Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/beVDOrqdulrUX2OIrcTzSEv9Jo8.roa
File:                     beVDOrqdulrUX2OIrcTzSEv9Jo8.roa (raw, json)
Hash identifier:          v87KF7tFiG1beNLbUQjcwfkg3Ww8xekChkbDUhK2CLc=
Subject key identifier:   6D:E5:43:3A:BA:9D:BA:5A:D4:5F:63:88:AD:C4:F3:48:4B:FD:26:8F
Certificate issuer:       /CN=37a9591d485fc0d0902a89be8418a3bb127506a5
Certificate serial:       018CFE1A888F91C311BB2387CA6F9A854719
Authority key identifier: 37:A9:59:1D:48:5F:C0:D0:90:2A:89:BE:84:18:A3:BB:12:75:06:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N6lZHUhfwNCQKom-hBijuxJ1BqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/beVDOrqdulrUX2OIrcTzSEv9Jo8.roa
Signing time:             Fri 12 Jan 2024 14:36:40 +0000
ROA not before:           Fri 12 Jan 2024 14:36:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44472
IP address blocks:        185.169.105.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/N6lZHUhfwNCQKom-hBijuxJ1BqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/N6lZHUhfwNCQKom-hBijuxJ1BqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N6lZHUhfwNCQKom-hBijuxJ1BqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fe:1a:88:8f:91:c3:11:bb:23:87:ca:6f:9a:85:47:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37a9591d485fc0d0902a89be8418a3bb127506a5
        Validity
            Not Before: Jan 12 14:36:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6de5433aba9dba5ad45f6388adc4f3484bfd268f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e6:3a:55:f2:b2:76:c8:70:4d:ad:22:a6:fb:
                    56:47:ba:d6:f0:6f:e4:cc:ed:70:1b:04:e4:46:e8:
                    4d:c0:3d:2a:6d:78:8d:f0:fb:c4:0b:9b:e2:05:2e:
                    4d:3b:04:36:46:b6:6b:bd:6b:63:0b:f7:9b:3e:27:
                    60:8f:29:8f:fe:a7:3a:6d:77:dd:19:82:9b:e8:14:
                    7b:4b:08:c1:ab:8f:32:4d:50:1c:26:5c:59:b8:c3:
                    59:f6:e5:7d:3b:84:9e:e2:68:e1:2f:c9:47:df:a4:
                    42:b5:96:5d:5e:94:89:42:29:65:fe:6d:df:ba:e1:
                    82:6d:ab:95:f3:c2:ae:48:80:f3:b5:c2:86:4c:91:
                    3c:65:b0:14:8d:61:41:78:1b:47:6b:f8:51:39:73:
                    26:34:68:2e:be:ad:0e:9b:39:37:76:0f:15:c8:c6:
                    6a:cf:9e:e7:7f:1c:bb:db:41:8b:76:20:f4:47:15:
                    1d:01:0c:61:e0:03:e8:49:67:54:29:ef:09:40:44:
                    41:c1:1f:97:e6:cc:35:e0:58:99:aa:59:d4:c5:aa:
                    20:46:e7:a9:19:a1:a0:dd:8b:36:9c:c6:e2:60:25:
                    cf:8d:9c:5f:1e:84:3a:73:bf:b0:bd:ad:9b:be:7d:
                    b8:09:b5:54:be:b3:8a:07:06:e3:8d:94:be:d4:46:
                    e2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:E5:43:3A:BA:9D:BA:5A:D4:5F:63:88:AD:C4:F3:48:4B:FD:26:8F
            X509v3 Authority Key Identifier:
