Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/T7d09Hgo1skANZLIp1XFPZgt7yA.roa
File:                     T7d09Hgo1skANZLIp1XFPZgt7yA.roa (raw, json)
Hash identifier:          fhzC2tt/Ye1MqIhphOq75oRSndldEhM9lzb7Q5B+yGo=
Subject key identifier:   4F:B7:74:F4:78:28:D6:C9:00:35:92:C8:A7:55:C5:3D:98:2D:EF:20
Certificate issuer:       /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial:       018F519DA474076BBC6F1B2228E08BAC4343
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/T7d09Hgo1skANZLIp1XFPZgt7yA.roa
Signing time:             Tue 07 May 2024 05:53:56 +0000
ROA not before:           Tue 07 May 2024 05:53:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        193.25.166.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Jun 2024 22:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:51:9d:a4:74:07:6b:bc:6f:1b:22:28:e0:8b:ac:43:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
        Validity
            Not Before: May  7 05:53:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4fb774f47828d6c9003592c8a755c53d982def20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:77:48:a8:d9:05:ec:3a:47:10:50:81:7b:1d:
                    bc:5d:14:86:d7:b5:64:46:c4:43:87:fd:cf:b8:6a:
                    1d:a0:1f:08:36:e3:38:fc:72:f0:80:60:b5:a1:4f:
                    d1:dd:e5:04:ae:d6:67:57:d1:d8:f6:2e:6c:19:7d:
                    82:93:10:4f:95:79:3a:7b:ff:89:f8:ae:3a:0e:01:
                    b4:88:70:6f:14:3e:5a:d6:1a:cb:e9:28:84:53:56:
                    af:86:a9:43:d5:f8:a5:72:58:e9:10:16:f8:a3:e4:
                    0c:85:14:3e:59:7f:71:52:ec:5c:aa:1e:f5:01:36:
                    d4:fd:4d:5c:5a:1e:ec:b0:b0:24:0a:80:0c:47:44:
                    f2:fe:f7:f4:c5:29:ce:d4:4a:4a:7e:dc:fb:bb:87:
                    f5:e3:e1:bd:af:dc:46:d4:7c:fc:6a:7e:62:bd:c4:
                    24:5d:0d:d0:9d:59:3e:9c:fd:ba:32:16:f0:86:3f:
                    96:40:14:bd:70:ab:a3:b5:b9:d2:09:55:60:fe:50:
                    af:12:c5:4d:2a:97:12:0e:2c:21:25:d2:98:40:0c:
                    17:03:29:b4:5a:95:4d:46:75:58:17:83:5a:5a:07:
                    26:18:1b:5d:73:9a:6e:c1:9d:f2:c0:fe:5f:d8:bf:
                    e2:e2:16:55:5e:6f:05:0b:9c:4a:ba:f5:98:e0:f1:
                    8a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:B7:74:F4:78:28:D6:C9:00:35:92:C8:A7:55:C5:3D:98:2D:EF:20
            X509v3 Authority Key Identifier:
                keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/T7d09Hgo1skANZLIp1XFPZgt7yA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.25.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:21:93:41:64:60:fe:c3:81:5c:93:78:b9:fc:af:3e:be:4b:
         b0:c9:79:1f:9e:2d:79:7c:c5:e1:a5:19:b1:2d:60:d1:74:e7:
         f6:d5:06:3a:42:c6:c0:e6:29:92:1e:97:9b:7b:43:2f:0a:d4:
         60:63:da:49:6f:ff:36:85:41:a6:06:29:2a:23:fe:74:b3:60:
         d6:d3:71:06:57:2b:2f:60:7e:f4:72:45:c2:45:0b:b5:6e:d6:
         25:e6:a2:2a:b5:a2:84:ca:e3:8d:88:61:1b:ab:35:c3:e7:d3:
         ee:0c:9f:3d:70:06:c5:c4:42:ff:c0:58:90:56:94:78:2a:c2:
         9b:d5:b4:8b:59:50:ad:84:a6:fc:78:64:2d:e1:32:aa:26:63:
         bb:2e:07:a1:cb:ec:0b:c9:e6:66:4f:a7:a9:fa:b4:c4:d0:86:
         da:c4:54:8e:5a:90:fc:a9:6e:f0:01:27:66:64:b8:33:aa:0b:
         36:97:28:c1:4f:16:e6:ce:d7:71:03:8d:14:7d:57:26:a4:e9:
         64:52:66:bb:16:0d:a4:b4:d4:a0:ff:5e:6b:1d:ee:ab:39:d2:
         85:a5:3b:c2:0f:5c:8b:c8:5f:9a:73:88:0c:19:26:11:a8:49:
         c9:34:c3:33:6e:a8:fa:e9:cc:45:08:d2:1e:fc:0b:03:f0:d4:
         6e:e0:fa:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9RnaR0B2u8bxsiKOCLrENDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQwNTA3MDU1MzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmI3NzRmNDc4MjhkNmM5MDAzNTkyYzhhNzU1YzUzZDk4MmRlZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XdIqNkF7DpHEFCBex28XRSG17Vk
RsRDh/3PuGodoB8INuM4/HLwgGC1oU/R3eUErtZnV9HY9i5sGX2CkxBPlXk6e/+J
+K46DgG0iHBvFD5a1hrL6SiEU1avhqlD1filcljpEBb4o+QMhRQ+WX9xUuxcqh71
ATbU/U1cWh7ssLAkCoAMR0Ty/vf0xSnO1EpKftz7u4f14+G9r9xG1Hz8an5ivcQk
XQ3QnVk+nP26Mhbwhj+WQBS9cKujtbnSCVVg/lCvEsVNKpcSDiwhJdKYQAwXAym0
WpVNRnVYF4NaWgcmGBtdc5puwZ3ywP5f2L/i4hZVXm8FC5xKuvWY4PGKwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+3dPR4KNbJADWSyKdVxT2YLe8gMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvVDdkMDlIZ28xc2tBTlpMSXAxWEZQWmd0N3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRmmMA0G
CSqGSIb3DQEBCwUAA4IBAQBmIZNBZGD+w4Fck3i5/K8+vkuwyXkfni15fMXhpRmx
LWDRdOf21QY6QsbA5imSHpebe0MvCtRgY9pJb/82hUGmBikqI/50s2DW03EGVysv
YH70ckXCRQu1btYl5qIqtaKEyuONiGEbqzXD59PuDJ89cAbFxEL/wFiQVpR4KsKb
1bSLWVCthKb8eGQt4TKqJmO7Lgehy+wLyeZmT6ep+rTE0IbaxFSOWpD8qW7wASdm
ZLgzqgs2lyjBTxbmztdxA40UfVcmpOlkUma7Fg2ktNSg/15rHe6rOdKFpTvCD1yL
yF+ac4gMGSYRqEnJNMMzbqj66cxFCNIe/AsD8NRu4Ppx
-----END CERTIFICATE-----
Generated at Mon Jun 3 04:20:53 2024 by rpki-client on console-ams.rpki-client.org