Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/UzcEcSoQN5I84zI7NjV23frCT1Q.roa
File:                     UzcEcSoQN5I84zI7NjV23frCT1Q.roa (raw, json)
Hash identifier:          BAdUepfvPtF7nusCXo+GN6vnkbTWVcdzgLfeKF7xkN4=
Subject key identifier:   53:37:04:71:2A:10:37:92:3C:E3:32:3B:36:35:76:DD:FA:C2:4F:54
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       018CC87076262338FA669D9BEB94898640E5
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/UzcEcSoQN5I84zI7NjV23frCT1Q.roa
Signing time:             Tue 02 Jan 2024 04:31:02 +0000
ROA not before:           Tue 02 Jan 2024 04:31:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        185.244.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Apr 2024 20:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:76:26:23:38:fa:66:9d:9b:eb:94:89:86:40:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Jan  2 04:31:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=533704712a1037923ce3323b363576ddfac24f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:53:bb:b2:ef:10:3a:64:a9:f0:4f:55:ea:13:
                    0b:95:92:b4:3f:64:c3:0d:fc:0b:18:75:d9:d7:e9:
                    c7:25:cd:eb:1f:16:37:a0:55:60:35:75:3c:e2:f0:
                    ff:02:af:1f:d7:59:fe:68:68:b8:fe:e1:ef:e8:97:
                    49:2a:37:5a:0f:63:52:f2:86:6d:07:25:9d:92:88:
                    0e:57:a5:2c:a7:e3:fc:63:cc:81:51:27:34:85:9a:
                    be:c1:c9:5b:67:b8:96:b6:e7:ca:5f:28:41:72:18:
                    35:58:2b:87:76:97:c4:76:a9:8b:bd:f9:9e:f0:b0:
                    a2:cb:e8:04:6c:35:d2:28:8a:3b:4d:13:d5:2a:30:
                    82:cb:d4:2e:80:a8:67:91:91:d4:5e:03:78:81:a7:
                    af:42:b9:2e:39:94:de:be:09:65:81:c4:11:63:8c:
                    09:76:10:b9:d2:53:63:72:cc:5c:f8:99:dd:cb:ac:
                    f7:57:d9:e0:18:df:ec:c4:bd:d3:e0:33:18:29:2b:
                    a2:b7:e0:83:a3:98:99:ef:ad:c0:47:e0:2c:4c:9c:
                    1d:b5:d3:73:47:9e:b6:28:26:13:d4:04:20:5b:ba:
                    94:e7:a8:0e:d0:f1:84:24:4c:93:3b:74:2e:5f:91:
                    ec:4c:68:0f:e9:cb:8e:ed:f9:fb:8e:98:bd:03:2b:
                    c3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:37:04:71:2A:10:37:92:3C:E3:32:3B:36:35:76:DD:FA:C2:4F:54
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/UzcEcSoQN5I84zI7NjV23frCT1Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:71:34:94:ee:43:77:95:43:f8:da:fc:56:b6:56:8a:67:b3:
         ea:be:a3:89:c6:0b:ae:95:bd:de:93:7f:74:4f:af:bc:04:2f:
         cf:4a:17:19:55:08:7e:e9:0f:8c:bd:f2:0c:0d:1c:7c:e3:20:
         bc:f0:f6:f7:80:f4:c1:db:5c:a9:02:ab:a8:6a:7a:08:75:ba:
         c4:de:13:06:a6:27:f2:22:c5:ab:be:e6:72:0f:dd:c3:50:b6:
         1f:91:3c:cb:66:f1:3f:cb:d2:b1:1c:03:bc:6f:06:31:7b:d8:
         d0:a8:89:22:06:24:3a:85:40:bd:39:5c:06:cf:d6:a4:79:28:
         41:84:87:4b:c0:ac:45:3f:6b:25:f4:72:38:12:73:13:91:12:
         6b:df:1d:68:e7:17:2f:ca:e4:eb:bb:69:3e:42:1b:ef:a5:07:
         4d:42:c3:fb:9b:ae:3b:a4:44:7d:48:0e:c3:fc:ae:4a:8f:3f:
         b0:bb:d9:fa:b5:10:e4:16:f6:d5:c9:91:73:8d:62:81:85:9d:
         d0:8a:a4:30:86:02:f4:c5:19:ad:9d:d3:8e:2c:29:1b:70:15:
         c4:07:7c:08:4e:45:f6:58:5c:df:aa:e3:6a:7c:5e:ba:4d:a1:
         0b:66:55:6c:d0:d1:49:fb:f2:ed:d9:75:6c:b0:cd:ef:37:99:
         ab:a1:27:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcHYmIzj6Zp2b65SJhkDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjQwMTAyMDQzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM3MDQ3MTJhMTAzNzkyM2NlMzMyM2IzNjM1NzZkZGZhYzI0ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFO7su8QOmSp8E9V6hMLlZK0P2TD
DfwLGHXZ1+nHJc3rHxY3oFVgNXU84vD/Aq8f11n+aGi4/uHv6JdJKjdaD2NS8oZt
ByWdkogOV6Usp+P8Y8yBUSc0hZq+wclbZ7iWtufKXyhBchg1WCuHdpfEdqmLvfme
8LCiy+gEbDXSKIo7TRPVKjCCy9QugKhnkZHUXgN4gaevQrkuOZTevgllgcQRY4wJ
dhC50lNjcsxc+Jndy6z3V9ngGN/sxL3T4DMYKSuit+CDo5iZ763AR+AsTJwdtdNz
R562KCYT1AQgW7qU56gO0PGEJEyTO3QuX5HsTGgP6cuO7fn7jpi9AyvDOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFM3BHEqEDeSPOMyOzY1dt36wk9UMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvVXpjRWNTb1FONUk4NHpJN05qVjIzZnJDVDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufRoMA0G
CSqGSIb3DQEBCwUAA4IBAQBVcTSU7kN3lUP42vxWtlaKZ7PqvqOJxguulb3ek390
T6+8BC/PShcZVQh+6Q+MvfIMDRx84yC88Pb3gPTB21ypAquoanoIdbrE3hMGpify
IsWrvuZyD93DULYfkTzLZvE/y9KxHAO8bwYxe9jQqIkiBiQ6hUC9OVwGz9akeShB
hIdLwKxFP2sl9HI4EnMTkRJr3x1o5xcvyuTru2k+QhvvpQdNQsP7m647pER9SA7D
/K5Kjz+wu9n6tRDkFvbVyZFzjWKBhZ3QiqQwhgL0xRmtndOOLCkbcBXEB3wITkX2
WFzfquNqfF66TaELZlVs0NFJ+/Lt2XVssM3vN5mroSe0
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:28:04 2024 by rpki-client on console-ams.rpki-client.org