Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/gHJmewsha8ffTALL7agLNU5FguU.roa
File:                     gHJmewsha8ffTALL7agLNU5FguU.roa (raw, json)
Hash identifier:          bvPSbxCx1vfz9zmI5B0N4PGw/lVaqxhDLq4T8WFxnJw=
Subject key identifier:   80:72:66:7B:0B:21:6B:C7:DF:4C:02:CB:ED:A8:0B:35:4E:45:82:E5
Certificate issuer:       /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial:       018CC94E3FA39544975E6EF6FDAA09BE7F58
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/gHJmewsha8ffTALL7agLNU5FguU.roa
Signing time:             Tue 02 Jan 2024 08:33:17 +0000
ROA not before:           Tue 02 Jan 2024 08:33:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44410
IP address blocks:        78.111.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:3f:a3:95:44:97:5e:6e:f6:fd:aa:09:be:7f:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
        Validity
            Not Before: Jan  2 08:33:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8072667b0b216bc7df4c02cbeda80b354e4582e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2a:13:0b:57:bc:62:6c:24:ab:43:14:94:0b:
                    a0:09:02:40:3d:56:73:e1:33:22:ff:a6:96:9b:f7:
                    d6:fe:13:13:20:07:9b:f5:fb:6c:55:76:31:7a:c2:
                    de:ed:21:91:72:d6:10:22:da:06:ee:61:b6:b8:3d:
                    15:4e:14:46:49:84:6e:de:bc:45:a4:62:43:53:dc:
                    a0:7f:61:8a:da:0f:98:44:b0:5f:ed:db:2d:00:eb:
                    db:09:94:9f:bd:47:d0:c3:88:da:36:67:3e:c8:4f:
                    2d:ab:0b:0f:cd:b1:f3:8a:f3:9b:f7:1f:a9:d6:d1:
                    a8:01:07:dc:69:02:21:19:81:56:11:8d:28:74:30:
                    ff:ea:27:13:c5:c5:ce:aa:5d:46:36:da:21:ff:db:
                    76:99:2e:8b:0f:ba:ec:0e:a2:58:11:c1:cc:84:32:
                    5d:29:5e:82:4f:9c:5e:56:a4:7c:dc:ee:35:4f:ff:
                    96:94:a9:59:f7:be:75:a5:f9:c1:32:a3:56:78:5d:
                    65:2a:e4:50:1b:f9:9f:2d:90:74:c8:80:ea:f7:ad:
                    85:1b:8f:76:a1:26:6f:19:b5:f4:72:ac:75:d8:00:
                    88:8c:91:4a:fd:f9:00:ae:b9:0a:ba:f8:be:82:45:
                    d9:44:e8:31:7b:86:de:8d:6e:ed:17:ec:cc:80:5d:
                    59:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:72:66:7B:0B:21:6B:C7:DF:4C:02:CB:ED:A8:0B:35:4E:45:82:E5
            X509v3 Authority Key Identifier:
                keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/gHJmewsha8ffTALL7agLNU5FguU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.111.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:a5:4f:4e:1d:2d:ce:34:c4:c6:04:fe:f3:93:bb:0d:1e:cf:
         12:73:97:53:db:d2:c0:12:50:14:88:8a:75:93:ed:c1:c8:9e:
         1e:3c:b5:9c:64:87:bb:40:b9:a0:c5:44:e3:39:2e:b1:d6:a7:
         02:95:8f:5f:c6:e9:2f:db:c7:a9:ea:ce:ca:34:20:0c:f5:34:
         4b:58:0f:61:d7:ce:f0:b2:3e:8d:08:d3:1b:33:ae:ac:0f:3b:
         90:1f:93:15:5f:b3:6d:30:be:1f:49:3d:9c:04:58:7f:c5:63:
         b1:9f:56:cc:47:93:f2:93:dd:fd:14:26:27:e9:fa:c6:f5:ad:
         1d:77:79:93:32:bd:55:ca:7e:97:2c:15:cb:19:18:e1:8f:22:
         fb:f3:02:8d:bf:b5:53:f8:f3:09:32:b5:cd:1f:0c:2e:db:bb:
         ee:fd:5b:99:29:57:82:7c:70:80:60:d8:ba:93:1e:a9:fe:b9:
         72:40:60:a5:cc:7f:c2:5e:bf:41:e0:22:55:a0:83:50:4e:ab:
         56:1d:1b:be:8f:32:d7:1f:7c:e0:61:1c:22:33:e1:18:02:01:
         57:9b:a7:65:f6:c1:57:e8:3f:22:be:e5:24:02:c5:d2:c4:4a:
         76:ab:3b:66:1d:8d:77:9a:e4:62:e8:d8:2f:3e:10:de:c3:e5:
         65:ce:e9:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTj+jlUSXXm72/aoJvn9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NDk3ODc3OWU5MzBlMDFmYmZlN2UwYzVmY2I0MTYxMTEy
OWQ0ZTgwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDcyNjY3YjBiMjE2YmM3ZGY0YzAyY2JlZGE4MGIzNTRlNDU4MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyoTC1e8Ymwkq0MUlAugCQJAPVZz
4TMi/6aWm/fW/hMTIAeb9ftsVXYxesLe7SGRctYQItoG7mG2uD0VThRGSYRu3rxF
pGJDU9ygf2GK2g+YRLBf7dstAOvbCZSfvUfQw4jaNmc+yE8tqwsPzbHzivOb9x+p
1tGoAQfcaQIhGYFWEY0odDD/6icTxcXOql1GNtoh/9t2mS6LD7rsDqJYEcHMhDJd
KV6CT5xeVqR83O41T/+WlKlZ9751pfnBMqNWeF1lKuRQG/mfLZB0yIDq962FG492
oSZvGbX0cqx12ACIjJFK/fkArrkKuvi+gkXZROgxe4bejW7tF+zMgF1ZwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIByZnsLIWvH30wCy+2oCzVORYLlMB8GA1UdIwQY
MBaAFOlJeHeekw4B+/5+DF/LQWERKdToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3Yzct
OTVjNDJlNGE4NGMwLzEvZ0hKbWV3c2hhOGZmVEFMTDdhZ0xOVTVGZ3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3YzctOTVjNDJlNGE4NGMw
LzEvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATm8HMA0G
CSqGSIb3DQEBCwUAA4IBAQCYpU9OHS3ONMTGBP7zk7sNHs8Sc5dT29LAElAUiIp1
k+3ByJ4ePLWcZIe7QLmgxUTjOS6x1qcClY9fxukv28ep6s7KNCAM9TRLWA9h187w
sj6NCNMbM66sDzuQH5MVX7NtML4fST2cBFh/xWOxn1bMR5Pyk939FCYn6frG9a0d
d3mTMr1Vyn6XLBXLGRjhjyL78wKNv7VT+PMJMrXNHwwu27vu/VuZKVeCfHCAYNi6
kx6p/rlyQGClzH/CXr9B4CJVoINQTqtWHRu+jzLXH3zgYRwiM+EYAgFXm6dl9sFX
6D8ivuUkAsXSxEp2qztmHY13muRi6NgvPhDew+Vlzuk+
-----END CERTIFICATE-----
Generated at Sun Jun 23 16:50:05 2024 by rpki-client on console-fra.rpki-client.org