Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/kSJBVDkBkSVKJTlrBdzVkxhV0NM.roa
File:                     kSJBVDkBkSVKJTlrBdzVkxhV0NM.roa (raw, json)
Hash identifier:          KohzX+xGRHjMxGt3MF6goeq7pRMg8xO0Z4xpz6UqS7U=
Subject key identifier:   91:22:41:54:39:01:91:25:4A:25:39:6B:05:DC:D5:93:18:55:D0:D3
Certificate issuer:       /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial:       018CC727242603CDB86F750C62EBC2DF410C
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/kSJBVDkBkSVKJTlrBdzVkxhV0NM.roa
Signing time:             Mon 01 Jan 2024 22:31:20 +0000
ROA not before:           Mon 01 Jan 2024 22:31:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208972
IP address blocks:        185.233.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 15:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:24:26:03:cd:b8:6f:75:0c:62:eb:c2:df:41:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
        Validity
            Not Before: Jan  1 22:31:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=91224154390191254a25396b05dcd5931855d0d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2f:d4:49:83:77:8e:b8:ce:83:1b:eb:0a:ac:
                    b7:f2:38:c5:9f:33:38:37:80:be:30:c5:0c:93:e5:
                    d1:65:90:fc:56:f7:3a:db:97:35:af:26:8b:be:0e:
                    48:ff:67:52:47:ea:0e:b2:af:73:5b:2b:fa:e6:81:
                    23:d7:05:4b:5c:1b:e3:64:91:98:d5:17:d2:2b:0a:
                    3a:54:fe:46:30:c3:b1:b2:41:71:83:e7:0e:8a:2c:
                    95:d7:17:77:3c:18:84:7c:57:8d:57:b3:97:c1:24:
                    6d:7f:fb:c2:cc:3b:a7:36:c9:5c:4c:71:33:65:0a:
                    f0:11:81:c6:bb:a0:e0:0b:2c:27:53:5f:40:43:7e:
                    20:42:b6:33:41:f4:66:90:a8:ea:eb:c8:b5:e3:a7:
                    49:b6:4a:72:b9:a3:05:02:3a:0f:2f:50:ca:54:03:
                    8c:0d:2e:7f:88:d0:fb:c4:22:6b:5a:e4:01:48:31:
                    12:f2:4c:0d:66:fe:70:30:96:a3:22:2f:16:41:74:
                    06:17:6a:90:9a:27:27:73:22:8d:46:28:bb:a8:76:
                    53:e7:80:c7:a6:77:d5:16:19:bc:52:44:77:5e:28:
                    51:fb:bf:72:81:18:f2:ba:6b:02:db:48:c2:72:4f:
                    dd:0c:1a:12:09:ac:92:90:d3:bf:25:a2:8c:8c:7d:
                    b3:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:22:41:54:39:01:91:25:4A:25:39:6B:05:DC:D5:93:18:55:D0:D3
            X509v3 Authority Key Identifier:
                keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/kSJBVDkBkSVKJTlrBdzVkxhV0NM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.233.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:05:99:f9:99:27:13:78:0d:f0:1f:d0:b9:87:fb:f1:23:b7:
         12:02:bd:80:ad:62:12:d7:46:0e:7c:01:27:08:31:db:c5:f0:
         c2:f5:fa:67:4f:53:72:ff:52:79:b9:2b:cf:9f:ce:64:9c:61:
         13:96:f1:8c:ab:25:0a:6a:7f:6c:df:05:cc:81:bf:80:80:45:
         20:4b:16:05:d0:9c:78:52:19:67:73:05:0a:e7:94:84:03:98:
         bb:9f:75:19:df:19:6c:75:0d:90:00:06:51:5a:68:a0:8e:b8:
         f1:13:c1:75:4f:5d:26:59:f6:fa:b9:62:df:a8:c9:fa:13:f2:
         02:7e:3a:a6:7b:aa:72:e1:98:e9:cc:16:78:93:5a:d6:9e:69:
         dd:6a:53:e0:37:f1:73:cd:a1:17:a2:b7:2d:9d:7a:b6:0e:c1:
         c2:98:17:87:0b:36:f1:13:a6:9b:84:ab:48:6b:26:2a:e0:2b:
         ba:70:8f:89:95:57:91:66:4e:9c:05:a0:af:dc:e6:1f:1d:b4:
         53:5d:98:0b:88:5a:24:de:0e:22:36:d9:93:24:b4:fd:36:52:
         b5:b7:be:7b:79:0f:e2:35:0d:c8:5e:e2:b8:fd:21:a7:35:f5:
         ef:a4:38:c4:cc:24:e8:7b:e6:4a:49:28:27:a6:ec:0f:f2:68:
         39:77:1a:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJyQmA824b3UMYuvC30EMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjQwMTAxMjIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTIyNDE1NDM5MDE5MTI1NGEyNTM5NmIwNWRjZDU5MzE4NTVkMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS/USYN3jrjOgxvrCqy38jjFnzM4
N4C+MMUMk+XRZZD8Vvc625c1ryaLvg5I/2dSR+oOsq9zWyv65oEj1wVLXBvjZJGY
1RfSKwo6VP5GMMOxskFxg+cOiiyV1xd3PBiEfFeNV7OXwSRtf/vCzDunNslcTHEz
ZQrwEYHGu6DgCywnU19AQ34gQrYzQfRmkKjq68i146dJtkpyuaMFAjoPL1DKVAOM
DS5/iND7xCJrWuQBSDES8kwNZv5wMJajIi8WQXQGF2qQmicncyKNRii7qHZT54DH
pnfVFhm8UkR3XihR+79ygRjyumsC20jCck/dDBoSCaySkNO/JaKMjH2zIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEiQVQ5AZElSiU5awXc1ZMYVdDTMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEva1NKQlZEa0JrU1ZLSlRsckJkelZreGhWME5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuen0MA0G
CSqGSIb3DQEBCwUAA4IBAQCNBZn5mScTeA3wH9C5h/vxI7cSAr2ArWIS10YOfAEn
CDHbxfDC9fpnT1Ny/1J5uSvPn85knGETlvGMqyUKan9s3wXMgb+AgEUgSxYF0Jx4
UhlncwUK55SEA5i7n3UZ3xlsdQ2QAAZRWmigjrjxE8F1T10mWfb6uWLfqMn6E/IC
fjqme6py4ZjpzBZ4k1rWnmndalPgN/FzzaEXorctnXq2DsHCmBeHCzbxE6abhKtI
ayYq4Cu6cI+JlVeRZk6cBaCv3OYfHbRTXZgLiFok3g4iNtmTJLT9NlK1t757eQ/i
NQ3IXuK4/SGnNfXvpDjEzCToe+ZKSSgnpuwP8mg5dxoc
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:06:47 2024 by rpki-client on console-ams.rpki-client.org