Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS200017.roa
File:                     AS200017.roa (raw, json)
Hash identifier:          dr92lXEEY3053eoiJ/S5C5QexU9bW6qF7KUopzVUl+M=
Subject key identifier:   99:21:E5:DB:59:81:CF:43:61:93:43:79:91:B3:F3:14:AA:7D:50:92
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       718151F5AD0FABA1D6202E3C9E91396264BFBC13
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS200017.roa
Signing time:             Tue 07 May 2024 12:10:39 +0000
ROA not before:           Tue 07 May 2024 12:05:39 +0000
ROA not after:            Tue 06 May 2025 12:10:39 +0000
asID:                     200017
IP address blocks:        141.11.10.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:81:51:f5:ad:0f:ab:a1:d6:20:2e:3c:9e:91:39:62:64:bf:bc:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: May  7 12:05:39 2024 GMT
            Not After : May  6 12:10:39 2025 GMT
        Subject: CN=9921E5DB5981CF436193437991B3F314AA7D5092
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fa:b6:51:4d:51:7e:5d:ff:2b:0a:2c:82:ea:
                    9c:df:6b:51:d4:ee:13:30:1d:1e:a4:fe:d0:3e:89:
                    96:ab:81:2c:a5:37:cf:a9:79:a8:bd:20:51:1e:29:
                    a4:87:54:d7:ef:71:df:bb:a6:ca:d9:ec:b5:84:6a:
                    9c:7c:1a:7c:4b:3d:68:23:8c:31:90:83:3d:ef:9d:
                    19:98:e3:97:72:69:ff:a2:54:a3:a6:17:32:05:b9:
                    a2:cc:df:71:d7:f7:9c:b0:f8:25:d7:75:08:1e:22:
                    32:d4:ac:07:05:f0:35:a0:4c:ad:32:e5:6b:03:f4:
                    d0:93:77:d1:a9:1d:33:31:4c:c5:f7:bc:e0:35:41:
                    21:32:21:8c:97:0e:54:91:f9:68:99:71:a3:8b:ba:
                    a2:20:83:69:9d:0f:1a:de:61:2f:55:03:6f:fd:29:
                    a5:6b:39:b0:da:3e:d3:56:ac:25:56:ae:35:50:80:
                    34:ff:21:64:17:d4:5a:f2:9e:93:4d:f5:54:95:c8:
                    e8:e2:36:ff:4f:e8:11:58:04:c7:be:ca:f0:ae:c7:
                    77:04:4d:37:78:35:c2:fa:09:f9:be:d4:67:ab:ca:
                    c5:21:ba:fc:1f:53:e9:7a:ad:4f:ab:f0:ec:ab:6b:
                    ec:b3:c4:03:cc:42:48:4b:74:b6:32:ce:75:0f:34:
                    88:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:21:E5:DB:59:81:CF:43:61:93:43:79:91:B3:F3:14:AA:7D:50:92
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS200017.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:d1:cb:7a:63:3c:41:b0:78:c3:9e:ef:61:ff:dc:2d:2b:09:
         9d:18:c7:6d:01:f4:5b:a2:46:20:4b:c0:4d:c3:55:4a:01:1e:
         aa:35:53:1f:33:21:9f:7e:eb:cb:94:55:c0:4d:b8:77:21:16:
         24:8e:28:cb:ab:3b:27:be:8f:ad:83:53:c3:69:af:7f:bd:6a:
         81:8f:ff:4d:1a:f8:c8:a3:f2:34:4f:6e:4f:54:75:fb:06:a4:
         c0:97:bb:4a:fd:f8:f0:f8:cd:24:c6:79:34:1f:c6:a8:6c:46:
         9f:7a:a0:fb:e3:b4:39:66:1d:de:7b:3b:6f:59:16:78:3c:06:
         2f:94:6b:2b:b1:68:a9:35:c0:e7:96:2a:af:20:1d:fe:b5:9b:
         49:48:d9:c8:e5:ff:1d:fd:65:f5:2c:fb:d6:b1:82:e5:ef:6b:
         87:24:6d:be:3b:57:56:20:0a:22:61:88:6b:b8:13:13:ba:21:
         67:ec:44:79:d4:3f:bc:cc:07:ca:9c:a9:26:73:20:a9:0c:4c:
         e2:41:02:a8:43:d6:02:99:c6:41:0e:a4:21:81:4e:38:e8:6d:
         4e:42:26:1d:ca:bd:a1:00:17:a1:a1:2d:39:c4:b8:ad:ab:ce:
         a6:26:94:4d:69:1a:be:8f:68:a3:46:ad:83:36:5b:e7:ad:3a:
         d8:2e:61:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUcYFR9a0Pq6HWIC48npE5YmS/vBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MDcxMjA1MzlaFw0yNTA1MDYxMjEwMzlaMDMxMTAvBgNV
BAMTKDk5MjFFNURCNTk4MUNGNDM2MTkzNDM3OTkxQjNGMzE0QUE3RDUwOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6+rZRTVF+Xf8rCiyC6pzfa1HU
7hMwHR6k/tA+iZargSylN8+peai9IFEeKaSHVNfvcd+7psrZ7LWEapx8GnxLPWgj
jDGQgz3vnRmY45dyaf+iVKOmFzIFuaLM33HX95yw+CXXdQgeIjLUrAcF8DWgTK0y
5WsD9NCTd9GpHTMxTMX3vOA1QSEyIYyXDlSR+WiZcaOLuqIgg2mdDxreYS9VA2/9
KaVrObDaPtNWrCVWrjVQgDT/IWQX1FrynpNN9VSVyOjiNv9P6BFYBMe+yvCux3cE
TTd4NcL6Cfm+1GerysUhuvwfU+l6rU+r8Oyra+yzxAPMQkhLdLYyznUPNIh7AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUmSHl21mBz0Nhk0N5kbPzFKp9UJIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjAwMDE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsK
MA0GCSqGSIb3DQEBCwUAA4IBAQCL0ct6YzxBsHjDnu9h/9wtKwmdGMdtAfRbokYg
S8BNw1VKAR6qNVMfMyGffuvLlFXATbh3IRYkjijLqzsnvo+tg1PDaa9/vWqBj/9N
GvjIo/I0T25PVHX7BqTAl7tK/fjw+M0kxnk0H8aobEafeqD747Q5Zh3eeztvWRZ4
PAYvlGsrsWipNcDnliqvIB3+tZtJSNnI5f8d/WX1LPvWsYLl72uHJG2+O1dWIAoi
YYhruBMTuiFn7ER51D+8zAfKnKkmcyCpDEziQQKoQ9YCmcZBDqQhgU446G1OQiYd
yr2hABehoS05xLitq86mJpRNaRq+j2ijRq2DNlvnrTrYLmG4
-----END CERTIFICATE-----
Generated at Mon May 20 18:49:05 2024 by rpki-client on console-ams.rpki-client.org