Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/A-W5Wprr5h0c1I0l0sB0brDaI7E.roa
File:                     A-W5Wprr5h0c1I0l0sB0brDaI7E.roa (raw, json)
Hash identifier:          J9deXQLzEZ13X8aQgqc/4Pt9MfnBvwmPF77pcw/cXuE=
Subject key identifier:   03:E5:B9:5A:9A:EB:E6:1D:1C:D4:8D:25:D2:C0:74:6E:B0:DA:23:B1
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018CCA29D1979406D9BB94805B42BB15EF38
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/A-W5Wprr5h0c1I0l0sB0brDaI7E.roa
Signing time:             Tue 02 Jan 2024 12:33:07 +0000
ROA not before:           Tue 02 Jan 2024 12:33:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39134
IP address blocks:        185.177.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Jun 2024 05:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:d1:97:94:06:d9:bb:94:80:5b:42:bb:15:ef:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  2 12:33:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03e5b95a9aebe61d1cd48d25d2c0746eb0da23b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3a:f9:79:3b:30:79:61:c8:27:57:5d:77:a0:
                    52:c6:28:9c:91:34:69:68:fa:97:b5:3b:6c:79:19:
                    99:35:43:be:bd:8d:1a:8f:b1:51:57:30:36:68:ea:
                    1c:c7:1f:1f:0d:06:44:e9:e1:51:eb:b7:87:86:80:
                    8a:78:e2:88:b0:97:8e:12:0e:16:18:6c:48:0a:8a:
                    31:72:50:0d:77:ea:d5:54:fa:b6:48:d0:4a:0f:d3:
                    96:3e:64:1c:d0:37:1e:a6:be:19:ba:39:e6:dd:e9:
                    77:15:16:ad:4b:54:7b:dd:4a:9a:ab:34:41:37:01:
                    2e:45:37:83:71:3e:b6:8c:26:1c:05:14:71:aa:64:
                    60:f1:46:da:ff:76:98:73:9b:19:63:28:ff:ff:cf:
                    a0:09:86:b6:ab:83:df:53:93:8a:52:b0:92:56:62:
                    f0:0f:9e:95:9f:4f:3f:13:9b:84:5b:36:82:1f:2f:
                    b9:60:e0:2a:59:78:c8:4e:15:c0:5f:57:07:d4:16:
                    c0:d9:2b:47:5d:7d:80:91:c1:64:21:67:bb:b9:15:
                    00:19:6d:15:2d:86:58:fd:be:0c:b4:de:be:db:02:
                    9a:93:61:5d:44:bc:87:5a:76:f3:21:a9:77:16:2c:
                    30:bd:04:7c:f9:a9:71:6f:12:21:e5:65:42:67:a4:
                    de:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:E5:B9:5A:9A:EB:E6:1D:1C:D4:8D:25:D2:C0:74:6E:B0:DA:23:B1
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/A-W5Wprr5h0c1I0l0sB0brDaI7E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:b6:f2:c5:11:9b:68:3c:c7:3b:d4:73:da:7d:79:89:2d:2f:
         b4:01:8b:31:e8:16:bc:39:24:0f:24:32:5f:7f:db:3a:e2:d6:
         95:fe:af:b7:4e:7f:03:08:f0:04:a2:6c:5a:2f:cd:e0:a1:08:
         16:95:13:4c:47:81:21:f5:28:9d:07:04:58:72:30:c1:48:f3:
         f2:41:89:fc:56:35:26:b0:23:c9:a2:8b:39:cc:49:83:ec:be:
         fc:0f:72:8e:33:00:4d:31:94:1b:60:12:90:6e:8b:23:71:47:
         1f:47:c8:f2:96:b2:c4:3f:7e:e8:92:30:18:e1:78:03:3d:05:
         a5:58:04:cf:0d:df:ac:17:9f:76:37:9d:b7:12:56:3e:ba:fd:
         fa:dc:77:54:e7:d5:8d:8b:60:f9:fc:dd:7f:2b:cf:ca:70:58:
         d9:3a:99:38:1e:12:93:b0:40:ba:57:95:66:51:89:75:ea:51:
         f3:30:79:03:a9:f8:47:78:75:aa:c6:1b:9d:0e:6d:05:b5:cd:
         85:f4:ac:c2:1f:03:65:db:ef:5e:93:cc:fc:db:23:5f:2e:c2:
         70:8b:ab:51:49:df:e9:43:3f:98:e5:33:6f:cf:be:b5:dd:82:
         f7:e5:c2:23:c0:28:3c:e2:57:ba:f0:10:d5:59:4f:c8:e8:5a:
         0d:f9:8b:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKdGXlAbZu5SAW0K7Fe84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U1Yjk1YTlhZWJlNjFkMWNkNDhkMjVkMmMwNzQ2ZWIwZGEyM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTr5eTsweWHIJ1ddd6BSxiickTRp
aPqXtTtseRmZNUO+vY0aj7FRVzA2aOocxx8fDQZE6eFR67eHhoCKeOKIsJeOEg4W
GGxICooxclANd+rVVPq2SNBKD9OWPmQc0Dcepr4Zujnm3el3FRatS1R73UqaqzRB
NwEuRTeDcT62jCYcBRRxqmRg8Uba/3aYc5sZYyj//8+gCYa2q4PfU5OKUrCSVmLw
D56Vn08/E5uEWzaCHy+5YOAqWXjIThXAX1cH1BbA2StHXX2AkcFkIWe7uRUAGW0V
LYZY/b4MtN6+2wKak2FdRLyHWnbzIal3FiwwvQR8+alxbxIh5WVCZ6TerwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPluVqa6+YdHNSNJdLAdG6w2iOxMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvQS1XNVdwcnI1aDBjMUkwbDBzQjBickRhSTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubHvMA0G
CSqGSIb3DQEBCwUAA4IBAQAwtvLFEZtoPMc71HPafXmJLS+0AYsx6Ba8OSQPJDJf
f9s64taV/q+3Tn8DCPAEomxaL83goQgWlRNMR4Eh9SidBwRYcjDBSPPyQYn8VjUm
sCPJoos5zEmD7L78D3KOMwBNMZQbYBKQbosjcUcfR8jylrLEP37okjAY4XgDPQWl
WATPDd+sF592N523ElY+uv363HdU59WNi2D5/N1/K8/KcFjZOpk4HhKTsEC6V5Vm
UYl16lHzMHkDqfhHeHWqxhudDm0Ftc2F9KzCHwNl2+9ek8z82yNfLsJwi6tRSd/p
Qz+Y5TNvz7613YL35cIjwCg84le68BDVWU/I6FoN+YsJ
-----END CERTIFICATE-----
Generated at Sun Jun 2 16:04:20 2024 by rpki-client on console-ams.rpki-client.org