Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/DOUdlGchlbTtfE2ciw4KW8AGl3g.roa
File:                     DOUdlGchlbTtfE2ciw4KW8AGl3g.roa (raw, json)
Hash identifier:          mmXmH9F42sPzNhQ89NiIO+/yqp5ib1d5/LtHBigeoQc=
Subject key identifier:   0C:E5:1D:94:67:21:95:B4:ED:7C:4D:9C:8B:0E:0A:5B:C0:06:97:78
Certificate issuer:       /CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Certificate serial:       018FA4D12AE6AF39EA1F169048379D760128
Authority key identifier: 4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/DOUdlGchlbTtfE2ciw4KW8AGl3g.roa
Signing time:             Thu 23 May 2024 09:38:42 +0000
ROA not before:           Thu 23 May 2024 09:38:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3269
IP address blocks:        45.82.203.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 06:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a4:d1:2a:e6:af:39:ea:1f:16:90:48:37:9d:76:01:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
        Validity
            Not Before: May 23 09:38:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ce51d94672195b4ed7c4d9c8b0e0a5bc0069778
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ee:45:0b:6b:f0:df:36:2d:65:db:79:be:c3:
                    a3:5f:19:de:e4:54:b7:68:fd:68:3f:2c:2f:7f:fa:
                    66:3b:a3:45:1a:38:3f:ad:50:79:39:1c:e1:d0:4e:
                    dc:e7:ba:e8:16:04:bb:26:9a:18:93:90:12:a8:50:
                    dd:03:3c:2c:86:5f:11:d2:30:62:78:8a:fa:e6:e9:
                    a0:f6:ca:36:b7:36:6b:bb:12:5a:3e:95:7a:82:88:
                    8f:80:11:d0:dd:58:44:3c:56:4d:b9:53:3f:db:b3:
                    f7:0c:26:2e:cb:ba:3a:8d:ff:bc:51:46:0b:32:74:
                    15:03:8c:68:cd:24:f2:67:0c:5e:72:92:6b:c5:d7:
                    3a:a2:21:8a:89:79:ef:5a:49:e9:ff:88:27:0b:1a:
                    ce:c5:af:f9:70:69:b6:4b:31:87:39:5e:76:59:36:
                    4e:b7:1b:f1:74:e3:c9:86:ff:d8:97:f4:b6:f9:10:
                    38:f0:f1:39:23:d0:bb:61:52:a0:71:6c:69:6e:5a:
                    34:81:a0:8f:77:cd:7d:81:76:63:86:f8:8b:2c:10:
                    b7:1a:0a:23:51:27:1c:cb:ed:13:39:1c:17:69:6a:
                    2e:fd:52:20:39:79:ca:ae:2d:d0:eb:19:2d:11:ac:
                    f2:07:17:92:ce:7a:4a:00:70:d7:07:82:fd:6b:42:
                    75:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:E5:1D:94:67:21:95:B4:ED:7C:4D:9C:8B:0E:0A:5B:C0:06:97:78
            X509v3 Authority Key Identifier:
                keyid:4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/DOUdlGchlbTtfE2ciw4KW8AGl3g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:3c:8f:d4:20:9c:af:93:b5:2d:fb:1b:4a:ad:26:25:a9:06:
         58:62:ee:af:79:17:8e:94:f3:4c:78:55:25:0a:ea:bb:91:be:
         04:9c:33:51:ff:9a:b8:c0:1d:98:ca:8d:2f:c7:a9:73:ed:c0:
         41:b7:0d:01:c5:91:3a:2f:ca:f1:86:95:85:4f:25:6a:67:41:
         79:02:0f:d0:58:b8:76:ed:34:39:8d:56:f0:ab:1b:3d:a3:8c:
         d5:b9:86:4e:ae:9e:98:58:db:3d:4d:ca:04:8e:1d:9a:46:ee:
         26:56:e3:bf:c1:07:6d:96:b8:59:a4:1d:17:e0:33:5e:b3:b1:
         f7:58:c6:3e:b3:01:62:c4:b1:14:35:fe:0d:ae:0f:86:06:b8:
         57:e1:8e:b0:7b:83:40:f9:01:f0:82:32:83:3c:71:7a:8d:a7:
         84:d3:bc:cf:b5:7e:a5:b3:28:ae:1b:79:7a:34:39:06:19:77:
         d0:99:72:ac:17:0b:da:4e:8d:76:4a:f5:0a:8e:08:a3:c6:e6:
         01:55:d9:ac:e3:70:ca:43:db:d4:98:67:31:fa:d6:50:7b:a2:
         22:fc:97:d2:28:ac:d6:59:49:8e:29:98:99:d2:21:c3:9a:ae:
         83:72:bf:18:1e:17:ed:c7:60:a8:d5:79:a9:73:79:af:9e:41:
         0c:31:d6:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+k0SrmrznqHxaQSDeddgEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZWNjYzlkMWE3NmU5MTQ2OWNiNjNiMTJiZjcyNWQ3ZGVi
YWZiMWIwHhcNMjQwNTIzMDkzODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U1MWQ5NDY3MjE5NWI0ZWQ3YzRkOWM4YjBlMGE1YmMwMDY5Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO5FC2vw3zYtZdt5vsOjXxne5FS3
aP1oPywvf/pmO6NFGjg/rVB5ORzh0E7c57roFgS7JpoYk5ASqFDdAzwshl8R0jBi
eIr65umg9so2tzZruxJaPpV6goiPgBHQ3VhEPFZNuVM/27P3DCYuy7o6jf+8UUYL
MnQVA4xozSTyZwxecpJrxdc6oiGKiXnvWknp/4gnCxrOxa/5cGm2SzGHOV52WTZO
txvxdOPJhv/Yl/S2+RA48PE5I9C7YVKgcWxpblo0gaCPd819gXZjhviLLBC3Ggoj
USccy+0TORwXaWou/VIgOXnKri3Q6xktEazyBxeSznpKAHDXB4L9a0J1XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzlHZRnIZW07XxNnIsOClvABpd4MB8GA1UdIwQY
MBaAFEvszJ0adukUactjsSv3JdfeuvsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTkt
NGY0Yjk5NGUwZWIyLzEvRE9VZGxHY2hsYlR0ZkUyY2l3NEtXOEFHbDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTktNGY0Yjk5NGUwZWIy
LzEvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVLLMA0G
CSqGSIb3DQEBCwUAA4IBAQBRPI/UIJyvk7Ut+xtKrSYlqQZYYu6veReOlPNMeFUl
Cuq7kb4EnDNR/5q4wB2Yyo0vx6lz7cBBtw0BxZE6L8rxhpWFTyVqZ0F5Ag/QWLh2
7TQ5jVbwqxs9o4zVuYZOrp6YWNs9TcoEjh2aRu4mVuO/wQdtlrhZpB0X4DNes7H3
WMY+swFixLEUNf4Nrg+GBrhX4Y6we4NA+QHwgjKDPHF6jaeE07zPtX6lsyiuG3l6
NDkGGXfQmXKsFwvaTo12SvUKjgijxuYBVdms43DKQ9vUmGcx+tZQe6Ii/JfSKKzW
WUmOKZiZ0iHDmq6Dcr8YHhftx2Co1Xmpc3mvnkEMMdZ0
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:40:54 2024 by rpki-client on console-fra.rpki-client.org