Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/pcmtGjojejGcUFhd101DwNsmFmk.roa
File:                     pcmtGjojejGcUFhd101DwNsmFmk.roa (raw, json)
Hash identifier:          fWeU0eFmkRKeMwshSwPHIONlScsI1xyzJs64bnAuo0A=
Subject key identifier:   A5:C9:AD:1A:3A:23:7A:31:9C:50:58:5D:D7:4D:43:C0:DB:26:16:69
Certificate issuer:       /CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
Certificate serial:       018FE7704D88D76BB993AF0C2462B9B04352
Authority key identifier: C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/pcmtGjojejGcUFhd101DwNsmFmk.roa
Signing time:             Wed 05 Jun 2024 08:07:27 +0000
ROA not before:           Wed 05 Jun 2024 08:07:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51405
IP address blocks:        78.111.132.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 06:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:e7:70:4d:88:d7:6b:b9:93:af:0c:24:62:b9:b0:43:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c453f5e230420bc4a70d0a61de3b47dcda1a8d0e
        Validity
            Not Before: Jun  5 08:07:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a5c9ad1a3a237a319c50585dd74d43c0db261669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1e:97:2d:4b:f5:78:56:6c:e2:01:2c:81:ef:
                    e7:7f:e3:86:8f:e0:5a:2e:b5:5c:d2:5b:93:ea:72:
                    7b:06:b4:00:d4:3f:f4:40:03:06:4b:da:e1:6d:18:
                    d0:18:69:75:22:fb:f5:4d:83:f5:df:24:0d:ea:28:
                    5c:1a:66:b3:64:a0:af:61:09:dd:7c:af:f5:1e:83:
                    67:99:b6:b5:00:b9:5a:dc:8f:ae:b5:dd:da:c3:dd:
                    4c:e2:3c:25:67:7f:17:65:13:5e:48:dc:cb:a5:7a:
                    15:d6:00:b4:69:93:fc:07:1d:b3:07:ab:5b:20:1c:
                    3f:64:ef:f8:74:c7:11:f8:e2:3e:e6:4d:5e:9a:47:
                    96:43:39:95:ec:f0:21:a6:60:88:e6:fb:3a:6c:1a:
                    90:2f:50:d7:28:a2:6c:0d:fb:f7:63:e3:c6:8d:7c:
                    36:94:08:22:f4:06:10:a7:72:d0:38:8e:35:0f:e4:
                    38:17:fa:33:c5:ee:f0:d5:28:d6:a2:d2:7d:f4:1b:
                    ac:75:56:50:7a:e5:10:0f:57:14:6d:d7:39:49:d2:
                    04:f2:76:31:65:37:93:6a:28:a3:11:35:93:11:70:
                    d3:30:a9:50:e4:05:60:4e:f6:b5:37:e3:74:94:62:
                    65:3c:17:e0:79:04:e4:20:ad:b5:89:51:b6:7f:3c:
                    b4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:C9:AD:1A:3A:23:7A:31:9C:50:58:5D:D7:4D:43:C0:DB:26:16:69
            X509v3 Authority Key Identifier:
