Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PL-F8bdilJBjl5aJl1eZQCY4zy8.roa
File:                     PL-F8bdilJBjl5aJl1eZQCY4zy8.roa (raw, json)
Hash identifier:          zmYBUEj0eNXy0LNnVDasHae3+pwVSaQlmMuQjRwCnQQ=
Subject key identifier:   3C:BF:85:F1:B7:62:94:90:63:97:96:89:97:57:99:40:26:38:CF:2F
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018FDF3FBF74D4EF63ABD634970B333E4C67
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PL-F8bdilJBjl5aJl1eZQCY4zy8.roa
Signing time:             Mon 03 Jun 2024 17:57:27 +0000
ROA not before:           Mon 03 Jun 2024 17:57:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206728
IP address blocks:        92.119.194.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:df:3f:bf:74:d4:ef:63:ab:d6:34:97:0b:33:3e:4c:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Jun  3 17:57:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3cbf85f1b762949063979689975799402638cf2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1b:29:0d:ba:79:0f:17:78:4b:41:64:a4:2f:
                    d5:b4:b6:26:99:2c:ff:21:90:ad:b5:30:ea:9c:9b:
                    19:69:62:58:eb:d2:6a:18:9c:92:74:eb:aa:32:43:
                    3e:2e:6e:a1:4c:14:ac:e7:64:ea:ed:1f:b0:32:d6:
                    c2:a4:97:7d:4f:9e:6d:db:dd:93:6f:3a:91:b7:7f:
                    01:6e:38:38:86:3a:38:12:59:a4:32:7a:60:3a:49:
                    19:00:81:3b:c8:cd:e2:ac:06:96:85:19:db:84:65:
                    4b:af:13:39:3f:8c:8f:c2:ac:5f:84:74:e5:90:93:
                    38:db:7f:c2:67:f4:12:7e:c8:99:56:6e:39:57:52:
                    2d:01:d8:cc:21:6c:9a:27:16:03:14:ad:77:6b:07:
                    d9:72:94:fa:bd:ad:67:7c:76:3f:5f:4a:8a:27:5c:
                    32:b7:79:6e:34:02:72:89:3a:e0:49:c7:72:60:f8:
                    46:98:96:8f:93:42:0e:f1:7e:65:ec:f7:33:d5:89:
                    22:6a:0a:78:a8:b3:e1:fd:24:b7:79:b8:fd:5e:70:
                    f3:89:8c:b5:14:96:75:81:b2:5b:24:3f:3f:26:cc:
                    d6:07:cd:6a:09:75:c9:36:1d:ab:21:f0:93:33:65:
                    c3:6e:52:1e:bf:45:e8:18:e4:0c:e7:94:82:20:61:
                    b0:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:BF:85:F1:B7:62:94:90:63:97:96:89:97:57:99:40:26:38:CF:2F
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PL-F8bdilJBjl5aJl1eZQCY4zy8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.119.194.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:7c:55:02:3d:10:d5:d1:eb:ec:71:7c:ea:7c:e9:63:7e:a2:
         d8:09:d8:6e:bb:32:29:4e:a5:bc:a5:58:d4:5d:4d:ba:22:ec:
         fb:1b:23:a9:92:2a:67:05:4e:c4:03:93:2c:60:90:ba:04:9e:
         f3:9c:f7:bf:61:19:38:a4:f2:df:c5:23:af:05:7c:e3:48:8b:
         0b:58:07:eb:68:61:c0:7a:3c:81:23:ca:40:3c:74:f0:de:4e:
         9a:e1:06:2c:d8:90:6e:a0:55:8e:06:3c:43:f6:5d:ad:c0:85:
         af:11:76:30:7b:db:15:75:4a:fd:58:09:35:fd:ff:ec:0c:be:
         05:f1:09:f2:c2:97:70:5b:ed:25:5f:98:21:a0:24:f5:9b:f0:
         ef:8f:0c:3a:41:2d:ff:1c:64:1d:99:4b:39:c3:06:02:c9:5f:
         22:38:39:ab:cc:20:35:d7:fe:1f:fd:bf:e1:2b:38:09:d8:37:
         c5:7c:21:70:e9:3e:24:1f:6f:50:ff:df:c7:ea:4d:06:e8:90:
         8a:48:57:87:c6:a4:c7:12:d9:d0:8f:7e:99:0e:95:bd:df:1e:
         4e:55:ff:c8:45:5b:b5:96:a0:37:be:16:2c:95:7e:ba:42:7c:
         ad:53:c2:9d:7b:94:78:c4:c8:b7:a9:7f:31:7f:02:c9:40:b3:
         22:c2:ae:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/fP7901O9jq9Y0lwszPkxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNjAzMTc1NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JmODVmMWI3NjI5NDkwNjM5Nzk2ODk5NzU3OTk0MDI2MzhjZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhspDbp5Dxd4S0FkpC/VtLYmmSz/
IZCttTDqnJsZaWJY69JqGJySdOuqMkM+Lm6hTBSs52Tq7R+wMtbCpJd9T55t292T
bzqRt38Bbjg4hjo4ElmkMnpgOkkZAIE7yM3irAaWhRnbhGVLrxM5P4yPwqxfhHTl
kJM423/CZ/QSfsiZVm45V1ItAdjMIWyaJxYDFK13awfZcpT6va1nfHY/X0qKJ1wy
t3luNAJyiTrgScdyYPhGmJaPk0IO8X5l7Pcz1Ykiagp4qLPh/SS3ebj9XnDziYy1
FJZ1gbJbJD8/JszWB81qCXXJNh2rIfCTM2XDblIev0XoGOQM55SCIGGw8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDy/hfG3YpSQY5eWiZdXmUAmOM8vMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUEwtRjhiZGlsSkJqbDVhSmwxZVpRQ1k0enk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXHfCMA0G
CSqGSIb3DQEBCwUAA4IBAQBzfFUCPRDV0evscXzqfOljfqLYCdhuuzIpTqW8pVjU
XU26Iuz7GyOpkipnBU7EA5MsYJC6BJ7znPe/YRk4pPLfxSOvBXzjSIsLWAfraGHA
ejyBI8pAPHTw3k6a4QYs2JBuoFWOBjxD9l2twIWvEXYwe9sVdUr9WAk1/f/sDL4F
8QnywpdwW+0lX5ghoCT1m/Dvjww6QS3/HGQdmUs5wwYCyV8iODmrzCA11/4f/b/h
KzgJ2DfFfCFw6T4kH29Q/9/H6k0G6JCKSFeHxqTHEtnQj36ZDpW93x5OVf/IRVu1
lqA3vhYslX66QnytU8Kde5R4xMi3qX8xfwLJQLMiwq7E
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:30:14 2024 by rpki-client on console-ams.rpki-client.org