Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/ATmytBbMvl9Hkpok730RBQFOShI.roa
File:                     ATmytBbMvl9Hkpok730RBQFOShI.roa (raw, json)
Hash identifier:          p8S4iqHGLLVg9kk/UstSL7O99USLHzryu3wp4y/poQ8=
Subject key identifier:   01:39:B2:B4:16:CC:BE:5F:47:92:9A:24:EF:7D:11:05:01:4E:4A:12
Certificate issuer:       /CN=445df13d20f3b571a4ba610b81e6303db6d099c0
Certificate serial:       018CCA2B71A44200DACC37D322578A34669F
Authority key identifier: 44:5D:F1:3D:20:F3:B5:71:A4:BA:61:0B:81:E6:30:3D:B6:D0:99:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RF3xPSDztXGkumELgeYwPbbQmcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/ATmytBbMvl9Hkpok730RBQFOShI.roa
Signing time:             Tue 02 Jan 2024 12:34:53 +0000
ROA not before:           Tue 02 Jan 2024 12:34:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34263
IP address blocks:        185.225.225.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/RF3xPSDztXGkumELgeYwPbbQmcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/RF3xPSDztXGkumELgeYwPbbQmcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RF3xPSDztXGkumELgeYwPbbQmcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 29 Jun 2024 08:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:71:a4:42:00:da:cc:37:d3:22:57:8a:34:66:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=445df13d20f3b571a4ba610b81e6303db6d099c0
        Validity
            Not Before: Jan  2 12:34:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0139b2b416ccbe5f47929a24ef7d1105014e4a12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7c:49:15:bc:be:03:30:f6:f8:61:07:83:46:
                    94:b1:63:1f:8c:5d:b7:2b:b1:3d:56:3d:18:5b:e7:
                    1b:7b:3e:8a:d6:62:f8:7f:a3:62:47:dd:aa:14:a3:
                    88:ca:ce:3f:5a:16:6c:cb:a2:32:8b:e1:02:93:97:
                    8c:35:69:b4:36:b7:53:7e:d4:d7:87:0b:1e:a4:95:
                    25:14:a9:e3:9d:7a:62:13:17:81:8a:82:3f:99:2c:
                    2a:30:03:a1:4d:8f:c0:4e:94:10:21:b4:fb:d6:d6:
                    8f:05:ba:1f:fc:fc:5d:df:21:5c:0d:97:d0:da:2d:
                    79:10:8d:70:80:73:9d:26:e1:09:92:86:2c:36:c6:
                    e7:96:4b:28:6c:e3:5f:b0:8e:83:76:6d:c2:be:7f:
                    51:08:99:dd:ad:35:60:7f:b5:79:ec:94:76:b2:c1:
                    85:d5:f1:e5:3f:33:6a:21:97:7b:61:d8:65:a6:56:
                    c2:b1:31:ce:71:aa:e5:5f:bd:29:90:38:43:aa:c4:
                    49:54:58:b1:71:b1:5c:9f:36:6b:b0:75:c0:3f:2e:
                    1b:38:57:37:2f:b9:61:f8:0c:f5:0f:ed:5e:1a:99:
                    12:00:59:a5:ed:20:4c:ec:ca:b2:2f:fe:14:8e:45:
                    05:bc:0b:85:14:27:0a:ec:93:0e:bf:48:99:ae:3f:
                    f9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:39:B2:B4:16:CC:BE:5F:47:92:9A:24:EF:7D:11:05:01:4E:4A:12
            X509v3 Authority Key Identifier:
                keyid:44:5D:F1:3D:20:F3:B5:71:A4:BA:61:0B:81:E6:30:3D:B6:D0:99:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RF3xPSDztXGkumELgeYwPbbQmcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/ATmytBbMvl9Hkpok730RBQFOShI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/dc46ec-6428-4e5f-9a19-4f54ad755b20/1/RF3xPSDztXGkumELgeYwPbbQmcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:0a:3b:40:5a:fb:87:a7:31:e8:1b:12:fc:7c:b7:be:93:06:
         dd:59:5d:58:5c:79:7e:09:2d:60:d8:66:4e:14:d4:37:55:60:
         ce:e4:96:3e:43:89:21:2b:55:d0:71:b6:06:05:92:11:94:c1:
         cd:4f:f2:8a:d7:be:ca:a2:bb:d2:df:e1:24:e0:74:cb:32:bb:
         36:80:52:9e:98:b3:ba:34:16:9c:78:13:a6:0d:5b:fd:28:ed:
         e2:52:7c:7c:05:ba:fb:b6:0d:40:be:84:b2:9e:e5:dd:1f:12:
         e1:1e:0f:15:1e:9f:60:e7:64:49:24:bb:64:b7:4c:3a:fc:b1:
         ce:90:89:35:f8:f6:dc:e7:d2:c4:74:58:27:8a:0a:40:51:de:
         92:02:85:e8:b6:48:66:dc:3b:11:4a:bd:62:4d:84:5d:f9:53:
         aa:50:be:2e:0c:b9:20:4b:4a:e7:c6:8a:60:cc:ff:d3:e1:0a:
         0d:cb:8d:20:b5:ad:10:e1:2f:93:89:42:42:48:ce:74:0b:ff:
         8f:25:96:4f:ce:3f:9d:c2:3d:55:96:7d:3a:50:9c:bd:b3:1f:
         ac:d3:d3:27:74:df:50:fd:4e:65:19:f8:73:e9:b2:ee:f9:36:
         45:f0:4f:2a:f2:7d:dd:d2:b1:58:43:68:e7:70:4f:b1:b6:bb:
         86:19:e0:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK3GkQgDazDfTIleKNGafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NWRmMTNkMjBmM2I1NzFhNGJhNjEwYjgxZTYzMDNkYjZk
MDk5YzAwHhcNMjQwMTAyMTIzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM5YjJiNDE2Y2NiZTVmNDc5MjlhMjRlZjdkMTEwNTAxNGU0YTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXxJFby+AzD2+GEHg0aUsWMfjF23
K7E9Vj0YW+cbez6K1mL4f6NiR92qFKOIys4/WhZsy6Iyi+ECk5eMNWm0NrdTftTX
hwsepJUlFKnjnXpiExeBioI/mSwqMAOhTY/ATpQQIbT71taPBbof/Pxd3yFcDZfQ
2i15EI1wgHOdJuEJkoYsNsbnlksobONfsI6Ddm3Cvn9RCJndrTVgf7V57JR2ssGF
1fHlPzNqIZd7YdhlplbCsTHOcarlX70pkDhDqsRJVFixcbFcnzZrsHXAPy4bOFc3
L7lh+Az1D+1eGpkSAFml7SBM7MqyL/4UjkUFvAuFFCcK7JMOv0iZrj/5kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE5srQWzL5fR5KaJO99EQUBTkoSMB8GA1UdIwQY
MBaAFERd8T0g87VxpLphC4HmMD220JnAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkYzeFBTRHp0WEdrdW1FTGdlWXdQYmJRbWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kYzQ2ZWMtNjQyOC00ZTVmLTlhMTkt
NGY1NGFkNzU1YjIwLzEvQVRteXRCYk12bDlIa3BvazczMFJCUUZPU2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kYzQ2ZWMtNjQyOC00ZTVmLTlhMTktNGY1NGFkNzU1YjIw
LzEvUkYzeFBTRHp0WEdrdW1FTGdlWXdQYmJRbWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHhMA0G
CSqGSIb3DQEBCwUAA4IBAQAMCjtAWvuHpzHoGxL8fLe+kwbdWV1YXHl+CS1g2GZO
FNQ3VWDO5JY+Q4khK1XQcbYGBZIRlMHNT/KK177KorvS3+Ek4HTLMrs2gFKemLO6
NBaceBOmDVv9KO3iUnx8Bbr7tg1AvoSynuXdHxLhHg8VHp9g52RJJLtkt0w6/LHO
kIk1+Pbc59LEdFgnigpAUd6SAoXotkhm3DsRSr1iTYRd+VOqUL4uDLkgS0rnxopg
zP/T4QoNy40gta0Q4S+TiUJCSM50C/+PJZZPzj+dwj1Vln06UJy9sx+s09MndN9Q
/U5lGfhz6bLu+TZF8E8q8n3d0rFYQ2jncE+xtruGGeAA
-----END CERTIFICATE-----
Generated at Fri Jun 28 17:53:43 2024 by rpki-client on console-ams.rpki-client.org