Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2036323333.roa
File:                     3139322e3130392e3232382e302f32332d3234203d3e2036323333.roa (raw, json)
Hash identifier:          bXk/hZDattrJXB5Q1dSvZLlQ0QInwFHd1S7OHpVKuTY=
Subject key identifier:   A9:09:20:58:C1:9B:FA:7B:5A:90:55:64:6A:F5:8D:5F:17:A4:20:C2
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       5C99A5BC35018D48E4C8458848F0BEAB67F76EA3
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2036323333.roa
Signing time:             Thu 14 Aug 2025 13:52:41 +0000
ROA not before:           Thu 14 Aug 2025 13:47:41 +0000
ROA not after:            Thu 13 Aug 2026 13:52:41 +0000
asID:                     6233
IP address blocks:        192.109.228.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:56:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:99:a5:bc:35:01:8d:48:e4:c8:45:88:48:f0:be:ab:67:f7:6e:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Aug 14 13:47:41 2025 GMT
            Not After : Aug 13 13:52:41 2026 GMT
        Subject: CN=A9092058C19BFA7B5A9055646AF58D5F17A420C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:64:8e:0a:a7:1f:7d:66:a2:de:79:4e:bb:41:
                    f0:82:9f:0d:39:e1:34:c6:6e:bf:d7:9d:c2:a9:d6:
                    95:c9:38:d0:77:5b:8f:37:17:29:c0:4b:e7:a1:81:
                    c5:a2:27:c1:62:3c:c8:32:46:c1:96:e9:c3:55:cd:
                    05:89:25:5d:1a:be:eb:3d:18:6c:5b:89:f1:37:2a:
                    6f:84:e9:ee:b9:6b:e8:c2:da:ca:4f:43:27:e4:87:
                    80:57:76:aa:eb:80:d5:36:83:4e:5c:08:89:c5:c6:
                    38:6c:0f:f8:9f:f5:56:14:02:8a:b6:83:3d:e6:b4:
                    4b:6b:de:63:b5:0c:19:56:c4:46:5d:53:b3:62:8c:
                    1a:6b:d6:2e:76:7e:92:b2:77:70:29:1d:c3:50:7a:
                    0c:68:e7:bd:3a:e1:c9:e3:6a:ba:d8:6e:33:1e:94:
                    80:1d:c7:39:ce:e1:23:35:19:11:a1:b1:d1:0d:40:
                    53:04:af:96:20:51:d0:e1:c4:26:c0:b9:d6:01:03:
                    03:5e:e6:af:3b:45:e3:8d:38:e4:6d:da:61:53:1b:
                    58:45:70:8a:77:e2:12:b9:eb:26:6c:5b:66:ff:38:
                    bb:9c:5c:77:92:16:4e:0c:0e:aa:30:a9:18:c4:c5:
                    38:b6:6f:05:a6:f8:da:ac:db:f9:e8:a4:b0:b8:a9:
                    9f:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:09:20:58:C1:9B:FA:7B:5A:90:55:64:6A:F5:8D:5F:17:A4:20:C2
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3232382e302f32332d3234203d3e2036323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:b3:7a:9e:13:42:8e:71:ac:9d:74:7d:3a:a6:dc:a1:3f:a2:
         3b:71:57:a9:ef:87:83:9d:7d:bf:09:82:ed:ef:64:bf:7e:b6:
         a0:a6:5b:74:40:2e:d9:60:02:e3:ab:d2:e0:6d:e8:3f:c5:42:
         20:e3:20:39:12:05:2d:c8:9a:eb:b7:08:cc:24:76:72:9c:93:
         c0:1c:3f:e6:ed:89:cb:15:4f:49:63:e1:ec:16:65:26:59:c1:
         77:1d:bf:f0:b0:e9:a1:5f:ff:a9:12:b1:ff:b8:3b:30:8d:0a:
         f0:29:8a:a4:d6:dd:c9:34:6d:14:49:1d:d3:d0:3c:6d:9a:71:
         bc:21:62:9d:19:37:66:32:46:75:53:95:16:f6:0d:1a:d3:56:
         0a:a2:19:8a:a8:83:13:ac:77:0f:71:7e:4a:85:0a:fe:6c:5a:
         60:7f:5e:25:a3:df:69:ff:d9:56:a8:67:7a:62:c1:6f:20:29:
         3d:02:64:96:98:b3:39:86:17:34:a5:86:74:3e:b6:b3:a5:61:
         d2:47:57:73:40:b0:e3:c3:06:e6:28:95:52:13:93:2b:22:64:
         66:45:dc:29:02:78:eb:fa:cc:11:2c:36:55:50:94:f0:b9:c1:
         59:0c:f5:93:0d:9c:0b:cd:37:14:0a:c4:ef:ef:d1:f3:57:03:
         14:a6:44:40
-----BEGIN CERTIFICATE-----
MIIEsjCCA5qgAwIBAgIUXJmlvDUBjUjkyEWISPC+q2f3bqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yNTA4MTQxMzQ3NDFaFw0yNjA4MTMxMzUyNDFaMDMxMTAvBgNV
BAMTKEE5MDkyMDU4QzE5QkZBN0I1QTkwNTU2NDZBRjU4RDVGMTdBNDIwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ZI4Kpx99ZqLeeU67QfCCnw05
4TTGbr/XncKp1pXJONB3W483FynAS+ehgcWiJ8FiPMgyRsGW6cNVzQWJJV0avus9
GGxbifE3Km+E6e65a+jC2spPQyfkh4BXdqrrgNU2g05cCInFxjhsD/if9VYUAoq2
gz3mtEtr3mO1DBlWxEZdU7NijBpr1i52fpKyd3ApHcNQegxo57064cnjarrYbjMe
lIAdxznO4SM1GRGhsdENQFMEr5YgUdDhxCbAudYBAwNe5q87ReONOORt2mFTG1hF
cIp34hK56yZsW2b/OLucXHeSFk4MDqowqRjExTi2bwWm+Nqs2/nopLC4qZ85AgMB
AAGjggG8MIIBuDAdBgNVHQ4EFgQUqQkgWMGb+ntakFVkavWNXxekIMIwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMG4GCCsGAQUF
BwELBGIwYDBeBggrBgEFBQcwC4ZScnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzIz
MzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBwG3kMA0GCSqGSIb3DQEBCwUAA4IBAQAss3qeE0KOcayd
dH06ptyhP6I7cVep74eDnX2/CYLt72S/fragplt0QC7ZYALjq9Lgbeg/xUIg4yA5
EgUtyJrrtwjMJHZynJPAHD/m7YnLFU9JY+HsFmUmWcF3Hb/wsOmhX/+pErH/uDsw
jQrwKYqk1t3JNG0USR3T0DxtmnG8IWKdGTdmMkZ1U5UW9g0a01YKohmKqIMTrHcP
cX5KhQr+bFpgf14lo99p/9lWqGd6YsFvICk9AmSWmLM5hhc0pYZ0PrazpWHSR1dz
QLDjwwbmKJVSE5MrImRmRdwpAnjr+swRLDZVUJTwucFZDPWTDZwLzTcUCsTv79Hz
VwMUpkRA
-----END CERTIFICATE-----