Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/SiXpjIo2VesKOWxWtMWjZrLYKZQ.roa
File:                     SiXpjIo2VesKOWxWtMWjZrLYKZQ.roa (raw, json)
Hash identifier:          Y2d8UTeWZHKRxrTT0BPhxyRTZF3lgiyn6v9NJEccs04=
Subject key identifier:   4A:25:E9:8C:8A:36:55:EB:0A:39:6C:56:B4:C5:A3:66:B2:D8:29:94
Certificate issuer:       /CN=b414b09beeab905ff41e6813256054b182294297
Certificate serial:       018CC8DEC7A17AE2C1DE8DD8B9B3EED0F21E
Authority key identifier: B4:14:B0:9B:EE:AB:90:5F:F4:1E:68:13:25:60:54:B1:82:29:42:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/SiXpjIo2VesKOWxWtMWjZrLYKZQ.roa
Signing time:             Tue 02 Jan 2024 06:31:32 +0000
ROA not before:           Tue 02 Jan 2024 06:31:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205198
IP address blocks:        185.225.48.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 09:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:c7:a1:7a:e2:c1:de:8d:d8:b9:b3:ee:d0:f2:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b414b09beeab905ff41e6813256054b182294297
        Validity
            Not Before: Jan  2 06:31:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a25e98c8a3655eb0a396c56b4c5a366b2d82994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c7:4d:ed:b4:ea:75:bb:2d:6f:ec:10:eb:41:
                    88:ae:59:81:40:02:bd:74:31:b1:6b:c7:82:78:85:
                    5c:1d:e0:50:96:58:74:a4:e7:7b:2a:d3:88:3f:75:
                    f1:3c:c3:a3:06:67:76:de:62:3f:e0:0a:d0:47:ee:
                    65:26:43:dd:c1:18:f0:54:5f:f4:4f:b6:6b:06:b0:
                    18:fb:a2:76:be:d8:65:66:c4:08:71:cf:76:6e:31:
                    53:3a:0c:d6:31:7e:2e:a7:00:cb:0a:01:3d:3b:d5:
                    0c:ef:78:52:05:1c:38:6b:1b:02:bc:d1:d8:21:5a:
                    cb:6a:2c:a9:54:bf:3f:01:f3:11:fb:13:7c:34:06:
                    26:32:e8:c6:f4:25:9e:8b:1f:27:9c:bc:3b:b9:f9:
                    32:18:67:9e:85:ec:0d:ae:d1:49:34:e8:b5:f5:5b:
                    f0:46:54:48:c7:32:b3:63:33:39:06:5a:3a:ed:c9:
                    e9:cd:48:6f:91:a0:b1:5d:b9:39:23:21:1c:6e:d5:
                    9b:96:59:c4:5d:2e:43:b9:c5:2e:7e:a6:e0:10:52:
                    8a:a7:bc:ea:68:4e:0a:dd:f8:87:f9:7f:59:64:af:
                    44:99:1e:d6:02:a0:6d:45:41:02:bb:90:1e:71:ae:
                    2a:55:8a:b7:70:79:2e:28:02:17:c1:9f:ad:47:9f:
                    d7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:25:E9:8C:8A:36:55:EB:0A:39:6C:56:B4:C5:A3:66:B2:D8:29:94
            X509v3 Authority Key Identifier:
                keyid:B4:14:B0:9B:EE:AB:90:5F:F4:1E:68:13:25:60:54:B1:82:29:42:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tBSwm-6rkF_0HmgTJWBUsYIpQpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/SiXpjIo2VesKOWxWtMWjZrLYKZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/800eb6-868b-4a30-b402-4bce424723d9/1/tBSwm-6rkF_0HmgTJWBUsYIpQpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:fb:fe:5d:86:a0:c0:a8:ba:ea:b9:62:73:8d:c4:81:5b:a6:
