Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/8dJqb3rgtUKrpk4cBKVqsSz1688.roa
File:                     8dJqb3rgtUKrpk4cBKVqsSz1688.roa (raw, json)
Hash identifier:          fXl/l3qZOd/2iWAJC1juxDfdWIAoDI4myb5JO/yJSEs=
Subject key identifier:   F1:D2:6A:6F:7A:E0:B5:42:AB:A6:4E:1C:04:A5:6A:B1:2C:F5:EB:CF
Certificate issuer:       /CN=231e28359c180ea6c488a98ca3af77b5bb793dee
Certificate serial:       018CC725793B419969B4DD5E49A3EE4B79A0
Authority key identifier: 23:1E:28:35:9C:18:0E:A6:C4:88:A9:8C:A3:AF:77:B5:BB:79:3D:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ix4oNZwYDqbEiKmMo693tbt5Pe4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/8dJqb3rgtUKrpk4cBKVqsSz1688.roa
Signing time:             Mon 01 Jan 2024 22:29:31 +0000
ROA not before:           Mon 01 Jan 2024 22:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201300
IP address blocks:        185.79.110.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/Ix4oNZwYDqbEiKmMo693tbt5Pe4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/Ix4oNZwYDqbEiKmMo693tbt5Pe4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ix4oNZwYDqbEiKmMo693tbt5Pe4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:25:79:3b:41:99:69:b4:dd:5e:49:a3:ee:4b:79:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=231e28359c180ea6c488a98ca3af77b5bb793dee
        Validity
            Not Before: Jan  1 22:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f1d26a6f7ae0b542aba64e1c04a56ab12cf5ebcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:72:74:2c:1b:b3:0a:71:36:cf:05:9c:b6:93:
                    54:92:e9:4c:2b:37:3a:b7:8c:dc:17:ae:2d:ae:ec:
                    ca:be:c3:b7:ce:e0:68:2d:13:22:82:70:07:b8:42:
                    0d:7f:86:2a:bf:26:e1:81:35:93:70:bd:76:bc:48:
                    4f:c9:66:24:41:77:04:f3:1a:84:70:19:c8:16:21:
                    78:6e:61:2d:cd:c8:4b:f2:4b:4c:1e:13:88:7c:3e:
                    6c:33:a7:68:26:3c:9b:56:be:5c:73:10:df:aa:c0:
                    38:e3:31:1b:d2:77:54:65:0d:a7:b7:46:97:0e:7e:
                    1b:66:30:45:66:ef:63:83:86:c9:b3:10:29:d1:fa:
                    e4:81:45:0f:2e:a4:85:6f:13:f3:b1:6b:05:fe:7e:
                    08:1a:d9:14:55:6d:8e:0b:37:cc:51:ae:e0:5d:91:
                    2c:5f:29:00:eb:44:40:ef:75:50:66:95:46:4b:72:
                    43:4f:8b:a5:05:24:c3:58:c7:94:f2:63:cb:26:4a:
                    46:8b:b0:9b:a1:15:56:ef:a3:14:93:a8:b2:58:55:
                    41:25:1d:35:b3:cf:4a:1e:24:1f:11:84:49:af:c5:
                    53:bc:1e:60:21:42:72:05:a1:a4:2e:5c:c4:01:e3:
                    3a:3c:e6:ca:d8:d4:a7:70:05:68:be:f8:8b:33:da:
                    a3:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:D2:6A:6F:7A:E0:B5:42:AB:A6:4E:1C:04:A5:6A:B1:2C:F5:EB:CF
            X509v3 Authority Key Identifier:
