Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/DHtiwlaRfWkYJKXLfESHdKUe2dI.roa
File:                     DHtiwlaRfWkYJKXLfESHdKUe2dI.roa (raw, json)
Hash identifier:          kw7fpMCMETV/mfJ5n+xx1Si0YPTbPHbDY2anOeZ2Akk=
Subject key identifier:   0C:7B:62:C2:56:91:7D:69:18:24:A5:CB:7C:44:87:74:A5:1E:D9:D2
Certificate issuer:       /CN=1034068b5e9f7314277e2be9726c732131b1756c
Certificate serial:       018CC3B6E8460CF757BEB36C1B75D3501092
Authority key identifier: 10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/DHtiwlaRfWkYJKXLfESHdKUe2dI.roa
Signing time:             Mon 01 Jan 2024 06:29:53 +0000
ROA not before:           Mon 01 Jan 2024 06:29:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50010
IP address blocks:        62.231.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/EDQGi16fcxQnfivpcmxzITGxdWw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/EDQGi16fcxQnfivpcmxzITGxdWw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 20:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:e8:46:0c:f7:57:be:b3:6c:1b:75:d3:50:10:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1034068b5e9f7314277e2be9726c732131b1756c
        Validity
            Not Before: Jan  1 06:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0c7b62c256917d691824a5cb7c448774a51ed9d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:62:19:8d:18:45:d9:5b:6b:19:df:dd:dc:d4:
                    16:3c:d1:3f:98:23:e3:e3:92:62:5f:2a:ce:f1:db:
                    25:6d:f1:27:06:ba:72:63:6a:54:46:66:e3:43:52:
                    c0:a5:e7:6b:c7:68:da:b0:f1:e2:6f:5c:1a:1e:15:
                    9c:42:b4:db:53:26:ac:80:74:3f:98:1e:5e:81:fa:
                    cf:0f:8a:0a:16:8b:b5:9d:5c:18:e5:ee:51:eb:60:
                    44:d3:44:fa:cb:77:c1:59:50:70:d0:25:13:6f:1d:
                    59:b7:de:f5:b6:e9:66:9e:f9:06:f3:01:65:d3:3f:
                    bc:2a:7b:12:1d:f1:53:5c:ac:a6:dc:0e:14:ec:5a:
                    f1:de:f8:0d:bd:63:af:b8:00:01:dd:83:fb:69:81:
                    b4:41:24:dd:73:b2:65:9e:56:af:8e:83:11:96:bf:
                    eb:66:09:ca:8e:da:cc:20:4c:e8:11:ad:72:9b:77:
                    d7:b3:53:16:81:4f:cf:5c:f4:9e:86:ed:9d:41:f5:
                    e0:7b:4e:0a:9f:62:f2:d4:27:15:fe:c6:cc:5b:fc:
                    24:66:af:24:41:20:ad:bc:82:a2:11:b4:5f:86:cd:
                    10:3f:c0:6c:cc:2a:d2:52:49:33:7c:73:14:00:7e:
                    a7:bc:99:cf:05:f6:15:de:df:94:2b:72:3c:3d:ae:
                    18:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:7B:62:C2:56:91:7D:69:18:24:A5:CB:7C:44:87:74:A5:1E:D9:D2
            X509v3 Authority Key Identifier:
