Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/AvQ3fVhhSgRu5eu6g4bS2x1Th9o.roa
File:                     AvQ3fVhhSgRu5eu6g4bS2x1Th9o.roa (raw, json)
Hash identifier:          n5d+pZExmF2NQAcGQjIC3iBdHS3ew9v4U4sSQaA6P+8=
Subject key identifier:   02:F4:37:7D:58:61:4A:04:6E:E5:EB:BA:83:86:D2:DB:1D:53:87:DA
Certificate issuer:       /CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
Certificate serial:       018CC80113519F124955DE151FAC00BB9DA7
Authority key identifier: BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/AvQ3fVhhSgRu5eu6g4bS2x1Th9o.roa
Signing time:             Tue 02 Jan 2024 02:29:22 +0000
ROA not before:           Tue 02 Jan 2024 02:29:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61077
IP address blocks:        77.81.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/vklD9SA9Q0YKE61OqdfVuVDGE80.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/vklD9SA9Q0YKE61OqdfVuVDGE80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:13:51:9f:12:49:55:de:15:1f:ac:00:bb:9d:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be4943f5203d43460a13ad4ea9d7d5b950c613cd
        Validity
            Not Before: Jan  2 02:29:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=02f4377d58614a046ee5ebba8386d2db1d5387da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e0:00:58:df:62:1b:9a:a9:78:40:3d:1e:c4:
                    69:23:3f:dc:33:9b:db:ee:6c:f6:49:d4:f0:cc:f8:
                    a0:5e:a0:e2:1b:0b:fd:b5:41:42:79:d1:ca:fe:bb:
                    37:3d:76:a3:7d:0b:f2:52:1c:10:aa:23:0f:ae:d8:
                    af:53:c1:e7:1d:d3:96:ea:4e:ce:ef:24:0f:55:61:
                    66:77:60:fc:7d:e8:85:76:93:1a:05:34:63:da:c7:
                    ea:d2:42:f9:a4:62:8d:8d:10:a2:32:70:9a:2d:56:
                    7b:51:4d:8e:81:2a:b4:63:86:fd:a4:6c:9d:46:63:
                    68:27:df:b8:70:97:6c:25:4f:a5:44:f1:f1:d3:df:
                    b2:f3:13:cc:f6:aa:99:38:1e:8a:82:d8:06:d4:4e:
                    d1:50:4a:61:f2:d5:dd:2c:87:58:68:cf:b6:69:95:
                    9a:a4:e6:74:ff:d7:a8:4e:f7:6e:40:32:9e:d8:1a:
                    73:10:e0:ea:dd:cc:46:57:a9:9e:61:68:a7:ba:f5:
                    b1:e9:1c:f5:51:39:fd:78:9c:ec:19:46:a0:24:ff:
                    b8:09:61:53:07:34:7c:3c:e7:d1:e0:af:2f:6b:d0:
                    92:ef:68:e1:72:01:33:ec:5e:0c:0f:e9:6a:16:0e:
                    70:77:c3:3a:ad:49:28:4c:ad:fb:d4:e6:60:09:e2:
                    91:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F4:37:7D:58:61:4A:04:6E:E5:EB:BA:83:86:D2:DB:1D:53:87:DA
            X509v3 Authority Key Identifier:
                keyid:BE:49:43:F5:20:3D:43:46:0A:13:AD:4E:A9:D7:D5:B9:50:C6:13:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vklD9SA9Q0YKE61OqdfVuVDGE80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/AvQ3fVhhSgRu5eu6g4bS2x1Th9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3314ec-8ff0-4950-858f-a051ae63dba1/1/vklD9SA9Q0YKE61OqdfVuVDGE80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:69:63:d2:6a:aa:8f:a5:c1:ce:04:3e:32:7f:22:48:2c:9d:
         3c:a6:6b:b5:1b:1b:ec:d2:59:48:ba:14:da:04:e9:c3:53:14:
         cb:92:77:51:42:f5:b0:8a:97:23:02:e8:24:36:d8:80:cc:25:
         f7:78:d1:3e:fc:6b:df:24:7a:b0:31:b3:15:fc:5c:ce:a1:d2:
         51:d9:c3:b3:f7:f9:7e:18:cd:90:aa:67:a7:24:23:86:5d:b2:
         68:b7:01:66:a0:09:36:ee:66:e1:11:49:f9:a5:8b:7e:06:90:
         f9:c4:7c:89:0f:9d:65:eb:c3:21:03:4f:99:38:89:33:9e:e1:
         d1:16:d7:25:4f:67:fb:f7:40:2d:f1:3d:02:58:85:42:bf:e1:
         68:ba:5c:e5:c6:49:e8:09:57:cb:cb:c7:64:be:1c:0e:07:e3:
         9c:48:11:b9:81:ea:20:88:77:2a:80:30:14:17:cc:24:d5:1a:
         a4:67:2c:cf:18:f6:f8:16:00:f6:4f:88:72:f1:d9:8c:f0:18:
         cf:ef:d8:fb:66:bc:8e:b8:36:94:22:3b:d9:ac:d3:f9:1f:18:
         e7:48:7a:cc:f1:af:10:44:2f:75:b1:77:14:e1:82:27:88:7d:
         5d:c5:42:59:93:88:c5:eb:9a:41:7a:d7:a5:a3:18:ce:65:89:
         3e:1e:2a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIARNRnxJJVd4VH6wAu52nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDk0M2Y1MjAzZDQzNDYwYTEzYWQ0ZWE5ZDdkNWI5NTBj
NjEzY2QwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmY0Mzc3ZDU4NjE0YTA0NmVlNWViYmE4Mzg2ZDJkYjFkNTM4N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+AAWN9iG5qpeEA9HsRpIz/cM5vb
7mz2SdTwzPigXqDiGwv9tUFCedHK/rs3PXajfQvyUhwQqiMPrtivU8HnHdOW6k7O
7yQPVWFmd2D8feiFdpMaBTRj2sfq0kL5pGKNjRCiMnCaLVZ7UU2OgSq0Y4b9pGyd
RmNoJ9+4cJdsJU+lRPHx09+y8xPM9qqZOB6KgtgG1E7RUEph8tXdLIdYaM+2aZWa
pOZ0/9eoTvduQDKe2BpzEODq3cxGV6meYWinuvWx6Rz1UTn9eJzsGUagJP+4CWFT
BzR8POfR4K8va9CS72jhcgEz7F4MD+lqFg5wd8M6rUkoTK371OZgCeKRYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAL0N31YYUoEbuXruoOG0tsdU4faMB8GA1UdIwQY
MBaAFL5JQ/UgPUNGChOtTqnX1blQxhPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtsRDlTQTlRMFlLRTYxT3FkZlZ1VkRHRTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMzE0ZWMtOGZmMC00OTUwLTg1OGYt
YTA1MWFlNjNkYmExLzEvQXZRM2ZWaGhTZ1J1NWV1Nmc0YlMyeDFUaDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMzE0ZWMtOGZmMC00OTUwLTg1OGYtYTA1MWFlNjNkYmEx
LzEvdmtsRDlTQTlRMFlLRTYxT3FkZlZ1VkRHRTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVFgMA0G
CSqGSIb3DQEBCwUAA4IBAQCPaWPSaqqPpcHOBD4yfyJILJ08pmu1Gxvs0llIuhTa
BOnDUxTLkndRQvWwipcjAugkNtiAzCX3eNE+/GvfJHqwMbMV/FzOodJR2cOz9/l+
GM2QqmenJCOGXbJotwFmoAk27mbhEUn5pYt+BpD5xHyJD51l68MhA0+ZOIkznuHR
FtclT2f790At8T0CWIVCv+FoulzlxknoCVfLy8dkvhwOB+OcSBG5geogiHcqgDAU
F8wk1RqkZyzPGPb4FgD2T4hy8dmM8BjP79j7ZryOuDaUIjvZrNP5HxjnSHrM8a8Q
RC91sXcU4YIniH1dxUJZk4jF65pBeteloxjOZYk+Hirt
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:17:52 2024 by rpki-client on console-ams.rpki-client.org