Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/5pijl57yueQCyY6bAzf3Wl9az5s.roa
File:                     5pijl57yueQCyY6bAzf3Wl9az5s.roa (raw, json)
Hash identifier:          hK5xqxhsen0C5rcX+gnEwi9UZgN3/XfkZThfoWpyJRM=
Subject key identifier:   E6:98:A3:97:9E:F2:B9:E4:02:C9:8E:9B:03:37:F7:5A:5F:5A:CF:9B
Certificate issuer:       /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial:       018CC94D45122A82D17CAD9BF664415D6651
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/5pijl57yueQCyY6bAzf3Wl9az5s.roa
Signing time:             Tue 02 Jan 2024 08:32:13 +0000
ROA not before:           Tue 02 Jan 2024 08:32:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49434
IP address blocks:        89.234.190.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4d:45:12:2a:82:d1:7c:ad:9b:f6:64:41:5d:66:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
        Validity
            Not Before: Jan  2 08:32:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e698a3979ef2b9e402c98e9b0337f75a5f5acf9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:11:df:ee:66:e3:a9:17:d5:2c:ff:a7:af:52:
                    f4:45:eb:4b:b4:40:98:c2:f3:f5:fd:b8:1e:d3:df:
                    04:6f:b7:68:6e:97:82:fe:c4:16:51:10:7d:64:9f:
                    d2:21:2e:ca:45:96:94:2f:c3:b1:c9:2e:dd:c6:90:
                    ed:94:47:95:77:8a:e7:fd:df:57:02:c0:ed:39:7f:
                    0f:11:24:de:80:6d:6d:0d:bd:72:93:fc:bb:5e:68:
                    b3:8d:77:b5:15:77:54:66:f5:72:46:a1:2d:d6:e4:
                    cd:82:77:55:57:09:f4:e9:1e:2f:e6:b2:d8:f1:54:
                    c4:56:82:46:aa:a6:df:d0:aa:e7:61:7a:c8:20:45:
                    cf:f0:eb:a4:b7:f4:a6:54:ae:75:02:60:f9:05:08:
                    bb:e7:cb:8f:bc:36:68:ab:53:34:70:46:dc:77:46:
                    de:1e:6f:d5:7e:2f:bc:38:21:2d:06:af:44:a8:9d:
                    83:29:f8:f7:09:a6:2d:42:38:ca:af:b3:08:81:35:
                    f9:e4:41:53:50:3c:b8:a5:a3:03:b8:94:03:2a:c3:
                    3c:c4:05:1c:67:3a:b6:6b:40:c6:fd:58:55:d9:ef:
                    d4:7b:b2:cf:04:c7:9b:b5:f8:d5:d4:ba:62:be:f2:
                    4c:c1:9e:2b:e4:1f:9c:6e:52:37:98:73:c0:40:e4:
                    87:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:98:A3:97:9E:F2:B9:E4:02:C9:8E:9B:03:37:F7:5A:5F:5A:CF:9B
            X509v3 Authority Key Identifier:
                keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/5pijl57yueQCyY6bAzf3Wl9az5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.234.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:e3:1e:9f:dc:03:81:f8:db:5f:2b:f7:06:b8:96:a8:42:c9:
         3b:63:28:cb:08:e9:08:9f:ef:ae:db:6f:fe:b8:1b:9e:49:b4:
         5b:f7:f9:18:72:f9:56:c2:a0:a0:aa:7c:b0:81:5e:75:b6:ec:
         87:5f:3d:cd:79:35:75:48:63:fc:3e:ef:e6:e7:74:66:bc:6b:
         db:09:67:39:a1:85:a0:00:c5:9c:a8:5e:b5:f0:04:fa:29:7d:
         b4:cb:c2:e0:dc:fd:66:00:bd:bd:31:0f:5b:e1:3c:b5:8b:ca:
         db:7a:cd:75:fe:27:eb:40:0e:43:2a:b1:70:c4:a2:de:2d:66:
         1e:df:b8:20:1d:b5:05:ef:b1:00:dd:2a:cc:9c:62:91:f5:62:
         1a:18:9a:cb:ea:04:dd:49:25:17:55:d5:cd:a5:16:50:5f:58:
         83:24:34:2b:47:32:2f:34:77:c0:45:b2:c7:5d:59:10:52:1f:
         ef:97:57:04:0d:2c:bc:90:d9:64:44:fa:f7:12:66:0a:ed:c6:
         0b:98:a4:3b:57:36:0e:52:c9:e6:d7:90:c9:67:3a:b2:97:61:
         92:4b:68:4e:22:95:37:b7:2d:f9:2c:3f:23:95:05:2c:7d:f2:
         9e:53:0e:20:4b:4d:87:da:c9:46:d4:ee:ae:97:d6:5a:2f:9d:
         39:f4:dc:a7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTUUSKoLRfK2b9mRBXWZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwMTAyMDgzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk4YTM5NzllZjJiOWU0MDJjOThlOWIwMzM3Zjc1YTVmNWFjZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhHf7mbjqRfVLP+nr1L0RetLtECY
wvP1/bge098Eb7dobpeC/sQWURB9ZJ/SIS7KRZaUL8OxyS7dxpDtlEeVd4rn/d9X
AsDtOX8PESTegG1tDb1yk/y7XmizjXe1FXdUZvVyRqEt1uTNgndVVwn06R4v5rLY
8VTEVoJGqqbf0KrnYXrIIEXP8Oukt/SmVK51AmD5BQi758uPvDZoq1M0cEbcd0be
Hm/Vfi+8OCEtBq9EqJ2DKfj3CaYtQjjKr7MIgTX55EFTUDy4paMDuJQDKsM8xAUc
Zzq2a0DG/VhV2e/Ue7LPBMebtfjV1LpivvJMwZ4r5B+cblI3mHPAQOSHxwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOaYo5ee8rnkAsmOmwM391pfWs+bMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xLzVwaWpsNTd5dWVRQ3lZNmJBemYzV2w5YXo1cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZ6r4w
DQYJKoZIhvcNAQELBQADggEBAIXjHp/cA4H4218r9wa4lqhCyTtjKMsI6Qif767b
b/64G55JtFv3+Rhy+VbCoKCqfLCBXnW27IdfPc15NXVIY/w+7+bndGa8a9sJZzmh
haAAxZyoXrXwBPopfbTLwuDc/WYAvb0xD1vhPLWLytt6zXX+J+tADkMqsXDEot4t
Zh7fuCAdtQXvsQDdKsycYpH1YhoYmsvqBN1JJRdV1c2lFlBfWIMkNCtHMi80d8BF
ssddWRBSH++XVwQNLLyQ2WRE+vcSZgrtxguYpDtXNg5SyebXkMlnOrKXYZJLaE4i
lTe3LfksPyOVBSx98p5TDiBLTYfayUbU7q6X1lovnTn03Kc=
-----END CERTIFICATE-----
Generated at Fri May 3 11:06:07 2024 by rpki-client on console-ams.rpki-client.org