Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa
File:                     u8zBuHARv8CyyionOPBGX5xAZKM.roa (raw, json)
Hash identifier:          fWgGTbqSPk6KAbHlPb7dacN4y/WZk7mHEIrZYs4LScY=
Subject key identifier:   BB:CC:C1:B8:70:11:BF:C0:B2:CA:2A:27:38:F0:46:5F:9C:40:64:A3
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7B8932777FD1A9FDC48250FD1A9BA
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa
Signing time:             Mon 01 Jan 2024 20:29:38 +0000
ROA not before:           Mon 01 Jan 2024 20:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197309
IP address blocks:        45.136.204.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:b8:93:27:77:fd:1a:9f:dc:48:25:0f:d1:a9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bbccc1b87011bfc0b2ca2a2738f0465f9c4064a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:35:09:2a:23:a8:ca:c2:07:19:8b:74:94:b3:
                    09:f2:f5:78:00:8a:d0:93:f2:60:b5:a6:3c:5d:ca:
                    cc:98:70:b1:54:fd:9a:c5:c3:32:be:cc:bc:80:de:
                    36:54:02:a1:c3:28:40:41:ec:95:ba:a0:cf:0d:4b:
                    96:8a:fb:cb:0b:f1:78:94:f9:31:75:da:43:66:f2:
                    c7:0e:ff:ce:ff:85:0c:ce:43:cd:95:05:65:78:d8:
                    d3:46:0b:90:cf:d8:35:f4:c8:e6:ec:97:c6:5a:9f:
                    3f:09:4b:6f:af:f9:da:86:1c:7e:6a:79:ee:ab:02:
                    a7:17:7f:ac:bf:99:4a:a6:e0:4c:97:2a:77:85:1b:
                    e7:0f:17:a4:10:79:86:03:79:57:a4:dc:82:ed:48:
                    6b:66:64:4c:18:b8:1c:d8:3a:44:94:bd:a7:01:0b:
                    f3:39:40:9a:78:b9:6a:9b:c2:32:6f:bd:41:52:64:
                    2d:55:8e:0e:fa:60:02:aa:2e:6f:15:5c:34:f5:17:
                    53:af:af:99:3a:85:a7:e1:e6:64:e2:91:9e:76:b6:
                    f1:46:7b:9d:3b:b7:08:dc:41:5a:e9:f1:4b:6f:dc:
                    b3:68:c6:8e:a7:96:13:33:de:ff:9b:03:fb:6f:ed:
                    bf:c5:e8:52:51:7a:89:7d:5c:84:5c:85:82:e5:b6:
                    ed:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:CC:C1:B8:70:11:BF:C0:B2:CA:2A:27:38:F0:46:5F:9C:40:64:A3
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.136.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:d8:c9:f7:c3:cd:cd:7f:e7:9c:2a:28:ff:96:51:01:0c:4c:
         60:e8:df:a9:b8:c6:52:78:2c:4c:b4:95:b8:63:3c:cb:39:46:
         2c:d8:c6:a9:2a:52:02:d6:5f:82:d9:cc:ac:bc:fa:7c:b2:81:
         c2:56:44:d4:74:8e:d1:c8:01:64:f2:b8:49:a0:df:18:2b:a8:
         dd:2b:2f:4e:20:5a:25:c7:2b:7a:2d:1b:00:07:34:33:95:39:
         c9:83:a3:73:b2:ca:ac:3d:37:0b:d3:85:06:2c:83:c6:1e:78:
         3c:3d:34:c9:b0:cc:fd:7d:f3:3a:56:c3:aa:c6:ba:e6:5d:21:
         7f:b3:ad:25:58:a8:0d:0e:23:4a:07:c7:e8:29:1b:69:78:4a:
         50:9e:43:89:34:ff:96:82:83:b0:c9:c1:5e:91:d2:b1:e4:3c:
         21:28:a3:f0:93:b3:30:7d:b1:06:c1:6a:13:8e:8d:ca:be:a3:
         a5:1f:47:ee:bd:4e:83:13:3f:b2:3d:1b:56:a2:00:88:4c:03:
         d8:d2:79:40:bc:df:cd:ad:d2:04:8a:91:e1:73:1c:31:d2:99:
         28:a7:23:8c:ae:6f:0e:01:f8:f6:c2:4c:76:25:12:81:3e:63:
         e6:25:dc:c0:aa:4b:31:cf:1a:97:e3:9c:2b:45:72:73:1a:25:
         2e:49:76:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7iTJ3f9Gp/cSCUP0am6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNjYzFiODcwMTFiZmMwYjJjYTJhMjczOGYwNDY1ZjljNDA2NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDUJKiOoysIHGYt0lLMJ8vV4AIrQ
k/JgtaY8XcrMmHCxVP2axcMyvsy8gN42VAKhwyhAQeyVuqDPDUuWivvLC/F4lPkx
ddpDZvLHDv/O/4UMzkPNlQVleNjTRguQz9g19Mjm7JfGWp8/CUtvr/nahhx+annu
qwKnF3+sv5lKpuBMlyp3hRvnDxekEHmGA3lXpNyC7UhrZmRMGLgc2DpElL2nAQvz
OUCaeLlqm8Iyb71BUmQtVY4O+mACqi5vFVw09RdTr6+ZOoWn4eZk4pGedrbxRnud
O7cI3EFa6fFLb9yzaMaOp5YTM97/mwP7b+2/xehSUXqJfVyEXIWC5bbtGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvMwbhwEb/AssoqJzjwRl+cQGSjMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdTh6QnVIQVJ2OEN5eWlvbk9QQkdYNXhBWktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYjMMA0G
CSqGSIb3DQEBCwUAA4IBAQCc2Mn3w83Nf+ecKij/llEBDExg6N+puMZSeCxMtJW4
YzzLOUYs2MapKlIC1l+C2cysvPp8soHCVkTUdI7RyAFk8rhJoN8YK6jdKy9OIFol
xyt6LRsABzQzlTnJg6NzssqsPTcL04UGLIPGHng8PTTJsMz9ffM6VsOqxrrmXSF/
s60lWKgNDiNKB8foKRtpeEpQnkOJNP+WgoOwycFekdKx5DwhKKPwk7MwfbEGwWoT
jo3KvqOlH0fuvU6DEz+yPRtWogCITAPY0nlAvN/NrdIEipHhcxwx0pkopyOMrm8O
Afj2wkx2JRKBPmPmJdzAqksxzxqX45wrRXJzGiUuSXbG
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:56:58 2024 by rpki-client on console-fra.rpki-client.org