         36:bd:b5:fc:b0:9a:ff:ce:c2:1d:c5:25:e5:50:e7:83:e5:55:
         8a:f0:b4:30:3f:03:b1:ec:84:b5:9f:7c:13:4d:78:ea:cd:7a:
         eb:59:47:82:29:ec:a9:3d:4b:ff:48:13:a6:57:94:5f:dd:78:
         44:14:ff:f9:7a:01:6d:07:89:bd:4a:b8:07:aa:48:5e:1b:1c:
         7a:84:0f:86:cb:db:b4:2f:38:ec:9c:2e:a8:3c:db:2a:ca:61:
         ad:82:3a:c0:7c:a4:18:e4:cc:7d:fd:95:62:66:d7:31:95:83:
         55:60:9f:58:a6:53:3e:0e:e6:5a:dc:b0:a5:6d:12:ef:46:38:
         25:7a:32:fe:da:32:cf:bb:3e:29:06:50:90:2a:ae:58:7c:24:
         1e:be:8a:91:3e:29:65:8e:f9:53:f0:b9:a9:cd:8b:31:fa:45:
         65:95:5e:80:76:66:3a:13:f2:9e:be:d4:38:ce:68:5c:6f:ad:
         f4:5e:e0:68:c3:6b:ec:16:97:71:df:38:bf:96:c7:e1:5e:b8:
         96:e6:a1:f4:a9:89:5a:70:87:16:81:dc:2e:02:3d:f9:07:90:
         95:ef:5a:d3:e9:39:17:5f:39:c0:38:43:4c:9d:ef:36:26:50:
         ab:d4:8a:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3seheuLB3o3YubPu0PIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MTRiMDliZWVhYjkwNWZmNDFlNjgxMzI1NjA1NGIxODIy
OTQyOTcwHhcNMjQwMTAyMDYzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTI1ZTk4YzhhMzY1NWViMGEzOTZjNTZiNGM1YTM2NmIyZDgyOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcdN7bTqdbstb+wQ60GIrlmBQAK9
dDGxa8eCeIVcHeBQllh0pOd7KtOIP3XxPMOjBmd23mI/4ArQR+5lJkPdwRjwVF/0
T7ZrBrAY+6J2vthlZsQIcc92bjFTOgzWMX4upwDLCgE9O9UM73hSBRw4axsCvNHY
IVrLaiypVL8/AfMR+xN8NAYmMujG9CWeix8nnLw7ufkyGGeehewNrtFJNOi19Vvw
RlRIxzKzYzM5Blo67cnpzUhvkaCxXbk5IyEcbtWbllnEXS5DucUufqbgEFKKp7zq
aE4K3fiH+X9ZZK9EmR7WAqBtRUECu5Aeca4qVYq3cHkuKAIXwZ+tR5/XGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEol6YyKNlXrCjlsVrTFo2ay2CmUMB8GA1UdIwQY
MBaAFLQUsJvuq5Bf9B5oEyVgVLGCKUKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEJTd20tNnJrRl8wSG1nVEpXQlVzWUlwUXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84MDBlYjYtODY4Yi00YTMwLWI0MDIt
NGJjZTQyNDcyM2Q5LzEvU2lYcGpJbzJWZXNLT1d4V3RNV2packxZS1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84MDBlYjYtODY4Yi00YTMwLWI0MDItNGJjZTQyNDcyM2Q5
LzEvdEJTd20tNnJrRl8wSG1nVEpXQlVzWUlwUXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueEwMA0G
CSqGSIb3DQEBCwUAA4IBAQC6+/5dhqDAqLrquWJzjcSBW6Y2vbX8sJr/zsIdxSXl
UOeD5VWK8LQwPwOx7IS1n3wTTXjqzXrrWUeCKeypPUv/SBOmV5Rf3XhEFP/5egFt
B4m9SrgHqkheGxx6hA+Gy9u0LzjsnC6oPNsqymGtgjrAfKQY5Mx9/ZViZtcxlYNV
YJ9YplM+DuZa3LClbRLvRjglejL+2jLPuz4pBlCQKq5YfCQevoqRPilljvlT8Lmp
zYsx+kVllV6AdmY6E/KevtQ4zmhcb630XuBow2vsFpdx3zi/lsfhXriW5qH0qYla
cIcWgdwuAj35B5CV71rT6TkXXznAOENMne82JlCr1IrQ
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:46:14 2024 by rpki-client on console-fra.rpki-client.org