Route Origin Authorization

$ rpki-client -vvf rpki.owl.net/rrdp/owl/1/3139342e3132372e3136342e302f32342d3234203d3e2033323134.roa
File:                     3139342e3132372e3136342e302f32342d3234203d3e2033323134.roa (raw, json)
Hash identifier:          Fh38d3CklScDz1It0t4kKvfLwxwbMmBkX3lMWl14ZkI=
Subject key identifier:   E5:3C:18:A9:4E:DE:09:E2:3A:07:BB:88:18:B1:18:E5:0F:C2:A1:B9
Certificate issuer:       /CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
Certificate serial:       735C84A36174493F8941F3FC7E159E024B8454A2
Authority key identifier: B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
Subject info access:      rsync://rpki.owl.net/rrdp/owl/1/3139342e3132372e3136342e302f32342d3234203d3e2033323134.roa
Signing time:             Thu 14 Aug 2025 17:43:56 +0000
ROA not before:           Thu 14 Aug 2025 17:38:56 +0000
ROA not after:            Thu 13 Aug 2026 17:43:56 +0000
asID:                     3214
IP address blocks:        194.127.164.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl
                          rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:5c:84:a3:61:74:49:3f:89:41:f3:fc:7e:15:9e:02:4b:84:54:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b55e2e72d7ffde6bceb73ce26f185c678a23892d
        Validity
            Not Before: Aug 14 17:38:56 2025 GMT
            Not After : Aug 13 17:43:56 2026 GMT
        Subject: CN=E53C18A94EDE09E23A07BB8818B118E50FC2A1B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5c:d4:58:46:ed:dc:21:c1:ae:c2:d8:d2:ff:
                    4d:3a:47:46:cd:b9:f0:c9:d8:57:2d:d5:80:c9:58:
                    c6:5b:c1:ea:72:71:86:9e:84:f5:be:47:92:57:26:
                    d9:26:7f:73:9d:f3:1a:46:1b:0a:75:2e:64:db:f6:
                    9b:f0:d8:60:3e:fb:0a:8e:dd:58:d5:a4:27:d0:4e:
                    a8:39:03:1e:21:77:4d:5a:77:97:01:a6:3c:5b:ef:
                    75:71:c1:d9:93:61:f3:e7:b0:aa:ee:19:57:3d:a3:
                    fa:cf:d9:93:ea:bd:07:14:45:23:22:13:19:38:2c:
                    8f:c4:00:7f:30:1b:08:e8:8a:d4:f6:87:ae:2e:7b:
                    3c:85:43:ef:0b:b5:f1:be:e1:ee:cd:0a:53:01:dc:
                    36:be:bf:62:3c:54:47:69:c6:96:0a:48:3f:bc:d0:
                    31:0b:1e:d5:39:37:02:1a:b0:d1:a2:02:ca:01:bf:
                    77:91:9b:fa:f7:b0:00:64:fd:9d:52:8e:2a:4c:60:
                    05:0b:eb:a3:17:1c:35:31:b2:ca:78:9b:ef:ac:5b:
                    09:d8:87:47:b0:88:22:89:75:16:f1:c9:c8:a8:0b:
                    c5:a0:57:50:52:7f:66:82:c5:10:81:9b:26:df:1f:
                    d8:5a:a5:4e:6f:de:20:a4:f3:1a:33:b3:d3:a5:4c:
                    ae:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:3C:18:A9:4E:DE:09:E2:3A:07:BB:88:18:B1:18:E5:0F:C2:A1:B9
            X509v3 Authority Key Identifier:
                keyid:B5:5E:2E:72:D7:FF:DE:6B:CE:B7:3C:E2:6F:18:5C:67:8A:23:89:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.owl.net/rrdp/owl/1/B55E2E72D7FFDE6BCEB73CE26F185C678A23892D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV4uctf_3mvOtzzibxhcZ4ojiS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.owl.net/rrdp/owl/1/3139342e3132372e3136342e302f32342d3234203d3e2033323134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:af:3a:3b:f5:63:75:9c:a1:1b:79:a6:94:77:9a:d7:82:32:
         9c:58:6d:3c:0e:2f:16:91:5f:fa:02:4b:d7:57:0f:1e:0c:a0:
         0e:e1:34:3c:f5:94:ef:58:ab:7b:75:5b:05:29:df:94:4b:70:
         c3:72:37:2e:7f:a2:3a:cc:31:0c:98:79:99:15:1c:59:39:75:
         a7:02:05:fd:cb:5a:a7:06:90:43:15:9e:c5:9d:3d:54:98:83:
         26:b6:74:bb:9b:4b:d7:cb:1d:6a:2c:58:a8:37:1c:f7:07:c8:
         db:1e:60:25:51:5f:87:95:fa:b1:09:0b:48:cf:f3:6a:64:50:
         e4:a6:54:f5:8a:92:5a:57:c2:b9:83:56:f7:26:50:73:d0:e1:
         3b:85:fb:61:31:38:de:d9:80:a6:95:62:27:9f:6d:5e:36:2c:
         ba:a6:81:e4:80:58:99:21:80:d3:34:87:c8:2c:bb:27:86:d2:
         84:e5:77:aa:75:24:11:e3:08:28:8d:91:72:7c:9c:d7:fb:62:
         a9:c3:22:b5:d4:1d:1e:80:a5:37:87:06:55:af:21:8e:69:47:
         2a:71:27:0a:b8:33:f2:78:7c:bc:67:36:77:da:f9:d0:b8:dc:
         09:81:a0:f0:61:d3:9e:1c:e5:70:54:67:f1:73:fb:0e:b5:d2:
         b5:e9:fb:f4
-----BEGIN CERTIFICATE-----
MIIEwjCCA6qgAwIBAgIUc1yEo2F0ST+JQfP8fhWeAkuEVKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjU1ZTJlNzJkN2ZmZGU2YmNlYjczY2UyNmYxODVjNjc4
YTIzODkyZDAeFw0yNTA4MTQxNzM4NTZaFw0yNjA4MTMxNzQzNTZaMDMxMTAvBgNV
BAMTKEU1M0MxOEE5NEVERTA5RTIzQTA3QkI4ODE4QjExOEU1MEZDMkExQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUXNRYRu3cIcGuwtjS/006R0bN
ufDJ2Fct1YDJWMZbwepycYaehPW+R5JXJtkmf3Od8xpGGwp1LmTb9pvw2GA++wqO
3VjVpCfQTqg5Ax4hd01ad5cBpjxb73VxwdmTYfPnsKruGVc9o/rP2ZPqvQcURSMi
Exk4LI/EAH8wGwjoitT2h64uezyFQ+8LtfG+4e7NClMB3Da+v2I8VEdpxpYKSD+8
0DELHtU5NwIasNGiAsoBv3eRm/r3sABk/Z1SjipMYAUL66MXHDUxssp4m++sWwnY
h0ewiCKJdRbxycioC8WgV1BSf2aCxRCBmybfH9hapU5v3iCk8xozs9OlTK5JAgMB
AAGjggHMMIIByDAdBgNVHQ4EFgQU5TwYqU7eCeI6B7uIGLEY5Q/CobkwHwYDVR0j
BBgwFoAUtV4uctf/3mvOtzzibxhcZ4ojiS0wDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5vd2wubmV0L3JyZHAvb3dsLzEvQjU1
RTJFNzJEN0ZGREU2QkNFQjczQ0UyNkYxODVDNjc4QTIzODkyRC5jcmwwZAYIKwYB
BQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVw
b3NpdG9yeS9ERUZBVUxUL3RWNHVjdGZfM212T3R6emlieGhjWjRvamlTMC5jZXIw
dgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kub3dsLm5l
dC9ycmRwL293bC8xLzMxMzkzNDJlMzEzMjM3MmUzMTM2MzQyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMzMyMzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJ/pDANBgkqhkiG9w0BAQsF
AAOCAQEAg686O/VjdZyhG3mmlHea14IynFhtPA4vFpFf+gJL11cPHgygDuE0PPWU
71ire3VbBSnflEtww3I3Ln+iOswxDJh5mRUcWTl1pwIF/ctapwaQQxWexZ09VJiD
JrZ0u5tL18sdaixYqDcc9wfI2x5gJVFfh5X6sQkLSM/zamRQ5KZU9YqSWlfCuYNW
9yZQc9DhO4X7YTE43tmAppViJ59tXjYsuqaB5IBYmSGA0zSHyCy7J4bShOV3qnUk
EeMIKI2Rcnyc1/tiqcMitdQdHoClN4cGVa8hjmlHKnEnCrgz8nh8vGc2d9r50Ljc
CYGg8GHTnhzlcFRn8XP7DrXSten79A==
-----END CERTIFICATE-----