Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/lYadjUOYMwRGdPlV3sHujkKfWWw.roa
File:                     lYadjUOYMwRGdPlV3sHujkKfWWw.roa (raw, json)
Hash identifier:          B8fo5tEkmTm2IfsjDltGWF1+Hv08zWMk/w+QIbaaqHo=
Subject key identifier:   95:86:9D:8D:43:98:33:04:46:74:F9:55:DE:C1:EE:8E:42:9F:59:6C
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       018CC794454066B23274E4825D6A8C96ECD0
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/lYadjUOYMwRGdPlV3sHujkKfWWw.roa
Signing time:             Tue 02 Jan 2024 00:30:32 +0000
ROA not before:           Tue 02 Jan 2024 00:30:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34074
IP address blocks:        77.77.152.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:45:40:66:b2:32:74:e4:82:5d:6a:8c:96:ec:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Jan  2 00:30:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=95869d8d439833044674f955dec1ee8e429f596c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:27:a3:e1:2b:27:ee:58:75:31:f2:e5:91:93:
                    ac:67:24:d7:4e:63:68:bb:37:c2:33:d9:03:78:c3:
                    81:66:f2:e9:1f:e6:88:fe:fb:22:fa:f7:3f:bc:e3:
                    27:66:b8:71:79:21:ee:f8:ba:80:5f:cf:74:a6:54:
                    a7:25:42:a6:6b:64:0e:8f:f5:1e:0c:8d:21:35:87:
                    ab:53:6a:90:33:3f:70:76:aa:b1:3c:53:6f:16:26:
                    bf:10:53:f6:48:74:f2:bf:96:1b:67:bd:4e:e7:d2:
                    f3:a2:35:ae:ab:b4:90:6a:ad:9c:2c:d7:b6:aa:a6:
                    45:7a:76:ce:56:76:3d:84:eb:7e:27:07:fb:ce:8b:
                    9d:41:a4:21:dd:67:13:7e:06:b3:3b:af:4c:5b:02:
                    6a:9c:e9:ee:1a:75:29:3c:7c:82:66:b2:e6:5b:f9:
                    2e:4b:a6:5a:cd:24:a2:18:a7:3d:95:d8:04:9f:ab:
                    0d:53:b2:a4:45:73:b2:df:27:78:0a:8f:fe:11:e5:
                    d5:7c:4a:4e:eb:b2:53:40:e7:e9:a6:b4:77:b4:44:
                    8e:81:2d:7a:ce:23:58:6c:36:ed:f9:72:ae:b3:12:
                    0f:29:16:0f:1e:87:46:8c:a7:36:0a:f3:b4:09:8c:
                    95:3b:44:69:91:a3:e2:e4:dc:e4:1a:09:d7:39:11:
                    6b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:86:9D:8D:43:98:33:04:46:74:F9:55:DE:C1:EE:8E:42:9F:59:6C
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/lYadjUOYMwRGdPlV3sHujkKfWWw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.77.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:66:08:0d:c8:9a:12:33:e5:a1:e2:26:02:7a:2e:25:be:60:
         d3:b3:d3:f1:75:66:7c:05:9d:8e:37:d6:f6:33:7a:4c:e9:d8:
         72:67:9c:72:0a:be:3e:7c:46:67:80:47:f1:1f:74:5d:d2:5f:
         6a:fb:6b:3f:30:e1:76:12:ca:6c:6f:d7:d2:33:25:85:cd:18:
         cc:4d:32:7a:20:7f:f8:42:f1:82:fd:12:50:32:73:6c:1c:67:
         09:c2:e4:8c:03:2b:fd:2b:88:8c:bf:75:da:72:cd:c0:3d:a9:
         3a:17:87:39:39:3a:fc:9d:a8:5e:ce:e6:91:55:12:eb:ba:c4:
         bd:37:18:cc:30:03:8b:b2:07:3a:d0:c1:6d:32:cd:aa:79:58:
         19:fe:a5:d7:00:f6:98:e2:f5:d9:49:b2:0f:08:db:7e:9d:00:
         7a:7c:c9:16:a8:6a:d4:05:b3:c2:a7:5c:79:81:a1:e9:4b:68:
         00:1a:12:1b:de:62:f3:35:f3:40:4a:f1:ef:21:24:70:46:72:
         4d:c0:9e:56:2f:cb:73:2b:fa:0d:f2:0e:7f:5b:07:52:32:23:
         d7:e8:5d:06:51:12:ff:db:a2:61:bd:6d:88:dc:46:bc:d6:95:
         30:6a:b0:31:8e:31:a4:60:74:00:86:94:97:c2:3b:ff:2a:af:
         05:63:3f:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlEVAZrIydOSCXWqMluzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg2OWQ4ZDQzOTgzMzA0NDY3NGY5NTVkZWMxZWU4ZTQyOWY1OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSej4Ssn7lh1MfLlkZOsZyTXTmNo
uzfCM9kDeMOBZvLpH+aI/vsi+vc/vOMnZrhxeSHu+LqAX890plSnJUKma2QOj/Ue
DI0hNYerU2qQMz9wdqqxPFNvFia/EFP2SHTyv5YbZ71O59LzojWuq7SQaq2cLNe2
qqZFenbOVnY9hOt+Jwf7zoudQaQh3WcTfgazO69MWwJqnOnuGnUpPHyCZrLmW/ku
S6ZazSSiGKc9ldgEn6sNU7KkRXOy3yd4Co/+EeXVfEpO67JTQOfpprR3tESOgS16
ziNYbDbt+XKusxIPKRYPHodGjKc2CvO0CYyVO0RpkaPi5NzkGgnXORFr/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWGnY1DmDMERnT5Vd7B7o5Cn1lsMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvbFlhZGpVT1lNd1JHZFBsVjNzSHVqa0tmV1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATU2YMA0G
CSqGSIb3DQEBCwUAA4IBAQA8ZggNyJoSM+Wh4iYCei4lvmDTs9PxdWZ8BZ2ON9b2
M3pM6dhyZ5xyCr4+fEZngEfxH3Rd0l9q+2s/MOF2Espsb9fSMyWFzRjMTTJ6IH/4
QvGC/RJQMnNsHGcJwuSMAyv9K4iMv3Xacs3APak6F4c5OTr8nahezuaRVRLrusS9
NxjMMAOLsgc60MFtMs2qeVgZ/qXXAPaY4vXZSbIPCNt+nQB6fMkWqGrUBbPCp1x5
gaHpS2gAGhIb3mLzNfNASvHvISRwRnJNwJ5WL8tzK/oN8g5/WwdSMiPX6F0GURL/
26JhvW2I3Ea81pUwarAxjjGkYHQAhpSXwjv/Kq8FYz9n
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:50:04 2024 by rpki-client on console-fra.rpki-client.org