Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/SlobhGbJ50LwlJjgpg4kuGVicS4.roa
File:                     SlobhGbJ50LwlJjgpg4kuGVicS4.roa (raw, json)
Hash identifier:          Nm29P75Wfz9r+RdwhQ0f4SNs1Natk8U9y7fazWQuiKI=
Subject key identifier:   4A:5A:1B:84:66:C9:E7:42:F0:94:98:E0:A6:0E:24:B8:65:62:71:2E
Certificate issuer:       /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial:       018DA67AE9CF28A16F2ED53FE9C9D6F8A1CA
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/SlobhGbJ50LwlJjgpg4kuGVicS4.roa
Signing time:             Wed 14 Feb 2024 07:18:09 +0000
ROA not before:           Wed 14 Feb 2024 07:18:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41789
IP address blocks:        45.82.14.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 May 2024 23:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a6:7a:e9:cf:28:a1:6f:2e:d5:3f:e9:c9:d6:f8:a1:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
        Validity
            Not Before: Feb 14 07:18:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a5a1b8466c9e742f09498e0a60e24b86562712e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:dc:75:18:0d:f0:b8:7f:b8:6f:41:02:75:fc:
                    24:7c:95:95:c3:b7:da:1a:94:91:3b:d4:01:49:7d:
                    1c:17:f3:00:91:e2:59:5a:b5:f5:d4:41:0e:d4:41:
                    92:cd:ca:94:e5:3c:b5:a1:7a:5a:ee:3b:8a:06:43:
                    55:6a:76:80:cc:83:bb:2d:80:52:7d:fa:34:e8:b6:
                    33:06:92:d8:67:34:8c:ec:15:34:20:3a:74:9d:4e:
                    16:70:f1:ff:4f:a3:56:b3:cb:d5:8e:ba:dc:43:e8:
                    ac:28:57:02:f1:e5:b9:c6:81:11:e8:f0:36:5f:3d:
                    d4:fa:83:ca:81:b9:55:81:5c:0a:94:a5:a5:e5:19:
                    90:12:50:1c:f7:68:26:99:d3:83:a8:f9:79:e0:cd:
                    76:18:16:38:10:32:90:42:e6:68:b3:d4:c6:21:c5:
                    ff:ae:c1:69:aa:b7:b1:d5:5b:7b:e8:cf:7d:88:4d:
                    5c:99:6e:fb:2f:6e:39:c6:ff:8b:6a:e6:53:06:40:
                    5d:30:b4:66:7d:ae:3b:09:ee:2a:48:7c:15:2f:9c:
                    d8:81:8c:23:bf:c1:28:a6:e9:45:c1:fd:1d:6b:1e:
                    fe:2e:20:be:6c:42:5b:53:8a:ad:cf:22:36:19:47:
                    37:50:c1:4d:e9:5e:bd:b1:15:e0:ae:1d:13:69:f1:
                    92:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:5A:1B:84:66:C9:E7:42:F0:94:98:E0:A6:0E:24:B8:65:62:71:2E
            X509v3 Authority Key Identifier:
                keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/SlobhGbJ50LwlJjgpg4kuGVicS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:95:c4:e0:50:d1:ef:a6:dd:81:ea:ed:a1:3c:38:7d:2c:a4:
         7c:ec:ab:30:83:a0:87:3a:2e:e3:b3:07:81:32:df:11:7b:0e:
         ed:7b:dd:c2:28:6e:93:b6:88:2e:e5:00:89:c7:0e:95:e6:d6:
         08:10:db:31:61:4a:f6:a1:d5:c1:e8:93:a7:aa:62:74:cb:8e:
         be:58:85:a9:44:83:28:03:fc:ff:98:0c:7c:e3:84:6e:52:d5:
         39:fd:c9:46:78:9e:6d:6c:bb:01:25:79:ac:c0:36:aa:6e:72:
         c7:b7:d9:bd:58:02:1b:61:aa:3e:f1:1d:67:df:b9:1e:58:ae:
         bf:e6:2c:36:db:4e:6e:67:2c:66:23:8b:ed:2d:31:0a:f9:0a:
         cf:cf:6d:0f:5e:7b:52:ef:b5:21:69:de:08:dd:39:70:a8:7e:
         b1:fd:53:bd:ec:4e:83:5c:9f:a5:60:e8:de:c9:80:18:ab:32:
         64:68:b3:dd:bb:3d:7c:ae:67:e4:ee:35:e6:96:87:05:55:dc:
         fc:ac:0b:c3:03:dd:44:9c:f8:a8:f6:36:84:06:9c:3b:c5:01:
         c9:12:86:01:89:0f:57:dd:29:15:bb:d2:24:45:1b:52:e0:36:
         1b:61:b7:a3:fb:25:05:51:4f:0e:39:21:77:df:1f:fb:87:fb:
         20:65:4a:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2meunPKKFvLtU/6cnW+KHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwMjE0MDcxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTVhMWI4NDY2YzllNzQyZjA5NDk4ZTBhNjBlMjRiODY1NjI3MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNx1GA3wuH+4b0ECdfwkfJWVw7fa
GpSRO9QBSX0cF/MAkeJZWrX11EEO1EGSzcqU5Ty1oXpa7juKBkNVanaAzIO7LYBS
ffo06LYzBpLYZzSM7BU0IDp0nU4WcPH/T6NWs8vVjrrcQ+isKFcC8eW5xoER6PA2
Xz3U+oPKgblVgVwKlKWl5RmQElAc92gmmdODqPl54M12GBY4EDKQQuZos9TGIcX/
rsFpqrex1Vt76M99iE1cmW77L245xv+LauZTBkBdMLRmfa47Ce4qSHwVL5zYgYwj
v8EopulFwf0dax7+LiC+bEJbU4qtzyI2GUc3UMFN6V69sRXgrh0TafGSNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpaG4RmyedC8JSY4KYOJLhlYnEuMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvU2xvYmhHYko1MEx3bEpqZ3BnNGt1R1ZpY1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVIOMA0G
CSqGSIb3DQEBCwUAA4IBAQBhlcTgUNHvpt2B6u2hPDh9LKR87Kswg6CHOi7jsweB
Mt8Rew7te93CKG6Ttogu5QCJxw6V5tYIENsxYUr2odXB6JOnqmJ0y46+WIWpRIMo
A/z/mAx844RuUtU5/clGeJ5tbLsBJXmswDaqbnLHt9m9WAIbYao+8R1n37keWK6/
5iw2205uZyxmI4vtLTEK+QrPz20PXntS77Uhad4I3TlwqH6x/VO97E6DXJ+lYOje
yYAYqzJkaLPduz18rmfk7jXmlocFVdz8rAvDA91EnPio9jaEBpw7xQHJEoYBiQ9X
3SkVu9IkRRtS4DYbYbej+yUFUU8OOSF33x/7h/sgZUqY
-----END CERTIFICATE-----
Generated at Sat May 11 06:10:09 2024 by rpki-client on console-fra.rpki-client.org