                keyid:23:1E:28:35:9C:18:0E:A6:C4:88:A9:8C:A3:AF:77:B5:BB:79:3D:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ix4oNZwYDqbEiKmMo693tbt5Pe4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/8dJqb3rgtUKrpk4cBKVqsSz1688.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9246cb-d46b-4062-987b-5b34bc378436/1/Ix4oNZwYDqbEiKmMo693tbt5Pe4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:f1:62:60:9a:dd:ee:c6:04:ae:1f:a1:a4:e1:c5:e4:28:05:
         dd:98:50:d9:37:0b:50:20:33:d3:77:9c:24:2b:20:b1:87:4d:
         fd:ba:0a:a8:d6:36:04:b9:69:99:81:71:33:60:b4:8b:96:ee:
         3e:c6:c6:a5:ea:be:55:22:19:0c:18:02:4a:cb:f8:52:e0:8d:
         5a:91:f0:21:18:f1:c8:ea:6b:d8:35:64:12:96:a5:c7:7d:46:
         fd:71:a0:0d:83:aa:64:39:83:c2:e9:44:4d:14:38:81:7e:fb:
         4a:90:ef:a5:76:7d:44:a8:75:98:6b:ce:0e:52:a2:7c:68:50:
         83:67:c0:8c:ed:3d:b3:9a:b6:6b:9e:ec:dc:c0:99:2b:04:b8:
         16:c8:96:df:32:93:d9:8c:0a:37:ef:1a:6d:28:31:79:2e:2c:
         0d:5f:f9:7c:50:ad:8b:2a:8b:95:1b:76:a0:b5:44:aa:26:40:
         1f:29:a4:c4:13:22:06:3d:d2:0b:2d:5d:ec:b8:8d:ff:a7:34:
         4a:6e:b8:e7:b6:c5:17:44:20:ef:b0:2b:4f:04:77:b1:85:ad:
         a5:7f:f3:3b:7c:fb:63:24:5a:27:3f:a9:2a:83:83:22:af:00:
         ca:91:f5:e4:3a:15:13:69:f5:c0:ba:c1:fe:4d:78:4e:1b:83:
         7b:90:a3:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXk7QZlptN1eSaPuS3mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMWUyODM1OWMxODBlYTZjNDg4YTk4Y2EzYWY3N2I1YmI3
OTNkZWUwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQyNmE2ZjdhZTBiNTQyYWJhNjRlMWMwNGE1NmFiMTJjZjVlYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHJ0LBuzCnE2zwWctpNUkulMKzc6
t4zcF64truzKvsO3zuBoLRMignAHuEINf4YqvybhgTWTcL12vEhPyWYkQXcE8xqE
cBnIFiF4bmEtzchL8ktMHhOIfD5sM6doJjybVr5ccxDfqsA44zEb0ndUZQ2nt0aX
Dn4bZjBFZu9jg4bJsxAp0frkgUUPLqSFbxPzsWsF/n4IGtkUVW2OCzfMUa7gXZEs
XykA60RA73VQZpVGS3JDT4ulBSTDWMeU8mPLJkpGi7CboRVW76MUk6iyWFVBJR01
s89KHiQfEYRJr8VTvB5gIUJyBaGkLlzEAeM6PObK2NSncAVovviLM9qjfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHSam964LVCq6ZOHASlarEs9evPMB8GA1UdIwQY
MBaAFCMeKDWcGA6mxIipjKOvd7W7eT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXg0b05ad1lEcWJFaUttTW82OTN0YnQ1UGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjQ2Y2ItZDQ2Yi00MDYyLTk4N2It
NWIzNGJjMzc4NDM2LzEvOGRKcWIzcmd0VUtycGs0Y0JLVnFzU3oxNjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjQ2Y2ItZDQ2Yi00MDYyLTk4N2ItNWIzNGJjMzc4NDM2
LzEvSXg0b05ad1lEcWJFaUttTW82OTN0YnQ1UGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuU9uMA0G
CSqGSIb3DQEBCwUAA4IBAQBP8WJgmt3uxgSuH6Gk4cXkKAXdmFDZNwtQIDPTd5wk
KyCxh039ugqo1jYEuWmZgXEzYLSLlu4+xsal6r5VIhkMGAJKy/hS4I1akfAhGPHI
6mvYNWQSlqXHfUb9caANg6pkOYPC6URNFDiBfvtKkO+ldn1EqHWYa84OUqJ8aFCD
Z8CM7T2zmrZrnuzcwJkrBLgWyJbfMpPZjAo37xptKDF5LiwNX/l8UK2LKouVG3ag
tUSqJkAfKaTEEyIGPdILLV3suI3/pzRKbrjntsUXRCDvsCtPBHexha2lf/M7fPtj
JFonP6kqg4MirwDKkfXkOhUTafXAusH+TXhOG4N7kKN+
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:19:55 2024 by rpki-client on console-fra.rpki-client.org