Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/usEvemLjTvC4A2yvDKh0WNV5V1w.roa
File:                     usEvemLjTvC4A2yvDKh0WNV5V1w.roa (raw, json)
Hash identifier:          ONz7fPoECG0oLtM37nKQTlquAuz7XOVU+8RBhGCv/ZA=
Subject key identifier:   BA:C1:2F:7A:62:E3:4E:F0:B8:03:6C:AF:0C:A8:74:58:D5:79:57:5C
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       01924C706BF55604F7EA7ACA5DE862007B72
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/usEvemLjTvC4A2yvDKh0WNV5V1w.roa
Signing time:             Wed 02 Oct 2024 08:54:49 +0000
ROA not before:           Wed 02 Oct 2024 08:54:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214774
IP address blocks:        193.30.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:4c:70:6b:f5:56:04:f7:ea:7a:ca:5d:e8:62:00:7b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Oct  2 08:54:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bac12f7a62e34ef0b8036caf0ca87458d579575c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:20:c4:12:61:12:11:92:01:67:d4:92:2b:94:
                    55:19:88:78:20:d6:f7:7d:e7:95:9b:16:e1:ed:68:
                    74:a0:0b:69:04:3f:47:65:0d:1c:76:52:37:60:39:
                    98:78:2b:df:a0:d7:e6:4a:c7:43:f3:5b:e3:df:d1:
                    88:69:87:ec:46:8b:d9:c6:4f:7f:a0:98:ca:52:e3:
                    c3:66:54:f8:49:f2:0b:10:02:b7:8e:5f:d4:e4:60:
                    3e:fa:f4:a0:42:b1:63:e7:9f:6a:65:4c:67:fc:9e:
                    79:8c:ad:ff:d8:0d:de:1b:76:8f:67:d5:2a:28:43:
                    b7:1c:e2:25:7d:ef:fd:84:19:45:0a:bc:f5:36:09:
                    a0:49:3b:ac:37:b3:b7:85:3e:fd:d5:b2:0b:64:15:
                    2f:b8:c8:24:74:51:ad:d9:09:7e:65:ef:1d:65:e7:
                    47:49:ed:32:b7:48:ed:65:33:e0:b3:65:3b:69:ab:
                    ef:c4:68:61:a6:c2:38:c9:17:90:7e:57:b0:74:43:
                    3b:f4:6e:b7:54:ba:7a:cc:43:ce:3e:1b:07:95:4c:
                    43:93:68:27:b9:62:b0:13:f1:05:1a:5e:7f:a5:ce:
                    62:8f:9c:4f:2a:3a:92:79:2e:6b:1e:45:e9:c0:db:
                    3e:ea:68:e0:bf:49:48:cb:e5:0f:ac:4b:97:b8:6a:
                    1a:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:C1:2F:7A:62:E3:4E:F0:B8:03:6C:AF:0C:A8:74:58:D5:79:57:5C
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/usEvemLjTvC4A2yvDKh0WNV5V1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.30.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:d5:5a:ca:3c:1d:32:32:f5:11:57:8b:f3:dd:e8:04:ec:04:
         f5:80:7d:17:9a:05:63:4c:4f:8d:1a:5e:4b:49:fe:31:a2:19:
         4d:2f:47:e8:eb:39:1f:f2:bc:81:23:1a:06:4f:75:c9:44:7e:
         e2:34:99:61:85:5e:79:57:2f:db:45:e0:ea:e0:50:d6:b0:f5:
         78:19:65:51:85:ee:1d:4d:5e:f3:e0:17:91:30:94:f6:b1:6b:
         58:e7:5e:c9:cd:e5:dc:25:cf:08:85:f1:9e:c7:1b:9b:ae:a6:
         4a:8e:d4:21:2d:95:ef:1c:59:e8:21:86:1f:b4:98:41:18:68:
         87:e6:b1:05:c9:89:74:8c:a7:b3:4f:c7:a3:90:ae:27:be:7e:
         de:1f:e2:87:fc:66:17:98:1a:98:90:20:35:17:08:ef:f5:05:
         b7:a2:44:c8:92:15:88:0b:5e:a4:8c:f7:41:20:30:1e:ff:fe:
         f8:86:e1:c1:36:73:58:82:87:27:42:04:9b:98:9a:c3:23:c4:
         44:d8:1f:7e:9e:ae:5b:ad:58:0e:d0:42:50:90:6e:b4:aa:de:
         86:a6:0a:1f:3d:82:e2:6a:92:70:96:14:2b:a5:de:65:2e:f6:
         bc:6b:a9:7a:27:51:95:1d:a9:f7:39:6d:de:fb:3a:15:5e:15:
         58:99:8d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJMcGv1VgT36nrKXehiAHtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDAyMDg1NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWMxMmY3YTYyZTM0ZWYwYjgwMzZjYWYwY2E4NzQ1OGQ1Nzk1NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziDEEmESEZIBZ9SSK5RVGYh4INb3
feeVmxbh7Wh0oAtpBD9HZQ0cdlI3YDmYeCvfoNfmSsdD81vj39GIaYfsRovZxk9/
oJjKUuPDZlT4SfILEAK3jl/U5GA++vSgQrFj559qZUxn/J55jK3/2A3eG3aPZ9Uq
KEO3HOIlfe/9hBlFCrz1NgmgSTusN7O3hT791bILZBUvuMgkdFGt2Ql+Ze8dZedH
Se0yt0jtZTPgs2U7aavvxGhhpsI4yReQflewdEM79G63VLp6zEPOPhsHlUxDk2gn
uWKwE/EFGl5/pc5ij5xPKjqSeS5rHkXpwNs+6mjgv0lIy+UPrEuXuGoafQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrBL3pi407wuANsrwyodFjVeVdcMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdXNFdmVtTGpUdkM0QTJ5dkRLaDBXTlY1VjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR7xMA0G
CSqGSIb3DQEBCwUAA4IBAQBh1VrKPB0yMvURV4vz3egE7AT1gH0XmgVjTE+NGl5L
Sf4xohlNL0fo6zkf8ryBIxoGT3XJRH7iNJlhhV55Vy/bReDq4FDWsPV4GWVRhe4d
TV7z4BeRMJT2sWtY517JzeXcJc8IhfGexxubrqZKjtQhLZXvHFnoIYYftJhBGGiH
5rEFyYl0jKezT8ejkK4nvn7eH+KH/GYXmBqYkCA1Fwjv9QW3okTIkhWIC16kjPdB
IDAe//74huHBNnNYgocnQgSbmJrDI8RE2B9+nq5brVgO0EJQkG60qt6GpgofPYLi
apJwlhQrpd5lLva8a6l6J1GVHan3OW3e+zoVXhVYmY04
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:51:15 2024 by rpki-client on console-ams.rpki-client.org