                keyid:C4:53:F5:E2:30:42:0B:C4:A7:0D:0A:61:DE:3B:47:DC:DA:1A:8D:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFP14jBCC8SnDQph3jtH3NoajQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/pcmtGjojejGcUFhd101DwNsmFmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/487562-d171-4686-8569-e6cf17cdda4f/1/xFP14jBCC8SnDQph3jtH3NoajQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.111.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:41:b5:72:47:5c:69:87:0e:8d:ba:51:be:3e:e0:45:11:05:
         0d:59:00:7a:58:8c:04:bf:b7:b2:bb:89:25:7b:5c:54:78:53:
         35:dd:8b:01:1f:99:db:5d:4e:7d:a1:2c:37:50:d8:5d:85:30:
         ef:56:25:d6:ef:59:6d:72:d5:17:9a:0d:b5:8e:cc:6d:84:ee:
         c5:35:83:93:e4:a9:08:cd:30:3e:f7:fa:42:4f:2e:44:c7:ed:
         6e:9f:a1:43:3a:de:1b:90:77:fa:5c:70:b2:d0:b9:e2:1f:31:
         a6:9d:79:82:af:85:9d:59:0b:61:67:b9:02:8a:78:0c:a2:4e:
         15:7f:2d:54:5f:34:f7:e8:ed:4c:be:6b:8b:73:ee:0e:03:e6:
         a9:dc:c7:54:84:c5:2e:41:b8:93:53:71:c3:0e:38:53:2c:d1:
         2a:33:db:f3:c5:cd:b0:cb:c9:5e:0b:49:cf:78:43:1b:3b:86:
         75:16:98:d9:c7:8f:de:e6:c1:03:03:2a:94:4e:d7:e6:2f:7e:
         ed:ee:3c:8d:b8:a1:57:a3:ca:dc:e1:7e:19:68:e8:68:b0:b7:
         dc:4d:c7:47:40:f4:04:95:70:89:d9:fe:8d:fc:76:2a:32:d1:
         c3:cc:5f:4a:6e:d8:b4:1c:13:15:55:9c:31:5e:c1:89:83:e8:
         f6:67:c6:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/ncE2I12u5k68MJGK5sENSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NTNmNWUyMzA0MjBiYzRhNzBkMGE2MWRlM2I0N2RjZGEx
YThkMGUwHhcNMjQwNjA1MDgwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM5YWQxYTNhMjM3YTMxOWM1MDU4NWRkNzRkNDNjMGRiMjYxNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB6XLUv1eFZs4gEsge/nf+OGj+Ba
LrVc0luT6nJ7BrQA1D/0QAMGS9rhbRjQGGl1Ivv1TYP13yQN6ihcGmazZKCvYQnd
fK/1HoNnmba1ALla3I+utd3aw91M4jwlZ38XZRNeSNzLpXoV1gC0aZP8Bx2zB6tb
IBw/ZO/4dMcR+OI+5k1emkeWQzmV7PAhpmCI5vs6bBqQL1DXKKJsDfv3Y+PGjXw2
lAgi9AYQp3LQOI41D+Q4F/ozxe7w1SjWotJ99BusdVZQeuUQD1cUbdc5SdIE8nYx
ZTeTaiijETWTEXDTMKlQ5AVgTva1N+N0lGJlPBfgeQTkIK21iVG2fzy0uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXJrRo6I3oxnFBYXddNQ8DbJhZpMB8GA1UdIwQY
MBaAFMRT9eIwQgvEpw0KYd47R9zaGo0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1Njkt
ZTZjZjE3Y2RkYTRmLzEvcGNtdEdqb2plakdjVUZoZDEwMUR3TnNtRm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ODc1NjItZDE3MS00Njg2LTg1NjktZTZjZjE3Y2RkYTRm
LzEveEZQMTRqQkNDOFNuRFFwaDNqdEgzTm9halE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATm+EMA0G
CSqGSIb3DQEBCwUAA4IBAQAwQbVyR1xphw6NulG+PuBFEQUNWQB6WIwEv7eyu4kl
e1xUeFM13YsBH5nbXU59oSw3UNhdhTDvViXW71ltctUXmg21jsxthO7FNYOT5KkI
zTA+9/pCTy5Ex+1un6FDOt4bkHf6XHCy0LniHzGmnXmCr4WdWQthZ7kCingMok4V
fy1UXzT36O1MvmuLc+4OA+ap3MdUhMUuQbiTU3HDDjhTLNEqM9vzxc2wy8leC0nP
eEMbO4Z1FpjZx4/e5sEDAyqUTtfmL37t7jyNuKFXo8rc4X4ZaOhosLfcTcdHQPQE
lXCJ2f6N/HYqMtHDzF9Kbti0HBMVVZwxXsGJg+j2Z8ZV
-----END CERTIFICATE-----
Generated at Sun Jun 23 14:55:27 2024 by rpki-client on console-ams.rpki-client.org