Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/8qU7M4m9vxjo4oUSOHxJVSck8Bo.roa
File:                     8qU7M4m9vxjo4oUSOHxJVSck8Bo.roa (raw, json)
Hash identifier:          a/sD4tvZZrPEJFSdRsLEkqZGJyxxp7ccYHoZ/bSz4Tk=
Subject key identifier:   F2:A5:3B:33:89:BD:BF:18:E8:E2:85:12:38:7C:49:55:27:24:F0:1A
Certificate issuer:       /CN=04f0f75caed3f26885ac65630ffaaee77a70ebd9
Certificate serial:       018CC8DE3BAF57F86A6CF50F437BFE95E206
Authority key identifier: 04:F0:F7:5C:AE:D3:F2:68:85:AC:65:63:0F:FA:AE:E7:7A:70:EB:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BPD3XK7T8miFrGVjD_qu53pw69k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/8qU7M4m9vxjo4oUSOHxJVSck8Bo.roa
Signing time:             Tue 02 Jan 2024 06:30:56 +0000
ROA not before:           Tue 02 Jan 2024 06:30:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207356
IP address blocks:        185.16.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/BPD3XK7T8miFrGVjD_qu53pw69k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/BPD3XK7T8miFrGVjD_qu53pw69k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BPD3XK7T8miFrGVjD_qu53pw69k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 00:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:3b:af:57:f8:6a:6c:f5:0f:43:7b:fe:95:e2:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04f0f75caed3f26885ac65630ffaaee77a70ebd9
        Validity
            Not Before: Jan  2 06:30:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2a53b3389bdbf18e8e28512387c49552724f01a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b8:30:a1:5d:7b:ca:ea:8e:b2:61:c0:00:1f:
                    a2:79:87:8f:9f:4e:21:83:2e:52:20:c6:58:e3:20:
                    b2:8a:7c:10:b2:78:48:5e:8a:2c:ed:68:56:6a:12:
                    02:6f:38:64:ba:ad:d5:ab:f2:1a:28:33:9b:d6:09:
                    78:e6:d0:1c:f9:16:46:87:c5:ee:0a:85:ba:fc:0f:
                    c4:05:08:3b:6d:6f:6e:92:4e:43:a1:1a:e2:8c:6d:
                    92:3d:bc:d2:0e:61:5a:fb:b1:2c:29:dc:6f:8b:48:
                    b1:fa:20:3c:c2:4d:94:0a:0b:16:cc:8c:5e:a6:78:
                    29:72:3a:a0:26:7d:8f:8e:53:4a:9f:4f:48:7d:43:
                    c9:14:10:2f:29:47:c0:e7:57:82:82:3b:75:ee:b2:
                    97:51:14:3d:69:0f:7e:31:08:2f:12:17:45:bc:ae:
                    3b:03:09:35:22:b7:61:de:51:bf:3f:3e:d5:59:58:
                    1b:49:a8:5c:60:2a:2b:20:bb:c4:8b:57:a9:4e:a1:
                    83:ec:78:b8:e1:af:a6:6c:81:d8:37:26:49:75:11:
                    b8:b7:2a:41:f9:0d:b5:c7:8d:90:b9:96:5a:cb:6d:
                    8f:5b:82:2b:62:bb:c3:d3:d9:8d:6c:d5:47:00:cf:
                    62:ee:53:a1:60:ec:53:75:01:42:1e:0f:5f:88:6f:
                    c4:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:A5:3B:33:89:BD:BF:18:E8:E2:85:12:38:7C:49:55:27:24:F0:1A
            X509v3 Authority Key Identifier:
