Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/g28ptft4v8EX2zu4TWqBRwpT-t0.roa
File:                     g28ptft4v8EX2zu4TWqBRwpT-t0.roa (raw, json)
Hash identifier:          MOg7GxZjMJp4i3yzmGOi7DitjExCG/tAL58SXrKnezg=
Subject key identifier:   83:6F:29:B5:FB:78:BF:C1:17:DB:3B:B8:4D:6A:81:47:0A:53:FA:DD
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       018CC7956342D7114852C01F2330FCA0B5FC
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/g28ptft4v8EX2zu4TWqBRwpT-t0.roa
Signing time:             Tue 02 Jan 2024 00:31:45 +0000
ROA not before:           Tue 02 Jan 2024 00:31:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62034
IP address blocks:        128.0.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:63:42:d7:11:48:52:c0:1f:23:30:fc:a0:b5:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  2 00:31:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=836f29b5fb78bfc117db3bb84d6a81470a53fadd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c9:ea:fe:02:0e:e8:4c:f4:83:2b:bb:69:a1:
                    f5:99:50:a7:9c:cd:c1:63:c6:23:a9:25:7b:96:5e:
                    de:0c:2c:fa:5f:e5:b1:05:64:ee:f1:99:2e:ba:7e:
                    a9:35:ec:d1:9d:d6:cc:97:8e:d6:ce:e7:33:69:1d:
                    5b:c9:2c:1b:a6:2e:54:da:4c:49:17:bc:f5:ce:9f:
                    e6:31:b3:98:fc:5e:09:1f:b1:0c:9f:54:d9:d8:ac:
                    46:d5:0f:7c:3b:c9:b8:17:7c:03:d6:b4:61:0a:54:
                    1b:34:76:e0:82:b3:20:21:ee:a5:2e:21:97:7e:b8:
                    39:97:1e:f8:e9:15:52:2b:51:d6:b8:d1:6e:f6:eb:
                    7f:9d:dc:a2:78:52:88:81:0a:4d:0f:cd:a0:5f:be:
                    15:e3:8a:60:52:7e:56:fa:75:9b:c9:8e:f4:29:df:
                    d8:aa:b8:9f:89:40:3a:a6:6b:9e:15:f6:03:89:d6:
                    12:f6:51:05:35:27:28:85:41:d9:6a:f7:44:26:25:
                    e3:8d:31:47:36:b2:e2:22:ef:b4:64:5b:c9:95:a4:
                    5c:1a:09:0f:b1:95:24:52:f1:fc:47:26:32:49:ff:
                    c0:f9:81:53:a5:ea:a1:ca:7d:64:dc:96:e3:ba:e2:
                    34:bf:e5:c4:81:e7:ab:55:1a:bf:cc:76:9e:da:06:
                    81:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:6F:29:B5:FB:78:BF:C1:17:DB:3B:B8:4D:6A:81:47:0A:53:FA:DD
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/g28ptft4v8EX2zu4TWqBRwpT-t0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.0.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:2c:5a:01:2d:c8:28:e5:e4:a0:35:29:a8:7c:7a:c0:cf:1a:
         fd:62:45:64:23:84:b1:37:c8:bb:fc:c6:3b:ff:96:3a:86:c9:
         62:1e:58:f6:3c:0e:76:46:76:30:24:64:d6:55:4a:37:44:cc:
         78:2e:cd:a4:9d:6b:c9:a7:c2:4b:45:44:06:13:03:32:be:fb:
         9d:5d:5b:43:1a:84:49:27:d4:09:d2:a9:02:4b:20:e8:61:8c:
         fd:1e:e1:4d:ef:65:25:bd:a8:23:6c:22:d8:ff:9a:f9:48:0d:
         ea:e4:9e:dc:31:93:bb:e8:1e:3a:8f:c4:c0:0f:0a:35:a1:16:
         65:85:59:66:7e:e7:8d:02:65:61:6e:9d:69:58:71:19:fb:af:
         46:bb:ec:33:8e:da:59:2d:53:5b:f2:e5:ca:71:50:85:dc:11:
         cf:87:9c:1c:6a:91:32:6f:04:60:ad:9d:0d:e1:bd:72:7e:fd:
         fd:00:e4:cf:d7:15:2a:0f:24:a6:3f:d6:46:a2:67:e5:5b:2e:
         45:79:6e:65:ef:0a:4f:6b:3c:d5:23:32:96:c5:37:0a:32:6d:
         f2:9b:e8:9b:b7:b7:fd:19:0b:41:de:0f:9c:88:eb:03:98:31:
         b2:22:74:35:93:06:8d:ba:1e:0f:3c:79:9e:95:bd:41:9f:51:
         8a:9a:23:8e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlWNC1xFIUsAfIzD8oLX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZmMjliNWZiNzhiZmMxMTdkYjNiYjg0ZDZhODE0NzBhNTNmYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysnq/gIO6Ez0gyu7aaH1mVCnnM3B
Y8YjqSV7ll7eDCz6X+WxBWTu8Zkuun6pNezRndbMl47WzuczaR1bySwbpi5U2kxJ
F7z1zp/mMbOY/F4JH7EMn1TZ2KxG1Q98O8m4F3wD1rRhClQbNHbggrMgIe6lLiGX
frg5lx746RVSK1HWuNFu9ut/ndyieFKIgQpND82gX74V44pgUn5W+nWbyY70Kd/Y
qrifiUA6pmueFfYDidYS9lEFNScohUHZavdEJiXjjTFHNrLiIu+0ZFvJlaRcGgkP
sZUkUvH8RyYySf/A+YFTpeqhyn1k3JbjuuI0v+XEgeerVRq/zHae2gaBwwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFINvKbX7eL/BF9s7uE1qgUcKU/rdMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2cyOHB0ZnQ0djhFWDJ6dTRUV3FCUndwVC10MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACAAAMw
DQYJKoZIhvcNAQELBQADggEBAK0sWgEtyCjl5KA1Kah8esDPGv1iRWQjhLE3yLv8
xjv/ljqGyWIeWPY8DnZGdjAkZNZVSjdEzHguzaSda8mnwktFRAYTAzK++51dW0Ma
hEkn1AnSqQJLIOhhjP0e4U3vZSW9qCNsItj/mvlIDerkntwxk7voHjqPxMAPCjWh
FmWFWWZ+540CZWFunWlYcRn7r0a77DOO2lktU1vy5cpxUIXcEc+HnBxqkTJvBGCt
nQ3hvXJ+/f0A5M/XFSoPJKY/1kaiZ+VbLkV5bmXvCk9rPNUjMpbFNwoybfKb6Ju3
t/0ZC0HeD5yI6wOYMbIidDWTBo26Hg88eZ6VvUGfUYqaI44=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:37:00 2024 by rpki-client on console-fra.rpki-client.org