Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sEtIYLH8eJilAj86JNWEEExTJUA.roa
File:                     sEtIYLH8eJilAj86JNWEEExTJUA.roa (raw, json)
Hash identifier:          QqHUYRXIqFIKF4/jI3QGMkLdwkYh4fu+el/6JKTH8wI=
Subject key identifier:   B0:4B:48:60:B1:FC:78:98:A5:02:3F:3A:24:D5:84:10:4C:53:25:40
Certificate issuer:       /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial:       018CC80132379D50D331BBEA96B549790812
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sEtIYLH8eJilAj86JNWEEExTJUA.roa
Signing time:             Tue 02 Jan 2024 02:29:30 +0000
ROA not before:           Tue 02 Jan 2024 02:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201673
IP address blocks:        85.254.148.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 09:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:32:37:9d:50:d3:31:bb:ea:96:b5:49:79:08:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
        Validity
            Not Before: Jan  2 02:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b04b4860b1fc7898a5023f3a24d584104c532540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:06:20:53:c9:de:98:fb:2e:fa:b6:d6:df:f3:
                    cd:3f:2c:33:7c:ac:57:e8:9e:2c:02:a0:c2:ca:93:
                    93:13:d9:21:9a:73:84:77:a0:ff:40:5b:6f:5a:6f:
                    63:0a:ec:bd:39:cb:f5:91:59:25:78:71:54:ea:92:
                    6d:2c:cf:b2:62:85:6d:8c:8d:e4:4c:d7:d4:05:b9:
                    95:39:b8:99:7c:d6:89:fd:ad:39:28:83:f3:e8:f3:
                    d5:64:3e:fc:91:62:d2:1e:da:89:69:ee:43:98:be:
                    38:a6:48:6a:4e:eb:b3:12:4f:63:85:23:ce:d4:df:
                    3b:90:07:e2:dc:5e:11:3d:3f:77:4d:b6:15:09:8e:
                    c6:fa:f0:d4:de:67:0f:da:0b:e5:db:57:19:25:8a:
                    ce:fc:39:11:1c:08:06:ca:29:88:8b:9c:09:6f:77:
                    0e:0d:e6:c6:05:8f:8e:bb:cc:a3:85:0d:ef:75:f3:
                    b5:23:56:2d:a5:9f:31:57:49:56:fc:08:9f:a0:d0:
                    d0:08:53:64:f5:92:db:e7:c0:08:bb:85:e6:df:6b:
                    fe:aa:30:79:ff:56:3c:a1:8a:05:36:97:17:d4:b4:
                    a4:cc:64:68:d9:6e:69:f1:f2:d4:3c:a5:07:f5:bb:
                    e5:bf:67:da:ee:f2:39:cf:6d:ce:69:97:c6:31:50:
                    b6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:4B:48:60:B1:FC:78:98:A5:02:3F:3A:24:D5:84:10:4C:53:25:40
            X509v3 Authority Key Identifier:
                keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/sEtIYLH8eJilAj86JNWEEExTJUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.254.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:e6:12:e5:18:74:56:22:ea:a3:c9:9f:15:c3:3f:ab:39:94:
         c8:c6:a7:be:17:ab:6f:d8:78:c1:97:33:9f:73:59:3f:f1:52:
         f9:49:4c:a4:5a:6b:d8:74:ff:91:e6:e4:62:2c:01:aa:2e:55:
         7f:c7:70:70:ea:4d:e5:68:d4:4e:46:60:f9:cf:6f:55:4b:58:
         d2:2f:26:64:c3:1a:3c:28:6e:45:07:98:e7:0b:9d:94:9c:66:
         f2:25:43:86:68:c7:d3:a0:b0:77:6f:f3:f9:d3:ef:bc:5c:3f:
         c9:75:2e:ee:c5:39:df:71:de:3b:b7:d8:d9:3f:c3:39:83:3a:
         c9:2b:35:79:e1:2e:11:6a:a3:27:28:56:ef:89:a6:a9:57:dd:
         27:c1:06:1c:7c:d1:f8:7f:9f:b4:55:ef:48:55:44:ac:90:44:
         e8:d7:d2:64:32:12:78:d3:89:e3:9b:c5:a0:2d:a1:b2:13:dd:
         ed:4e:de:af:92:34:de:41:f6:89:dc:43:f8:0b:78:01:7e:99:
         b5:49:c8:5e:98:02:93:6c:0b:73:c6:92:5e:0d:e4:4b:1d:2c:
         94:b0:f4:b6:7c:6b:60:f5:d9:df:24:c9:c5:f9:76:86:b8:e5:
         01:55:70:09:a3:93:85:51:84:d2:cf:da:4b:75:b2:7b:95:25:
         16:4c:24:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIATI3nVDTMbvqlrVJeQgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDRiNDg2MGIxZmM3ODk4YTUwMjNmM2EyNGQ1ODQxMDRjNTMyNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQYgU8nemPsu+rbW3/PNPywzfKxX
6J4sAqDCypOTE9khmnOEd6D/QFtvWm9jCuy9Ocv1kVkleHFU6pJtLM+yYoVtjI3k
TNfUBbmVObiZfNaJ/a05KIPz6PPVZD78kWLSHtqJae5DmL44pkhqTuuzEk9jhSPO
1N87kAfi3F4RPT93TbYVCY7G+vDU3mcP2gvl21cZJYrO/DkRHAgGyimIi5wJb3cO
DebGBY+Ou8yjhQ3vdfO1I1YtpZ8xV0lW/AifoNDQCFNk9ZLb58AIu4Xm32v+qjB5
/1Y8oYoFNpcX1LSkzGRo2W5p8fLUPKUH9bvlv2fa7vI5z23OaZfGMVC2/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBLSGCx/HiYpQI/OiTVhBBMUyVAMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvc0V0SVlMSDhlSmlsQWo4NkpOV0VFRXhUSlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6UMA0G
CSqGSIb3DQEBCwUAA4IBAQAX5hLlGHRWIuqjyZ8Vwz+rOZTIxqe+F6tv2HjBlzOf
c1k/8VL5SUykWmvYdP+R5uRiLAGqLlV/x3Bw6k3laNRORmD5z29VS1jSLyZkwxo8
KG5FB5jnC52UnGbyJUOGaMfToLB3b/P50++8XD/JdS7uxTnfcd47t9jZP8M5gzrJ
KzV54S4RaqMnKFbviaapV90nwQYcfNH4f5+0Ve9IVUSskETo19JkMhJ404njm8Wg
LaGyE93tTt6vkjTeQfaJ3EP4C3gBfpm1SchemAKTbAtzxpJeDeRLHSyUsPS2fGtg
9dnfJMnF+XaGuOUBVXAJo5OFUYTSz9pLdbJ7lSUWTCQK
-----END CERTIFICATE-----
Generated at Wed May 1 18:30:38 2024 by rpki-client on console-ams.rpki-client.org