Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/DqQytDeVMW5h8WKEQbRa1rPijz4.roa
File:                     DqQytDeVMW5h8WKEQbRa1rPijz4.roa (raw, json)
Hash identifier:          txM3XNHx1v9Dr0BDgpdasqWFjO4GE+HemqCr+mGH2GA=
Subject key identifier:   0E:A4:32:B4:37:95:31:6E:61:F1:62:84:41:B4:5A:D6:B3:E2:8F:3E
Certificate issuer:       /CN=7a3bcb40a1c8c8f9f758dcde1c2907938d86852f
Certificate serial:       018CC7266BD504578D41ECA28BF82DA71116
Authority key identifier: 7A:3B:CB:40:A1:C8:C8:F9:F7:58:DC:DE:1C:29:07:93:8D:86:85:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejvLQKHIyPn3WNzeHCkHk42GhS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/DqQytDeVMW5h8WKEQbRa1rPijz4.roa
Signing time:             Mon 01 Jan 2024 22:30:32 +0000
ROA not before:           Mon 01 Jan 2024 22:30:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31467
IP address blocks:        83.137.104.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/ejvLQKHIyPn3WNzeHCkHk42GhS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/ejvLQKHIyPn3WNzeHCkHk42GhS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ejvLQKHIyPn3WNzeHCkHk42GhS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 22:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:6b:d5:04:57:8d:41:ec:a2:8b:f8:2d:a7:11:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a3bcb40a1c8c8f9f758dcde1c2907938d86852f
        Validity
            Not Before: Jan  1 22:30:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ea432b43795316e61f1628441b45ad6b3e28f3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:69:66:c7:5c:19:9f:df:d1:37:e0:e3:26:70:
                    43:60:ef:f6:50:bf:37:2e:22:3a:38:06:68:1b:e2:
                    09:1d:f0:32:c6:5c:36:7f:51:d8:f9:06:f4:76:11:
                    04:14:08:7c:ca:28:ac:d6:e4:d2:12:e0:b3:c1:15:
                    5c:2c:2e:05:25:64:f7:6d:55:fe:41:b9:46:d2:33:
                    87:95:a4:f9:4c:16:7d:ef:8d:1f:56:ce:f7:db:99:
                    70:0c:51:92:f4:18:0f:76:44:51:da:55:64:67:6a:
                    05:64:b3:ca:fd:56:45:be:a6:00:66:a7:4c:47:67:
                    7a:8f:ef:4f:25:1f:43:53:78:30:d9:16:3a:6a:65:
                    d3:65:e3:88:88:a8:94:17:56:f5:fe:0e:78:9a:1b:
                    26:63:55:25:3b:e8:dd:c0:c0:a5:39:35:02:2e:6a:
                    cf:12:09:3a:75:1e:5d:b6:37:86:65:fc:84:cc:74:
                    82:a7:72:9b:57:66:b4:22:dc:2f:db:67:df:af:30:
                    cd:12:a6:b3:94:71:07:a2:df:a9:bb:3d:b2:7f:02:
                    bb:64:b1:fb:d0:25:ab:66:ff:da:3f:df:16:7e:ba:
                    f8:87:6c:0e:25:07:b4:ea:4d:1a:0e:fd:bc:af:e3:
                    a5:3e:ad:0a:4b:07:5b:18:fd:af:1d:16:c1:be:61:
                    f5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:A4:32:B4:37:95:31:6E:61:F1:62:84:41:B4:5A:D6:B3:E2:8F:3E
            X509v3 Authority Key Identifier:
