Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/mCyNSgBEcbQmKwjiKRc7QpO9Jak.roa
File:                     mCyNSgBEcbQmKwjiKRc7QpO9Jak.roa (raw, json)
Hash identifier:          FoBUzYK+0XU/QS7JhPXxw1rJVOG+XUEC02jPuBFD8aA=
Subject key identifier:   98:2C:8D:4A:00:44:71:B4:26:2B:08:E2:29:17:3B:42:93:BD:25:A9
Certificate issuer:       /CN=6954e90899ff25644520724cde8c211613600bef
Certificate serial:       018D45660A05792AAC5D51A4C485F14E44F0
Authority key identifier: 69:54:E9:08:99:FF:25:64:45:20:72:4C:DE:8C:21:16:13:60:0B:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVTpCJn_JWRFIHJM3owhFhNgC-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/mCyNSgBEcbQmKwjiKRc7QpO9Jak.roa
Signing time:             Fri 26 Jan 2024 10:52:11 +0000
ROA not before:           Fri 26 Jan 2024 10:52:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1299
IP address blocks:        185.95.136.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/aVTpCJn_JWRFIHJM3owhFhNgC-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/aVTpCJn_JWRFIHJM3owhFhNgC-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aVTpCJn_JWRFIHJM3owhFhNgC-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 May 2024 07:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:45:66:0a:05:79:2a:ac:5d:51:a4:c4:85:f1:4e:44:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6954e90899ff25644520724cde8c211613600bef
        Validity
            Not Before: Jan 26 10:52:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=982c8d4a004471b4262b08e229173b4293bd25a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:94:ec:d8:93:d2:35:01:8f:e3:5b:17:64:25:
                    21:05:56:9d:49:00:47:3c:7a:39:ea:34:19:ca:5b:
                    cd:ba:1e:aa:7b:aa:70:ab:8b:4a:7b:80:e1:c1:eb:
                    0b:f6:4d:e4:ec:97:52:ec:a1:93:af:61:33:0f:d8:
                    58:28:bb:f3:fc:76:e7:54:f5:53:65:3a:68:f8:18:
                    5d:73:e0:c1:8c:c7:03:ba:71:9f:74:54:af:6d:7a:
                    23:2f:dd:0b:a0:5e:c0:b9:7d:d7:d5:4c:1e:89:8f:
                    20:22:5b:6e:00:0e:76:3d:bc:e7:62:84:3a:ba:89:
                    20:f5:e8:b3:93:f0:42:a5:be:f6:14:12:32:db:b5:
                    d9:52:0e:6b:07:f6:e7:fc:a9:bb:63:c4:b9:91:35:
                    ec:86:55:42:05:c6:95:0f:25:ba:29:cc:3f:38:48:
                    00:aa:6c:ca:74:f8:36:11:45:48:bc:28:d9:83:a5:
                    ef:43:42:53:89:e3:f1:7c:91:95:95:bd:7b:04:c0:
                    89:43:16:77:f6:64:ef:08:ff:1b:3c:21:70:d0:da:
                    44:ff:f0:db:81:d8:09:d1:5c:f8:90:0b:15:f8:11:
                    5c:a1:4f:63:02:e0:f0:46:ee:e4:72:78:6b:fc:53:
                    35:36:b3:02:5c:05:4e:07:69:8a:1b:ff:b6:3c:a5:
                    c6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:2C:8D:4A:00:44:71:B4:26:2B:08:E2:29:17:3B:42:93:BD:25:A9
            X509v3 Authority Key Identifier:
