Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/LsJshUb5dVWALI3EoEfdgELQRWA.roa
File:                     LsJshUb5dVWALI3EoEfdgELQRWA.roa (raw, json)
Hash identifier:          1eBYSk1Y7l3/iKc+VLytwK3LSCf1odvgglssKbjjRXY=
Subject key identifier:   2E:C2:6C:85:46:F9:75:55:80:2C:8D:C4:A0:47:DD:80:42:D0:45:60
Certificate issuer:       /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial:       018CC6B8D6DD65B00FEC5516369F0FE4BB4E
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/LsJshUb5dVWALI3EoEfdgELQRWA.roa
Signing time:             Mon 01 Jan 2024 20:30:51 +0000
ROA not before:           Mon 01 Jan 2024 20:30:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210513
IP address blocks:        62.3.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:d6:dd:65:b0:0f:ec:55:16:36:9f:0f:e4:bb:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
        Validity
            Not Before: Jan  1 20:30:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2ec26c8546f97555802c8dc4a047dd8042d04560
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:7b:8e:69:44:2d:b8:25:1e:b1:5b:1b:a9:8f:
                    c5:af:8c:3c:bf:d9:22:c4:63:1a:f9:bd:b4:f3:a8:
                    09:f2:a4:6b:72:42:eb:1b:0e:9a:3c:51:eb:cf:62:
                    0f:f8:a5:af:e2:95:01:77:60:ea:c9:45:f8:81:37:
                    d9:d7:c1:ec:e9:33:60:d9:fe:8d:d4:07:7d:02:7c:
                    1b:6a:40:3e:65:52:5f:ce:7b:be:20:1e:f5:e9:09:
                    fa:4b:7d:d3:4f:78:bc:82:c5:26:e9:e6:22:06:8d:
                    c2:00:74:d8:2d:48:83:ee:78:26:bd:7c:2f:60:44:
                    09:17:41:f5:60:e1:ac:bd:47:0b:78:0e:f6:01:73:
                    31:af:a7:51:35:76:6f:52:19:86:ff:6b:d0:e1:27:
                    09:38:5e:ee:89:9f:6b:65:2b:72:d0:31:b9:44:43:
                    19:40:21:8f:d2:85:72:34:ad:c4:07:6c:3c:58:3f:
                    19:80:49:7b:4d:49:72:fe:61:85:42:f1:6d:1c:b5:
                    59:7f:fe:bb:62:51:ca:fb:68:a4:75:ec:e2:04:9e:
                    f5:e2:92:e0:4d:bb:5e:2d:36:17:b4:14:1e:cc:22:
                    cc:c7:2d:19:6b:de:20:ae:05:6f:1a:e0:e0:ed:5c:
                    77:ab:fe:e5:36:ca:0e:32:95:3e:a2:a8:07:b1:ad:
                    20:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:C2:6C:85:46:F9:75:55:80:2C:8D:C4:A0:47:DD:80:42:D0:45:60
            X509v3 Authority Key Identifier:
                keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/LsJshUb5dVWALI3EoEfdgELQRWA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:59:29:58:02:56:11:b1:0c:91:e4:63:cc:3f:c1:17:bc:71:
         ce:be:bb:74:8e:09:1a:1d:22:0b:9e:f9:8f:48:ac:53:a4:8f:
         35:5d:c5:f5:b5:f6:2e:19:09:c3:89:0f:3a:98:74:2d:cf:1d:
         76:23:dc:e2:41:af:a9:d9:9a:0f:ba:2b:0f:75:ee:63:c2:74:
         25:88:78:ef:6d:ba:7d:78:47:26:b1:ac:2a:d4:60:fb:24:3d:
         bc:a7:34:d7:cd:04:fa:7c:a3:38:02:c3:0c:1b:ad:d4:04:28:
         fe:63:07:b1:93:f6:4b:2e:72:e2:c0:0a:62:99:a1:7b:a0:bf:
         24:35:0a:da:57:cf:a0:40:f7:f5:34:93:5b:a3:8e:be:0c:1c:
         4b:eb:cf:5e:91:78:41:1a:9b:ab:34:d2:b3:9d:fc:1c:0a:d1:
         9c:d1:6e:88:fa:a8:8f:54:2e:81:1a:f4:46:d3:60:78:15:5a:
         7f:72:11:1d:e7:ca:0b:68:80:14:66:82:cd:af:2b:6d:5b:38:
         ec:f4:10:cc:6b:27:ce:de:cc:2b:6f:a3:cf:df:a2:e8:82:42:
         0a:cb:82:0d:72:76:67:3b:76:de:c5:98:18:ce:19:5f:c3:8a:
         09:7e:6a:81:1f:02:54:5c:3f:cb:18:4c:1f:02:66:f0:d9:59:
         34:2a:6d:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuNbdZbAP7FUWNp8P5LtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWMyNmM4NTQ2Zjk3NTU1ODAyYzhkYzRhMDQ3ZGQ4MDQyZDA0NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHuOaUQtuCUesVsbqY/Fr4w8v9ki
xGMa+b2086gJ8qRrckLrGw6aPFHrz2IP+KWv4pUBd2DqyUX4gTfZ18Hs6TNg2f6N
1Ad9AnwbakA+ZVJfznu+IB716Qn6S33TT3i8gsUm6eYiBo3CAHTYLUiD7ngmvXwv
YEQJF0H1YOGsvUcLeA72AXMxr6dRNXZvUhmG/2vQ4ScJOF7uiZ9rZSty0DG5REMZ
QCGP0oVyNK3EB2w8WD8ZgEl7TUly/mGFQvFtHLVZf/67YlHK+2ikdeziBJ714pLg
TbteLTYXtBQezCLMxy0Za94grgVvGuDg7Vx3q/7lNsoOMpU+oqgHsa0ggQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7CbIVG+XVVgCyNxKBH3YBC0EVgMB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvTHNKc2hVYjVkVldBTEkzRW9FZmRnRUxRUldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM4MA0G
CSqGSIb3DQEBCwUAA4IBAQCqWSlYAlYRsQyR5GPMP8EXvHHOvrt0jgkaHSILnvmP
SKxTpI81XcX1tfYuGQnDiQ86mHQtzx12I9ziQa+p2ZoPuisPde5jwnQliHjvbbp9
eEcmsawq1GD7JD28pzTXzQT6fKM4AsMMG63UBCj+Ywexk/ZLLnLiwApimaF7oL8k
NQraV8+gQPf1NJNbo46+DBxL689ekXhBGpurNNKznfwcCtGc0W6I+qiPVC6BGvRG
02B4FVp/chEd58oLaIAUZoLNryttWzjs9BDMayfO3swrb6PP36LogkIKy4INcnZn
O3bexZgYzhlfw4oJfmqBHwJUXD/LGEwfAmbw2Vk0Km2i
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:33:19 2024 by rpki-client on console-ams.rpki-client.org