Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/tYR2t6XLlJlrCnEBwgsb5sY7qYs.roa
File:                     tYR2t6XLlJlrCnEBwgsb5sY7qYs.roa (raw, json)
Hash identifier:          JHavKTgKXDxVz1X1PCoeu6d5p5Md9s5G/iy/pke0rGc=
Subject key identifier:   B5:84:76:B7:A5:CB:94:99:6B:0A:71:01:C2:0B:1B:E6:C6:3B:A9:8B
Certificate issuer:       /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial:       018E1478BF551DA438D056A9DD622C39392F
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/tYR2t6XLlJlrCnEBwgsb5sY7qYs.roa
Signing time:             Wed 06 Mar 2024 15:54:01 +0000
ROA not before:           Wed 06 Mar 2024 15:54:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210893
IP address blocks:        79.135.100.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:14:78:bf:55:1d:a4:38:d0:56:a9:dd:62:2c:39:39:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
        Validity
            Not Before: Mar  6 15:54:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b58476b7a5cb94996b0a7101c20b1be6c63ba98b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d4:37:56:84:80:44:73:28:7a:e0:fa:5a:71:
                    e5:94:66:5b:dd:68:5a:60:4e:f0:b8:86:26:8d:24:
                    47:bf:6b:9f:55:4e:b5:a0:03:61:00:da:cc:e5:fa:
                    ba:5f:d9:ad:35:91:98:15:78:32:23:09:e9:e3:77:
                    b2:48:e1:ae:1b:a9:d6:a0:63:e8:5e:99:90:70:43:
                    a8:26:7a:ca:f2:8a:cb:4d:aa:01:ea:2f:1e:8b:e4:
                    d8:d8:32:5d:4a:71:6b:81:97:5b:e5:b5:d3:7c:ce:
                    ae:12:40:31:7d:27:99:5c:eb:89:ef:89:02:52:22:
                    31:ae:5b:5f:27:27:ce:84:d8:d9:d3:52:18:f5:98:
                    fd:92:24:dd:c4:01:77:e4:e2:c4:0d:88:fb:6c:89:
                    08:11:dd:c1:84:cb:df:af:49:79:bb:6b:4b:54:7b:
                    12:8a:22:e0:60:f1:06:f6:bc:4c:97:41:4e:b3:92:
                    66:27:a5:c9:b6:61:53:b3:1f:ff:e1:11:ca:77:f8:
                    0c:bf:2d:e6:22:1f:5e:d5:7e:e3:72:d1:28:f7:78:
                    b6:aa:84:2b:01:7d:57:01:38:e3:5b:fb:98:12:af:
                    c5:90:31:d3:3a:a8:45:85:86:da:9d:42:04:64:96:
                    57:37:97:75:a4:7d:e9:79:db:56:8f:1b:7b:3b:0a:
                    9a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:84:76:B7:A5:CB:94:99:6B:0A:71:01:C2:0B:1B:E6:C6:3B:A9:8B
            X509v3 Authority Key Identifier:
                keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/tYR2t6XLlJlrCnEBwgsb5sY7qYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.135.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:1b:50:f0:5a:3f:46:0b:f8:21:b8:ea:de:b6:a4:29:96:b3:
         da:e8:70:e2:34:76:d3:d2:30:99:11:e0:93:02:07:ed:7e:95:
         79:96:8a:98:92:c5:f6:97:63:b7:23:c2:1d:4c:f2:ee:82:c0:
         17:0b:c0:8a:ca:e6:fd:95:e8:a7:cd:8b:24:49:39:fd:c8:0d:
         b9:ce:7f:25:dc:08:45:c3:93:24:c8:74:ae:59:6e:e8:da:d4:
         d6:45:8a:b6:c8:01:43:78:41:ec:34:ca:db:58:a8:dd:f7:b2:
         10:ef:1a:31:19:b8:88:cb:94:56:0b:48:f4:77:8f:25:d9:1d:
         b2:a9:d4:56:3f:74:20:5b:bd:03:2d:61:8f:16:64:0e:a2:01:
         b4:80:77:94:0a:e2:9e:d3:38:60:98:40:6d:fc:33:fe:8b:6e:
         f7:05:8d:ab:b5:1d:23:a5:4a:b7:67:37:ba:10:19:ee:cf:91:
         47:4e:53:78:fd:0d:a7:1f:58:bc:bd:c8:84:51:ec:34:fa:64:
         0d:d1:06:f0:f2:88:8b:41:1c:2d:95:37:df:83:97:4e:63:c0:
         92:f7:62:3c:d6:10:00:f1:55:1d:92:6b:9a:04:44:e7:ba:14:
         51:01:0b:31:f1:f4:12:34:45:26:32:31:12:c1:0b:86:5a:fe:
         0e:5b:d9:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4UeL9VHaQ40Fap3WIsOTkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwMzA2MTU1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg0NzZiN2E1Y2I5NDk5NmIwYTcxMDFjMjBiMWJlNmM2M2JhOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntQ3VoSARHMoeuD6WnHllGZb3Wha
YE7wuIYmjSRHv2ufVU61oANhANrM5fq6X9mtNZGYFXgyIwnp43eySOGuG6nWoGPo
XpmQcEOoJnrK8orLTaoB6i8ei+TY2DJdSnFrgZdb5bXTfM6uEkAxfSeZXOuJ74kC
UiIxrltfJyfOhNjZ01IY9Zj9kiTdxAF35OLEDYj7bIkIEd3BhMvfr0l5u2tLVHsS
iiLgYPEG9rxMl0FOs5JmJ6XJtmFTsx//4RHKd/gMvy3mIh9e1X7jctEo93i2qoQr
AX1XATjjW/uYEq/FkDHTOqhFhYbanUIEZJZXN5d1pH3pedtWjxt7OwqaRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWEdrely5SZawpxAcILG+bGO6mLMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvdFlSMnQ2WExsSmxyQ25FQndnc2I1c1k3cVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBT4dkMA0G
CSqGSIb3DQEBCwUAA4IBAQBcG1DwWj9GC/ghuOretqQplrPa6HDiNHbT0jCZEeCT
AgftfpV5loqYksX2l2O3I8IdTPLugsAXC8CKyub9leinzYskSTn9yA25zn8l3AhF
w5MkyHSuWW7o2tTWRYq2yAFDeEHsNMrbWKjd97IQ7xoxGbiIy5RWC0j0d48l2R2y
qdRWP3QgW70DLWGPFmQOogG0gHeUCuKe0zhgmEBt/DP+i273BY2rtR0jpUq3Zze6
EBnuz5FHTlN4/Q2nH1i8vciEUew0+mQN0Qbw8oiLQRwtlTffg5dOY8CS92I81hAA
8VUdkmuaBETnuhRRAQsx8fQSNEUmMjESwQuGWv4OW9me
-----END CERTIFICATE-----
Generated at Thu May 23 10:30:14 2024 by rpki-client on console-ams.rpki-client.org