Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/TP0TzZDlkPPtqRoQMJxU_vRM1zY.roa
File:                     TP0TzZDlkPPtqRoQMJxU_vRM1zY.roa (raw, json)
Hash identifier:          57pAG+P47+URS/QwHQq0gNyhTnT0E/lfhtlZkixhM2U=
Subject key identifier:   4C:FD:13:CD:90:E5:90:F3:ED:A9:1A:10:30:9C:54:FE:F4:4C:D7:36
Certificate issuer:       /CN=9332711170768950fdd9f9defe651f2d5a1312be
Certificate serial:       018CC6B927FD6EAB35E372FCF8B6381A8D2A
Authority key identifier: 93:32:71:11:70:76:89:50:FD:D9:F9:DE:FE:65:1F:2D:5A:13:12:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzJxEXB2iVD92fne_mUfLVoTEr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/TP0TzZDlkPPtqRoQMJxU_vRM1zY.roa
Signing time:             Mon 01 Jan 2024 20:31:12 +0000
ROA not before:           Mon 01 Jan 2024 20:31:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     13237
IP address blocks:        193.178.217.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/kzJxEXB2iVD92fne_mUfLVoTEr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/kzJxEXB2iVD92fne_mUfLVoTEr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kzJxEXB2iVD92fne_mUfLVoTEr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:27:fd:6e:ab:35:e3:72:fc:f8:b6:38:1a:8d:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9332711170768950fdd9f9defe651f2d5a1312be
        Validity
            Not Before: Jan  1 20:31:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4cfd13cd90e590f3eda91a10309c54fef44cd736
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:30:75:df:be:2b:6e:98:39:04:f5:96:5c:0c:
                    a2:58:43:27:0e:f3:d7:5f:1e:ce:1c:9e:b1:f4:d1:
                    d6:7b:87:71:65:8e:cb:4c:5d:37:6e:12:60:bb:4c:
                    41:e9:f8:7a:68:e5:d0:8c:8b:2a:1a:c0:99:b9:ca:
                    58:17:ff:67:eb:39:26:bc:b5:db:bd:bd:49:59:f2:
                    70:be:b4:55:4c:54:8a:fa:b0:a9:24:32:d4:b2:cd:
                    81:ca:59:48:9f:fb:4d:2b:b2:76:3b:cc:19:be:50:
                    00:1a:e1:e2:b0:7b:5f:d7:35:7a:e4:c5:98:96:39:
                    a1:45:42:28:4d:eb:31:c2:01:c9:92:e4:9b:a9:2b:
                    58:7f:66:66:46:e4:c2:24:23:a7:6f:44:2c:55:71:
                    8d:9c:f5:57:cd:a4:05:06:2d:be:2c:02:06:58:0e:
                    d7:fc:07:74:ec:8b:3a:f8:49:6b:2f:76:a1:b1:45:
                    32:a1:f2:5a:61:4d:de:f7:be:57:37:2d:61:e4:0e:
                    45:fc:02:cd:e5:11:b1:77:32:b2:1b:21:8c:61:32:
                    c0:42:da:05:5d:76:00:21:a4:de:1e:d4:77:c8:77:
                    3a:60:8f:75:ad:85:f5:46:4d:24:05:35:ef:d9:c8:
                    bc:1f:e0:62:15:f9:22:2d:92:b2:08:cd:5d:53:05:
                    75:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:FD:13:CD:90:E5:90:F3:ED:A9:1A:10:30:9C:54:FE:F4:4C:D7:36
            X509v3 Authority Key Identifier:
