Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2VSzLdoZR38ggwlZF1IGbFtG8G0.roa
File:                     2VSzLdoZR38ggwlZF1IGbFtG8G0.roa (raw, json)
Hash identifier:          /JDB7b4PY55Hecij/OQuu7rQQAeTjDJcesW8VjUYwqs=
Subject key identifier:   D9:54:B3:2D:DA:19:47:7F:20:83:09:59:17:52:06:6C:5B:46:F0:6D
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       01916B18A4518BC7BA8DCD47B1208007EA9E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2VSzLdoZR38ggwlZF1IGbFtG8G0.roa
Signing time:             Mon 19 Aug 2024 14:44:22 +0000
ROA not before:           Mon 19 Aug 2024 14:44:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214339
IP address blocks:        77.90.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:6b:18:a4:51:8b:c7:ba:8d:cd:47:b1:20:80:07:ea:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Aug 19 14:44:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d954b32dda19477f208309591752066c5b46f06d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:9a:a4:ad:48:b8:ae:7b:2b:17:d8:06:2a:20:
                    0f:22:7e:3c:4b:24:c3:83:cb:c6:47:67:b8:2f:8d:
                    7c:5d:03:8d:a1:98:fe:43:eb:90:96:69:bc:b4:e6:
                    16:cd:1c:0e:d9:42:24:7e:3d:aa:a7:9b:85:b7:18:
                    39:0b:cd:b0:63:ab:3e:b8:77:a3:d8:d5:75:74:6b:
                    e6:a4:b8:1b:b1:74:dd:21:ed:27:41:12:8f:5a:a3:
                    34:e5:86:2a:8b:66:bf:38:e9:be:f4:86:21:f0:1b:
                    b1:58:39:4b:c3:f0:3f:03:39:02:7a:fe:7e:5c:c3:
                    71:de:47:5a:ae:69:b0:2c:07:f0:93:41:74:ef:38:
                    67:a3:36:a7:f2:25:e8:ba:67:da:6e:e8:7f:28:d7:
                    df:6f:3a:c9:fd:3d:57:80:75:87:ed:cf:45:61:c9:
                    6a:4a:93:46:c1:11:2e:e8:10:77:f6:6e:bc:57:08:
                    a8:4c:5c:83:6d:bf:96:74:65:31:a6:cc:88:36:1b:
                    5f:bc:13:ee:03:a9:47:a7:09:3b:67:b8:1a:56:e3:
                    ce:43:64:35:05:6e:52:59:55:3e:eb:32:42:4b:0c:
                    20:70:9f:2e:e4:22:da:e8:45:e8:d3:e7:1f:a5:49:
                    e4:3d:a9:8b:f0:00:a7:a4:50:41:64:6f:80:24:7b:
                    ce:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:54:B3:2D:DA:19:47:7F:20:83:09:59:17:52:06:6C:5B:46:F0:6D
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2VSzLdoZR38ggwlZF1IGbFtG8G0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:0a:49:2b:b3:4e:f3:b9:86:76:e5:fb:1d:4b:e5:04:07:bc:
         2a:51:f5:44:bb:99:7c:ef:11:44:d0:dc:38:fd:d5:91:d6:45:
         04:db:db:25:37:0f:d5:f1:a0:fb:23:3a:a9:ce:8f:2b:0f:ac:
         db:3b:b3:67:46:f2:6b:64:04:eb:c6:cf:2a:f5:69:aa:29:20:
         dc:89:52:2f:a4:1e:4b:bb:25:68:16:00:95:84:0b:ff:17:36:
         3d:e1:d5:54:12:8b:8f:43:06:12:06:09:31:39:7f:ee:43:8e:
         03:62:bd:5e:bd:df:52:06:d9:b8:b0:70:b3:e7:5f:4f:68:42:
         ed:98:a9:5a:9f:01:7c:52:69:83:20:84:42:0a:d7:ae:35:b7:
         8d:63:75:d2:3e:bd:16:67:a0:b8:91:53:c1:60:a5:88:7c:e0:
         58:1e:57:61:03:da:47:d2:19:26:55:77:7f:c3:87:b5:d2:07:
         c7:0e:24:fa:5d:74:89:b5:41:d9:22:dc:a7:55:7e:38:95:a3:
         49:8a:88:61:4f:08:8a:ce:4f:c9:7d:cf:c6:62:2d:92:97:0e:
         60:4d:7d:19:52:b4:e7:b6:96:a8:98:ef:a6:6b:47:50:01:9e:
         51:bf:f5:82:e2:be:7b:54:ef:bb:49:cb:df:19:78:3c:be:93:
         10:aa:de:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFrGKRRi8e6jc1HsSCAB+qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODE5MTQ0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU0YjMyZGRhMTk0NzdmMjA4MzA5NTkxNzUyMDY2YzViNDZmMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZqkrUi4rnsrF9gGKiAPIn48SyTD
g8vGR2e4L418XQONoZj+Q+uQlmm8tOYWzRwO2UIkfj2qp5uFtxg5C82wY6s+uHej
2NV1dGvmpLgbsXTdIe0nQRKPWqM05YYqi2a/OOm+9IYh8BuxWDlLw/A/AzkCev5+
XMNx3kdarmmwLAfwk0F07zhnozan8iXoumfabuh/KNffbzrJ/T1XgHWH7c9FYclq
SpNGwREu6BB39m68VwioTFyDbb+WdGUxpsyINhtfvBPuA6lHpwk7Z7gaVuPOQ2Q1
BW5SWVU+6zJCSwwgcJ8u5CLa6EXo0+cfpUnkPamL8ACnpFBBZG+AJHvODwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlUsy3aGUd/IIMJWRdSBmxbRvBtMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMlZTekxkb1pSMzhnZ3dsWkYxSUdiRnRHOEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVo4MA0G
CSqGSIb3DQEBCwUAA4IBAQA3Ckkrs07zuYZ25fsdS+UEB7wqUfVEu5l87xFE0Nw4
/dWR1kUE29slNw/V8aD7Izqpzo8rD6zbO7NnRvJrZATrxs8q9WmqKSDciVIvpB5L
uyVoFgCVhAv/FzY94dVUEouPQwYSBgkxOX/uQ44DYr1evd9SBtm4sHCz519PaELt
mKlanwF8UmmDIIRCCteuNbeNY3XSPr0WZ6C4kVPBYKWIfOBYHldhA9pH0hkmVXd/
w4e10gfHDiT6XXSJtUHZItynVX44laNJiohhTwiKzk/Jfc/GYi2Slw5gTX0ZUrTn
tpaomO+ma0dQAZ5Rv/WC4r57VO+7ScvfGXg8vpMQqt5x
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:44 2024 by rpki-client on console-ams.rpki-client.org