                keyid:10:34:06:8B:5E:9F:73:14:27:7E:2B:E9:72:6C:73:21:31:B1:75:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDQGi16fcxQnfivpcmxzITGxdWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/DHtiwlaRfWkYJKXLfESHdKUe2dI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a0450e-5634-458d-918f-103d93d251ab/1/EDQGi16fcxQnfivpcmxzITGxdWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.231.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:bc:6c:23:28:77:31:5b:8b:8d:b4:da:ab:1a:0e:35:10:bf:
         7b:08:99:55:9c:2a:bd:28:16:78:c6:79:e5:0e:0d:f2:39:ae:
         0a:2d:44:4f:5a:c5:b6:4a:ec:09:53:cb:11:f1:08:d5:fd:a5:
         8c:8c:79:4f:f5:45:97:52:56:92:45:8a:92:f1:79:78:68:32:
         d4:ce:dd:7e:1a:84:ad:2d:ad:90:6b:5b:f8:c4:0a:e2:f5:00:
         0c:23:48:ca:40:1c:09:ea:2b:06:6c:97:3b:6b:a4:53:1d:10:
         9e:fd:90:22:0a:ab:8b:07:26:d1:79:81:f8:06:9e:3a:e1:6d:
         12:17:3f:79:6a:dd:ae:c4:1e:60:59:04:08:46:43:de:c7:64:
         21:80:1d:48:3d:50:6c:a7:55:69:54:49:84:3d:c1:93:53:63:
         91:eb:07:41:f0:a1:be:17:b4:2b:fe:b6:c6:b4:f8:42:a4:de:
         67:40:f5:3e:4d:e3:67:94:6d:89:ba:dd:46:4b:fa:00:68:f2:
         b6:ee:eb:36:11:40:df:16:50:cd:cf:47:a6:cd:6f:4d:69:95:
         5a:47:e3:8f:59:74:14:0f:7c:8d:fd:e5:06:e2:eb:d3:a2:75:
         03:d9:d8:bd:a7:19:1e:be:6f:42:ea:7d:3e:59:79:5e:da:76:
         f6:32:2d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtuhGDPdXvrNsG3XTUBCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzQwNjhiNWU5ZjczMTQyNzdlMmJlOTcyNmM3MzIxMzFi
MTc1NmMwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdiNjJjMjU2OTE3ZDY5MTgyNGE1Y2I3YzQ0ODc3NGE1MWVkOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2IZjRhF2VtrGd/d3NQWPNE/mCPj
45JiXyrO8dslbfEnBrpyY2pURmbjQ1LApedrx2jasPHib1waHhWcQrTbUyasgHQ/
mB5egfrPD4oKFou1nVwY5e5R62BE00T6y3fBWVBw0CUTbx1Zt971tulmnvkG8wFl
0z+8KnsSHfFTXKym3A4U7Frx3vgNvWOvuAAB3YP7aYG0QSTdc7JlnlavjoMRlr/r
ZgnKjtrMIEzoEa1ym3fXs1MWgU/PXPSehu2dQfXge04Kn2Ly1CcV/sbMW/wkZq8k
QSCtvIKiEbRfhs0QP8BszCrSUkkzfHMUAH6nvJnPBfYV3t+UK3I8Pa4YewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAx7YsJWkX1pGCSly3xEh3SlHtnSMB8GA1UdIwQY
MBaAFBA0Boten3MUJ34r6XJscyExsXVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURRR2kxNmZjeFFuZml2cGNteHpJVEd4ZFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hMDQ1MGUtNTYzNC00NThkLTkxOGYt
MTAzZDkzZDI1MWFiLzEvREh0aXdsYVJmV2tZSktYTGZFU0hkS1VlMmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hMDQ1MGUtNTYzNC00NThkLTkxOGYtMTAzZDkzZDI1MWFi
LzEvRURRR2kxNmZjeFFuZml2cGNteHpJVEd4ZFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuf4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdvGwjKHcxW4uNtNqrGg41EL97CJlVnCq9KBZ4xnnl
Dg3yOa4KLURPWsW2SuwJU8sR8QjV/aWMjHlP9UWXUlaSRYqS8Xl4aDLUzt1+GoSt
La2Qa1v4xAri9QAMI0jKQBwJ6isGbJc7a6RTHRCe/ZAiCquLBybReYH4Bp464W0S
Fz95at2uxB5gWQQIRkPex2QhgB1IPVBsp1VpVEmEPcGTU2OR6wdB8KG+F7Qr/rbG
tPhCpN5nQPU+TeNnlG2Jut1GS/oAaPK27us2EUDfFlDNz0emzW9NaZVaR+OPWXQU
D3yN/eUG4uvTonUD2di9pxkevm9C6n0+WXle2nb2Mi1C
-----END CERTIFICATE-----
Generated at Sat Jun 15 00:08:49 2024 by rpki-client on console-ams.rpki-client.org