                keyid:93:32:71:11:70:76:89:50:FD:D9:F9:DE:FE:65:1F:2D:5A:13:12:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzJxEXB2iVD92fne_mUfLVoTEr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/TP0TzZDlkPPtqRoQMJxU_vRM1zY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/afcd40-2a50-4c11-ba47-e11ffec89cd4/1/kzJxEXB2iVD92fne_mUfLVoTEr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:e0:67:30:81:1c:24:b0:ce:be:44:66:74:f1:d2:28:e2:10:
         2a:ac:d3:2c:e9:fe:e4:1a:08:31:38:e2:17:e4:8f:3c:dc:89:
         ec:50:be:c4:89:11:c5:87:c9:00:cf:66:8c:a8:4f:75:b8:9e:
         be:1e:b0:8c:a6:36:ec:ef:58:58:38:b1:1b:d5:08:ff:1a:68:
         80:1f:45:37:6e:60:0e:9e:ea:e2:15:b3:a9:1a:ef:64:4e:a3:
         d6:0d:6e:3b:77:8c:12:f8:04:44:f1:74:cd:56:29:d5:62:e0:
         2a:ed:4e:d4:cc:2b:ab:55:2a:c1:13:a2:07:50:f2:a7:7c:9d:
         bf:41:f6:23:5d:cf:00:70:ac:a3:b9:6a:4f:f7:c6:95:9d:b6:
         3b:95:b7:15:2c:6f:03:a2:19:55:0e:de:10:d6:82:a8:d9:8e:
         36:53:ea:4d:db:40:5a:0b:bd:80:9c:d2:1a:f2:73:86:83:86:
         0c:e7:c7:40:28:7b:d0:d4:c6:b8:a0:fd:f3:b8:ad:af:ec:75:
         eb:f9:f3:2a:2b:b9:d7:4a:15:28:19:a3:89:a8:fd:68:c6:22:
         ea:e0:78:0f:d1:5f:76:2d:4a:2d:62:49:0b:c4:a0:8b:6f:b5:
         f7:1f:7c:9d:a6:dd:3e:03:df:ee:eb:2f:6d:71:90:16:dd:a7:
         06:75:ef:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSf9bqs143L8+LY4Go0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzI3MTExNzA3Njg5NTBmZGQ5ZjlkZWZlNjUxZjJkNWEx
MzEyYmUwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZkMTNjZDkwZTU5MGYzZWRhOTFhMTAzMDljNTRmZWY0NGNkNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDB1374rbpg5BPWWXAyiWEMnDvPX
Xx7OHJ6x9NHWe4dxZY7LTF03bhJgu0xB6fh6aOXQjIsqGsCZucpYF/9n6zkmvLXb
vb1JWfJwvrRVTFSK+rCpJDLUss2ByllIn/tNK7J2O8wZvlAAGuHisHtf1zV65MWY
ljmhRUIoTesxwgHJkuSbqStYf2ZmRuTCJCOnb0QsVXGNnPVXzaQFBi2+LAIGWA7X
/Ad07Is6+ElrL3ahsUUyofJaYU3e975XNy1h5A5F/ALN5RGxdzKyGyGMYTLAQtoF
XXYAIaTeHtR3yHc6YI91rYX1Rk0kBTXv2ci8H+BiFfkiLZKyCM1dUwV1twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEz9E82Q5ZDz7akaEDCcVP70TNc2MB8GA1UdIwQY
MBaAFJMycRFwdolQ/dn53v5lHy1aExK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pKeEVYQjJpVkQ5MmZuZV9tVWZMVm9URXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hZmNkNDAtMmE1MC00YzExLWJhNDct
ZTExZmZlYzg5Y2Q0LzEvVFAwVHpaRGxrUFB0cVJvUU1KeFVfdlJNMXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hZmNkNDAtMmE1MC00YzExLWJhNDctZTExZmZlYzg5Y2Q0
LzEva3pKeEVYQjJpVkQ5MmZuZV9tVWZMVm9URXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbLZMA0G
CSqGSIb3DQEBCwUAA4IBAQBk4GcwgRwksM6+RGZ08dIo4hAqrNMs6f7kGggxOOIX
5I883InsUL7EiRHFh8kAz2aMqE91uJ6+HrCMpjbs71hYOLEb1Qj/GmiAH0U3bmAO
nuriFbOpGu9kTqPWDW47d4wS+ARE8XTNVinVYuAq7U7UzCurVSrBE6IHUPKnfJ2/
QfYjXc8AcKyjuWpP98aVnbY7lbcVLG8DohlVDt4Q1oKo2Y42U+pN20BaC72AnNIa
8nOGg4YM58dAKHvQ1Ma4oP3zuK2v7HXr+fMqK7nXShUoGaOJqP1oxiLq4HgP0V92
LUotYkkLxKCLb7X3H3ydpt0+A9/u6y9tcZAW3acGde+A
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:23:41 2024 by rpki-client on console-ams.rpki-client.org