Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/mBALmVEnL3fS2ktOEErK27cfn1s.roa
File:                     mBALmVEnL3fS2ktOEErK27cfn1s.roa (raw, json)
Hash identifier:          SpLN3jGgD39n9oLOQSpQlLNcXJk9IkYHhhmbOno4YuM=
Subject key identifier:   98:10:0B:99:51:27:2F:77:D2:DA:4B:4E:10:4A:CA:DB:B7:1F:9F:5B
Certificate issuer:       /CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
Certificate serial:       018CC3B729D38153B4DC01711263BA6B43A6
Authority key identifier: 93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/mBALmVEnL3fS2ktOEErK27cfn1s.roa
Signing time:             Mon 01 Jan 2024 06:30:10 +0000
ROA not before:           Mon 01 Jan 2024 06:30:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202443
IP address blocks:        194.34.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/k059UV3emgPC3Ic4mi_KTn1YxOw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/k059UV3emgPC3Ic4mi_KTn1YxOw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:29:d3:81:53:b4:dc:01:71:12:63:ba:6b:43:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=934e7d515dde9a03c2dc87389a2fca4e7d58c4ec
        Validity
            Not Before: Jan  1 06:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=98100b9951272f77d2da4b4e104acadbb71f9f5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:27:fa:3f:66:73:81:64:93:82:4a:a2:dc:69:
                    44:1b:d5:74:d2:f1:f8:92:d4:0a:2f:68:21:f3:0d:
                    31:50:eb:e5:ed:c3:96:03:06:e4:46:70:d2:b6:b8:
                    26:24:69:3c:81:f7:2b:81:5c:9b:6c:be:e7:b0:c9:
                    03:41:c6:93:91:00:e9:c3:73:eb:ce:76:ad:18:8e:
                    5f:16:17:8e:7c:12:f0:2a:5e:da:f7:f5:87:4f:97:
                    4a:52:87:72:b0:37:70:d8:f9:3c:bb:34:25:40:9e:
                    8a:b0:dc:86:17:a7:26:1c:4a:e4:d3:4e:c5:1f:43:
                    0e:a7:a3:c2:b5:55:75:16:47:72:e1:92:ee:14:dc:
                    27:18:cf:12:e8:87:97:4b:b1:f4:4d:67:d5:ca:23:
                    9b:ef:2c:1c:53:c7:da:b4:70:b4:df:dd:fa:85:72:
                    ef:6e:1f:25:82:53:a3:02:96:cb:a8:c6:4a:9d:91:
                    37:8e:1c:3f:d8:58:f3:72:65:8c:a0:8f:78:9e:73:
                    d0:7a:b5:5c:22:25:00:9e:2d:8d:87:0c:4b:be:0b:
                    6d:9e:9d:28:47:f3:c9:a4:45:63:d9:bd:6c:ca:de:
                    5e:36:2f:2a:83:7e:2a:cd:3f:5b:3c:f0:2e:4e:4d:
                    00:0a:15:64:3f:bb:d6:5b:ac:6e:ae:df:0e:f1:be:
                    6c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:10:0B:99:51:27:2F:77:D2:DA:4B:4E:10:4A:CA:DB:B7:1F:9F:5B
            X509v3 Authority Key Identifier:
