Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa
File:                     zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa (raw, json)
Hash identifier:          Z2kNJaPF7q/KHJfI43DKxnwQ3k1HOa+Gh41OHp2F+XA=
Subject key identifier:   CC:01:10:7A:26:20:D4:70:68:2A:8C:B6:1E:49:F5:9F:24:39:E8:54
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       018CC64ADEBCE673349E7A08A7EAA523A718
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa
Signing time:             Mon 01 Jan 2024 18:30:44 +0000
ROA not before:           Mon 01 Jan 2024 18:30:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     266820
IP address blocks:        149.154.184.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 13 May 2024 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:de:bc:e6:73:34:9e:7a:08:a7:ea:a5:23:a7:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Jan  1 18:30:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc01107a2620d470682a8cb61e49f59f2439e854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ae:97:02:bb:9f:40:2c:5a:8d:20:20:b4:ba:
                    0b:fd:33:4b:c3:ad:4d:99:97:ce:42:94:5f:df:e4:
                    be:55:94:16:d9:cb:af:82:32:2c:a0:9b:37:11:38:
                    b5:fb:19:5d:e9:e1:33:34:4f:65:a3:ac:0f:64:f8:
                    e9:d0:9d:bc:97:e3:ed:3b:32:db:85:53:ce:1b:42:
                    57:e0:83:cd:7e:aa:20:0f:0b:10:7b:25:97:d2:75:
                    d9:c0:5b:64:a9:f0:33:d5:a3:64:25:1c:f6:93:d1:
                    82:37:f6:aa:5a:9c:94:44:70:86:a2:7e:cb:4a:31:
                    86:40:dc:ac:a0:13:e1:df:81:b0:76:57:c6:b9:a9:
                    ed:2c:78:6a:ed:48:4a:10:9d:0d:85:f2:59:f7:c9:
                    87:9d:1e:68:c8:10:de:34:79:88:4b:bd:5f:e3:0a:
                    bc:46:65:c3:6e:f3:c0:42:3a:0e:a5:64:83:1d:2c:
                    29:12:0e:d1:b1:81:e1:24:e2:6d:69:b9:91:b2:b1:
                    1c:ed:7c:f1:06:37:bd:4d:3c:b3:a1:0a:5e:76:58:
                    7d:5d:3c:b3:b8:82:c2:d1:7f:fa:04:4e:4c:70:76:
                    10:5a:d0:9a:3c:48:cb:99:c1:7d:13:18:a7:c1:96:
                    5a:d1:d0:3b:cd:f5:f8:50:02:bb:49:d0:31:52:99:
                    33:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:01:10:7A:26:20:D4:70:68:2A:8C:B6:1E:49:F5:9F:24:39:E8:54
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zAEQeiYg1HBoKoy2Hkn1nyQ56FQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.154.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:e7:5e:4b:43:e9:24:da:6d:20:2c:7d:bc:19:e0:ec:94:70:
         ce:bc:ba:72:09:19:f7:49:c8:3a:cf:48:8a:d6:dd:68:98:72:
         82:d1:e9:65:28:2d:50:67:87:8b:4f:14:a5:80:4e:34:f4:f3:
         8b:a7:2c:c4:29:67:b2:c8:56:0e:b9:a5:bd:15:65:19:96:8e:
         d2:8d:40:77:5a:73:f5:20:b2:cc:d2:d4:fe:c0:49:db:60:87:
         c0:5f:ec:41:a7:31:70:82:38:3f:99:5c:60:df:b6:25:9d:08:
         a8:08:88:7c:4e:17:16:21:bb:8a:79:92:96:c6:28:30:62:b5:
         01:1b:40:00:3d:55:ad:18:aa:e6:e6:0d:74:22:f4:c0:40:b1:
         c8:d9:5d:0c:1a:fa:dc:33:5b:4a:11:b3:59:d2:01:12:cf:ef:
         68:1e:c4:d6:7a:08:67:ef:61:2d:25:9f:aa:b3:d0:93:71:9f:
         3c:35:ab:15:9d:48:a9:d6:a7:4d:b0:50:10:b7:86:9a:3a:75:
         2b:bb:1b:50:35:c5:dd:13:98:be:f7:49:da:28:f7:1a:58:4c:
         00:57:61:88:3e:36:48:26:bf:a2:df:74:99:22:20:d5:4a:af:
         88:de:e9:08:0b:9c:46:5b:e5:a9:77:6d:82:61:52:32:64:fe:
         23:c5:03:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSt685nM0nnoIp+qlI6cYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzAxMTA3YTI2MjBkNDcwNjgyYThjYjYxZTQ5ZjU5ZjI0MzllODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK6XArufQCxajSAgtLoL/TNLw61N
mZfOQpRf3+S+VZQW2cuvgjIsoJs3ETi1+xld6eEzNE9lo6wPZPjp0J28l+PtOzLb
hVPOG0JX4IPNfqogDwsQeyWX0nXZwFtkqfAz1aNkJRz2k9GCN/aqWpyURHCGon7L
SjGGQNysoBPh34GwdlfGuantLHhq7UhKEJ0NhfJZ98mHnR5oyBDeNHmIS71f4wq8
RmXDbvPAQjoOpWSDHSwpEg7RsYHhJOJtabmRsrEc7XzxBje9TTyzoQpedlh9XTyz
uILC0X/6BE5McHYQWtCaPEjLmcF9ExinwZZa0dA7zfX4UAK7SdAxUpkzMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwBEHomINRwaCqMth5J9Z8kOehUMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvekFFUWVpWWcxSEJvS295MkhrbjFueVE1NkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClZq4MA0G
CSqGSIb3DQEBCwUAA4IBAQAD515LQ+kk2m0gLH28GeDslHDOvLpyCRn3Scg6z0iK
1t1omHKC0ellKC1QZ4eLTxSlgE409POLpyzEKWeyyFYOuaW9FWUZlo7SjUB3WnP1
ILLM0tT+wEnbYIfAX+xBpzFwgjg/mVxg37YlnQioCIh8ThcWIbuKeZKWxigwYrUB
G0AAPVWtGKrm5g10IvTAQLHI2V0MGvrcM1tKEbNZ0gESz+9oHsTWeghn72EtJZ+q
s9CTcZ88NasVnUip1qdNsFAQt4aaOnUruxtQNcXdE5i+90naKPcaWEwAV2GIPjZI
Jr+i33SZIiDVSq+I3ukIC5xGW+Wpd22CYVIyZP4jxQM4
-----END CERTIFICATE-----
Generated at Sun May 12 15:19:44 2024 by rpki-client on console-fra.rpki-client.org