Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/1-0URATiYn4nWMHZbWNa1y4LiAcE.roa
File:                     1-0URATiYn4nWMHZbWNa1y4LiAcE.roa (raw, json)
Hash identifier:          qnoIsvmT1NGoh4R21XKrhNbrolncENGMdF/rtoG9oNM=
Subject key identifier:   FB:45:11:01:38:98:9F:89:D6:30:76:5B:58:D6:B5:CB:82:E2:01:C1
Certificate issuer:       /CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
Certificate serial:       0196A50A27E55C09134B024E017EAF755CA4
Authority key identifier: E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/1-0URATiYn4nWMHZbWNa1y4LiAcE.roa
Signing time:             Tue 06 May 2025 10:00:28 +0000
ROA not before:           Tue 06 May 2025 10:00:28 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     137235
IP address blocks:        62.164.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a5:0a:27:e5:5c:09:13:4b:02:4e:01:7e:af:75:5c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1ef9694aa48d81279e8ede430795f2768d2dd52
        Validity
            Not Before: May  6 10:00:28 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fb45110138989f89d630765b58d6b5cb82e201c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:88:67:27:14:54:59:da:88:71:fb:f4:56:dd:
                    bf:90:26:f4:b1:66:c7:95:6a:ca:a3:cd:87:66:ca:
                    f2:6f:88:fa:b1:ba:27:71:19:94:35:ff:b8:ab:ce:
                    41:b0:4f:70:a6:a4:34:d2:16:44:40:dd:be:18:b3:
                    f0:8b:36:76:d7:b5:04:93:d6:6c:90:0d:67:17:10:
                    4d:8d:b8:88:49:75:a8:d1:9f:b1:cc:45:ff:4a:d9:
                    0c:f9:65:e4:5f:8f:5e:91:28:69:6a:6b:6d:9b:61:
                    81:87:52:dd:4d:73:86:5c:b7:e5:2f:95:3a:2f:bf:
                    72:38:2a:99:17:6c:f6:90:64:37:a6:36:f9:45:99:
                    61:77:3e:7f:8c:23:e1:d6:4b:ad:db:b4:00:e9:5a:
                    d7:86:89:9d:67:3f:30:0a:6c:01:99:91:c9:1b:cb:
                    d9:60:1f:4b:b3:02:f8:87:ab:aa:ce:7b:b1:b1:3f:
                    72:88:c4:a4:18:26:b5:ca:a5:48:e6:d6:f9:45:9d:
                    a5:c3:79:3e:4e:b7:63:fb:f1:b2:41:1d:4f:eb:47:
                    df:07:1d:2f:6b:ea:6b:a5:bb:9e:ab:f2:eb:76:b8:
                    ab:a4:a2:43:1c:69:42:6a:b7:ef:0a:35:3b:32:ef:
                    4d:1d:f7:98:fa:75:28:6f:c0:6b:59:2f:b6:8a:1f:
                    9a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:45:11:01:38:98:9F:89:D6:30:76:5B:58:D6:B5:CB:82:E2:01:C1
            X509v3 Authority Key Identifier:
                keyid:E1:EF:96:94:AA:48:D8:12:79:E8:ED:E4:30:79:5F:27:68:D2:DD:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/1-0URATiYn4nWMHZbWNa1y4LiAcE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b05667-e850-4c45-aee3-aded1c469eaf/1/4e-WlKpI2BJ56O3kMHlfJ2jS3VI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.164.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:d8:f9:63:bc:16:c0:dc:f5:d0:ff:d9:b5:9b:5c:ec:c2:42:
         d7:04:07:89:b4:30:c4:53:a1:20:93:a1:c1:22:fd:b7:5b:5b:
         bd:a2:8f:2d:71:f3:2a:e0:6d:fe:96:8f:a5:68:ed:26:4c:92:
         39:c7:17:14:8d:47:c4:6e:69:e5:cf:a1:88:d5:fb:43:8d:a0:
         11:ec:8a:50:3c:bf:13:b4:bc:20:5a:05:5f:f9:1c:c7:1c:bd:
         05:ee:af:10:8d:ab:ab:b0:27:2c:d6:b5:0b:cd:87:c4:87:fc:
         c9:f1:0b:f7:04:b1:4f:78:ad:ba:4a:00:bf:51:95:9f:0a:87:
         ef:29:3a:04:6e:b6:9e:c0:3c:69:b5:e3:9e:1d:03:cb:16:d0:
         ec:a9:af:f3:22:cc:2f:3f:d7:87:d8:d0:a2:c6:36:2f:ad:7d:
         97:f5:42:2e:ac:f8:1e:24:d2:01:3e:e8:91:96:ab:a4:da:18:
         f4:93:30:eb:0c:7a:0e:80:a0:f5:87:e3:90:ca:d2:fe:b1:44:
         a2:84:bc:2f:e8:97:06:77:09:87:3e:17:5d:bc:d1:7a:b6:42:
         56:a4:d5:2c:81:e1:ab:c6:0b:75:66:bb:57:cf:7c:b9:07:db:
         40:3b:ae:c9:ae:f6:d3:3c:c1:8b:ce:a2:b8:09:21:0d:61:f5:
         08:6f:00:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZalCiflXAkTSwJOAX6vdVykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZWY5Njk0YWE0OGQ4MTI3OWU4ZWRlNDMwNzk1ZjI3Njhk
MmRkNTIwHhcNMjUwNTA2MTAwMDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjQ1MTEwMTM4OTg5Zjg5ZDYzMDc2NWI1OGQ2YjVjYjgyZTIwMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4hnJxRUWdqIcfv0Vt2/kCb0sWbH
lWrKo82HZsryb4j6sboncRmUNf+4q85BsE9wpqQ00hZEQN2+GLPwizZ217UEk9Zs
kA1nFxBNjbiISXWo0Z+xzEX/StkM+WXkX49ekShpamttm2GBh1LdTXOGXLflL5U6
L79yOCqZF2z2kGQ3pjb5RZlhdz5/jCPh1kut27QA6VrXhomdZz8wCmwBmZHJG8vZ
YB9LswL4h6uqznuxsT9yiMSkGCa1yqVI5tb5RZ2lw3k+Trdj+/GyQR1P60ffBx0v
a+prpbueq/LrdrirpKJDHGlCarfvCjU7Mu9NHfeY+nUob8BrWS+2ih+ahQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtFEQE4mJ+J1jB2W1jWtcuC4gHBMB8GA1UdIwQY
MBaAFOHvlpSqSNgSeejt5DB5Xydo0t1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGUtV2xLcEkyQko1Nk8za01IbGZKMmpTM1ZJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iMDU2NjctZTg1MC00YzQ1LWFlZTMt
YWRlZDFjNDY5ZWFmLzEvMS0wVVJBVGlZbjRuV01IWmJXTmExeTRMaUFjRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvYjA1NjY3LWU4NTAtNGM0NS1hZWUzLWFkZWQxYzQ2OWVh
Zi8xLzRlLVdsS3BJMkJKNTZPM2tNSGxmSjJqUzNWSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD6kwTAN
BgkqhkiG9w0BAQsFAAOCAQEAPtj5Y7wWwNz10P/ZtZtc7MJC1wQHibQwxFOhIJOh
wSL9t1tbvaKPLXHzKuBt/paPpWjtJkySOccXFI1HxG5p5c+hiNX7Q42gEeyKUDy/
E7S8IFoFX/kcxxy9Be6vEI2rq7AnLNa1C82HxIf8yfEL9wSxT3itukoAv1GVnwqH
7yk6BG62nsA8abXjnh0DyxbQ7Kmv8yLMLz/Xh9jQosY2L619l/VCLqz4HiTSAT7o
kZarpNoY9JMw6wx6DoCg9YfjkMrS/rFEooS8L+iXBncJhz4XXbzRerZCVqTVLIHh
q8YLdWa7V898uQfbQDuuya720zzBi86iuAkhDWH1CG8Acw==
-----END CERTIFICATE-----