                keyid:93:4E:7D:51:5D:DE:9A:03:C2:DC:87:38:9A:2F:CA:4E:7D:58:C4:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k059UV3emgPC3Ic4mi_KTn1YxOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/mBALmVEnL3fS2ktOEErK27cfn1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/759327-cc9f-4d6d-ac79-9cb8d023cc0b/1/k059UV3emgPC3Ic4mi_KTn1YxOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:8b:58:1c:47:65:e7:44:20:a8:08:39:6a:57:4e:f6:75:d4:
         39:d8:91:c5:fa:8d:e1:79:b2:f4:a9:eb:17:ae:54:d3:47:5a:
         e4:8a:13:1c:74:84:49:f0:35:c2:4d:d4:42:31:39:ee:e5:f8:
         a0:6f:15:e9:b1:fe:27:7a:91:05:f3:26:e4:a0:58:c0:37:31:
         a3:77:14:0a:72:56:4f:00:d0:94:a2:3a:c4:81:ed:f9:b2:1e:
         e1:24:db:f3:44:8a:01:6c:0e:f9:3f:fa:88:1d:ec:a0:fd:23:
         90:d6:6f:ca:86:32:2e:b0:08:63:f2:b6:09:14:5a:c3:6f:08:
         24:79:3d:0b:01:88:bd:45:16:8a:b3:b3:90:9a:6d:3d:c4:86:
         9c:95:00:de:51:e7:95:fe:27:c0:42:0f:98:22:38:e6:09:be:
         d6:81:e6:b8:13:97:cf:f5:3c:84:ef:9c:f0:61:ed:f7:b6:a5:
         ee:00:c4:c5:99:89:d1:5e:5e:f6:2b:33:2c:51:d2:c7:a7:e6:
         af:f4:21:1f:8b:66:74:c2:8e:6d:dc:fc:b0:09:0f:1b:2a:d1:
         45:ee:bb:09:ed:0e:44:40:a1:88:8d:4b:c8:91:57:66:8d:ae:
         f2:af:6a:32:bd:d3:30:5a:68:c7:0f:c1:ba:a4:7d:b6:7f:31:
         44:17:78:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtynTgVO03AFxEmO6a0OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNGU3ZDUxNWRkZTlhMDNjMmRjODczODlhMmZjYTRlN2Q1
OGM0ZWMwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODEwMGI5OTUxMjcyZjc3ZDJkYTRiNGUxMDRhY2FkYmI3MWY5ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzif6P2ZzgWSTgkqi3GlEG9V00vH4
ktQKL2gh8w0xUOvl7cOWAwbkRnDStrgmJGk8gfcrgVybbL7nsMkDQcaTkQDpw3Pr
znatGI5fFheOfBLwKl7a9/WHT5dKUodysDdw2Pk8uzQlQJ6KsNyGF6cmHErk007F
H0MOp6PCtVV1Fkdy4ZLuFNwnGM8S6IeXS7H0TWfVyiOb7ywcU8fatHC03936hXLv
bh8lglOjApbLqMZKnZE3jhw/2FjzcmWMoI94nnPQerVcIiUAni2NhwxLvgttnp0o
R/PJpEVj2b1syt5eNi8qg34qzT9bPPAuTk0AChVkP7vWW6xurt8O8b5sFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgQC5lRJy930tpLThBKytu3H59bMB8GA1UdIwQY
MBaAFJNOfVFd3poDwtyHOJovyk59WMTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazA1OVVWM2VtZ1BDM0ljNG1pX0tUbjFZeE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83NTkzMjctY2M5Zi00ZDZkLWFjNzkt
OWNiOGQwMjNjYzBiLzEvbUJBTG1WRW5MM2ZTMmt0T0VFcksyN2NmbjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83NTkzMjctY2M5Zi00ZDZkLWFjNzktOWNiOGQwMjNjYzBi
LzEvazA1OVVWM2VtZ1BDM0ljNG1pX0tUbjFZeE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiKoMA0G
CSqGSIb3DQEBCwUAA4IBAQB9i1gcR2XnRCCoCDlqV072ddQ52JHF+o3hebL0qesX
rlTTR1rkihMcdIRJ8DXCTdRCMTnu5figbxXpsf4nepEF8ybkoFjANzGjdxQKclZP
ANCUojrEge35sh7hJNvzRIoBbA75P/qIHeyg/SOQ1m/KhjIusAhj8rYJFFrDbwgk
eT0LAYi9RRaKs7OQmm09xIaclQDeUeeV/ifAQg+YIjjmCb7Wgea4E5fP9TyE75zw
Ye33tqXuAMTFmYnRXl72KzMsUdLHp+av9CEfi2Z0wo5t3PywCQ8bKtFF7rsJ7Q5E
QKGIjUvIkVdmja7yr2oyvdMwWmjHD8G6pH22fzFEF3hY
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:02:37 2024 by rpki-client on console-ams.rpki-client.org