Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/pKlLqWb2Ec1GyNRt9KcLMlb3Rag.roa
File:                     pKlLqWb2Ec1GyNRt9KcLMlb3Rag.roa (raw, json)
Hash identifier:          wYG3XUL9wT/eynISQ1e9jVe9GC6n0zL3AkldjWzXobE=
Subject key identifier:   A4:A9:4B:A9:66:F6:11:CD:46:C8:D4:6D:F4:A7:0B:32:56:F7:45:A8
Certificate issuer:       /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial:       018CC726D07DC7304EBF7605824AB7958D29
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/pKlLqWb2Ec1GyNRt9KcLMlb3Rag.roa
Signing time:             Mon 01 Jan 2024 22:30:58 +0000
ROA not before:           Mon 01 Jan 2024 22:30:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57093
IP address blocks:        109.237.100.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:d0:7d:c7:30:4e:bf:76:05:82:4a:b7:95:8d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
        Validity
            Not Before: Jan  1 22:30:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4a94ba966f611cd46c8d46df4a70b3256f745a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:7b:7e:19:7c:1a:cc:f2:98:1c:42:20:3c:17:
                    a4:de:40:f1:b5:2e:38:ff:89:8d:a2:3c:84:00:90:
                    e3:0b:97:a5:ff:fc:02:fb:52:0f:5c:db:73:17:4b:
                    06:9b:35:d0:73:59:67:a2:51:4e:72:de:48:9e:3a:
                    20:bf:18:64:3f:d4:3d:d6:0d:84:cf:b4:16:eb:34:
                    1e:87:e3:9d:72:31:87:aa:ab:08:d3:05:ed:15:63:
                    b5:4b:df:0c:7a:5c:16:e2:bf:58:fc:d6:d5:56:30:
                    ba:de:39:79:8a:19:b8:66:9d:ce:c7:30:01:0b:61:
                    72:eb:9f:70:02:f4:35:95:a4:32:f6:6e:2e:fc:b5:
                    62:5b:85:03:fc:3f:b3:52:e8:75:2c:c8:5d:b3:22:
                    ea:48:76:86:1e:47:e2:b6:2c:04:d4:27:f8:2d:89:
                    db:4c:11:31:08:77:45:53:f6:93:7f:a0:b5:2e:ec:
                    fc:a8:33:08:f7:72:e2:5d:59:d0:79:ab:46:1e:15:
                    d8:19:9e:54:df:1a:3c:5c:76:3c:09:08:96:c9:85:
                    6a:b0:e8:d5:6c:8e:5e:ee:9a:74:10:c1:58:c8:7a:
                    55:fc:7e:98:30:c1:7d:85:fb:54:64:0c:63:1e:dc:
                    94:27:81:c6:6c:7b:a4:12:33:b5:06:8c:45:3a:3b:
                    bf:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A9:4B:A9:66:F6:11:CD:46:C8:D4:6D:F4:A7:0B:32:56:F7:45:A8
            X509v3 Authority Key Identifier:
                keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/pKlLqWb2Ec1GyNRt9KcLMlb3Rag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.237.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:e5:e0:95:67:34:18:03:62:eb:93:cf:19:0c:91:2c:60:ca:
         ff:d6:fc:33:59:05:92:6b:c7:14:3b:89:55:c4:90:89:04:83:
         00:4a:ef:a4:5e:07:70:a8:59:58:5d:c9:8e:50:3f:5e:a6:f4:
         a0:f8:cf:74:d6:15:cf:ee:37:b7:33:32:8f:29:80:1d:69:e3:
         62:4c:f9:84:34:1c:15:ac:7b:b4:87:c3:bf:6a:c1:ee:b9:2a:
         c8:82:2a:d8:5c:37:aa:24:a8:f0:d4:5d:af:41:4c:5d:54:84:
         a5:ce:dc:5a:44:15:48:58:03:b8:93:ae:97:f0:c5:47:be:d5:
         cd:84:99:9c:5c:fc:95:e4:92:4b:30:28:5a:bb:65:90:fa:38:
         82:93:fe:0d:4f:c3:56:0c:4d:b2:14:a9:25:10:fd:fe:04:b6:
         bd:0d:a9:82:4d:42:5e:40:ee:ed:ec:e0:da:44:b7:58:6d:20:
         1c:ab:70:39:5b:a5:9b:b3:e8:7d:93:a9:1e:ad:ab:92:ed:9e:
         fb:79:86:52:31:2d:b0:a3:db:9a:5c:27:06:f6:b6:9d:20:39:
         0f:06:5e:06:5d:7f:de:75:05:da:99:2e:5d:98:6d:b8:3a:84:
         b1:d1:fa:ba:7b:89:91:0e:2b:2f:87:cd:91:d0:1a:1b:be:c3:
         75:21:eb:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJtB9xzBOv3YFgkq3lY0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwMTAxMjIzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE5NGJhOTY2ZjYxMWNkNDZjOGQ0NmRmNGE3MGIzMjU2Zjc0NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHt+GXwazPKYHEIgPBek3kDxtS44
/4mNojyEAJDjC5el//wC+1IPXNtzF0sGmzXQc1lnolFOct5InjogvxhkP9Q91g2E
z7QW6zQeh+OdcjGHqqsI0wXtFWO1S98MelwW4r9Y/NbVVjC63jl5ihm4Zp3OxzAB
C2Fy659wAvQ1laQy9m4u/LViW4UD/D+zUuh1LMhdsyLqSHaGHkfitiwE1Cf4LYnb
TBExCHdFU/aTf6C1Luz8qDMI93LiXVnQeatGHhXYGZ5U3xo8XHY8CQiWyYVqsOjV
bI5e7pp0EMFYyHpV/H6YMMF9hftUZAxjHtyUJ4HGbHukEjO1BoxFOju/QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSpS6lm9hHNRsjUbfSnCzJW90WoMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvcEtsTHFXYjJFYzFHeU5SdDlLY0xNbGIzUmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe1kMA0G
CSqGSIb3DQEBCwUAA4IBAQAK5eCVZzQYA2Lrk88ZDJEsYMr/1vwzWQWSa8cUO4lV
xJCJBIMASu+kXgdwqFlYXcmOUD9epvSg+M901hXP7je3MzKPKYAdaeNiTPmENBwV
rHu0h8O/asHuuSrIgirYXDeqJKjw1F2vQUxdVISlztxaRBVIWAO4k66X8MVHvtXN
hJmcXPyV5JJLMChau2WQ+jiCk/4NT8NWDE2yFKklEP3+BLa9DamCTUJeQO7t7ODa
RLdYbSAcq3A5W6Wbs+h9k6kerauS7Z77eYZSMS2wo9uaXCcG9radIDkPBl4GXX/e
dQXamS5dmG24OoSx0fq6e4mRDisvh82R0BobvsN1Ietu
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:12 2024 by rpki-client on console-fra.rpki-client.org