                keyid:69:54:E9:08:99:FF:25:64:45:20:72:4C:DE:8C:21:16:13:60:0B:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVTpCJn_JWRFIHJM3owhFhNgC-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/mCyNSgBEcbQmKwjiKRc7QpO9Jak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1cb911-5e7f-49e8-b4f0-3f6ee705915b/1/aVTpCJn_JWRFIHJM3owhFhNgC-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         49:99:d9:71:f3:bd:d3:01:5d:be:61:e4:8f:5a:0e:5b:00:73:
         f5:9e:f2:3b:1a:78:bb:61:06:61:99:89:d3:52:21:2c:e4:76:
         4f:dd:f0:1e:23:78:b1:af:e0:9f:c8:25:66:5d:15:be:ec:71:
         c8:e3:77:af:b7:80:52:95:20:d5:33:24:2f:b1:05:4d:7c:dc:
         6d:e3:e6:bd:8f:9b:dd:b8:26:2f:02:13:26:a0:57:a5:dd:fc:
         6c:57:a1:ab:09:aa:e8:b2:82:15:94:55:8c:40:9e:a0:19:8b:
         35:3d:9e:df:e5:2a:c7:bc:e5:ad:95:41:8f:0d:71:97:71:41:
         62:15:af:64:38:95:c6:bd:7d:dd:c9:a0:36:21:d4:24:32:32:
         b9:d7:70:8c:43:22:6f:8a:7d:17:26:57:39:95:97:e9:66:db:
         0e:dd:02:9d:0e:44:33:4e:3e:f3:b9:84:58:02:d2:f8:31:7a:
         c4:aa:95:87:40:f4:6e:36:73:d0:7b:77:65:08:aa:c9:b4:be:
         94:e8:98:56:12:12:07:79:75:34:48:bf:29:08:d0:49:b1:c5:
         09:de:ce:0b:ef:b3:88:5c:83:be:f7:fe:9e:1e:6b:0e:15:fd:
         76:02:99:96:40:a7:f1:2c:c9:65:80:8e:85:42:8e:2f:8d:b6:
         d9:e9:26:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1FZgoFeSqsXVGkxIXxTkTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTRlOTA4OTlmZjI1NjQ0NTIwNzI0Y2RlOGMyMTE2MTM2
MDBiZWYwHhcNMjQwMTI2MTA1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJjOGQ0YTAwNDQ3MWI0MjYyYjA4ZTIyOTE3M2I0MjkzYmQyNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpTs2JPSNQGP41sXZCUhBVadSQBH
PHo56jQZylvNuh6qe6pwq4tKe4DhwesL9k3k7JdS7KGTr2EzD9hYKLvz/HbnVPVT
ZTpo+Bhdc+DBjMcDunGfdFSvbXojL90LoF7AuX3X1UweiY8gIltuAA52PbznYoQ6
uokg9eizk/BCpb72FBIy27XZUg5rB/bn/Km7Y8S5kTXshlVCBcaVDyW6Kcw/OEgA
qmzKdPg2EUVIvCjZg6XvQ0JTiePxfJGVlb17BMCJQxZ39mTvCP8bPCFw0NpE//Db
gdgJ0Vz4kAsV+BFcoU9jAuDwRu7kcnhr/FM1NrMCXAVOB2mKG/+2PKXGmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgsjUoARHG0JisI4ikXO0KTvSWpMB8GA1UdIwQY
MBaAFGlU6QiZ/yVkRSByTN6MIRYTYAvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZUcENKbl9KV1JGSUhKTTNvd2hGaE5nQy04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xY2I5MTEtNWU3Zi00OWU4LWI0ZjAt
M2Y2ZWU3MDU5MTViLzEvbUN5TlNnQkVjYlFtS3dqaUtSYzdRcE85SmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xY2I5MTEtNWU3Zi00OWU4LWI0ZjAtM2Y2ZWU3MDU5MTVi
LzEvYVZUcENKbl9KV1JGSUhKTTNvd2hGaE5nQy04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV+IMA0G
CSqGSIb3DQEBCwUAA4IBAQBJmdlx873TAV2+YeSPWg5bAHP1nvI7Gni7YQZhmYnT
UiEs5HZP3fAeI3ixr+CfyCVmXRW+7HHI43evt4BSlSDVMyQvsQVNfNxt4+a9j5vd
uCYvAhMmoFel3fxsV6GrCarosoIVlFWMQJ6gGYs1PZ7f5SrHvOWtlUGPDXGXcUFi
Fa9kOJXGvX3dyaA2IdQkMjK513CMQyJvin0XJlc5lZfpZtsO3QKdDkQzTj7zuYRY
AtL4MXrEqpWHQPRuNnPQe3dlCKrJtL6U6JhWEhIHeXU0SL8pCNBJscUJ3s4L77OI
XIO+9/6eHmsOFf12ApmWQKfxLMllgI6FQo4vjbbZ6SZw
-----END CERTIFICATE-----
Generated at Wed May 15 16:15:01 2024 by rpki-client on console-ams.rpki-client.org