Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/6xXggOAeUOVQAXWESYAWsVaoxLY.roa
File:                     6xXggOAeUOVQAXWESYAWsVaoxLY.roa (raw, json)
Hash identifier:          y+dvzSICRlVm2qVf0vRqUKjeTONcx/+RWX91KU5zWjA=
Subject key identifier:   EB:15:E0:80:E0:1E:50:E5:50:01:75:84:49:80:16:B1:56:A8:C4:B6
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       018CC348CB13A9148A20FB1F2F5E91CFA0D8
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/6xXggOAeUOVQAXWESYAWsVaoxLY.roa
Signing time:             Mon 01 Jan 2024 04:29:36 +0000
ROA not before:           Mon 01 Jan 2024 04:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43350
IP address blocks:        95.178.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 05:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:cb:13:a9:14:8a:20:fb:1f:2f:5e:91:cf:a0:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Jan  1 04:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb15e080e01e50e550017584498016b156a8c4b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:b9:32:d0:83:a7:85:c0:bf:21:0c:5d:ab:d4:
                    fa:f8:79:cc:22:29:59:26:6a:2b:ec:fa:44:1e:3b:
                    42:37:5c:34:82:09:f7:0e:72:bb:a6:35:48:1f:9d:
                    55:bb:0a:7c:16:16:30:2b:9b:31:6a:4b:a0:97:94:
                    d6:37:27:48:e3:fb:8a:26:e3:69:63:15:a8:6b:bf:
                    aa:83:22:e9:1b:d1:92:8e:bb:f4:18:d6:0d:07:f2:
                    d5:97:ff:9b:69:cb:b9:e8:27:1c:10:a6:4a:94:da:
                    06:19:0e:4d:b6:b4:f1:c5:5a:3d:a9:b4:7a:3d:a0:
                    13:65:6f:29:07:8d:e0:9c:62:f5:02:75:d4:49:89:
                    b1:49:b7:20:d3:0b:81:f5:96:88:bb:dd:b0:c7:ce:
                    b9:a4:f5:fd:b0:36:03:c9:4d:e6:69:42:08:24:b7:
                    96:61:8d:53:22:ae:40:3d:ce:64:ae:2e:18:3c:46:
                    67:a4:45:cc:b6:d4:90:29:83:00:49:78:7f:a5:94:
                    a9:ab:22:24:67:95:c3:56:ec:b9:b6:0f:0f:ed:7f:
                    c7:c2:ac:52:35:17:5e:77:4b:db:4f:68:eb:15:f7:
                    f7:cc:db:03:91:25:fa:f1:a6:00:cc:dd:99:a9:57:
                    c0:1a:93:5a:6e:9a:4f:99:52:74:23:4d:58:47:e3:
                    2f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:15:E0:80:E0:1E:50:E5:50:01:75:84:49:80:16:B1:56:A8:C4:B6
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/6xXggOAeUOVQAXWESYAWsVaoxLY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.178.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:50:0f:64:a2:94:f9:90:6c:a9:6e:cd:68:f2:7d:8e:ac:59:
         47:12:bf:1a:14:3d:17:9d:cc:e2:5e:08:47:a2:e7:50:82:c4:
         42:48:44:29:3d:72:4b:dd:46:31:81:42:14:bd:b6:f9:ec:20:
         34:16:2a:89:81:53:85:00:2f:2c:cd:c1:be:8c:ca:f0:e4:83:
         13:e5:bc:0f:09:fe:16:dc:8b:0b:8b:83:74:18:d5:22:ef:45:
         1a:ca:84:35:ec:fa:13:7c:bc:05:3a:0b:c3:7b:0c:28:a0:a8:
         2a:80:ed:32:ec:36:1f:7d:02:f6:30:06:b7:01:78:98:70:01:
         4d:d8:2c:5d:98:53:ca:18:cc:db:a6:f4:b0:c5:c1:44:5d:20:
         7e:1f:c8:f6:bb:7f:77:40:51:7f:87:1a:94:8a:2d:98:28:ca:
         bb:59:32:23:3a:9c:e2:a3:2d:a7:b5:2d:fa:bb:60:89:c2:11:
         a2:53:70:63:89:25:3e:e2:8e:e6:83:6d:b5:db:9e:5f:25:2e:
         06:2e:28:7f:c3:be:c8:95:07:85:96:5e:18:d5:ac:d1:48:2c:
         e2:27:80:3a:8e:1f:9b:c2:1a:01:60:3f:c7:41:c7:2f:93:35:
         6e:e2:63:cf:e7:6b:23:8d:d4:fd:ca:30:ff:5a:64:14:b3:b0:
         6e:bd:e1:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMsTqRSKIPsfL16Rz6DYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjE1ZTA4MGUwMWU1MGU1NTAwMTc1ODQ0OTgwMTZiMTU2YThjNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrky0IOnhcC/IQxdq9T6+HnMIilZ
Jmor7PpEHjtCN1w0ggn3DnK7pjVIH51Vuwp8FhYwK5sxakugl5TWNydI4/uKJuNp
YxWoa7+qgyLpG9GSjrv0GNYNB/LVl/+bacu56CccEKZKlNoGGQ5NtrTxxVo9qbR6
PaATZW8pB43gnGL1AnXUSYmxSbcg0wuB9ZaIu92wx865pPX9sDYDyU3maUIIJLeW
YY1TIq5APc5kri4YPEZnpEXMttSQKYMASXh/pZSpqyIkZ5XDVuy5tg8P7X/HwqxS
NRded0vbT2jrFff3zNsDkSX68aYAzN2ZqVfAGpNabppPmVJ0I01YR+MvAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOsV4IDgHlDlUAF1hEmAFrFWqMS2MB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvNnhYZ2dPQWVVT1ZRQVhXRVNZQVdzVmFveExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7JqMA0G
CSqGSIb3DQEBCwUAA4IBAQAhUA9kopT5kGypbs1o8n2OrFlHEr8aFD0XncziXghH
oudQgsRCSEQpPXJL3UYxgUIUvbb57CA0FiqJgVOFAC8szcG+jMrw5IMT5bwPCf4W
3IsLi4N0GNUi70UayoQ17PoTfLwFOgvDewwooKgqgO0y7DYffQL2MAa3AXiYcAFN
2CxdmFPKGMzbpvSwxcFEXSB+H8j2u393QFF/hxqUii2YKMq7WTIjOpzioy2ntS36
u2CJwhGiU3BjiSU+4o7mg221255fJS4GLih/w77IlQeFll4Y1azRSCziJ4A6jh+b
whoBYD/HQccvkzVu4mPP52sjjdT9yjD/WmQUs7BuveEh
-----END CERTIFICATE-----
Generated at Sun May 5 10:07:25 2024 by rpki-client on console-fra.rpki-client.org