Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6Cei3N3EIJK-UOjtNLBdBl41h0M.roa
File:                     6Cei3N3EIJK-UOjtNLBdBl41h0M.roa (raw, json)
Hash identifier:          +rQ1LcKQpgiYZYD7P30B3ISKy+AmL+KCkTWH3FacAAc=
Subject key identifier:   E8:27:A2:DC:DD:C4:20:92:BE:50:E8:ED:34:B0:5D:06:5E:35:87:43
Certificate issuer:       /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial:       018CC794CBA5A6BF5817C8E069AA114E70A7
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6Cei3N3EIJK-UOjtNLBdBl41h0M.roa
Signing time:             Tue 02 Jan 2024 00:31:06 +0000
ROA not before:           Tue 02 Jan 2024 00:31:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     174
IP address blocks:        45.140.246.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:cb:a5:a6:bf:58:17:c8:e0:69:aa:11:4e:70:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
        Validity
            Not Before: Jan  2 00:31:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e827a2dcddc42092be50e8ed34b05d065e358743
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:98:17:02:9f:08:21:fe:73:74:7b:20:4c:5b:
                    6b:0f:ee:0d:f6:20:6a:74:88:3c:44:08:36:6f:3d:
                    98:26:0f:39:84:8b:c9:c4:7c:7f:b6:51:3d:f0:8f:
                    04:ce:d4:f9:59:9c:27:6e:27:8f:6f:7d:45:8a:5c:
                    f5:fc:85:16:31:a3:a4:64:fd:13:bb:cf:94:9d:a3:
                    7c:96:0a:68:5e:63:6b:f5:4e:a6:51:fd:ba:d2:fe:
                    32:f9:d3:dd:4b:6d:f7:66:3e:7f:a6:35:8f:3a:3e:
                    d6:24:01:8c:9e:da:e7:51:9e:2e:32:bd:9e:e9:6f:
                    40:ed:fd:0d:84:e7:69:1f:c5:bc:73:46:f2:e6:fd:
                    24:80:c5:20:50:09:5e:f1:de:13:07:a3:ad:ab:83:
                    a7:33:0d:46:ad:da:a3:ee:9a:02:5d:49:9e:3a:83:
                    e8:14:bd:ab:02:7e:66:f1:45:3d:9e:0b:ca:ed:93:
                    43:cb:a3:a3:43:06:d1:95:7e:47:4c:bf:08:9c:2b:
                    3d:5d:48:b4:a3:cc:cf:5c:d1:49:81:21:67:66:6a:
                    05:1f:d2:94:07:08:30:27:53:42:83:59:0d:ff:da:
                    21:5d:c5:44:39:c4:b8:79:b7:d7:21:dc:92:96:7f:
                    56:5e:a2:8c:ce:ce:15:14:32:00:46:94:ed:cd:63:
                    d9:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:27:A2:DC:DD:C4:20:92:BE:50:E8:ED:34:B0:5D:06:5E:35:87:43
            X509v3 Authority Key Identifier:
                keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/6Cei3N3EIJK-UOjtNLBdBl41h0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:74:f5:ae:13:43:8c:2c:89:86:9e:11:21:a2:b9:c5:f6:4e:
         e7:07:4e:ca:98:01:5c:77:79:e8:9e:44:f9:81:0f:f1:8e:82:
         24:1b:30:4c:f0:3b:a3:c4:1c:cf:d5:31:53:0e:25:42:9a:b2:
         7b:6d:30:da:4a:b8:53:34:89:70:cc:1c:a6:d9:a2:bd:c0:ee:
         ef:e8:6b:79:d7:48:fb:18:ca:ed:95:fa:6a:ac:bf:9d:64:8d:
         d8:46:e8:3d:21:fc:77:39:a7:21:a2:20:4e:8a:e2:86:2e:9d:
         ad:84:45:09:07:ab:b8:87:45:b1:a8:dd:71:3f:31:5f:21:8f:
         ca:03:5f:45:a7:2d:0f:e7:d1:6c:b4:96:60:34:d4:a4:b3:60:
         6f:21:f1:a8:d5:7b:ed:11:50:cf:8c:97:25:bc:ba:77:6d:42:
         17:f4:ea:d2:02:1e:5e:c8:da:00:62:00:81:e2:c2:d7:9c:5d:
         b9:da:02:e1:12:5c:29:4b:be:dc:10:b4:85:05:92:8a:6e:63:
         98:a1:8c:1d:76:3f:e9:c0:05:6c:18:72:ab:5b:f3:10:d5:3c:
         68:f5:bb:6e:54:e5:5b:7a:42:2c:01:b6:9c:d9:c7:b3:a3:e0:
         99:ca:2c:a8:a2:9e:9f:53:97:5f:98:fe:6d:4d:03:22:f0:8b:
         d5:7c:61:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlMulpr9YF8jgaaoRTnCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwMTAyMDAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODI3YTJkY2RkYzQyMDkyYmU1MGU4ZWQzNGIwNWQwNjVlMzU4NzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZgXAp8IIf5zdHsgTFtrD+4N9iBq
dIg8RAg2bz2YJg85hIvJxHx/tlE98I8EztT5WZwnbiePb31Filz1/IUWMaOkZP0T
u8+UnaN8lgpoXmNr9U6mUf260v4y+dPdS233Zj5/pjWPOj7WJAGMntrnUZ4uMr2e
6W9A7f0NhOdpH8W8c0by5v0kgMUgUAle8d4TB6Otq4OnMw1Grdqj7poCXUmeOoPo
FL2rAn5m8UU9ngvK7ZNDy6OjQwbRlX5HTL8InCs9XUi0o8zPXNFJgSFnZmoFH9KU
BwgwJ1NCg1kN/9ohXcVEOcS4ebfXIdySln9WXqKMzs4VFDIARpTtzWPZ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgnotzdxCCSvlDo7TSwXQZeNYdDMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvNkNlaTNOM0VJSkstVU9qdE5MQmRCbDQxaDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz2MA0G
CSqGSIb3DQEBCwUAA4IBAQBddPWuE0OMLImGnhEhornF9k7nB07KmAFcd3nonkT5
gQ/xjoIkGzBM8DujxBzP1TFTDiVCmrJ7bTDaSrhTNIlwzBym2aK9wO7v6Gt510j7
GMrtlfpqrL+dZI3YRug9Ifx3OachoiBOiuKGLp2thEUJB6u4h0WxqN1xPzFfIY/K
A19Fpy0P59FstJZgNNSks2BvIfGo1XvtEVDPjJclvLp3bUIX9OrSAh5eyNoAYgCB
4sLXnF252gLhElwpS77cELSFBZKKbmOYoYwddj/pwAVsGHKrW/MQ1Txo9btuVOVb
ekIsAbac2cezo+CZyiyoop6fU5dfmP5tTQMi8IvVfGE9
-----END CERTIFICATE-----
Generated at Sat Apr 27 18:10:18 2024 by rpki-client on console-ams.rpki-client.org