Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/SaBDgGPdSywOc1OTZ8SjW4aaqOk.roa
File:                     SaBDgGPdSywOc1OTZ8SjW4aaqOk.roa (raw, json)
Hash identifier:          QpRbqrmljZEoRZAxAcREU4Mj06dqTes67UZmic2uLIs=
Subject key identifier:   49:A0:43:80:63:DD:4B:2C:0E:73:53:93:67:C4:A3:5B:86:9A:A8:E9
Certificate issuer:       /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial:       018F58A93A7F8D9B8497875DF53D8232567E
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/SaBDgGPdSywOc1OTZ8SjW4aaqOk.roa
Signing time:             Wed 08 May 2024 14:43:56 +0000
ROA not before:           Wed 08 May 2024 14:43:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205113
IP address blocks:        80.231.188.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:58:a9:3a:7f:8d:9b:84:97:87:5d:f5:3d:82:32:56:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
        Validity
            Not Before: May  8 14:43:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=49a0438063dd4b2c0e73539367c4a35b869aa8e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:04:c8:bb:46:55:c1:fc:7f:32:f7:66:bd:0d:
                    75:45:f9:cd:bb:07:12:c7:2b:04:9a:2c:46:40:25:
                    1e:bd:3d:43:5a:f3:34:a0:f0:1a:db:c1:59:81:90:
                    11:b0:08:1f:28:19:52:8c:d1:98:40:c5:e3:54:d8:
                    a0:71:6b:4f:59:14:b3:2d:d2:12:5f:1b:fa:4a:c5:
                    61:a4:ae:cc:33:a7:99:5d:1f:2b:7e:42:8e:3c:9a:
                    39:66:1f:9a:03:ab:c0:62:9a:0d:af:ac:3a:79:0b:
                    0c:ae:ff:e3:8c:a0:ce:98:7c:2c:f8:b6:4a:4c:99:
                    e0:76:fc:fc:bb:c8:70:d9:50:ab:77:bb:19:f4:58:
                    6d:3f:05:4e:1a:c8:cf:e2:62:07:b2:48:39:96:51:
                    cd:42:cd:ab:8a:e6:bf:20:d7:ec:f1:9e:fe:58:3a:
                    1b:9e:f5:8c:cf:3c:a3:0e:59:8b:8c:64:35:06:3c:
                    56:a2:e9:f7:15:4f:72:35:a6:eb:38:cc:b2:8f:23:
                    ed:06:11:cf:ed:79:34:b5:96:8a:df:ae:94:87:94:
                    91:90:46:77:45:31:34:96:1b:79:64:4c:4e:03:b3:
                    a7:c1:13:e0:10:de:4f:ad:6f:a3:29:2b:c7:c1:41:
                    48:07:9a:90:75:b8:b8:d5:1a:a4:69:51:40:2b:9c:
                    60:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:A0:43:80:63:DD:4B:2C:0E:73:53:93:67:C4:A3:5B:86:9A:A8:E9
            X509v3 Authority Key Identifier:
                keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/SaBDgGPdSywOc1OTZ8SjW4aaqOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.231.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:64:e1:cf:e3:d6:be:b0:1b:3c:9b:e3:99:e5:98:f3:07:8b:
         1c:ca:12:f5:09:b6:3b:4f:28:a8:db:9b:1b:8d:6c:1f:b3:f4:
         33:c2:90:b8:8b:59:71:a6:95:cf:26:a2:42:6a:cd:a7:b2:b1:
         96:2b:94:c2:98:79:56:5b:4a:4b:b8:a0:f6:82:f4:b3:d3:26:
         fe:1d:e7:47:16:d6:c5:dc:3e:d4:a1:77:4b:ce:1e:23:b2:c7:
         5e:52:95:e4:d5:43:21:fe:66:c1:c8:fe:37:4e:82:3d:e3:d8:
         33:87:17:ba:84:e0:9d:55:0b:c2:0f:1c:1d:39:45:97:75:71:
         fa:3b:f6:a6:50:0f:c6:3b:ac:ba:99:04:25:6b:12:04:ab:99:
         aa:84:17:db:be:9c:3c:50:90:dd:38:3d:38:db:4c:4b:10:7f:
         a4:c8:b7:83:89:f3:8a:63:68:57:95:e5:5e:aa:68:77:e8:d0:
         5e:51:90:11:85:a3:5b:13:8a:14:42:a9:1b:32:a7:cb:8d:c5:
         1f:90:cc:57:8e:86:ef:aa:6e:e6:fb:eb:dc:57:4b:a0:cb:38:
         70:c1:12:c0:0a:c3:bd:38:cd:f2:01:e5:f2:c4:a0:63:3e:b5:
         21:c7:cf:17:f6:12:16:4b:db:12:68:9e:88:67:2e:20:01:22:
         9f:2d:71:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9YqTp/jZuEl4dd9T2CMlZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwNTA4MTQ0MzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWEwNDM4MDYzZGQ0YjJjMGU3MzUzOTM2N2M0YTM1Yjg2OWFhOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgTIu0ZVwfx/MvdmvQ11RfnNuwcS
xysEmixGQCUevT1DWvM0oPAa28FZgZARsAgfKBlSjNGYQMXjVNigcWtPWRSzLdIS
Xxv6SsVhpK7MM6eZXR8rfkKOPJo5Zh+aA6vAYpoNr6w6eQsMrv/jjKDOmHws+LZK
TJngdvz8u8hw2VCrd7sZ9FhtPwVOGsjP4mIHskg5llHNQs2riua/INfs8Z7+WDob
nvWMzzyjDlmLjGQ1BjxWoun3FU9yNabrOMyyjyPtBhHP7Xk0tZaK366Uh5SRkEZ3
RTE0lht5ZExOA7OnwRPgEN5PrW+jKSvHwUFIB5qQdbi41RqkaVFAK5xggwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmgQ4Bj3UssDnNTk2fEo1uGmqjpMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvU2FCRGdHUGRTeXdPYzFPVFo4U2pXNGFhcU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUOe8MA0G
CSqGSIb3DQEBCwUAA4IBAQCAZOHP49a+sBs8m+OZ5ZjzB4scyhL1CbY7Tyio25sb
jWwfs/QzwpC4i1lxppXPJqJCas2nsrGWK5TCmHlWW0pLuKD2gvSz0yb+HedHFtbF
3D7UoXdLzh4jssdeUpXk1UMh/mbByP43ToI949gzhxe6hOCdVQvCDxwdOUWXdXH6
O/amUA/GO6y6mQQlaxIEq5mqhBfbvpw8UJDdOD0420xLEH+kyLeDifOKY2hXleVe
qmh36NBeUZARhaNbE4oUQqkbMqfLjcUfkMxXjobvqm7m++vcV0ugyzhwwRLACsO9
OM3yAeXyxKBjPrUhx88X9hIWS9sSaJ6IZy4gASKfLXGR
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:31 2024 by rpki-client on console-fra.rpki-client.org