Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0O9moL5ec0SlHQuFUEPkEsvOyRI.roa
File:                     0O9moL5ec0SlHQuFUEPkEsvOyRI.roa (raw, json)
Hash identifier:          2sVL3E3dDHhecItC1pdZ0kmO7JldxnM9ZSHBU+2ZDJ0=
Subject key identifier:   D0:EF:66:A0:BE:5E:73:44:A5:1D:0B:85:50:43:E4:12:CB:CE:C9:12
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DD09695CC82A635F4CF7A440004F56
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0O9moL5ec0SlHQuFUEPkEsvOyRI.roa
Signing time:             Tue 02 Jan 2024 06:29:38 +0000
ROA not before:           Tue 02 Jan 2024 06:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209333
IP address blocks:        212.73.156.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dd:09:69:5c:c8:2a:63:5f:4c:f7:a4:40:00:4f:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d0ef66a0be5e7344a51d0b855043e412cbcec912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:69:b1:ed:24:01:bb:29:2e:31:72:bc:67:69:
                    83:cb:84:e6:db:c6:ff:20:76:df:d6:56:51:d7:8a:
                    3f:e7:44:b2:df:e0:33:10:ed:41:74:2d:47:ae:ca:
                    70:5c:23:27:b0:c3:2f:80:c7:83:68:08:09:52:a8:
                    6c:1e:67:8a:2f:e0:fd:2d:96:d7:43:a1:59:d5:f3:
                    ec:ac:ab:63:c4:cb:3d:62:ca:25:68:45:91:f3:12:
                    fa:cc:47:9c:f5:2d:7f:45:83:f8:bd:db:be:b6:1a:
                    98:a0:46:0b:89:e5:a8:70:31:89:60:1c:66:d5:e4:
                    df:78:a2:38:84:86:3d:f0:a7:c1:45:d5:67:cc:11:
                    87:c5:18:9a:8c:f4:b0:9a:67:53:a7:78:1d:c9:9a:
                    f0:87:b7:1e:70:1a:74:1a:d5:a2:d9:c2:4b:71:af:
                    e6:bb:db:2b:ef:05:0f:55:a6:35:ca:60:12:6b:84:
                    0f:2f:fc:3a:15:bd:4b:59:c2:21:00:5d:2e:a8:66:
                    78:b3:e3:a4:7c:fa:a8:1e:cb:20:32:5b:f0:8e:a8:
                    b3:6d:2b:cf:2a:ac:ea:04:fc:8d:c0:5f:2a:68:8f:
                    05:62:41:db:73:bb:78:c4:b6:6e:1b:c6:06:25:9f:
                    98:b7:fa:58:4a:38:ae:c1:59:c4:f2:3a:42:98:75:
                    32:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:EF:66:A0:BE:5E:73:44:A5:1D:0B:85:50:43:E4:12:CB:CE:C9:12
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0O9moL5ec0SlHQuFUEPkEsvOyRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.73.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:c0:c3:c6:a5:ae:e3:29:73:5e:e0:df:54:8e:ab:08:ba:12:
         aa:f1:d9:94:d0:71:74:cf:33:cd:97:20:ae:db:1d:c9:f3:2c:
         20:b7:7c:f8:f5:17:79:77:83:c1:a3:5b:84:39:f6:a8:46:ee:
         87:bf:45:74:e4:61:d4:32:53:3e:db:93:c4:a9:5e:a7:6e:68:
         9e:16:93:56:3f:83:72:9b:58:74:ec:34:04:b6:59:d9:5a:df:
         0a:21:0a:af:ed:91:c4:76:dd:18:7c:90:77:f3:f5:fa:4d:0e:
         af:3f:26:dc:e5:e8:9e:08:dc:16:98:15:a5:b8:ae:85:07:a2:
         2d:04:00:01:45:21:90:91:6a:e2:bf:a9:ed:bb:68:dc:d6:3f:
         20:4e:51:03:31:84:3e:b6:d0:19:8b:37:1a:3d:93:3c:16:c2:
         1d:9a:6c:0c:c6:06:d3:b6:58:26:f5:8f:b2:10:6e:16:28:90:
         32:a2:8f:18:53:27:0c:d0:73:32:c3:e1:4f:45:f8:89:6a:60:
         c2:33:c8:4c:4e:25:6c:e9:d7:4c:2e:8a:fe:2b:73:6c:dc:f2:
         48:1a:9f:a2:a0:b3:df:a5:a2:70:29:34:4e:8c:b9:91:c3:5c:
         b4:6c:df:32:7e:e0:fc:54:b4:14:dd:d5:88:66:8e:79:d2:77:
         d4:ef:0b:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QlpXMgqY19M96RAAE9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGVmNjZhMGJlNWU3MzQ0YTUxZDBiODU1MDQzZTQxMmNiY2VjOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Wmx7SQBuykuMXK8Z2mDy4Tm28b/
IHbf1lZR14o/50Sy3+AzEO1BdC1HrspwXCMnsMMvgMeDaAgJUqhsHmeKL+D9LZbX
Q6FZ1fPsrKtjxMs9YsolaEWR8xL6zEec9S1/RYP4vdu+thqYoEYLieWocDGJYBxm
1eTfeKI4hIY98KfBRdVnzBGHxRiajPSwmmdTp3gdyZrwh7cecBp0GtWi2cJLca/m
u9sr7wUPVaY1ymASa4QPL/w6Fb1LWcIhAF0uqGZ4s+OkfPqoHssgMlvwjqizbSvP
KqzqBPyNwF8qaI8FYkHbc7t4xLZuG8YGJZ+Yt/pYSjiuwVnE8jpCmHUyWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDvZqC+XnNEpR0LhVBD5BLLzskSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvME85bW9MNWVjMFNsSFF1RlVFUGtFc3ZPeVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EmcMA0G
CSqGSIb3DQEBCwUAA4IBAQAowMPGpa7jKXNe4N9UjqsIuhKq8dmU0HF0zzPNlyCu
2x3J8ywgt3z49Rd5d4PBo1uEOfaoRu6Hv0V05GHUMlM+25PEqV6nbmieFpNWP4Ny
m1h07DQEtlnZWt8KIQqv7ZHEdt0YfJB38/X6TQ6vPybc5eieCNwWmBWluK6FB6It
BAABRSGQkWriv6ntu2jc1j8gTlEDMYQ+ttAZizcaPZM8FsIdmmwMxgbTtlgm9Y+y
EG4WKJAyoo8YUycM0HMyw+FPRfiJamDCM8hMTiVs6ddMLor+K3Ns3PJIGp+ioLPf
paJwKTROjLmRw1y0bN8yfuD8VLQU3dWIZo550nfU7wsn
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:44 2024 by rpki-client on console-ams.rpki-client.org