Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa
File:                     AS201780.roa (raw, json)
Hash identifier:          GR1JbRsa0LvWkSZjywtahQteJ/5jQTiszlqI+t6XG9M=
Subject key identifier:   02:4B:98:2E:AE:CC:F5:52:E3:A8:69:18:06:60:65:F3:4D:CC:F6:99
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       348B79A44B229E11717FE006068692348409C810
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa
Signing time:             Mon 11 Mar 2024 12:36:49 +0000
ROA not before:           Mon 11 Mar 2024 12:31:49 +0000
ROA not after:            Mon 10 Mar 2025 12:36:49 +0000
asID:                     201780
IP address blocks:        185.36.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 23 May 2024 14:15:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:8b:79:a4:4b:22:9e:11:71:7f:e0:06:06:86:92:34:84:09:c8:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Mar 11 12:31:49 2024 GMT
            Not After : Mar 10 12:36:49 2025 GMT
        Subject: CN=024B982EAECCF552E3A86918066065F34DCCF699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f9:a2:9a:64:39:ca:fb:5d:c5:2a:50:04:be:
                    69:46:ee:a8:b7:bc:6a:f2:c6:5d:f7:52:ec:d8:76:
                    52:c1:7d:8b:8e:c0:6a:dc:be:cc:92:eb:c0:5f:89:
                    b5:97:d6:7f:a5:da:f3:25:90:c6:23:e0:35:a9:da:
                    8e:51:59:92:92:2b:b3:14:66:37:23:7f:91:3a:3c:
                    9f:c0:61:64:33:57:f6:ef:fd:c3:7e:26:86:15:77:
                    17:00:82:42:a7:cc:24:76:ff:62:f5:7d:1b:85:a4:
                    a4:b6:20:67:f3:9e:9e:36:4e:bd:65:ae:e1:ad:f5:
                    a8:3d:3d:f5:27:67:2c:62:35:ee:fe:74:b9:0a:fe:
                    46:48:5c:16:93:07:39:57:a4:6c:45:b1:df:12:5c:
                    00:23:f4:64:18:52:35:50:14:c5:12:cb:d8:fe:15:
                    2c:b3:96:cf:07:27:2f:50:0a:67:c6:92:e4:1c:4c:
                    96:2a:bb:a2:17:e4:69:8a:29:68:7d:d5:a8:5d:4d:
                    2f:e0:6f:2d:17:44:10:2b:16:39:14:35:73:a1:72:
                    1d:8c:88:78:13:9b:16:39:69:a4:2f:1c:ea:24:20:
                    1a:ef:73:b6:05:4d:8a:58:ef:40:e1:1f:28:fe:82:
                    73:fd:3d:91:cd:c0:94:29:7f:3a:7b:7e:85:d7:72:
                    45:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:4B:98:2E:AE:CC:F5:52:E3:A8:69:18:06:60:65:F3:4D:CC:F6:99
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:95:fc:9c:fb:57:b5:3a:eb:7d:2d:df:57:e6:04:2a:12:30:
         4b:24:da:87:61:ef:e5:fa:d5:e7:0c:fc:d2:f6:05:db:8f:af:
         11:cc:b4:0f:74:8e:b0:2e:dc:62:e9:3e:54:fe:0d:a0:5b:01:
         c8:81:2e:a2:de:6d:0e:31:68:fc:3e:01:8e:9b:e4:70:21:33:
         41:21:bd:77:f9:e9:98:40:56:98:01:99:fd:a1:cb:7d:8d:48:
         37:0a:91:2e:01:3e:c6:ab:63:bb:1b:d6:11:62:95:97:d8:2e:
         dc:75:2f:25:bd:46:2e:ac:eb:57:be:d7:3c:75:2b:05:8b:32:
         eb:d3:c9:46:a2:16:45:cb:38:0a:2e:2d:cc:f9:47:0b:c9:8e:
         0d:38:48:74:0b:74:d7:34:e7:a0:04:9d:c3:b3:11:85:45:b8:
         07:f4:11:e5:01:35:55:96:e0:aa:bc:ad:08:e3:3b:18:39:9c:
         02:3a:d6:33:0a:b4:2f:8e:c7:d7:81:89:59:a2:6b:a1:90:33:
         9e:d3:0d:1d:40:06:f5:fe:f3:8d:2a:3c:c7:fa:62:b0:ae:4c:
         91:58:d3:e5:30:58:80:0c:50:2a:c0:10:a5:01:7e:31:3c:37:
         ed:bc:61:69:bd:9f:61:65:64:7b:83:4f:bf:c4:25:de:8f:3f:
         29:17:37:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNIt5pEsinhFxf+AGBoaSNIQJyBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAzMTExMjMxNDlaFw0yNTAzMTAxMjM2NDlaMDMxMTAvBgNV
BAMTKDAyNEI5ODJFQUVDQ0Y1NTJFM0E4NjkxODA2NjA2NUYzNERDQ0Y2OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI+aKaZDnK+13FKlAEvmlG7qi3
vGryxl33UuzYdlLBfYuOwGrcvsyS68BfibWX1n+l2vMlkMYj4DWp2o5RWZKSK7MU
Zjcjf5E6PJ/AYWQzV/bv/cN+JoYVdxcAgkKnzCR2/2L1fRuFpKS2IGfznp42Tr1l
ruGt9ag9PfUnZyxiNe7+dLkK/kZIXBaTBzlXpGxFsd8SXAAj9GQYUjVQFMUSy9j+
FSyzls8HJy9QCmfGkuQcTJYqu6IX5GmKKWh91ahdTS/gby0XRBArFjkUNXOhch2M
iHgTmxY5aaQvHOokIBrvc7YFTYpY70DhHyj+gnP9PZHNwJQpfzp7foXXckUNAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUAkuYLq7M9VLjqGkYBmBl803M9pkwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjAxNzgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSQ7
MA0GCSqGSIb3DQEBCwUAA4IBAQA1lfyc+1e1Out9Ld9X5gQqEjBLJNqHYe/l+tXn
DPzS9gXbj68RzLQPdI6wLtxi6T5U/g2gWwHIgS6i3m0OMWj8PgGOm+RwITNBIb13
+emYQFaYAZn9oct9jUg3CpEuAT7Gq2O7G9YRYpWX2C7cdS8lvUYurOtXvtc8dSsF
izLr08lGohZFyzgKLi3M+UcLyY4NOEh0C3TXNOegBJ3DsxGFRbgH9BHlATVVluCq
vK0I4zsYOZwCOtYzCrQvjsfXgYlZomuhkDOe0w0dQAb1/vONKjzH+mKwrkyRWNPl
MFiADFAqwBClAX4xPDftvGFpvZ9hZWR7g0+/xCXejz8pFzdz
-----END CERTIFICATE-----