Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/evj3xiG8l3N1KvEm3vUSg9siFig.roa
File:                     evj3xiG8l3N1KvEm3vUSg9siFig.roa (raw, json)
Hash identifier:          fIdMN3rlmfhPOdG7G1fB1L+Dkxe1RtQCkUhunl7CQf0=
Subject key identifier:   7A:F8:F7:C6:21:BC:97:73:75:2A:F1:26:DE:F5:12:83:DB:22:16:28
Certificate issuer:       /CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
Certificate serial:       0192E2DC9B5D6A8D3B4B5C501835492089BC
Authority key identifier: A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/evj3xiG8l3N1KvEm3vUSg9siFig.roa
Signing time:             Thu 31 Oct 2024 13:56:01 +0000
ROA not before:           Thu 31 Oct 2024 13:56:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        212.82.40.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:e2:dc:9b:5d:6a:8d:3b:4b:5c:50:18:35:49:20:89:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4e7a0d2fc57a67bb2b7e85c3e8d78192bca0f18
        Validity
            Not Before: Oct 31 13:56:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7af8f7c621bc9773752af126def51283db221628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:7a:3d:07:c4:0c:c0:98:6d:6e:f1:04:49:34:
                    44:8c:34:31:71:b2:e8:1f:6a:52:bf:2d:1a:c2:e9:
                    d1:ad:f3:ee:7b:88:8f:ac:99:99:9c:da:62:34:ca:
                    5e:87:ad:32:2c:ae:9f:2c:90:fd:1b:23:b3:16:f4:
                    b9:33:3d:8d:b2:93:c4:1c:91:91:1c:63:97:7f:6d:
                    5e:5c:fb:65:f8:30:04:6a:8f:1e:50:9c:ac:19:22:
                    49:af:11:9e:d6:db:62:40:a6:dc:32:db:da:ef:74:
                    e0:70:2e:77:12:4e:60:2c:bd:10:0d:1e:42:62:bf:
                    e0:c7:15:e9:ce:3f:4f:50:e7:27:19:1f:f1:c6:37:
                    38:4d:aa:92:a8:b0:76:6e:3e:6a:e1:cc:26:03:64:
                    5d:d6:34:4e:ad:ca:ff:a8:e3:8c:0b:8c:73:34:7b:
                    ea:36:aa:45:bf:7a:e0:15:e5:9b:f3:79:66:c9:7d:
                    c2:59:ff:90:63:fa:42:cf:c6:7d:16:33:38:12:d1:
                    dc:84:6c:b0:82:02:19:e8:c9:44:34:8e:b4:25:8b:
                    fd:06:48:59:e1:14:ba:62:e3:13:24:fc:c2:3e:a3:
                    e4:54:ff:48:d3:97:93:50:57:59:1c:2e:11:d4:53:
                    a4:4d:a5:91:c4:eb:f3:f1:0f:98:de:22:a1:84:79:
                    9b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:F8:F7:C6:21:BC:97:73:75:2A:F1:26:DE:F5:12:83:DB:22:16:28
            X509v3 Authority Key Identifier:
                keyid:A4:E7:A0:D2:FC:57:A6:7B:B2:B7:E8:5C:3E:8D:78:19:2B:CA:0F:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOeg0vxXpnuyt-hcPo14GSvKDxg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/evj3xiG8l3N1KvEm3vUSg9siFig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/96c272-f746-4628-95bc-a6126b54094d/1/pOeg0vxXpnuyt-hcPo14GSvKDxg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.82.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         87:2b:a0:b1:19:ee:63:9b:db:04:32:c8:11:d4:63:97:ee:2f:
         d5:e3:b6:55:f0:65:77:23:0b:06:a2:dd:a7:f2:d3:28:03:55:
         51:5e:dc:b4:01:84:08:52:2c:a0:17:2f:c6:77:98:59:32:db:
         3c:bf:f5:b7:52:f7:06:34:8c:27:ee:6e:f5:4d:47:60:29:75:
         3a:39:83:5a:9b:9e:26:39:fe:a2:38:e4:d6:35:c2:52:40:0c:
         97:bc:56:00:1c:50:c6:5c:0d:a1:68:08:50:76:28:6a:58:05:
         d1:f4:68:73:cc:53:25:d8:94:c8:05:cd:a8:a7:3e:86:78:63:
         d3:61:59:c7:6d:a4:cd:62:c6:d4:ce:7e:31:53:87:db:cd:d0:
         89:e5:72:12:2d:04:73:2a:a1:35:d0:04:ec:a0:08:5e:31:42:
         22:9a:f7:e6:11:22:da:42:23:f5:57:40:ad:36:07:57:4b:9a:
         66:76:91:2d:a2:1d:de:1e:63:fc:e4:e4:a7:0a:a5:21:32:c5:
         68:6d:ba:64:8e:63:74:f3:da:d5:60:e6:09:86:d2:0f:7d:47:
         00:5e:e4:07:59:7f:de:df:ab:19:c0:66:c0:44:2e:dc:00:a7:
         81:ad:10:2d:e4:36:11:72:d4:84:11:50:36:65:8c:47:f8:23:
         51:51:01:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLi3Jtdao07S1xQGDVJIIm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTdhMGQyZmM1N2E2N2JiMmI3ZTg1YzNlOGQ3ODE5MmJj
YTBmMTgwHhcNMjQxMDMxMTM1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY4ZjdjNjIxYmM5NzczNzUyYWYxMjZkZWY1MTI4M2RiMjIxNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Xo9B8QMwJhtbvEESTREjDQxcbLo
H2pSvy0awunRrfPue4iPrJmZnNpiNMpeh60yLK6fLJD9GyOzFvS5Mz2NspPEHJGR
HGOXf21eXPtl+DAEao8eUJysGSJJrxGe1ttiQKbcMtva73TgcC53Ek5gLL0QDR5C
Yr/gxxXpzj9PUOcnGR/xxjc4TaqSqLB2bj5q4cwmA2Rd1jROrcr/qOOMC4xzNHvq
NqpFv3rgFeWb83lmyX3CWf+QY/pCz8Z9FjM4EtHchGywggIZ6MlENI60JYv9BkhZ
4RS6YuMTJPzCPqPkVP9I05eTUFdZHC4R1FOkTaWRxOvz8Q+Y3iKhhHmbJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHr498YhvJdzdSrxJt71EoPbIhYoMB8GA1UdIwQY
MBaAFKTnoNL8V6Z7srfoXD6NeBkryg8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMt
YTYxMjZiNTQwOTRkLzEvZXZqM3hpRzhsM04xS3ZFbTN2VVNnOXNpRmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85NmMyNzItZjc0Ni00NjI4LTk1YmMtYTYxMjZiNTQwOTRk
LzEvcE9lZzB2eFhwbnV5dC1oY1BvMTRHU3ZLRHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FIoMA0G
CSqGSIb3DQEBCwUAA4IBAQCHK6CxGe5jm9sEMsgR1GOX7i/V47ZV8GV3IwsGot2n
8tMoA1VRXty0AYQIUiygFy/Gd5hZMts8v/W3UvcGNIwn7m71TUdgKXU6OYNam54m
Of6iOOTWNcJSQAyXvFYAHFDGXA2haAhQdihqWAXR9GhzzFMl2JTIBc2opz6GeGPT
YVnHbaTNYsbUzn4xU4fbzdCJ5XISLQRzKqE10ATsoAheMUIimvfmESLaQiP1V0Ct
NgdXS5pmdpEtoh3eHmP85OSnCqUhMsVobbpkjmN089rVYOYJhtIPfUcAXuQHWX/e
36sZwGbARC7cAKeBrRAt5DYRctSEEVA2ZYxH+CNRUQHG
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:57:24 2024 by rpki-client on console-ams.rpki-client.org