Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/Z_6qcWXafFHeeNM0JcwghYpm_Pc.roa
File:                     Z_6qcWXafFHeeNM0JcwghYpm_Pc.roa (raw, json)
Hash identifier:          N/RMTXzzdl30hFRA1+qOUgSZO91LlshPNCMhB213flU=
Subject key identifier:   67:FE:AA:71:65:DA:7C:51:DE:78:D3:34:25:CC:20:85:8A:66:FC:F7
Certificate issuer:       /CN=30aff75209684a354669061d23da29f8ea2f1d5e
Certificate serial:       018CC801DAEEC8D0772D40280EC1C6F1A750
Authority key identifier: 30:AF:F7:52:09:68:4A:35:46:69:06:1D:23:DA:29:F8:EA:2F:1D:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MK_3UgloSjVGaQYdI9op-OovHV4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/Z_6qcWXafFHeeNM0JcwghYpm_Pc.roa
Signing time:             Tue 02 Jan 2024 02:30:13 +0000
ROA not before:           Tue 02 Jan 2024 02:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202305
IP address blocks:        185.90.208.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/MK_3UgloSjVGaQYdI9op-OovHV4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/MK_3UgloSjVGaQYdI9op-OovHV4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MK_3UgloSjVGaQYdI9op-OovHV4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:da:ee:c8:d0:77:2d:40:28:0e:c1:c6:f1:a7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aff75209684a354669061d23da29f8ea2f1d5e
        Validity
            Not Before: Jan  2 02:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=67feaa7165da7c51de78d33425cc20858a66fcf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:08:b5:7b:c5:cb:07:a0:14:98:de:0c:65:07:
                    42:a9:9e:f0:4d:29:06:32:c3:81:70:29:2e:99:64:
                    31:04:7c:a2:ce:75:94:74:c4:b6:0a:aa:c4:a0:37:
                    4e:a9:09:f1:e8:1e:c5:7b:0d:79:c8:a9:b5:31:6a:
                    d2:5b:eb:6b:ab:a0:a4:7d:5c:d0:6c:bb:f0:b8:a9:
                    a4:0c:c5:99:0c:fc:8c:3a:00:f8:44:59:3e:d1:ed:
                    07:a2:00:75:67:1b:5a:5a:49:55:00:5c:4e:2c:8b:
                    21:0c:d5:62:33:c0:b3:31:3d:bd:de:fb:01:e0:4b:
                    be:66:7a:34:aa:05:bb:e0:c6:dd:0e:70:7f:86:ba:
                    f7:2c:32:07:87:b8:a3:5d:76:4d:b9:de:83:54:97:
                    5f:80:96:cc:b3:86:e8:72:3f:27:b7:59:0e:d1:f9:
                    de:0c:69:58:9b:e5:a9:75:35:2d:76:a8:63:1b:94:
                    b6:20:a2:ca:37:7d:a8:f0:20:2c:71:62:47:7f:95:
                    4c:6a:d9:83:cd:fe:5e:36:cf:d3:0f:d4:09:43:35:
                    a4:bb:28:73:75:66:8e:c4:b1:1d:66:a0:72:3b:0d:
                    92:0d:53:e5:66:2f:de:20:d9:b5:02:22:7d:ea:f0:
                    73:c0:4d:9d:0f:9b:8f:1d:86:f4:82:ba:6f:6b:2b:
                    23:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:FE:AA:71:65:DA:7C:51:DE:78:D3:34:25:CC:20:85:8A:66:FC:F7
            X509v3 Authority Key Identifier:
                keyid:30:AF:F7:52:09:68:4A:35:46:69:06:1D:23:DA:29:F8:EA:2F:1D:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MK_3UgloSjVGaQYdI9op-OovHV4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/Z_6qcWXafFHeeNM0JcwghYpm_Pc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/844a25-a8df-4561-b3e7-9785a335542a/1/MK_3UgloSjVGaQYdI9op-OovHV4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.90.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:7d:39:ce:a9:cc:21:f6:df:4d:cf:b5:1a:c8:da:70:c5:63:
         3b:6a:9a:49:8e:b5:6f:c2:e9:bb:07:a6:24:fa:74:d2:dc:5c:
         b9:9e:b4:ee:6d:e4:4e:5c:23:f4:91:12:af:57:5e:b3:aa:20:
         e2:8f:e3:d0:fd:95:dc:12:88:c6:1f:e1:71:74:0d:d3:45:f4:
         53:f4:fa:8c:8f:8f:8b:94:4e:a6:58:62:b0:14:bf:4d:20:ed:
         b7:d7:a5:ca:53:47:a6:28:3e:8a:54:b7:7e:7a:4f:cc:c2:03:
         a4:22:be:47:77:f0:41:3b:6d:87:7e:4a:2e:1b:c3:15:44:38:
         82:16:a5:33:cb:fb:ce:3c:f5:5e:cc:f0:ec:88:a3:25:99:be:
         02:c0:23:5f:73:87:41:fd:8a:c8:43:f4:1a:6a:46:eb:d6:3a:
         37:66:f5:6a:53:a1:99:37:7a:f6:87:ff:d8:47:68:2d:c9:d9:
         7d:fd:a1:f2:92:cc:e7:5a:54:48:5b:b2:48:15:75:c8:32:f7:
         7d:40:65:e8:8a:d1:8f:90:d2:dc:c0:0c:ca:79:83:2f:70:01:
         b1:2c:d8:23:73:52:bb:7f:42:da:19:1c:07:61:8c:69:df:23:
         fe:15:07:d5:1a:92:a1:b6:c5:03:d9:df:ec:d9:a1:9d:e1:ca:
         0b:97:d2:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAdruyNB3LUAoDsHG8adQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWZmNzUyMDk2ODRhMzU0NjY5MDYxZDIzZGEyOWY4ZWEy
ZjFkNWUwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZlYWE3MTY1ZGE3YzUxZGU3OGQzMzQyNWNjMjA4NThhNjZmY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Qi1e8XLB6AUmN4MZQdCqZ7wTSkG
MsOBcCkumWQxBHyiznWUdMS2CqrEoDdOqQnx6B7Few15yKm1MWrSW+trq6CkfVzQ
bLvwuKmkDMWZDPyMOgD4RFk+0e0HogB1ZxtaWklVAFxOLIshDNViM8CzMT293vsB
4Eu+Zno0qgW74MbdDnB/hrr3LDIHh7ijXXZNud6DVJdfgJbMs4bocj8nt1kO0fne
DGlYm+WpdTUtdqhjG5S2IKLKN32o8CAscWJHf5VMatmDzf5eNs/TD9QJQzWkuyhz
dWaOxLEdZqByOw2SDVPlZi/eINm1AiJ96vBzwE2dD5uPHYb0grpvaysjjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGf+qnFl2nxR3njTNCXMIIWKZvz3MB8GA1UdIwQY
MBaAFDCv91IJaEo1RmkGHSPaKfjqLx1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtfM1VnbG9TalZHYVFZZEk5b3AtT292SFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84NDRhMjUtYThkZi00NTYxLWIzZTct
OTc4NWEzMzU1NDJhLzEvWl82cWNXWGFmRkhlZU5NMEpjd2doWXBtX1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84NDRhMjUtYThkZi00NTYxLWIzZTctOTc4NWEzMzU1NDJh
LzEvTUtfM1VnbG9TalZHYVFZZEk5b3AtT292SFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVrQMA0G
CSqGSIb3DQEBCwUAA4IBAQANfTnOqcwh9t9Nz7UayNpwxWM7appJjrVvwum7B6Yk
+nTS3Fy5nrTubeROXCP0kRKvV16zqiDij+PQ/ZXcEojGH+FxdA3TRfRT9PqMj4+L
lE6mWGKwFL9NIO2316XKU0emKD6KVLd+ek/MwgOkIr5Hd/BBO22HfkouG8MVRDiC
FqUzy/vOPPVezPDsiKMlmb4CwCNfc4dB/YrIQ/Qaakbr1jo3ZvVqU6GZN3r2h//Y
R2gtydl9/aHyksznWlRIW7JIFXXIMvd9QGXoitGPkNLcwAzKeYMvcAGxLNgjc1K7
f0LaGRwHYYxp3yP+FQfVGpKhtsUD2d/s2aGd4coLl9Ls
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:15:00 2024 by rpki-client on console-fra.rpki-client.org