Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ziYj5tkCeyjmn6vH88MdqNG6wBg.roa
File:                     ziYj5tkCeyjmn6vH88MdqNG6wBg.roa (raw, json)
Hash identifier:          um7DhealZCFT5o2g/8K11OuGrOcFWmjViC4wYvodGpY=
Subject key identifier:   CE:26:23:E6:D9:02:7B:28:E6:9F:AB:C7:F3:C3:1D:A8:D1:BA:C0:18
Certificate issuer:       /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial:       018CC5DCC08475B7D4342A37006BC282809A
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ziYj5tkCeyjmn6vH88MdqNG6wBg.roa
Signing time:             Mon 01 Jan 2024 16:30:27 +0000
ROA not before:           Mon 01 Jan 2024 16:30:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56694
IP address blocks:        185.65.201.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 14:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:c0:84:75:b7:d4:34:2a:37:00:6b:c2:82:80:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
        Validity
            Not Before: Jan  1 16:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ce2623e6d9027b28e69fabc7f3c31da8d1bac018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:16:2d:ea:e1:eb:79:fb:e3:37:e5:d8:c3:ed:
                    45:86:90:ea:e7:9e:e1:53:0d:cb:3a:02:d8:c8:29:
                    de:a0:20:32:d3:bf:9a:e5:58:c4:fe:9c:34:cb:ed:
                    e0:4b:58:fa:93:d7:62:f4:30:b5:71:90:51:08:8d:
                    3b:01:ef:48:98:13:1d:4b:6f:a8:5c:41:68:91:22:
                    0e:6d:c0:b9:b4:14:e1:0b:93:d4:51:c1:90:b0:28:
                    1e:4c:64:a7:71:7b:f6:d0:fc:d9:b0:00:fc:a9:c6:
                    10:f4:9f:6c:92:02:a3:9c:12:54:bc:92:e7:92:83:
                    6b:94:e6:0b:7c:8f:47:fc:1f:12:69:ff:51:20:9b:
                    dd:1c:3c:7a:26:73:ae:91:94:73:a0:48:60:71:c3:
                    35:5a:a5:0f:f6:5c:ad:13:9b:0a:70:6f:d2:ef:35:
                    bc:1d:bc:ac:4d:c3:a7:1e:e9:32:4c:60:85:3f:a0:
                    76:de:11:1b:eb:e1:98:eb:3a:29:23:00:1c:62:f3:
                    ac:16:8f:3f:ce:ef:76:ac:8b:7e:fc:aa:3a:7f:9e:
                    04:d5:7c:5f:62:bc:40:c4:fe:f6:9e:3e:cf:17:00:
                    87:a7:cb:ae:43:6d:ef:14:c9:f6:b0:46:b9:21:56:
                    60:78:40:65:b0:e8:ab:28:9d:8c:9d:ac:0b:7f:0e:
                    91:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:26:23:E6:D9:02:7B:28:E6:9F:AB:C7:F3:C3:1D:A8:D1:BA:C0:18
            X509v3 Authority Key Identifier:
                keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ziYj5tkCeyjmn6vH88MdqNG6wBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.65.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:b9:83:8f:7f:e6:02:56:f3:7b:1d:00:8d:8e:54:06:00:94:
         5d:89:87:54:7e:c5:0b:13:ad:9c:ba:c6:a0:f1:0c:ca:13:37:
         01:62:87:9c:39:bd:ea:1b:4a:ca:cc:e2:34:08:94:63:67:aa:
         a2:cc:e3:85:80:26:56:bb:e6:c5:88:eb:29:28:b1:d9:cf:11:
         d5:d7:45:b4:e0:10:67:2b:ff:47:79:b2:f2:fe:8d:df:c6:0e:
         9e:15:fd:d8:f7:83:44:0b:ba:74:2b:35:5f:5f:d9:5c:ad:c7:
         11:d7:fa:2d:d5:52:1d:59:49:c1:79:3a:4a:85:76:90:df:f3:
         a9:db:8b:aa:95:e5:d7:b9:15:43:ab:97:3e:e3:86:05:b8:44:
         63:25:7f:80:2d:50:b6:57:c7:52:b6:1e:c5:32:a7:31:8b:24:
         2f:a6:10:eb:f2:12:bf:75:55:fe:1e:7e:f1:b8:8e:2b:6d:1d:
         7c:32:d8:1a:02:60:94:c3:ab:bc:9b:08:61:b7:f0:3a:6d:fd:
         2e:ba:37:cb:a9:b5:50:d4:5e:82:0c:ab:48:fc:6d:ad:a5:31:
         67:c2:65:1d:92:b4:2a:37:86:da:5b:cf:53:f9:45:9d:2f:1b:
         b9:6d:87:27:95:12:6f:c2:9d:a1:20:68:e1:59:25:b6:6d:83:
         7f:99:32:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3MCEdbfUNCo3AGvCgoCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwMTAxMTYzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTI2MjNlNmQ5MDI3YjI4ZTY5ZmFiYzdmM2MzMWRhOGQxYmFjMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghYt6uHrefvjN+XYw+1FhpDq557h
Uw3LOgLYyCneoCAy07+a5VjE/pw0y+3gS1j6k9di9DC1cZBRCI07Ae9ImBMdS2+o
XEFokSIObcC5tBThC5PUUcGQsCgeTGSncXv20PzZsAD8qcYQ9J9skgKjnBJUvJLn
koNrlOYLfI9H/B8Saf9RIJvdHDx6JnOukZRzoEhgccM1WqUP9lytE5sKcG/S7zW8
HbysTcOnHukyTGCFP6B23hEb6+GY6zopIwAcYvOsFo8/zu92rIt+/Ko6f54E1Xxf
YrxAxP72nj7PFwCHp8uuQ23vFMn2sEa5IVZgeEBlsOirKJ2MnawLfw6R2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM4mI+bZAnso5p+rx/PDHajRusAYMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvemlZajV0a0NleWptbjZ2SDg4TWRxTkc2d0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUHJMA0G
CSqGSIb3DQEBCwUAA4IBAQA5uYOPf+YCVvN7HQCNjlQGAJRdiYdUfsULE62cusag
8QzKEzcBYoecOb3qG0rKzOI0CJRjZ6qizOOFgCZWu+bFiOspKLHZzxHV10W04BBn
K/9HebLy/o3fxg6eFf3Y94NEC7p0KzVfX9lcrccR1/ot1VIdWUnBeTpKhXaQ3/Op
24uqleXXuRVDq5c+44YFuERjJX+ALVC2V8dSth7FMqcxiyQvphDr8hK/dVX+Hn7x
uI4rbR18MtgaAmCUw6u8mwhht/A6bf0uujfLqbVQ1F6CDKtI/G2tpTFnwmUdkrQq
N4baW89T+UWdLxu5bYcnlRJvwp2hIGjhWSW2bYN/mTJq
-----END CERTIFICATE-----
Generated at Fri May 17 18:35:45 2024 by rpki-client on console-fra.rpki-client.org