Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ABd1WLeyANCdcObOqJSodjnIA0s.roa
File:                     ABd1WLeyANCdcObOqJSodjnIA0s.roa (raw, json)
Hash identifier:          3pAzqwXQ8P22wv3Qqj+hpdnqsShpOXmnq4LbfpnOstw=
Subject key identifier:   00:17:75:58:B7:B2:00:D0:9D:70:E6:CE:A8:94:A8:76:39:C8:03:4B
Certificate issuer:       /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial:       018CCA2BCBEF907CA68FB8DF75865A3D5D8D
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ABd1WLeyANCdcObOqJSodjnIA0s.roa
Signing time:             Tue 02 Jan 2024 12:35:17 +0000
ROA not before:           Tue 02 Jan 2024 12:35:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        80.128.0.0/11 maxlen: 11

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 13:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:cb:ef:90:7c:a6:8f:b8:df:75:86:5a:3d:5d:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
        Validity
            Not Before: Jan  2 12:35:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=00177558b7b200d09d70e6cea894a87639c8034b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:53:af:96:75:99:6f:05:d1:34:a4:2e:7d:3d:
                    14:a0:7a:d6:68:55:d0:31:e5:09:5a:e2:5c:8d:81:
                    89:4e:2b:5e:a4:14:aa:e9:27:cf:ed:a6:86:e5:33:
                    01:e2:e2:99:9e:66:15:b6:20:36:34:c8:b0:5d:88:
                    d5:c9:fd:4a:90:a8:33:a8:fe:ac:29:a2:76:c4:2e:
                    9e:ea:cb:38:23:9a:62:d7:77:8b:0d:26:eb:2a:27:
                    7c:70:4b:8f:6a:54:f2:58:83:4f:04:bf:61:47:c1:
                    c3:96:8d:c4:90:c3:76:a2:e1:12:d2:b9:ed:c9:53:
                    22:99:a3:f0:56:f6:9f:99:b2:b7:53:e0:01:cb:41:
                    fa:b4:e1:36:d6:3b:9a:02:8e:05:9e:aa:45:01:b3:
                    d7:a3:55:74:90:70:d5:ff:db:5c:40:93:76:b5:5e:
                    26:c3:aa:0f:88:b1:ad:fa:01:ec:8a:95:a0:24:d0:
                    c9:2b:a8:2f:9e:b4:19:7e:f8:88:4a:eb:55:04:15:
                    53:d3:a3:2a:25:1f:c1:85:f3:1f:f5:fd:4d:64:87:
                    fe:ac:c7:c9:d2:82:85:21:7d:f7:8f:d4:7b:90:53:
                    bf:cf:05:d9:e5:3c:05:fa:b3:52:a5:37:a2:b7:bc:
                    7a:3a:f1:bb:61:94:1f:2a:b6:f7:3c:75:7d:03:c3:
                    b4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:17:75:58:B7:B2:00:D0:9D:70:E6:CE:A8:94:A8:76:39:C8:03:4B
            X509v3 Authority Key Identifier:
                keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ABd1WLeyANCdcObOqJSodjnIA0s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.128.0.0/11

    Signature Algorithm: sha256WithRSAEncryption
         a9:0d:64:ae:66:3c:c1:3e:e8:fd:de:ac:61:41:0e:97:a5:65:
         de:cc:d5:70:e5:97:09:0f:9c:88:4d:ec:7c:f6:6a:e6:40:b4:
         e7:98:5b:8f:eb:85:92:dc:50:93:cb:e8:d2:b0:b9:36:c4:9f:
         e9:cd:43:a5:0c:fa:5d:76:d8:f0:7a:02:59:f5:5f:a0:58:25:
         02:4c:d8:65:eb:6f:d2:f7:c5:8d:13:db:7a:3c:5b:3b:fa:51:
         8c:1f:c9:b6:a3:ba:ca:41:65:3d:37:0e:db:26:36:8e:10:c0:
         1e:ab:2a:ae:d9:6d:8a:df:15:ec:67:56:b6:8e:49:ee:ef:b0:
         0a:0e:c7:1d:a5:89:2c:50:74:9e:cd:ed:cc:52:af:d8:b6:0a:
         e7:da:2c:31:98:f3:1e:40:bf:3b:bc:da:8f:ca:fd:50:0a:fa:
         8d:c1:ea:97:0c:92:ac:bd:37:f3:71:8a:b9:49:d3:73:9a:75:
         e4:7e:21:a9:49:2f:9f:18:4a:da:9f:dc:4b:83:76:64:19:06:
         75:fd:f7:d4:42:41:57:98:ff:87:86:6c:d7:89:ff:1e:01:45:
         09:06:b8:99:ec:f4:52:03:ad:2e:6f:15:1f:5b:85:e2:73:ca:
         c9:fb:e8:1a:ff:06:33:12:0a:2d:37:36:89:3e:2d:64:d1:d2:
         7f:93:26:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKK8vvkHymj7jfdYZaPV2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjQwMTAyMTIzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE3NzU1OGI3YjIwMGQwOWQ3MGU2Y2VhODk0YTg3NjM5YzgwMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFOvlnWZbwXRNKQufT0UoHrWaFXQ
MeUJWuJcjYGJTitepBSq6SfP7aaG5TMB4uKZnmYVtiA2NMiwXYjVyf1KkKgzqP6s
KaJ2xC6e6ss4I5pi13eLDSbrKid8cEuPalTyWINPBL9hR8HDlo3EkMN2ouES0rnt
yVMimaPwVvafmbK3U+ABy0H6tOE21juaAo4FnqpFAbPXo1V0kHDV/9tcQJN2tV4m
w6oPiLGt+gHsipWgJNDJK6gvnrQZfviISutVBBVT06MqJR/BhfMf9f1NZIf+rMfJ
0oKFIX33j9R7kFO/zwXZ5TwF+rNSpTeit7x6OvG7YZQfKrb3PHV9A8O0QQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAAXdVi3sgDQnXDmzqiUqHY5yANLMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL0FCZDFXTGV5QU5DZGNPYk9xSlNvZGpuSUEwcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwVQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAqQ1krmY8wT7o/d6sYUEOl6Vl3szVcOWXCQ+ciE3s
fPZq5kC055hbj+uFktxQk8vo0rC5NsSf6c1DpQz6XXbY8HoCWfVfoFglAkzYZetv
0vfFjRPbejxbO/pRjB/JtqO6ykFlPTcO2yY2jhDAHqsqrtltit8V7GdWto5J7u+w
Cg7HHaWJLFB0ns3tzFKv2LYK59osMZjzHkC/O7zaj8r9UAr6jcHqlwySrL0383GK
uUnTc5p15H4hqUkvnxhK2p/cS4N2ZBkGdf331EJBV5j/h4Zs14n/HgFFCQa4mez0
UgOtLm8VH1uF4nPKyfvoGv8GMxIKLTc2iT4tZNHSf5MmPw==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:59:22 2024 by rpki-client on console-fra.rpki-client.org