Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/eqxZ3Hyfi68EwFWKpPnO9sSwDmk.roa
File:                     eqxZ3Hyfi68EwFWKpPnO9sSwDmk.roa (raw, json)
Hash identifier:          SDwT2Oz8ijMx5mx1iFgQaxHn+K6wyackApseOXENJGI=
Subject key identifier:   7A:AC:59:DC:7C:9F:8B:AF:04:C0:55:8A:A4:F9:CE:F6:C4:B0:0E:69
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       018CC80178FAAA44589B178BA8C246D15D19
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/eqxZ3Hyfi68EwFWKpPnO9sSwDmk.roa
Signing time:             Tue 02 Jan 2024 02:29:48 +0000
ROA not before:           Tue 02 Jan 2024 02:29:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211851
IP address blocks:        45.154.99.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:78:fa:aa:44:58:9b:17:8b:a8:c2:46:d1:5d:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jan  2 02:29:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7aac59dc7c9f8baf04c0558aa4f9cef6c4b00e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:2c:00:c4:93:9b:25:53:4b:d8:9c:61:4e:67:
                    4f:4a:99:f2:76:14:bb:dc:51:4b:30:ed:03:a4:f6:
                    b8:da:26:0b:e5:70:14:f6:04:ee:9a:77:08:54:37:
                    a1:ce:2f:35:3f:37:10:17:88:8f:dc:90:bb:74:4b:
                    4c:80:1b:7a:e1:17:a0:e0:c8:93:50:0b:02:e7:db:
                    76:29:2a:88:95:f0:4f:6d:2b:40:10:27:5d:35:1a:
                    cf:17:81:8d:00:71:cc:e0:f5:d4:8b:62:c0:ef:72:
                    9e:f7:57:a8:d9:d1:09:d9:2c:e1:42:a9:79:3c:59:
                    36:04:d1:33:a4:70:09:38:d4:b0:f3:33:fd:ef:69:
                    8c:93:f6:bf:a4:c8:1f:27:48:2c:03:26:ed:00:07:
                    e9:f2:b7:6e:c3:54:aa:df:6b:79:b3:a7:fa:a9:60:
                    ed:73:25:2a:9c:15:54:86:e8:a4:ca:bb:87:da:93:
                    08:4f:10:e4:e2:c3:0f:bc:fe:e8:b5:b6:a6:d0:83:
                    b6:41:3f:dd:74:ca:35:ce:a1:8b:22:f9:e8:10:bc:
                    2e:2a:69:fa:92:37:a6:27:e0:dd:f5:25:89:c2:fa:
                    02:d8:47:06:ab:3d:14:c6:94:56:ba:4a:46:84:e1:
                    cb:39:a7:58:22:93:a0:70:04:e9:01:be:10:85:eb:
                    33:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:AC:59:DC:7C:9F:8B:AF:04:C0:55:8A:A4:F9:CE:F6:C4:B0:0E:69
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/eqxZ3Hyfi68EwFWKpPnO9sSwDmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:2a:a2:4c:f4:b4:5d:57:d5:12:db:82:d2:14:bc:a1:00:1a:
         44:72:85:79:45:5c:17:85:ca:e3:aa:7a:e8:e7:3f:1a:d9:e4:
         f4:73:51:3b:52:b7:71:3d:29:84:f0:5b:46:0f:35:2a:b5:28:
         3b:e9:df:e0:6b:21:93:c2:34:cd:2a:d1:7f:51:75:00:3f:ff:
         fa:39:77:c3:36:bf:95:bb:33:2c:9f:e0:b2:2e:46:c8:d7:b9:
         5e:2d:d2:ed:7e:16:01:da:99:a5:c6:47:0a:b8:dc:3f:6b:8f:
         2a:7c:88:ea:8e:37:c5:64:5c:66:ed:ff:c7:cf:82:49:4c:dd:
         b3:cd:2b:0b:0f:d7:2c:cb:50:a6:54:14:61:8b:e3:43:42:fc:
         1b:ce:9e:9c:f0:ac:e5:e6:2a:21:71:cf:0d:94:8d:3e:57:0c:
         8f:c7:42:5d:83:dc:71:0b:f6:1a:f7:93:8a:51:31:2f:85:9a:
         9a:69:ce:37:d2:3a:a3:3c:25:0c:27:88:6c:92:9c:3c:52:83:
         ff:38:18:cd:e8:fc:4e:ef:62:22:5c:e3:4d:85:63:b9:0a:5c:
         77:ce:8a:1c:26:0f:b7:2e:db:6d:47:a4:17:5e:21:9e:a1:48:
         5f:c4:60:b9:88:0d:40:98:fe:59:64:a0:f7:6b:d3:18:c0:2f:
         8c:c4:7a:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXj6qkRYmxeLqMJG0V0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWFjNTlkYzdjOWY4YmFmMDRjMDU1OGFhNGY5Y2VmNmM0YjAwZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnywAxJObJVNL2JxhTmdPSpnydhS7
3FFLMO0DpPa42iYL5XAU9gTumncIVDehzi81PzcQF4iP3JC7dEtMgBt64Reg4MiT
UAsC59t2KSqIlfBPbStAECddNRrPF4GNAHHM4PXUi2LA73Ke91eo2dEJ2SzhQql5
PFk2BNEzpHAJONSw8zP972mMk/a/pMgfJ0gsAybtAAfp8rduw1Sq32t5s6f6qWDt
cyUqnBVUhuikyruH2pMITxDk4sMPvP7otbam0IO2QT/ddMo1zqGLIvnoELwuKmn6
kjemJ+Dd9SWJwvoC2EcGqz0UxpRWukpGhOHLOadYIpOgcATpAb4QheszwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqsWdx8n4uvBMBViqT5zvbEsA5pMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZXF4WjNIeWZpNjhFd0ZXS3BQbk85c1N3RG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZpjMA0G
CSqGSIb3DQEBCwUAA4IBAQBsKqJM9LRdV9US24LSFLyhABpEcoV5RVwXhcrjqnro
5z8a2eT0c1E7UrdxPSmE8FtGDzUqtSg76d/gayGTwjTNKtF/UXUAP//6OXfDNr+V
uzMsn+CyLkbI17leLdLtfhYB2pmlxkcKuNw/a48qfIjqjjfFZFxm7f/Hz4JJTN2z
zSsLD9csy1CmVBRhi+NDQvwbzp6c8Kzl5iohcc8NlI0+VwyPx0Jdg9xxC/Ya95OK
UTEvhZqaac430jqjPCUMJ4hskpw8UoP/OBjN6PxO72IiXONNhWO5Clx3zoocJg+3
LtttR6QXXiGeoUhfxGC5iA1AmP5ZZKD3a9MYwC+MxHpC
-----END CERTIFICATE-----
Generated at Sat May 4 09:03:10 2024 by rpki-client on console-ams.rpki-client.org