Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yXMxlxo5eyyfgNXXbFgIrDzBxXw.roa
File:                     yXMxlxo5eyyfgNXXbFgIrDzBxXw.roa (raw, json)
Hash identifier:          AYoo3k+fnJApd3jvH8U8LxUDwjWQJH21w/JYFVytZec=
Subject key identifier:   C9:73:31:97:1A:39:7B:2C:9F:80:D5:D7:6C:58:08:AC:3C:C1:C5:7C
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0191B30127CC0C7184BACEF0B2F671A1A0A8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yXMxlxo5eyyfgNXXbFgIrDzBxXw.roa
Signing time:             Mon 02 Sep 2024 13:51:23 +0000
ROA not before:           Mon 02 Sep 2024 13:51:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199436
IP address blocks:        45.152.163.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 16:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:b3:01:27:cc:0c:71:84:ba:ce:f0:b2:f6:71:a1:a0:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Sep  2 13:51:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c97331971a397b2c9f80d5d76c5808ac3cc1c57c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:2c:e6:b6:55:31:37:79:85:22:65:b2:74:83:
                    17:44:43:e9:51:dc:80:80:59:8f:4c:db:f8:4c:2e:
                    18:4a:fa:64:8e:42:3b:40:53:f5:a4:50:39:cc:7f:
                    2b:68:7f:26:50:91:b9:e0:5e:e0:fc:e7:3f:b5:18:
                    74:8d:fa:fe:71:c0:46:bc:b6:06:ba:63:e7:47:38:
                    8a:34:7c:20:c2:03:41:da:cc:48:ed:5a:29:5a:a7:
                    99:0c:22:53:3a:59:d5:3f:73:8b:e2:3e:fe:19:2d:
                    79:7b:47:3e:95:f7:47:f2:73:d5:0d:82:60:be:4b:
                    8f:c8:6b:c9:15:05:da:12:91:1c:09:fa:92:00:66:
                    97:31:e0:a5:4d:cf:97:85:99:79:34:da:d5:15:1e:
                    81:a0:a6:d1:25:d5:1c:45:0d:b9:37:08:4a:28:8f:
                    ea:67:22:79:9f:7d:63:4e:66:5e:71:08:1d:89:13:
                    a0:c9:3c:02:e2:01:af:1b:2f:5c:6e:38:02:0c:ef:
                    72:a3:96:68:e0:3d:b3:45:b8:4f:38:a4:fe:3f:3c:
                    00:74:9d:9d:96:e5:33:60:a4:de:5b:ab:a5:2f:b7:
                    7d:8d:f3:a4:92:85:55:31:0d:ac:0f:70:63:2f:aa:
                    d5:62:94:a7:56:11:93:52:f2:b9:9f:cd:e2:ab:6a:
                    01:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:73:31:97:1A:39:7B:2C:9F:80:D5:D7:6C:58:08:AC:3C:C1:C5:7C
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/yXMxlxo5eyyfgNXXbFgIrDzBxXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:54:a6:49:3d:e2:ea:de:94:80:8d:f2:d3:7b:8a:98:fd:b4:
         8a:cf:ad:e7:35:b1:01:5a:74:77:5b:80:cb:5b:38:f0:9b:e8:
         bd:28:9c:c3:f4:03:f9:3b:4e:4e:a4:9e:27:ec:af:d1:56:ee:
         3d:f4:2c:7d:17:fd:0e:cd:df:33:b5:51:9d:70:62:93:1e:f4:
         9c:78:de:c3:5e:05:be:f0:a1:e2:45:d7:f6:31:6c:db:25:97:
         5b:02:80:30:ca:b4:a4:a1:f6:d6:3b:07:d7:f6:8e:f4:6a:01:
         f0:a7:da:e9:55:27:da:c0:7e:e2:dc:62:7b:5c:f6:5f:9c:b7:
         55:da:4f:e0:02:51:b7:f8:2e:5b:64:ed:31:85:fe:08:d2:9f:
         d0:3e:66:5e:1e:af:2b:76:d3:17:34:3d:37:84:a8:45:29:36:
         d1:1c:18:a5:fe:f6:9d:ad:71:ee:77:aa:a3:f0:41:78:e9:45:
         f4:b2:8f:86:e8:6d:6f:69:73:4f:da:15:ab:44:e3:6b:a4:78:
         6e:99:16:f2:51:ec:9d:6e:3f:7a:9b:e8:3c:45:d9:af:d5:fb:
         e0:bd:5e:19:bb:e1:b7:bc:13:81:3f:39:9d:bc:3d:90:72:65:
         bb:5b:e0:43:af:d7:8c:28:aa:8e:b3:d7:18:8a:40:a5:ed:25:
         96:e4:03:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGzASfMDHGEus7wsvZxoaCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwOTAyMTM1MTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTczMzE5NzFhMzk3YjJjOWY4MGQ1ZDc2YzU4MDhhYzNjYzFjNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyzmtlUxN3mFImWydIMXREPpUdyA
gFmPTNv4TC4YSvpkjkI7QFP1pFA5zH8raH8mUJG54F7g/Oc/tRh0jfr+ccBGvLYG
umPnRziKNHwgwgNB2sxI7VopWqeZDCJTOlnVP3OL4j7+GS15e0c+lfdH8nPVDYJg
vkuPyGvJFQXaEpEcCfqSAGaXMeClTc+XhZl5NNrVFR6BoKbRJdUcRQ25NwhKKI/q
ZyJ5n31jTmZecQgdiROgyTwC4gGvGy9cbjgCDO9yo5Zo4D2zRbhPOKT+PzwAdJ2d
luUzYKTeW6ulL7d9jfOkkoVVMQ2sD3BjL6rVYpSnVhGTUvK5n83iq2oBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlzMZcaOXssn4DV12xYCKw8wcV8MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveVhNeGx4bzVleXlmZ05YWGJGZ0lyRHpCeFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZijMA0G
CSqGSIb3DQEBCwUAA4IBAQANVKZJPeLq3pSAjfLTe4qY/bSKz63nNbEBWnR3W4DL
Wzjwm+i9KJzD9AP5O05OpJ4n7K/RVu499Cx9F/0Ozd8ztVGdcGKTHvSceN7DXgW+
8KHiRdf2MWzbJZdbAoAwyrSkofbWOwfX9o70agHwp9rpVSfawH7i3GJ7XPZfnLdV
2k/gAlG3+C5bZO0xhf4I0p/QPmZeHq8rdtMXND03hKhFKTbRHBil/vadrXHud6qj
8EF46UX0so+G6G1vaXNP2hWrRONrpHhumRbyUeydbj96m+g8Rdmv1fvgvV4Zu+G3
vBOBPzmdvD2QcmW7W+BDr9eMKKqOs9cYikCl7SWW5ANG
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:43:06 2024 by rpki-client on console-fra.rpki-client.org