                keyid:37:A9:59:1D:48:5F:C0:D0:90:2A:89:BE:84:18:A3:BB:12:75:06:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N6lZHUhfwNCQKom-hBijuxJ1BqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/beVDOrqdulrUX2OIrcTzSEv9Jo8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/9678f9-9dfe-4b39-a80b-c54af960ef18/1/N6lZHUhfwNCQKom-hBijuxJ1BqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.169.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:f2:0f:6c:fe:e0:aa:3a:f0:0c:28:10:3a:87:7d:aa:49:cf:
         49:e6:2c:33:e8:c0:df:d0:ca:d4:77:5d:5f:89:14:c4:2a:00:
         43:3c:6a:d0:64:57:b4:c3:f5:2d:68:2f:ed:78:f4:3f:fb:21:
         d3:37:41:5d:2a:88:74:2e:c9:af:cb:e0:98:c0:c3:a3:1a:15:
         20:26:3b:6b:71:ee:71:8e:68:bd:87:fb:16:74:82:64:ca:5a:
         1a:9a:2e:62:84:d2:0c:f9:6c:e2:12:51:24:f6:65:35:cf:ac:
         86:ec:bf:76:4c:2f:a7:0f:61:34:46:ad:22:c1:b6:dd:54:12:
         c1:5e:10:20:05:da:b6:a8:1f:ad:c2:be:14:5b:10:5d:03:29:
         29:51:d0:81:cd:ff:7b:5a:c6:e1:ee:5b:1e:f8:11:f7:29:79:
         fb:81:cc:87:e8:56:a2:af:22:2b:d6:f9:67:15:57:81:cf:02:
         91:22:88:1e:5c:43:37:64:ed:34:a4:b7:35:67:71:fa:a8:15:
         f8:5b:88:f8:a1:b3:6f:dc:90:05:e4:0f:c8:b7:fe:87:07:9b:
         87:c8:5a:ce:cc:4e:36:de:21:34:4e:a5:6c:6e:c9:bf:c6:f0:
         21:91:8e:29:b3:d9:2a:4a:81:b4:ec:04:13:a3:19:c8:34:19:
         74:78:ae:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz+GoiPkcMRuyOHym+ahUcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YTk1OTFkNDg1ZmMwZDA5MDJhODliZTg0MThhM2JiMTI3
NTA2YTUwHhcNMjQwMTEyMTQzNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU1NDMzYWJhOWRiYTVhZDQ1ZjYzODhhZGM0ZjM0ODRiZmQyNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluY6VfKydshwTa0ipvtWR7rW8G/k
zO1wGwTkRuhNwD0qbXiN8PvEC5viBS5NOwQ2RrZrvWtjC/ebPidgjymP/qc6bXfd
GYKb6BR7SwjBq48yTVAcJlxZuMNZ9uV9O4Se4mjhL8lH36RCtZZdXpSJQill/m3f
uuGCbauV88KuSIDztcKGTJE8ZbAUjWFBeBtHa/hROXMmNGguvq0Omzk3dg8VyMZq
z57nfxy720GLdiD0RxUdAQxh4APoSWdUKe8JQERBwR+X5sw14FiZqlnUxaogRuep
GaGg3Ys2nMbiYCXPjZxfHoQ6c7+wva2bvn24CbVUvrOKBwbjjZS+1EbiCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3lQzq6nbpa1F9jiK3E80hL/SaPMB8GA1UdIwQY
MBaAFDepWR1IX8DQkCqJvoQYo7sSdQalMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjZsWkhVaGZ3TkNRS29tLWhCaWp1eEoxQnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC85Njc4ZjktOWRmZS00YjM5LWE4MGIt
YzU0YWY5NjBlZjE4LzEvYmVWRE9ycWR1bHJVWDJPSXJjVHpTRXY5Sm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC85Njc4ZjktOWRmZS00YjM5LWE4MGItYzU0YWY5NjBlZjE4
LzEvTjZsWkhVaGZ3TkNRS29tLWhCaWp1eEoxQnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAualpMA0G
CSqGSIb3DQEBCwUAA4IBAQBp8g9s/uCqOvAMKBA6h32qSc9J5iwz6MDf0MrUd11f
iRTEKgBDPGrQZFe0w/UtaC/tePQ/+yHTN0FdKoh0Lsmvy+CYwMOjGhUgJjtrce5x
jmi9h/sWdIJkyloami5ihNIM+WziElEk9mU1z6yG7L92TC+nD2E0Rq0iwbbdVBLB
XhAgBdq2qB+twr4UWxBdAykpUdCBzf97Wsbh7lse+BH3KXn7gcyH6FairyIr1vln
FVeBzwKRIogeXEM3ZO00pLc1Z3H6qBX4W4j4obNv3JAF5A/It/6HB5uHyFrOzE42
3iE0TqVsbsm/xvAhkY4ps9kqSoG07AQToxnINBl0eK5G
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:51:11 2024 by rpki-client on console-fra.rpki-client.org