Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/RtazdHEjU4eq6uHDm8S7O4qwmVc.roa
File:                     RtazdHEjU4eq6uHDm8S7O4qwmVc.roa (raw, json)
Hash identifier:          QdnKgKg6jZIDgAUdcJtGOq2L5Y3Fc0X1nrFioROhXEQ=
Subject key identifier:   46:D6:B3:74:71:23:53:87:AA:EA:E1:C3:9B:C4:BB:3B:8A:B0:99:57
Certificate issuer:       /CN=070483d3d62f19c0835746dcb721c8832c3b7926
Certificate serial:       018CC4930023DA1EB1B504DD447E713A35C8
Authority key identifier: 07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/RtazdHEjU4eq6uHDm8S7O4qwmVc.roa
Signing time:             Mon 01 Jan 2024 10:30:17 +0000
ROA not before:           Mon 01 Jan 2024 10:30:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60619
IP address blocks:        185.249.144.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 06:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:00:23:da:1e:b1:b5:04:dd:44:7e:71:3a:35:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=070483d3d62f19c0835746dcb721c8832c3b7926
        Validity
            Not Before: Jan  1 10:30:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=46d6b37471235387aaeae1c39bc4bb3b8ab09957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:75:a3:d1:89:57:4d:32:44:90:72:c1:79:36:
                    5e:b4:5b:c2:4b:99:df:36:0b:a2:6e:50:ed:ae:1b:
                    88:2b:9f:97:3d:03:aa:75:d5:02:0e:3e:f8:c6:88:
                    c7:b8:96:99:84:01:78:e4:40:99:be:fb:1b:d2:da:
                    55:da:09:51:15:19:e1:e8:c1:32:f5:ca:38:c4:a5:
                    10:ca:c2:48:69:43:c4:8a:37:4f:b8:15:26:2c:a4:
                    6b:7c:fc:23:02:59:45:7e:20:5f:6d:e9:5f:fd:6e:
                    31:81:c9:3d:34:7a:76:f0:61:98:cd:0b:1f:23:6a:
                    83:d4:51:f5:64:44:fb:0f:b3:20:e5:ab:35:69:c3:
                    85:33:0d:ad:7d:37:09:9c:09:bd:5a:af:19:8c:8e:
                    7d:e5:c3:7b:e8:7a:90:80:15:6e:e4:87:73:d5:e5:
                    ad:c7:43:c9:9e:51:ca:1c:e1:2a:5b:e3:ef:02:6a:
                    06:1a:a0:bb:af:1a:57:23:3c:52:f9:ae:76:82:72:
                    82:87:27:c4:6a:7d:df:fb:98:0b:da:16:74:37:26:
                    ed:ba:e8:7e:cd:d6:72:aa:ca:27:b4:c7:ec:8a:d0:
                    40:c1:fa:a9:4a:7d:57:1d:0f:73:b1:84:c0:fe:92:
                    1c:70:0c:5f:03:8b:70:e5:53:1c:e5:e1:46:df:be:
                    90:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D6:B3:74:71:23:53:87:AA:EA:E1:C3:9B:C4:BB:3B:8A:B0:99:57
            X509v3 Authority Key Identifier:
                keyid:07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/RtazdHEjU4eq6uHDm8S7O4qwmVc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:47:1c:86:e0:ee:31:4f:d6:c4:cb:35:15:fe:f4:02:71:3b:
         d3:6b:c8:63:d0:28:5d:25:92:ec:63:0c:06:4a:f7:84:85:52:
         dc:b6:6d:15:ea:f9:73:c1:2a:d5:5e:1e:e0:7a:b3:96:55:ea:
         43:ce:c2:35:86:64:61:85:2d:db:73:33:67:c5:d1:c0:82:22:
         d8:4e:7e:68:44:67:ef:6e:37:17:88:d9:f8:31:a4:36:85:e6:
         82:8a:c3:6b:f0:84:23:46:a2:48:64:8b:15:3f:f4:98:56:4a:
         d0:01:3b:38:fc:9a:94:0e:79:f7:65:90:b9:27:1a:42:e8:10:
         5a:5d:38:5f:f6:7f:ce:ff:d6:7b:b7:cd:08:56:0b:87:f5:74:
         58:a2:22:b9:64:a2:5e:ba:b3:ba:81:7e:78:10:b1:97:34:3a:
         9b:12:81:05:6b:9c:09:e2:a6:b4:82:2b:e6:8f:53:b6:91:92:
         2a:6e:9a:7e:26:6e:93:68:20:72:6a:7e:e7:89:6a:a9:45:ea:
         94:6b:08:6e:77:2e:9b:6f:ca:1d:fd:af:16:1f:c5:7c:7b:05:
         c5:22:ba:a2:d3:39:d5:ad:55:31:00:71:7b:49:d9:32:95:97:
         31:db:f9:45:9d:1a:ab:bb:2b:0c:bc:bc:78:35:77:6a:f7:86:
         94:ae:79:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkwAj2h6xtQTdRH5xOjXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDQ4M2QzZDYyZjE5YzA4MzU3NDZkY2I3MjFjODgzMmMz
Yjc5MjYwHhcNMjQwMTAxMTAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmQ2YjM3NDcxMjM1Mzg3YWFlYWUxYzM5YmM0YmIzYjhhYjA5OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXWj0YlXTTJEkHLBeTZetFvCS5nf
NguiblDtrhuIK5+XPQOqddUCDj74xojHuJaZhAF45ECZvvsb0tpV2glRFRnh6MEy
9co4xKUQysJIaUPEijdPuBUmLKRrfPwjAllFfiBfbelf/W4xgck9NHp28GGYzQsf
I2qD1FH1ZET7D7Mg5as1acOFMw2tfTcJnAm9Wq8ZjI595cN76HqQgBVu5Idz1eWt
x0PJnlHKHOEqW+PvAmoGGqC7rxpXIzxS+a52gnKChyfEan3f+5gL2hZ0Nybtuuh+
zdZyqsontMfsitBAwfqpSn1XHQ9zsYTA/pIccAxfA4tw5VMc5eFG376QhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbWs3RxI1OHqurhw5vEuzuKsJlXMB8GA1UdIwQY
MBaAFAcEg9PWLxnAg1dG3LchyIMsO3kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAt
ZDQ0MmM0ZjllOWJkLzEvUnRhemRIRWpVNGVxNnVIRG04UzdPNHF3bVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAtZDQ0MmM0ZjllOWJk
LzEvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufmQMA0G
CSqGSIb3DQEBCwUAA4IBAQBuRxyG4O4xT9bEyzUV/vQCcTvTa8hj0ChdJZLsYwwG
SveEhVLctm0V6vlzwSrVXh7gerOWVepDzsI1hmRhhS3bczNnxdHAgiLYTn5oRGfv
bjcXiNn4MaQ2heaCisNr8IQjRqJIZIsVP/SYVkrQATs4/JqUDnn3ZZC5JxpC6BBa
XThf9n/O/9Z7t80IVguH9XRYoiK5ZKJeurO6gX54ELGXNDqbEoEFa5wJ4qa0givm
j1O2kZIqbpp+Jm6TaCByan7niWqpReqUawhudy6bb8od/a8WH8V8ewXFIrqi0znV
rVUxAHF7SdkylZcx2/lFnRqruysMvLx4NXdq94aUrnkD
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:28:02 2024 by rpki-client on console-ams.rpki-client.org