                keyid:7A:3B:CB:40:A1:C8:C8:F9:F7:58:DC:DE:1C:29:07:93:8D:86:85:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejvLQKHIyPn3WNzeHCkHk42GhS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/DqQytDeVMW5h8WKEQbRa1rPijz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bb3c6b-cd92-422f-9518-01652576f5a2/1/ejvLQKHIyPn3WNzeHCkHk42GhS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.137.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:f6:c1:65:76:9b:8e:4b:73:15:1c:33:f4:9b:52:5e:f1:c8:
         57:64:fc:d7:80:e1:c7:da:90:3c:74:41:eb:a2:10:f2:b1:d3:
         c5:59:97:ab:35:a2:30:c1:08:1a:59:a1:44:41:be:49:5a:68:
         d2:d8:98:86:9d:56:3e:70:7c:b6:6b:ae:1f:3d:0b:1c:c4:3f:
         33:9c:c8:e5:4f:6d:ce:80:02:a5:38:8d:72:38:55:cb:36:d7:
         03:ab:ca:7e:25:c8:72:0d:8c:83:0a:c9:f3:30:71:41:81:84:
         3d:60:9c:54:e0:81:2b:29:c9:d1:31:53:0c:fb:b3:69:d2:b4:
         10:c7:f7:41:32:a2:68:24:85:86:05:f7:50:5d:74:cb:23:59:
         17:18:fa:d6:2f:ae:a6:1f:61:42:19:80:3f:4c:3b:d3:b5:5d:
         2b:8e:79:83:96:1e:c1:05:8f:ea:75:52:ca:3b:df:74:de:f4:
         e5:ae:55:31:ee:0c:fb:7e:00:27:41:cb:8d:0b:97:a8:c7:95:
         85:48:48:35:03:4a:ed:67:67:93:c1:33:03:8a:6f:27:0f:27:
         fa:d9:8f:63:ab:ae:2e:eb:89:1c:7b:9d:bd:19:f1:8f:2c:f6:
         7a:75:28:3c:04:85:90:10:3d:5b:d4:e1:9f:65:dd:28:1a:01:
         58:af:c7:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJmvVBFeNQeyii/gtpxEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhM2JjYjQwYTFjOGM4ZjlmNzU4ZGNkZTFjMjkwNzkzOGQ4
Njg1MmYwHhcNMjQwMTAxMjIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWE0MzJiNDM3OTUzMTZlNjFmMTYyODQ0MWI0NWFkNmIzZTI4ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWlmx1wZn9/RN+DjJnBDYO/2UL83
LiI6OAZoG+IJHfAyxlw2f1HY+Qb0dhEEFAh8yiis1uTSEuCzwRVcLC4FJWT3bVX+
QblG0jOHlaT5TBZ9740fVs7325lwDFGS9BgPdkRR2lVkZ2oFZLPK/VZFvqYAZqdM
R2d6j+9PJR9DU3gw2RY6amXTZeOIiKiUF1b1/g54mhsmY1UlO+jdwMClOTUCLmrP
Egk6dR5dtjeGZfyEzHSCp3KbV2a0Itwv22ffrzDNEqazlHEHot+puz2yfwK7ZLH7
0CWrZv/aP98Wfrr4h2wOJQe06k0aDv28r+OlPq0KSwdbGP2vHRbBvmH1eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6kMrQ3lTFuYfFihEG0Wtaz4o8+MB8GA1UdIwQY
MBaAFHo7y0ChyMj591jc3hwpB5ONhoUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWp2TFFLSEl5UG4zV056ZUhDa0hrNDJHaFM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iYjNjNmItY2Q5Mi00MjJmLTk1MTgt
MDE2NTI1NzZmNWEyLzEvRHFReXREZVZNVzVoOFdLRVFiUmExclBpano0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iYjNjNmItY2Q5Mi00MjJmLTk1MTgtMDE2NTI1NzZmNWEy
LzEvZWp2TFFLSEl5UG4zV056ZUhDa0hrNDJHaFM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU4loMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ9sFldpuOS3MVHDP0m1Je8chXZPzXgOHH2pA8dEHr
ohDysdPFWZerNaIwwQgaWaFEQb5JWmjS2JiGnVY+cHy2a64fPQscxD8znMjlT23O
gAKlOI1yOFXLNtcDq8p+JchyDYyDCsnzMHFBgYQ9YJxU4IErKcnRMVMM+7Np0rQQ
x/dBMqJoJIWGBfdQXXTLI1kXGPrWL66mH2FCGYA/TDvTtV0rjnmDlh7BBY/qdVLK
O9903vTlrlUx7gz7fgAnQcuNC5eox5WFSEg1A0rtZ2eTwTMDim8nDyf62Y9jq64u
64kce529GfGPLPZ6dSg8BIWQED1b1OGfZd0oGgFYr8fA
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:30:02 2024 by rpki-client on console-ams.rpki-client.org