                keyid:04:F0:F7:5C:AE:D3:F2:68:85:AC:65:63:0F:FA:AE:E7:7A:70:EB:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BPD3XK7T8miFrGVjD_qu53pw69k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/8qU7M4m9vxjo4oUSOHxJVSck8Bo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/ac8587-db0d-4fe1-a39d-452ef6abe00f/1/BPD3XK7T8miFrGVjD_qu53pw69k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.16.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:ed:e2:e2:48:59:83:11:40:d8:38:24:a3:2b:86:9e:f9:05:
         ad:d5:96:ef:e3:64:c6:45:60:2c:2a:69:af:40:59:0f:7c:5f:
         aa:fb:1c:4c:24:7b:44:a1:05:3b:ea:d1:84:b7:de:67:32:9c:
         09:af:e0:0d:7f:b8:11:cc:df:8e:70:30:26:ae:d5:ba:31:89:
         39:16:8b:aa:ff:2f:3e:a8:8f:9d:3c:3a:a7:95:db:23:4f:15:
         14:d5:65:fd:9c:2e:3b:c7:ff:a8:8a:01:06:f7:d4:8a:23:a7:
         92:d8:78:50:41:03:c2:52:1b:a3:d3:a9:b8:63:10:dd:51:25:
         56:26:ab:e1:99:09:14:04:9e:34:7e:f5:4d:81:3a:85:c0:ca:
         2d:21:3e:4a:76:82:d0:23:fd:d9:54:34:bf:91:63:17:c0:08:
         92:c0:41:4e:e1:12:26:b1:a1:2b:2f:5b:c8:78:24:a8:26:8b:
         00:3f:a5:b6:76:21:d1:f7:8b:aa:06:d7:c3:c0:2d:26:f3:cd:
         b5:e1:8e:8d:3d:a5:c6:8e:6d:85:11:94:c0:99:c0:68:b5:04:
         94:34:a0:56:be:7d:0d:9f:3d:cd:fb:69:7d:5a:c0:c2:e1:40:
         d1:5f:55:d9:58:fa:84:fc:8a:ef:a2:e2:79:0f:1b:8b:1e:32:
         44:42:73:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3juvV/hqbPUPQ3v+leIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZjBmNzVjYWVkM2YyNjg4NWFjNjU2MzBmZmFhZWU3N2E3
MGViZDkwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE1M2IzMzg5YmRiZjE4ZThlMjg1MTIzODdjNDk1NTI3MjRmMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7gwoV17yuqOsmHAAB+ieYePn04h
gy5SIMZY4yCyinwQsnhIXoos7WhWahICbzhkuq3Vq/IaKDOb1gl45tAc+RZGh8Xu
CoW6/A/EBQg7bW9ukk5DoRrijG2SPbzSDmFa+7EsKdxvi0ix+iA8wk2UCgsWzIxe
pngpcjqgJn2PjlNKn09IfUPJFBAvKUfA51eCgjt17rKXURQ9aQ9+MQgvEhdFvK47
Awk1Irdh3lG/Pz7VWVgbSahcYCorILvEi1epTqGD7Hi44a+mbIHYNyZJdRG4typB
+Q21x42QuZZay22PW4IrYrvD09mNbNVHAM9i7lOhYOxTdQFCHg9fiG/EvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKlOzOJvb8Y6OKFEjh8SVUnJPAaMB8GA1UdIwQY
MBaAFATw91yu0/JohaxlYw/6rud6cOvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlBEM1hLN1Q4bWlGckdWakRfcXU1M3B3NjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hYzg1ODctZGIwZC00ZmUxLWEzOWQt
NDUyZWY2YWJlMDBmLzEvOHFVN000bTl2eGpvNG9VU09IeEpWU2NrOEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hYzg1ODctZGIwZC00ZmUxLWEzOWQtNDUyZWY2YWJlMDBm
LzEvQlBEM1hLN1Q4bWlGckdWakRfcXU1M3B3NjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRD4MA0G
CSqGSIb3DQEBCwUAA4IBAQCu7eLiSFmDEUDYOCSjK4ae+QWt1Zbv42TGRWAsKmmv
QFkPfF+q+xxMJHtEoQU76tGEt95nMpwJr+ANf7gRzN+OcDAmrtW6MYk5Fouq/y8+
qI+dPDqnldsjTxUU1WX9nC47x/+oigEG99SKI6eS2HhQQQPCUhuj06m4YxDdUSVW
JqvhmQkUBJ40fvVNgTqFwMotIT5KdoLQI/3ZVDS/kWMXwAiSwEFO4RImsaErL1vI
eCSoJosAP6W2diHR94uqBtfDwC0m88214Y6NPaXGjm2FEZTAmcBotQSUNKBWvn0N
nz3N+2l9WsDC4UDRX1XZWPqE/IrvouJ5DxuLHjJEQnP9
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:43:53 2024 by rpki-client on console-fra.rpki-client.org