Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/69jyYN7ur4NqkDI4n5dVUBCjR08.roa
File:                     69jyYN7ur4NqkDI4n5dVUBCjR08.roa (raw, json)
Hash identifier:          t3Uni1i9w0hEPEmZlZAUDcU6APWtCCbhH2xEw4OLrqI=
Subject key identifier:   EB:D8:F2:60:DE:EE:AF:83:6A:90:32:38:9F:97:55:50:10:A3:47:4F
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64AF26F8FB1F79770459AE27A139FCB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/69jyYN7ur4NqkDI4n5dVUBCjR08.roa
Signing time:             Mon 01 Jan 2024 18:30:49 +0000
ROA not before:           Mon 01 Jan 2024 18:30:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62350
IP address blocks:        80.96.25.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:f2:6f:8f:b1:f7:97:70:45:9a:e2:7a:13:9f:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ebd8f260deeeaf836a9032389f97555010a3474f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a5:76:81:62:30:bb:ef:0f:52:5a:c9:a4:46:
                    91:17:3b:73:5e:12:bd:dd:06:00:70:fd:4c:43:69:
                    53:a0:e7:a1:40:52:2f:d7:f4:5c:3b:2d:41:92:35:
                    9e:35:90:f4:28:6c:23:9c:b3:64:dd:76:f6:35:02:
                    cb:23:22:ba:25:f0:93:5c:b9:2b:49:10:fd:7c:a0:
                    23:ed:f8:d2:02:b5:1b:92:cb:b0:9d:ee:eb:4b:f3:
                    6d:aa:8f:0c:86:b1:65:d5:1a:67:46:57:87:83:13:
                    2e:f7:4a:cd:b6:df:87:47:82:16:29:ec:58:49:b0:
                    e5:50:48:48:a6:35:c5:0c:d7:58:cc:79:1d:3d:57:
                    f1:5a:ab:88:eb:5a:95:58:46:93:da:3c:37:6b:87:
                    8c:ff:36:32:ba:a3:98:ce:52:7c:91:c4:2e:39:74:
                    fb:27:34:32:9e:be:12:d2:96:97:a6:57:1e:fe:fa:
                    8c:72:24:ff:f6:47:bf:a4:3d:cd:bd:d5:37:72:b5:
                    ca:c4:9d:23:c5:5d:c5:95:8f:03:55:32:b9:79:d3:
                    ea:e0:57:d6:6c:60:fb:2c:57:a3:d3:32:b4:48:35:
                    f1:ec:90:2b:41:b7:67:c6:34:56:75:fe:70:17:79:
                    d5:58:57:4a:4c:94:ab:16:19:69:3e:c7:de:7c:96:
                    67:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:D8:F2:60:DE:EE:AF:83:6A:90:32:38:9F:97:55:50:10:A3:47:4F
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/69jyYN7ur4NqkDI4n5dVUBCjR08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:5c:e3:01:9b:2c:58:60:8b:71:c7:49:d2:0b:94:03:f5:08:
         96:5f:43:93:06:b8:3e:46:e9:25:a7:37:6c:6a:89:5f:2a:31:
         cd:14:39:90:ad:bf:46:17:9d:c2:25:9a:03:69:8e:ca:d7:d2:
         f8:62:2d:38:4f:01:de:3e:a7:67:4d:e4:5e:ad:6b:6f:dd:a1:
         44:8d:7d:f2:d6:ce:9b:42:7d:34:61:2a:47:62:e4:6a:6f:2b:
         12:32:93:93:a7:75:11:b6:63:d8:03:94:f3:33:55:3f:dc:76:
         f8:4e:6c:e7:37:7b:1c:16:b2:15:23:cc:81:83:cd:8d:f2:18:
         8e:06:21:aa:b5:16:14:0f:95:bf:5e:db:c2:cd:30:14:42:ed:
         44:76:c7:6f:a5:8e:c4:d0:38:d9:c4:cb:56:a7:8d:83:a8:25:
         cf:43:3a:91:f4:b0:f2:59:9c:25:d0:0a:ca:24:12:f0:27:f9:
         98:dd:f1:db:ad:15:21:8c:c2:72:0e:1c:34:76:41:3f:75:6b:
         3c:e5:90:6d:bf:7b:ae:b9:e3:cd:67:c9:8e:e3:c9:db:ac:92:
         bd:b1:f3:d1:05:fa:90:53:07:ee:c7:4e:5f:6a:0d:34:2f:aa:
         4a:48:e3:af:ab:2c:da:29:34:38:e2:c3:72:4f:ae:0e:1f:3c:
         cd:a5:f5:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSvJvj7H3l3BFmuJ6E5/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQ4ZjI2MGRlZWVhZjgzNmE5MDMyMzg5Zjk3NTU1MDEwYTM0NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKV2gWIwu+8PUlrJpEaRFztzXhK9
3QYAcP1MQ2lToOehQFIv1/RcOy1BkjWeNZD0KGwjnLNk3Xb2NQLLIyK6JfCTXLkr
SRD9fKAj7fjSArUbksuwne7rS/Ntqo8MhrFl1RpnRleHgxMu90rNtt+HR4IWKexY
SbDlUEhIpjXFDNdYzHkdPVfxWquI61qVWEaT2jw3a4eM/zYyuqOYzlJ8kcQuOXT7
JzQynr4S0paXplce/vqMciT/9ke/pD3NvdU3crXKxJ0jxV3FlY8DVTK5edPq4FfW
bGD7LFej0zK0SDXx7JArQbdnxjRWdf5wF3nVWFdKTJSrFhlpPsfefJZn4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvY8mDe7q+DapAyOJ+XVVAQo0dPMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvNjlqeVlON3VyNE5xa0RJNG41ZFZVQkNqUjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUGAZMA0G
CSqGSIb3DQEBCwUAA4IBAQBoXOMBmyxYYItxx0nSC5QD9QiWX0OTBrg+Ruklpzds
aolfKjHNFDmQrb9GF53CJZoDaY7K19L4Yi04TwHePqdnTeRerWtv3aFEjX3y1s6b
Qn00YSpHYuRqbysSMpOTp3URtmPYA5TzM1U/3Hb4TmznN3scFrIVI8yBg82N8hiO
BiGqtRYUD5W/XtvCzTAUQu1EdsdvpY7E0DjZxMtWp42DqCXPQzqR9LDyWZwl0ArK
JBLwJ/mY3fHbrRUhjMJyDhw0dkE/dWs85ZBtv3uuuePNZ8mO48nbrJK9sfPRBfqQ
Uwfux05fag00L6pKSOOvqyzaKTQ44sNyT64OHzzNpfUC
-----END CERTIFICATE-----
Generated at Mon May 20 17:32:13 2024 by rpki-client on console-ams.rpki-client.org