Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e20323130383037.roa
File:                     323430373a396534303a3a2f33322d3438203d3e20323130383037.roa (raw, json)
Hash identifier:          SYNWKKo+QcLVLe1F6MSlYVODVUO2cFRk1RhSG/qqXuk=
Subject key identifier:   C3:0E:31:5E:0E:7D:4B:AA:EE:16:A1:72:E6:82:95:0B:7D:AE:B9:16
Certificate issuer:       /CN=A91C44A00000/serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
Certificate serial:       27E62196BDB4728A76FB68EFDE2F82D02837520D
Authority key identifier: E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
Subject info access:      rsync://0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e20323130383037.roa
Signing time:             Fri 25 Jul 2025 10:52:39 +0000
ROA not before:           Fri 25 Jul 2025 10:47:39 +0000
ROA not after:            Fri 24 Jul 2026 10:52:39 +0000
asID:                     210807
IP address blocks:        2407:9e40::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl
                          rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 06 Aug 2025 12:55:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:e6:21:96:bd:b4:72:8a:76:fb:68:ef:de:2f:82:d0:28:37:52:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C44A00000, serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
        Validity
            Not Before: Jul 25 10:47:39 2025 GMT
            Not After : Jul 24 10:52:39 2026 GMT
        Subject: CN=C30E315E0E7D4BAAEE16A172E682950B7DAEB916
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6d:f7:fb:1c:bc:35:e5:89:42:2a:72:08:bc:
                    77:94:2f:c0:02:c6:2f:33:b2:f2:4c:ca:8f:25:39:
                    51:ee:99:40:0b:84:64:96:57:42:53:5a:67:1e:e4:
                    fe:41:e0:54:dc:e2:95:a7:af:a8:8b:12:1c:3a:d3:
                    51:d4:fc:a2:53:9c:0e:52:0f:36:07:e6:65:52:08:
                    c2:4b:2a:9e:13:e1:06:cc:08:90:5b:2c:eb:9f:42:
                    2a:22:4d:70:a0:27:52:e7:d0:5b:82:28:83:2c:98:
                    2c:65:7a:ca:47:56:fd:fd:ea:42:13:19:09:c6:57:
                    39:59:5a:46:9d:bf:8e:7c:14:ed:91:30:73:66:c9:
                    1c:9f:d1:75:56:41:d3:2f:68:ce:d1:0d:fc:3f:bd:
                    a3:b7:a4:04:84:3e:6a:8e:5c:17:fb:b0:35:1b:24:
                    f8:9d:ab:0b:4a:4b:bf:03:f2:e8:53:a7:4a:51:8e:
                    b3:35:07:c9:e4:f9:1a:93:b5:a5:99:73:d6:b0:5a:
                    af:f0:b6:b0:8d:a2:87:19:f1:7e:a9:62:ee:85:61:
                    2c:e4:b3:03:fd:c7:c6:35:e5:b3:3b:0c:07:a5:92:
                    1e:51:4e:d1:4d:74:45:23:fd:67:b2:ef:7c:38:ca:
                    71:be:b1:27:82:e2:ce:08:7b:21:1a:0e:16:c7:84:
                    9a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:0E:31:5E:0E:7D:4B:AA:EE:16:A1:72:E6:82:95:0B:7D:AE:B9:16
            X509v3 Authority Key Identifier:
                keyid:E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/20/323430373a396534303a3a2f33322d3438203d3e20323130383037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:9e40::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:86:49:49:00:28:4e:36:57:09:e1:b1:df:6a:d6:e7:3d:37:
         c8:f1:0e:28:d5:db:44:90:6d:f7:61:e8:6e:e3:0a:60:4c:18:
         68:b8:72:ca:1d:b2:46:ac:e4:11:42:c4:0e:6c:fa:25:c6:83:
         cb:e3:57:6f:87:69:f5:dd:64:89:1e:05:8f:21:e2:ce:1e:4f:
         4f:0b:8a:4c:73:f1:e8:0e:4d:a8:47:8e:ef:bc:95:2e:89:5b:
         33:78:ad:bf:6b:4b:82:bb:7a:22:3e:b7:80:8a:b8:06:94:29:
         9b:bc:34:21:a5:a0:ad:b3:37:89:82:8d:53:26:ff:27:18:f4:
         0c:3b:3f:09:0d:a7:11:a2:29:ff:99:7e:94:17:f2:d7:2a:e4:
         cf:11:e2:14:aa:03:2a:b7:80:d1:6d:fd:98:7d:85:95:9f:1e:
         ce:48:ed:6c:2c:ac:b2:89:e2:4d:68:27:4a:f1:d6:8a:9c:98:
         84:8d:df:de:83:7b:52:7f:0e:67:2c:90:1e:2e:b1:06:6a:77:
         dd:7e:9a:f4:27:fb:b1:c1:a5:2e:20:2b:5a:f4:70:cc:16:81:
         db:e1:e5:63:4a:14:c8:4f:6a:18:61:72:ff:75:4f:bc:d7:f4:
         c6:28:15:15:2e:13:c2:66:c2:cd:5a:f9:28:b7:0b:c1:50:f0:
         10:a8:4b:12
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUJ+Yhlr20cop2+2jv3i+C0Cg3Ug0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQzQ0QTAwMDAwMTEwLwYDVQQFEyhFMzA5ODE4MkJD
QjlBQTEwMkVDQjIyMjFBNzY3Qjk4RTZFQ0NDMzEwMB4XDTI1MDcyNTEwNDczOVoX
DTI2MDcyNDEwNTIzOVowMzExMC8GA1UEAxMoQzMwRTMxNUUwRTdENEJBQUVFMTZB
MTcyRTY4Mjk1MEI3REFFQjkxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxt9/scvDXliUIqcgi8d5QvwALGLzOy8kzKjyU5Ue6ZQAuEZJZXQlNaZx7k
/kHgVNzilaevqIsSHDrTUdT8olOcDlIPNgfmZVIIwksqnhPhBswIkFss659CKiJN
cKAnUufQW4IogyyYLGV6ykdW/f3qQhMZCcZXOVlaRp2/jnwU7ZEwc2bJHJ/RdVZB
0y9oztEN/D+9o7ekBIQ+ao5cF/uwNRsk+J2rC0pLvwPy6FOnSlGOszUHyeT5GpO1
pZlz1rBar/C2sI2ihxnxfqli7oVhLOSzA/3HxjXlszsMB6WSHlFO0U10RSP9Z7Lv
fDjKcb6xJ4Lizgh7IRoOFseEmrkCAwEAAaOCAdcwggHTMB0GA1UdDgQWBBTDDjFe
Dn1Lqu4WoXLmgpULfa65FjAfBgNVHSMEGDAWgBTjCYGCvLmqEC7LIiGnZ7mObszD
EDAOBgNVHQ8BAf8EBAMCB4AwVQYDVR0fBE4wTDBKoEigRoZEcnN5bmM6Ly8wLnNi
L3JlcG8vc2IvMjAvRTMwOTgxODJCQ0I5QUExMDJFQ0IyMjIxQTc2N0I5OEU2RUND
QzMxMC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdD
NzJGRDFGRjIvNHdtQmdyeTVxaEF1eXlJaHAyZTVqbTdNd3hBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vMC5zYi9yZXBvL3NiLzIwLzMy
MzQzMDM3M2EzOTY1MzQzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzEzMDM4
MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACQHnkAwDQYJKoZIhvcNAQELBQADggEBACyGSUkAKE42
Vwnhsd9q1uc9N8jxDijV20SQbfdh6G7jCmBMGGi4csodskas5BFCxA5s+iXGg8vj
V2+HafXdZIkeBY8h4s4eT08Likxz8egOTahHju+8lS6JWzN4rb9rS4K7eiI+t4CK
uAaUKZu8NCGloK2zN4mCjVMm/ycY9Aw7PwkNpxGiKf+ZfpQX8tcq5M8R4hSqAyq3
gNFt/Zh9hZWfHs5I7WwsrLKJ4k1oJ0rx1oqcmISN396De1J/DmcskB4usQZqd91+
mvQn+7HBpS4gK1r0cMwWgdvh5WNKFMhPahhhcv91T7zX9MYoFRUuE8Jmws1a+Si3
C8FQ8BCoSxI=
-----END CERTIFICATE-----