:24:54:db:54:41:80:41:a7:26:7c:
         b0:00:a1:64:4f:97:ee:15:16:12:2b:bb:46:98:97:88:9e:c8:
         25:fa:70:e9:0a:ea:60:9f:ec:d3:c4:5c:b4:af:ca:a3:8b:22:
         99:d6:0c:89:39:29:ec:87:1f:96:19:bf:0b:a4:31:fc:8e:e9:
         91:ea:1b:f1:62:a2:e7:b3:91:ff:11:92:d0:65:f2:9e:cf:1f:
         d2:94:84:99:97:13:b9:89:11:b7:4b:d0:36:09:c9:f2:fe:7e:
         c5:66:4c:92:1e:4f:0d:41:93:6e:ed:99:46:79:4f:f6:82:ff:
         b0:da:ca:05:64:50:6b:41:41:fb:f9:8b:b1:92:34:02:47:e1:
         33:6a:6a:10:6a:a4:27:74:af:bd:6e:8f:c3:5f:77:f8:f0:0a:
         83:f1:ca:b8:3e:d6:bb:7f:6b:7e:9c:ef:5f:0b:53:26:d2:9e:
         24:02:79:df
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUHvIwzltDUZ38+qDaK0Aaz0lFOrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MjEwOTUxMjBaFw0yNTA2MjAwOTU2MjBaMDMxMTAvBgNV
BAMTKDVGQTdFQzE0NDkwM0RDMzkwOEVDOEUzQUJEQTdEQUQ2QUQzRjRCN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoDn8czTYcFDjVVXO8O+NggG8Q
S2gaG8iVg/0XkBNwmcdQFUNeG35cOxOBmWW/rheAmDHBuCwsT3MmpiNQnsFarnr1
3R6nskrBye3qGcbbevlsqMxlzeJJxyCUvqtZ2IrHvV0aNAldhOo7LyIfHu5ATdy3
9cb4S796D/XeUGNPawD/2t2iH1rcz8ScXi5PNHNGCC9MG8WPqE1ay1p5SJ7+tSFK
W+em53ajH7F/2EsLTrLpHpnB1VtLZ+Bpja18jPr0rVorzV4sLRsQHkysONW8Qluy
KP6PldJ0KFZR0XmWNurrG217+tx1xtM18yRPZ6cM1nxLqt5p84cpk3ER3PxlAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUX6fsFEkD3DkI7I46vafa1q0/S38wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNTMzNTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC11jYw
DQYJKoZIhvcNAQELBQADggEBAEOZ/vuHSQU8kIWQT3B2dvHbsDOi6U50YCGVMN/b
VfSZ8SMRKkwYqQ+MQcNhuTuctgtzkOMvfAW9cwqctW+9hPSGelCV0y7H9BW38Zq7
df/cJFTbVEGAQacmfLAAoWRPl+4VFhIru0aYl4ieyCX6cOkK6mCf7NPEXLSvyqOL
IpnWDIk5KeyHH5YZvwukMfyO6ZHqG/Fiouezkf8RktBl8p7PH9KUhJmXE7mJEbdL
0DYJyfL+fsVmTJIeTw1Bk27tmUZ5T/aC/7DaygVkUGtBQfv5i7GSNAJH4TNqahBq
pCd0r71uj8Nfd/jwCoPxyrg+1rt/a36c718LUybSniQCed8=
-----END CERTIFICATE-----