Route Origin Authorization

$ rpki-client -vvf 0.sb/repo/sb/21/3139322e3130392e3233332e302f32342d3234203d3e203233393539.roa
File:                     3139322e3130392e3233332e302f32342d3234203d3e203233393539.roa (raw, json)
Hash identifier:          DeNjSzNBEamHrrtIUqDLjj4bVvoqGWwKBjrlkfeXyic=
Subject key identifier:   46:6B:5D:7D:BE:A0:4F:94:14:4D:F6:B6:A2:48:DE:86:29:DE:07:B6
Certificate issuer:       /CN=761c616364b89659ed9f18cb0af77420437cc7da
Certificate serial:       7569026511F01DC27BF87D49DB418A8935A2B6D1
Authority key identifier: 76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
Subject info access:      rsync://0.sb/repo/sb/21/3139322e3130392e3233332e302f32342d3234203d3e203233393539.roa
Signing time:             Fri 25 Jul 2025 10:52:38 +0000
ROA not before:           Fri 25 Jul 2025 10:47:38 +0000
ROA not after:            Fri 24 Jul 2026 10:52:38 +0000
asID:                     23959
IP address blocks:        192.109.233.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl
                          rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:10:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:69:02:65:11:f0:1d:c2:7b:f8:7d:49:db:41:8a:89:35:a2:b6:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=761c616364b89659ed9f18cb0af77420437cc7da
        Validity
            Not Before: Jul 25 10:47:38 2025 GMT
            Not After : Jul 24 10:52:38 2026 GMT
        Subject: CN=466B5D7DBEA04F94144DF6B6A248DE8629DE07B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:93:ba:61:9b:0c:ac:23:a0:9a:54:74:92:2a:
                    b0:d4:6d:9f:5c:e3:af:d7:a6:d3:f4:b5:26:ad:01:
                    d5:ef:c2:0d:f6:95:86:1d:4b:6c:9e:1d:92:6e:b1:
                    43:d7:1c:87:c9:29:cb:ce:3f:2b:34:03:95:31:30:
                    5a:e3:41:68:f3:b9:4b:85:d5:87:f8:17:e3:24:0f:
                    f9:87:7e:e7:0b:7f:9d:89:6a:be:04:52:24:1d:aa:
                    85:fe:38:a8:ba:10:34:89:2e:33:d2:3c:25:32:7f:
                    8b:5d:3e:0b:1b:63:d1:60:32:83:62:08:40:fb:fe:
                    a5:43:ff:87:4c:d2:9b:f7:fb:39:68:9e:61:20:f1:
                    bf:33:14:9e:48:61:a8:de:63:92:ad:68:cf:81:3a:
                    be:16:34:40:16:ca:ca:fe:54:7d:02:50:65:cb:53:
                    de:21:f2:82:3b:23:2b:59:65:0a:77:24:aa:21:c2:
                    4a:9f:a5:2d:89:84:9c:c8:24:ee:ad:07:c4:c0:32:
                    11:39:dc:91:97:3f:e6:a7:e0:93:e4:62:24:a8:ff:
                    1a:6f:13:49:1d:f0:4f:6b:07:e9:df:5b:6a:43:5d:
                    5c:bf:bb:54:a1:fd:73:1d:ae:98:be:ff:d3:7b:02:
                    15:67:ce:47:53:0e:73:28:b9:30:50:a9:76:79:49:
                    b2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:6B:5D:7D:BE:A0:4F:94:14:4D:F6:B6:A2:48:DE:86:29:DE:07:B6
            X509v3 Authority Key Identifier:
                keyid:76:1C:61:63:64:B8:96:59:ED:9F:18:CB:0A:F7:74:20:43:7C:C7:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://0.sb/repo/sb/21/761C616364B89659ED9F18CB0AF77420437CC7DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhxhY2S4llntnxjLCvd0IEN8x9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://0.sb/repo/sb/21/3139322e3130392e3233332e302f32342d3234203d3e203233393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.109.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:61:aa:10:bb:a6:54:8a:21:ae:9b:c1:b4:3e:bb:14:61:44:
         72:bd:1f:8a:f8:cb:1b:8f:b6:75:19:1d:83:5b:72:32:6b:15:
         2f:1b:24:7a:ae:20:ab:01:11:49:94:29:6c:82:6c:22:d5:01:
         2d:27:2f:f3:07:2f:17:91:69:07:e5:ab:18:83:35:fc:80:40:
         ad:c4:90:af:2f:37:d5:fd:3b:ef:7c:7b:59:13:66:2d:92:ee:
         98:c0:8e:b4:51:a0:22:7b:72:6e:9c:a8:ea:81:53:89:99:b8:
         1a:d8:2b:a5:8e:f2:27:1f:ab:8e:81:81:a2:eb:18:16:6f:37:
         24:7c:e3:57:74:9f:1f:be:28:a9:5f:f8:e1:42:23:22:8f:dd:
         de:2e:b1:51:9e:e2:d9:40:8b:fc:56:a6:5c:36:f5:5f:06:ba:
         f8:d7:9c:58:9b:fc:98:d8:9a:0b:43:e0:d3:3c:4a:d5:5d:ab:
         52:12:cc:28:56:90:96:bd:bb:c9:06:81:a3:f8:be:07:8c:75:
         02:cf:92:f7:f4:20:79:12:b5:f6:13:4d:d4:3c:31:42:02:9b:
         92:49:83:6a:dd:64:0b:29:1d:a8:ea:d5:54:06:0e:f3:79:5d:
         5c:6c:1a:60:6e:b4:93:e7:aa:14:69:ae:e2:fe:f1:df:c8:7d:
         62:18:21:0c
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIUdWkCZRHwHcJ7+H1J20GKiTWittEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzYxYzYxNjM2NGI4OTY1OWVkOWYxOGNiMGFmNzc0MjA0
MzdjYzdkYTAeFw0yNTA3MjUxMDQ3MzhaFw0yNjA3MjQxMDUyMzhaMDMxMTAvBgNV
BAMTKDQ2NkI1RDdEQkVBMDRGOTQxNDRERjZCNkEyNDhERTg2MjlERTA3QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDak7phmwysI6CaVHSSKrDUbZ9c
46/XptP0tSatAdXvwg32lYYdS2yeHZJusUPXHIfJKcvOPys0A5UxMFrjQWjzuUuF
1Yf4F+MkD/mHfucLf52Jar4EUiQdqoX+OKi6EDSJLjPSPCUyf4tdPgsbY9FgMoNi
CED7/qVD/4dM0pv3+zlonmEg8b8zFJ5IYajeY5KtaM+BOr4WNEAWysr+VH0CUGXL
U94h8oI7IytZZQp3JKohwkqfpS2JhJzIJO6tB8TAMhE53JGXP+an4JPkYiSo/xpv
E0kd8E9rB+nfW2pDXVy/u1Sh/XMdrpi+/9N7AhVnzkdTDnMouTBQqXZ5SbLzAgMB
AAGjggG+MIIBujAdBgNVHQ4EFgQURmtdfb6gT5QUTfa2okjehineB7YwHwYDVR0j
BBgwFoAUdhxhY2S4llntnxjLCvd0IEN8x9owDgYDVR0PAQH/BAQDAgeAMFUGA1Ud
HwROMEwwSqBIoEaGRHJzeW5jOi8vMC5zYi9yZXBvL3NiLzIxLzc2MUM2MTYzNjRC
ODk2NTlFRDlGMThDQjBBRjc3NDIwNDM3Q0M3REEuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kaHhoWTJTNGxsbnRueGpMQ3ZkMElFTjh4OW8uY2VyMHAGCCsGAQUF
BwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjEvMzEz
OTMyMmUzMTMwMzkyZTMyMzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMz
OTM1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBADAbekwDQYJKoZIhvcNAQELBQADggEBABphqhC7plSK
Ia6bwbQ+uxRhRHK9H4r4yxuPtnUZHYNbcjJrFS8bJHquIKsBEUmUKWyCbCLVAS0n
L/MHLxeRaQflqxiDNfyAQK3EkK8vN9X9O+98e1kTZi2S7pjAjrRRoCJ7cm6cqOqB
U4mZuBrYK6WO8icfq46BgaLrGBZvNyR841d0nx++KKlf+OFCIyKP3d4usVGe4tlA
i/xWplw29V8GuvjXnFib/JjYmgtD4NM8StVdq1ISzChWkJa9u8kGgaP4vgeMdQLP
kvf0IHkStfYTTdQ8MUICm5JJg2rdZAspHajq1VQGDvN5XVxsGmButJPnqhRpruL+
8d/IfWIYIQw=
-----END CERTIFICATE-----