Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/zBeoElHQnS8qIfhUfdwzYlTOgiU.roa
File:                     zBeoElHQnS8qIfhUfdwzYlTOgiU.roa (raw, json)
Hash identifier:          x9r7/yWcAEGBquLRtFUlgnfTaZSNOK25W391tiYqbmw=
Subject key identifier:   CC:17:A8:12:51:D0:9D:2F:2A:21:F8:54:7D:DC:33:62:54:CE:82:25
Certificate issuer:       /CN=9b792de70f33b82882542bef23b18da97538ca04
Certificate serial:       018CC64B7A45CF5729C1DECAF17F508F1BC5
Authority key identifier: 9B:79:2D:E7:0F:33:B8:28:82:54:2B:EF:23:B1:8D:A9:75:38:CA:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/zBeoElHQnS8qIfhUfdwzYlTOgiU.roa
Signing time:             Mon 01 Jan 2024 18:31:24 +0000
ROA not before:           Mon 01 Jan 2024 18:31:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207495
IP address blocks:        185.228.52.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:7a:45:cf:57:29:c1:de:ca:f1:7f:50:8f:1b:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b792de70f33b82882542bef23b18da97538ca04
        Validity
            Not Before: Jan  1 18:31:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc17a81251d09d2f2a21f8547ddc336254ce8225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b2:b1:b7:60:3f:de:c8:64:0f:7f:66:27:d2:
                    36:73:a8:33:bd:37:17:db:b6:ee:a5:a7:ba:ad:a1:
                    98:2e:a6:a5:c3:10:51:4e:08:67:07:c4:12:5f:ff:
                    c2:29:d1:95:a2:da:5b:b0:b1:2d:77:db:ed:dd:61:
                    7e:64:83:6c:16:99:ac:72:43:9a:65:93:b5:a3:cb:
                    1f:a1:fe:55:2e:72:01:a2:d3:b7:7c:1b:b3:7e:12:
                    ab:80:85:6d:3b:a9:2e:c7:9e:7a:40:6c:be:d6:dd:
                    b5:5e:eb:63:df:ff:32:2f:28:d0:f3:c9:1b:6b:c2:
                    e3:dd:af:bb:8e:03:8a:0c:4d:25:8c:10:19:13:62:
                    77:ea:d9:fd:73:90:7f:fb:4b:e2:6d:0b:23:fa:55:
                    22:ac:0a:91:20:be:76:a4:26:c0:00:3d:8a:0c:2d:
                    54:87:a7:03:04:bc:3f:59:c6:3b:c1:7f:28:03:7b:
                    08:8c:3e:37:fa:99:ae:c5:dc:c4:fe:3d:4b:7b:36:
                    8b:4e:49:7b:53:b0:95:8d:42:92:02:5e:2d:1a:d5:
                    20:34:a4:33:db:86:79:30:da:b4:53:2c:6b:fc:e1:
                    b6:75:18:6d:f6:d6:89:02:53:d5:08:e9:9b:77:b3:
                    51:ac:47:57:a4:52:55:d0:1d:7a:88:35:e7:81:1b:
                    be:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:17:A8:12:51:D0:9D:2F:2A:21:F8:54:7D:DC:33:62:54:CE:82:25
            X509v3 Authority Key Identifier:
                keyid:9B:79:2D:E7:0F:33:B8:28:82:54:2B:EF:23:B1:8D:A9:75:38:CA:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/zBeoElHQnS8qIfhUfdwzYlTOgiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0a4c1e-1fc5-407a-bd08-0717da053585/1/m3kt5w8zuCiCVCvvI7GNqXU4ygQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:dc:c5:7c:70:96:d7:c2:73:3e:0d:ab:ee:0a:41:cf:6c:2b:
         09:94:da:6e:3d:3d:19:b4:01:74:53:9b:46:cb:4f:62:bf:20:
         5b:5c:46:5c:17:4a:01:d6:51:29:3f:49:b3:af:c5:b1:44:3e:
         ff:ab:0d:d3:91:ef:15:3c:ae:0e:eb:a5:3e:99:29:c0:c2:81:
         3f:6c:e7:b1:aa:15:01:a0:a2:1d:6f:a6:54:bf:46:96:18:33:
         7c:34:9b:2d:7a:09:5b:89:b5:5c:58:aa:d6:b9:f3:fc:a1:15:
         eb:2f:5e:f1:72:64:7c:44:8f:3f:44:26:c4:d1:3e:44:c5:eb:
         bf:e6:b0:3a:02:ea:f7:ae:1f:33:72:1a:b3:bc:0e:84:b6:db:
         56:20:0a:14:bb:80:90:f3:a1:fa:e6:d4:31:a7:19:91:08:65:
         65:f4:0f:6d:b6:23:e7:55:b1:2e:37:bf:fe:b2:df:2b:fe:73:
         2a:01:11:86:9b:54:c5:11:87:4c:a2:f6:73:fd:a0:57:fe:4e:
         d8:70:4c:5f:cc:4b:5c:1a:27:97:38:c4:43:84:8e:d9:72:98:
         01:83:a0:12:b4:7f:43:ca:48:d6:f1:b3:12:71:55:8f:51:9b:
         4d:c4:cd:e1:a4:12:5f:2b:3b:d3:72:11:be:3a:e0:f0:d3:2c:
         23:09:85:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS3pFz1cpwd7K8X9QjxvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNzkyZGU3MGYzM2I4Mjg4MjU0MmJlZjIzYjE4ZGE5NzUz
OGNhMDQwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE3YTgxMjUxZDA5ZDJmMmEyMWY4NTQ3ZGRjMzM2MjU0Y2U4MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbKxt2A/3shkD39mJ9I2c6gzvTcX
27bupae6raGYLqalwxBRTghnB8QSX//CKdGVotpbsLEtd9vt3WF+ZINsFpmsckOa
ZZO1o8sfof5VLnIBotO3fBuzfhKrgIVtO6kux556QGy+1t21Xutj3/8yLyjQ88kb
a8Lj3a+7jgOKDE0ljBAZE2J36tn9c5B/+0vibQsj+lUirAqRIL52pCbAAD2KDC1U
h6cDBLw/WcY7wX8oA3sIjD43+pmuxdzE/j1LezaLTkl7U7CVjUKSAl4tGtUgNKQz
24Z5MNq0Uyxr/OG2dRht9taJAlPVCOmbd7NRrEdXpFJV0B16iDXngRu+jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwXqBJR0J0vKiH4VH3cM2JUzoIlMB8GA1UdIwQY
MBaAFJt5LecPM7goglQr7yOxjal1OMoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTNrdDV3OHp1Q2lDVkN2dkk3R05xWFU0eWdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wYTRjMWUtMWZjNS00MDdhLWJkMDgt
MDcxN2RhMDUzNTg1LzEvekJlb0VsSFFuUzhxSWZoVWZkd3pZbFRPZ2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wYTRjMWUtMWZjNS00MDdhLWJkMDgtMDcxN2RhMDUzNTg1
LzEvbTNrdDV3OHp1Q2lDVkN2dkk3R05xWFU0eWdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueQ0MA0G
CSqGSIb3DQEBCwUAA4IBAQA53MV8cJbXwnM+DavuCkHPbCsJlNpuPT0ZtAF0U5tG
y09ivyBbXEZcF0oB1lEpP0mzr8WxRD7/qw3Tke8VPK4O66U+mSnAwoE/bOexqhUB
oKIdb6ZUv0aWGDN8NJsteglbibVcWKrWufP8oRXrL17xcmR8RI8/RCbE0T5Exeu/
5rA6Aur3rh8zchqzvA6EtttWIAoUu4CQ86H65tQxpxmRCGVl9A9ttiPnVbEuN7/+
st8r/nMqARGGm1TFEYdMovZz/aBX/k7YcExfzEtcGieXOMRDhI7ZcpgBg6AStH9D
ykjW8bMScVWPUZtNxM3hpBJfKzvTchG+OuDw0ywjCYXR
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:50:47 2024 by rpki-client on console-fra.rpki-client.org