Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/60m0IvtX5lxrjrezdZMal1jqoHI.roa
File:                     60m0IvtX5lxrjrezdZMal1jqoHI.roa (raw, json)
Hash identifier:          ZVCD8Tijn0yA//ietc09REfNA1P83ybVta6/dplw/cA=
Subject key identifier:   EB:49:B4:22:FB:57:E6:5C:6B:8E:B7:B3:75:93:1A:97:58:EA:A0:72
Certificate issuer:       /CN=dea85f21668a98d7e81a74183f0cce513086601b
Certificate serial:       018D882CD39E61DA40AE9773E46B75CA62BD
Authority key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/60m0IvtX5lxrjrezdZMal1jqoHI.roa
Signing time:             Thu 08 Feb 2024 10:04:15 +0000
ROA not before:           Thu 08 Feb 2024 10:04:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5089
IP address blocks:        193.36.51.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 May 2024 04:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:88:2c:d3:9e:61:da:40:ae:97:73:e4:6b:75:ca:62:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dea85f21668a98d7e81a74183f0cce513086601b
        Validity
            Not Before: Feb  8 10:04:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eb49b422fb57e65c6b8eb7b375931a9758eaa072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:58:3e:48:f6:6d:93:4c:f4:df:da:70:dc:ab:
                    35:ac:f9:5e:f8:1a:e5:39:1e:b0:17:72:b7:41:68:
                    3a:6e:85:4b:3e:d0:71:51:6f:e4:80:f5:f1:69:e7:
                    81:83:d5:c6:4d:bd:d7:2e:f3:c7:e9:21:54:26:e8:
                    89:a0:e6:53:89:87:b1:d7:97:9b:7d:0d:f2:25:d0:
                    a1:d4:3b:1f:23:74:5e:4a:27:e4:28:0c:c2:8f:00:
                    73:05:b9:e8:2d:a2:49:62:b1:f0:f4:5f:ca:1e:3b:
                    50:95:a5:ca:17:78:fc:2b:c3:21:f0:8f:f6:aa:d4:
                    78:a3:df:ab:1e:00:3d:77:10:63:7a:b0:26:2e:ee:
                    bc:54:87:aa:6f:54:31:3e:c6:6c:1a:90:9f:38:87:
                    8f:2f:75:75:b8:19:e8:aa:4e:80:42:6e:8a:7f:e2:
                    d5:98:5b:97:43:36:aa:b1:c2:03:99:a4:75:68:7e:
                    a9:52:fe:84:ec:18:61:40:2a:65:58:70:15:b1:fe:
                    27:76:94:2d:83:8e:91:00:9d:28:45:d5:08:9c:b1:
                    5f:6b:a0:2a:55:8d:09:8c:4d:84:78:84:57:be:fb:
                    8b:df:1c:79:7b:7c:1c:4b:f4:a4:72:da:fc:ca:b6:
                    48:bb:67:14:c1:73:55:9c:ac:65:78:f9:31:74:05:
                    ef:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:49:B4:22:FB:57:E6:5C:6B:8E:B7:B3:75:93:1A:97:58:EA:A0:72
            X509v3 Authority Key Identifier:
                keyid:DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/60m0IvtX5lxrjrezdZMal1jqoHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:f1:04:4d:90:68:bf:9b:8f:98:10:3d:8d:d6:f8:a9:24:db:
         b9:2c:f2:10:ec:7a:de:86:3b:ec:ca:79:2f:26:96:8b:d1:5e:
         66:22:a0:33:6c:f9:f8:14:34:fc:1d:66:61:2d:c3:ab:23:a3:
         30:c9:ea:c7:0f:94:75:ef:f8:0a:cb:81:62:5a:1f:bf:ff:00:
         58:03:b0:f2:69:ec:10:b5:3c:3a:c3:96:d6:ec:23:64:e9:52:
         e4:84:87:f7:aa:68:5e:43:46:86:d3:6e:0f:bc:72:5e:b3:38:
         52:e6:24:1d:41:50:ae:ce:34:80:7f:06:3b:29:6e:0c:12:dd:
         1b:36:06:3a:d7:91:08:5f:20:d6:9f:12:39:b6:e4:c9:93:f6:
         e0:7c:aa:2d:b6:ae:fb:45:e9:3a:76:5f:bb:2d:53:61:28:bd:
         a5:4d:93:11:00:a0:27:b5:79:2d:8a:64:27:64:6f:6f:49:ee:
         f3:ad:cc:04:14:86:59:15:9e:89:8e:2f:a8:b2:bb:63:34:52:
         68:e8:c2:46:11:00:63:03:b5:dd:cd:92:50:73:dd:60:97:39:
         98:26:03:4e:32:b9:9a:e9:db:84:bf:0e:f2:b3:1d:b1:92:49:
         4c:b8:34:cb:d3:94:93:58:c8:85:a5:9c:4b:1a:e8:28:90:88:
         c0:78:88:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ILNOeYdpArpdz5Gt1ymK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTg1ZjIxNjY4YTk4ZDdlODFhNzQxODNmMGNjZTUxMzA4
NjYwMWIwHhcNMjQwMjA4MTAwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ5YjQyMmZiNTdlNjVjNmI4ZWI3YjM3NTkzMWE5NzU4ZWFhMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVg+SPZtk0z039pw3Ks1rPle+Brl
OR6wF3K3QWg6boVLPtBxUW/kgPXxaeeBg9XGTb3XLvPH6SFUJuiJoOZTiYex15eb
fQ3yJdCh1DsfI3ReSifkKAzCjwBzBbnoLaJJYrHw9F/KHjtQlaXKF3j8K8Mh8I/2
qtR4o9+rHgA9dxBjerAmLu68VIeqb1QxPsZsGpCfOIePL3V1uBnoqk6AQm6Kf+LV
mFuXQzaqscIDmaR1aH6pUv6E7BhhQCplWHAVsf4ndpQtg46RAJ0oRdUInLFfa6Aq
VY0JjE2EeIRXvvuL3xx5e3wcS/Skctr8yrZIu2cUwXNVnKxlePkxdAXvPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOtJtCL7V+Zca463s3WTGpdY6qByMB8GA1UdIwQY
MBaAFN6oXyFmipjX6Bp0GD8MzlEwhmAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGIt
NTJmOGZmMThkMDY5LzEvNjBtMEl2dFg1bHhyanJlemRaTWFsMWpxb0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NDlkYWEtMWVkMS00MDg4LTljNGItNTJmOGZmMThkMDY5
LzEvM3FoZklXYUttTmZvR25RWVB3ek9VVENHWUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQzMA0G
CSqGSIb3DQEBCwUAA4IBAQBT8QRNkGi/m4+YED2N1vipJNu5LPIQ7Hrehjvsynkv
JpaL0V5mIqAzbPn4FDT8HWZhLcOrI6MwyerHD5R17/gKy4FiWh+//wBYA7DyaewQ
tTw6w5bW7CNk6VLkhIf3qmheQ0aG024PvHJeszhS5iQdQVCuzjSAfwY7KW4MEt0b
NgY615EIXyDWnxI5tuTJk/bgfKottq77Rek6dl+7LVNhKL2lTZMRAKAntXktimQn
ZG9vSe7zrcwEFIZZFZ6Jji+osrtjNFJo6MJGEQBjA7XdzZJQc91glzmYJgNOMrma
6duEvw7ysx2xkklMuDTL05STWMiFpZxLGugokIjAeIgW
-----END CERTIFICATE-----
Generated at Tue May 21 13:21:22 2024 by rpki-client on console-ams.rpki-client.org