Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/uAG1KqArQ88wPYJGqlEeMcsbkyo.roa
File:                     uAG1KqArQ88wPYJGqlEeMcsbkyo.roa (raw, json)
Hash identifier:          EorcWNZQraqHx+dvy471RgacStOnP1L+enA0/OrxPLw=
Subject key identifier:   B8:01:B5:2A:A0:2B:43:CF:30:3D:82:46:AA:51:1E:31:CB:1B:93:2A
Certificate issuer:       /CN=2031ebba943fad1c5487540e0105e19c232cf79c
Certificate serial:       018CC8DF15CF29BE240CA293485F242BB8C0
Authority key identifier: 20:31:EB:BA:94:3F:AD:1C:54:87:54:0E:01:05:E1:9C:23:2C:F7:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IDHrupQ_rRxUh1QOAQXhnCMs95w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/uAG1KqArQ88wPYJGqlEeMcsbkyo.roa
Signing time:             Tue 02 Jan 2024 06:31:52 +0000
ROA not before:           Tue 02 Jan 2024 06:31:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205300
IP address blocks:        176.98.244.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/IDHrupQ_rRxUh1QOAQXhnCMs95w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/IDHrupQ_rRxUh1QOAQXhnCMs95w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IDHrupQ_rRxUh1QOAQXhnCMs95w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:15:cf:29:be:24:0c:a2:93:48:5f:24:2b:b8:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2031ebba943fad1c5487540e0105e19c232cf79c
        Validity
            Not Before: Jan  2 06:31:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b801b52aa02b43cf303d8246aa511e31cb1b932a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:b5:4c:29:89:05:83:94:42:76:ed:b7:aa:70:
                    af:de:22:8f:c9:5d:87:3f:04:a3:1f:1c:a8:29:95:
                    85:95:65:fd:85:90:7b:c3:f2:4b:94:4a:1d:5c:c6:
                    11:e1:43:3a:21:56:ed:dc:16:67:e0:ff:66:9f:04:
                    b0:23:ac:a2:fa:fb:66:a7:52:e8:d1:fe:da:c5:a5:
                    19:09:43:49:c1:ac:5a:3f:77:e5:c7:16:cc:5b:e3:
                    74:2f:db:c2:2b:1c:a5:21:51:f7:eb:c3:59:93:96:
                    59:d1:96:2d:28:1b:62:f3:8f:4d:42:16:ca:63:51:
                    dc:b5:91:78:5a:06:1f:ba:b7:15:67:b7:0e:41:11:
                    af:f6:8b:57:2c:5a:97:e3:83:79:5f:14:39:b9:8f:
                    1d:c7:69:64:f6:20:21:51:c8:3c:d1:78:91:02:6b:
                    18:3f:d7:7f:25:b2:5b:f6:31:d0:e3:9b:aa:e1:e1:
                    08:7a:3c:c8:cf:4b:84:7d:31:20:e8:fe:ea:18:3f:
                    28:95:d1:19:12:7d:4c:0b:1e:c5:b8:15:4e:1f:e7:
                    a7:a0:16:1e:ad:e8:55:96:fc:5f:15:ba:b5:cc:ac:
                    8a:b7:cd:13:f6:9e:5f:31:87:76:63:2c:4f:94:c5:
                    fa:c9:e0:98:41:61:08:52:57:59:52:f5:ec:41:31:
                    67:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:01:B5:2A:A0:2B:43:CF:30:3D:82:46:AA:51:1E:31:CB:1B:93:2A
            X509v3 Authority Key Identifier:
                keyid:20:31:EB:BA:94:3F:AD:1C:54:87:54:0E:01:05:E1:9C:23:2C:F7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDHrupQ_rRxUh1QOAQXhnCMs95w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/uAG1KqArQ88wPYJGqlEeMcsbkyo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/ce981a-a05b-4527-80af-693454237ee9/1/IDHrupQ_rRxUh1QOAQXhnCMs95w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.98.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:0c:82:84:41:65:da:52:59:ec:5d:7a:22:d5:01:18:fa:8b:
         f2:bc:79:de:a9:79:96:5e:f4:df:c8:13:c7:ae:dd:6d:ff:73:
         b5:80:50:1f:9f:04:30:7c:3c:87:fc:70:78:81:83:95:0b:95:
         7e:24:25:6a:d9:0c:46:2a:83:a4:64:c4:bf:03:79:ff:35:a0:
         2d:38:e0:df:f0:58:3a:27:c1:aa:03:cd:d6:5d:58:29:80:b6:
         44:56:62:fd:49:4c:63:e9:ef:3f:b3:0f:00:56:0c:f1:f1:99:
         25:c7:68:94:f9:c3:a5:b0:50:13:3a:50:87:41:79:52:9f:95:
         59:90:0c:68:5f:3b:19:9c:b1:2d:2b:c5:39:89:05:ad:b4:4f:
         5a:8d:bc:34:8a:05:64:0d:bb:5b:30:05:f7:8d:0f:d3:12:0c:
         97:a3:9d:4f:2b:81:1e:01:4c:31:7e:16:e3:ce:e6:fd:ec:66:
         1a:4c:21:ee:fe:98:77:e3:1c:99:0a:47:4a:2b:51:04:88:c1:
         86:11:1d:88:90:9c:02:52:2b:28:68:4a:f3:cb:00:ca:e1:f3:
         f9:9b:58:a0:6c:77:13:97:b5:f2:96:ea:7b:df:95:67:57:ae:
         c5:14:d2:1b:34:74:39:60:d3:69:3a:f1:d0:70:83:35:64:71:
         7b:6b:62:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3xXPKb4kDKKTSF8kK7jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzFlYmJhOTQzZmFkMWM1NDg3NTQwZTAxMDVlMTljMjMy
Y2Y3OWMwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODAxYjUyYWEwMmI0M2NmMzAzZDgyNDZhYTUxMWUzMWNiMWI5MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bVMKYkFg5RCdu23qnCv3iKPyV2H
PwSjHxyoKZWFlWX9hZB7w/JLlEodXMYR4UM6IVbt3BZn4P9mnwSwI6yi+vtmp1Lo
0f7axaUZCUNJwaxaP3flxxbMW+N0L9vCKxylIVH368NZk5ZZ0ZYtKBti849NQhbK
Y1HctZF4WgYfurcVZ7cOQRGv9otXLFqX44N5XxQ5uY8dx2lk9iAhUcg80XiRAmsY
P9d/JbJb9jHQ45uq4eEIejzIz0uEfTEg6P7qGD8oldEZEn1MCx7FuBVOH+enoBYe
rehVlvxfFbq1zKyKt80T9p5fMYd2YyxPlMX6yeCYQWEIUldZUvXsQTFneQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgBtSqgK0PPMD2CRqpRHjHLG5MqMB8GA1UdIwQY
MBaAFCAx67qUP60cVIdUDgEF4ZwjLPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURIcnVwUV9yUnhVaDFRT0FRWGhuQ01zOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZTk4MWEtYTA1Yi00NTI3LTgwYWYt
NjkzNDU0MjM3ZWU5LzEvdUFHMUtxQXJRODh3UFlKR3FsRWVNY3Nia3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZTk4MWEtYTA1Yi00NTI3LTgwYWYtNjkzNDU0MjM3ZWU5
LzEvSURIcnVwUV9yUnhVaDFRT0FRWGhuQ01zOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGL0MA0G
CSqGSIb3DQEBCwUAA4IBAQBuDIKEQWXaUlnsXXoi1QEY+ovyvHneqXmWXvTfyBPH
rt1t/3O1gFAfnwQwfDyH/HB4gYOVC5V+JCVq2QxGKoOkZMS/A3n/NaAtOODf8Fg6
J8GqA83WXVgpgLZEVmL9SUxj6e8/sw8AVgzx8Zklx2iU+cOlsFATOlCHQXlSn5VZ
kAxoXzsZnLEtK8U5iQWttE9ajbw0igVkDbtbMAX3jQ/TEgyXo51PK4EeAUwxfhbj
zub97GYaTCHu/ph34xyZCkdKK1EEiMGGER2IkJwCUisoaErzywDK4fP5m1igbHcT
l7Xylup735VnV67FFNIbNHQ5YNNpOvHQcIM1ZHF7a2Jl
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:53:30 2024 by rpki-client on console-fra.rpki-client.org