Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/_oeU2AXD9MP7JmNoNP1XLbEJOmo.roa
File:                     _oeU2AXD9MP7JmNoNP1XLbEJOmo.roa (raw, json)
Hash identifier:          ft+YL7TdR8vP2mgCFPVLiKXd9sGY96tWTyUW/2o2dDE=
Subject key identifier:   FE:87:94:D8:05:C3:F4:C3:FB:26:63:68:34:FD:57:2D:B1:09:3A:6A
Certificate issuer:       /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial:       018CC794CEC28A58B188809BCCB4E8A95910
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/_oeU2AXD9MP7JmNoNP1XLbEJOmo.roa
Signing time:             Tue 02 Jan 2024 00:31:07 +0000
ROA not before:           Tue 02 Jan 2024 00:31:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137409
IP address blocks:        81.199.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:ce:c2:8a:58:b1:88:80:9b:cc:b4:e8:a9:59:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
        Validity
            Not Before: Jan  2 00:31:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fe8794d805c3f4c3fb26636834fd572db1093a6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f8:13:e8:28:46:90:06:05:f2:9a:ee:ef:d7:
                    9f:cf:da:52:6d:16:d4:4f:00:7c:ab:39:38:11:d3:
                    d3:d6:1f:05:f1:4f:c5:75:a6:07:07:e7:3d:31:c2:
                    62:73:4c:8b:e0:06:d1:cf:b2:1a:e3:73:15:05:46:
                    9f:59:19:6e:dc:1a:68:95:ec:ee:3b:5e:8f:5d:2e:
                    7a:e5:12:15:3f:c9:86:8c:b8:57:7c:be:a2:7f:d7:
                    8f:b8:8f:68:f5:2a:b6:cc:7b:8c:bb:ed:4c:f0:52:
                    79:38:46:3e:45:b0:9c:ac:3e:bf:ad:eb:4b:bb:a5:
                    dc:b2:23:02:1b:d5:86:2c:f1:29:b7:ab:ce:41:01:
                    e7:29:2b:6f:1e:a4:91:d9:f4:06:33:3d:3b:77:a6:
                    9f:5c:7c:18:bc:4d:77:8f:98:e7:9e:ca:0c:c3:36:
                    c1:e6:32:37:a8:a5:7c:e2:f3:13:27:97:e8:54:fc:
                    2b:2a:d9:5d:03:8a:6c:29:8a:aa:32:2e:1e:c9:75:
                    a4:bf:77:ad:ab:f5:de:71:b5:c3:ac:37:e5:fb:89:
                    d5:49:07:aa:f6:7e:88:ea:92:c1:dd:e4:5b:76:b2:
                    9e:bb:06:b7:62:20:96:fa:d0:08:14:3a:55:fa:62:
                    26:06:aa:ce:81:4b:8b:84:b0:03:8b:3e:4b:1c:57:
                    c9:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:87:94:D8:05:C3:F4:C3:FB:26:63:68:34:FD:57:2D:B1:09:3A:6A
            X509v3 Authority Key Identifier:
                keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/_oeU2AXD9MP7JmNoNP1XLbEJOmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.199.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:e7:bc:29:7c:10:3f:8a:8d:3f:e6:ea:52:91:e7:13:50:3b:
         d2:3d:a6:49:8c:e8:40:af:bd:48:94:63:7d:2f:3f:62:5a:da:
         9d:4b:ed:70:11:cd:ce:4c:51:93:8c:1a:e0:f6:16:d6:86:cb:
         50:34:27:01:b8:f1:35:30:fc:79:28:80:56:4e:58:5c:f1:6d:
         ea:b6:6a:07:a4:ad:34:30:a4:de:cb:63:4e:ce:68:c7:83:2d:
         35:9e:ca:11:22:40:97:2c:7e:a0:76:34:e7:ae:73:86:12:85:
         96:47:5e:ea:f8:b3:44:66:f3:fd:76:f1:ce:ad:fe:84:4a:b2:
         4c:4f:6d:38:30:ac:37:e9:ad:24:b1:69:36:eb:a3:ac:15:4d:
         fe:12:db:1a:b2:f7:9a:f1:4b:19:97:b4:5d:c0:c7:e0:d1:de:
         8d:53:93:b3:d2:10:b7:3b:bd:17:4a:67:b2:f5:64:04:5e:75:
         fc:26:52:07:ed:50:1a:a7:2c:66:56:c7:da:9e:dc:60:3e:1d:
         51:21:6c:1a:05:11:8c:6b:bd:e7:37:56:37:ec:3a:69:94:8e:
         34:77:ac:7d:53:7c:d9:96:17:71:31:b5:2d:22:c6:e4:ce:13:
         2f:1c:2f:cd:d6:de:2d:e8:96:70:c3:cb:d2:98:2d:e1:2f:08:
         65:c2:36:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlM7CilixiICbzLToqVkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg3OTRkODA1YzNmNGMzZmIyNjYzNjgzNGZkNTcyZGIxMDkzYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPgT6ChGkAYF8pru79efz9pSbRbU
TwB8qzk4EdPT1h8F8U/FdaYHB+c9McJic0yL4AbRz7Ia43MVBUafWRlu3Bpolezu
O16PXS565RIVP8mGjLhXfL6if9ePuI9o9Sq2zHuMu+1M8FJ5OEY+RbCcrD6/retL
u6XcsiMCG9WGLPEpt6vOQQHnKStvHqSR2fQGMz07d6afXHwYvE13j5jnnsoMwzbB
5jI3qKV84vMTJ5foVPwrKtldA4psKYqqMi4eyXWkv3etq/XecbXDrDfl+4nVSQeq
9n6I6pLB3eRbdrKeuwa3YiCW+tAIFDpV+mImBqrOgUuLhLADiz5LHFfJYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6HlNgFw/TD+yZjaDT9Vy2xCTpqMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvX29lVTJBWEQ5TVA3Sm1Ob05QMVhMYkVKT21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUccbMA0G
CSqGSIb3DQEBCwUAA4IBAQCa57wpfBA/io0/5upSkecTUDvSPaZJjOhAr71IlGN9
Lz9iWtqdS+1wEc3OTFGTjBrg9hbWhstQNCcBuPE1MPx5KIBWTlhc8W3qtmoHpK00
MKTey2NOzmjHgy01nsoRIkCXLH6gdjTnrnOGEoWWR17q+LNEZvP9dvHOrf6ESrJM
T204MKw36a0ksWk266OsFU3+Etsasvea8UsZl7RdwMfg0d6NU5Oz0hC3O70XSmey
9WQEXnX8JlIH7VAapyxmVsfantxgPh1RIWwaBRGMa73nN1Y37DpplI40d6x9U3zZ
lhdxMbUtIsbkzhMvHC/N1t4t6JZww8vSmC3hLwhlwjbi
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:33:47 2024 by rpki-client on console-fra.rpki-client.org