Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/oqamxN5aBvpJ7yR5XsjIYiZKDUE.roa
File:                     oqamxN5aBvpJ7yR5XsjIYiZKDUE.roa (raw, json)
Hash identifier:          xW4GdNkPllxpOYFhSLCsfdm2y0BcteI6rD3MR7qzUX8=
Subject key identifier:   A2:A6:A6:C4:DE:5A:06:FA:49:EF:24:79:5E:C8:C8:62:26:4A:0D:41
Certificate issuer:       /CN=6bb9125b8a10d322348681a2d2ac7d67d2ad2535
Certificate serial:       018CC2DADA752419980C95ABF092FD974BAD
Authority key identifier: 6B:B9:12:5B:8A:10:D3:22:34:86:81:A2:D2:AC:7D:67:D2:AD:25:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/oqamxN5aBvpJ7yR5XsjIYiZKDUE.roa
Signing time:             Mon 01 Jan 2024 02:29:31 +0000
ROA not before:           Mon 01 Jan 2024 02:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29119
IP address blocks:        185.165.248.0/23 maxlen: 23
                          185.165.250.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:da:75:24:19:98:0c:95:ab:f0:92:fd:97:4b:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bb9125b8a10d322348681a2d2ac7d67d2ad2535
        Validity
            Not Before: Jan  1 02:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a2a6a6c4de5a06fa49ef24795ec8c862264a0d41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:59:18:91:7e:9b:95:2f:6e:3d:83:fe:f6:08:
                    2d:09:74:76:23:05:c2:5e:c6:49:a1:a0:2c:e0:74:
                    77:15:3b:c1:e6:94:8d:a3:50:87:c9:0b:18:13:b3:
                    a6:0d:7e:72:6c:f3:dd:ab:52:c7:80:49:4d:1e:ce:
                    1e:a8:74:61:74:91:38:66:8c:f1:77:b1:be:11:ac:
                    d2:8e:5b:4f:ea:66:3e:86:cd:44:5d:bb:41:7e:3a:
                    49:f5:c1:a7:af:a3:7b:71:3e:8c:bf:cf:98:6a:43:
                    8a:08:c1:59:2f:08:85:03:9a:42:39:8d:83:26:81:
                    00:3a:0d:bb:fc:f7:3f:43:6e:fb:fb:d5:53:18:68:
                    c0:72:82:80:fc:a6:28:06:58:85:27:45:1a:d4:a7:
                    48:8b:70:cc:01:f9:cc:ea:e2:22:fd:cc:f0:33:7b:
                    20:0a:10:73:fe:01:7e:0c:12:80:48:42:ad:fa:32:
                    15:1e:74:18:21:6e:7e:44:f9:33:6c:31:3e:a1:58:
                    48:19:b8:73:b6:da:b8:6a:e2:13:a1:e1:5e:7a:e5:
                    0c:8c:dc:9b:70:f7:90:46:7f:bd:64:1f:28:b9:fe:
                    5e:9f:36:a8:04:6d:bf:b0:5d:c1:e3:da:74:8b:25:
                    4e:96:b8:2a:0c:20:4f:80:ca:19:97:12:2d:01:69:
                    1c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A6:A6:C4:DE:5A:06:FA:49:EF:24:79:5E:C8:C8:62:26:4A:0D:41
            X509v3 Authority Key Identifier:
                keyid:6B:B9:12:5B:8A:10:D3:22:34:86:81:A2:D2:AC:7D:67:D2:AD:25:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/oqamxN5aBvpJ7yR5XsjIYiZKDUE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/4b28b8-77f6-46d3-b8d5-83bc413a048d/1/a7kSW4oQ0yI0hoGi0qx9Z9KtJTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:43:66:b4:bd:28:4d:c7:ca:d4:74:93:03:54:95:14:fe:82:
         ab:67:d6:f5:34:c5:14:b7:0a:da:93:6e:d3:df:14:51:37:4e:
         60:eb:22:ad:1e:9b:e7:b7:79:9f:e6:7b:49:d7:f8:b4:cb:2e:
         90:6d:25:fa:3d:a3:1b:22:bf:1e:3d:b4:54:a4:90:9a:4e:c3:
         ea:9f:07:84:d7:6f:c2:f4:44:48:96:47:57:9b:7f:9f:ee:a2:
         1b:6f:83:6a:17:dc:9f:1f:98:a7:b6:db:8d:da:69:3e:05:f6:
         61:df:8a:31:f3:78:03:bd:71:e7:bb:31:d0:2c:5f:ed:90:7f:
         19:2d:da:8d:d6:de:e0:92:9a:55:1e:8e:2c:fc:4a:40:7f:b5:
         4f:b3:ea:77:9d:b1:7c:74:2f:74:c1:12:70:4d:c6:b8:76:28:
         1a:31:42:17:b1:5a:35:af:43:2c:37:e5:4b:24:2b:ea:97:a1:
         60:21:63:73:f1:01:ad:6e:25:d0:bb:ef:8f:8f:76:8b:1b:ea:
         d7:f1:ee:03:6e:d0:c7:36:67:a8:5d:25:96:7f:7b:a4:32:6a:
         26:5f:1b:d3:cd:f6:4c:0a:47:89:d1:4a:03:69:75:9b:c0:5d:
         5e:58:0d:12:2a:63:e1:87:09:9a:44:5c:74:ef:a1:e2:b9:1b:
         45:87:d5:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2tp1JBmYDJWr8JL9l0utMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYjkxMjViOGExMGQzMjIzNDg2ODFhMmQyYWM3ZDY3ZDJh
ZDI1MzUwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE2YTZjNGRlNWEwNmZhNDllZjI0Nzk1ZWM4Yzg2MjI2NGEwZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlkYkX6blS9uPYP+9ggtCXR2IwXC
XsZJoaAs4HR3FTvB5pSNo1CHyQsYE7OmDX5ybPPdq1LHgElNHs4eqHRhdJE4Zozx
d7G+EazSjltP6mY+hs1EXbtBfjpJ9cGnr6N7cT6Mv8+YakOKCMFZLwiFA5pCOY2D
JoEAOg27/Pc/Q277+9VTGGjAcoKA/KYoBliFJ0Ua1KdIi3DMAfnM6uIi/czwM3sg
ChBz/gF+DBKASEKt+jIVHnQYIW5+RPkzbDE+oVhIGbhzttq4auIToeFeeuUMjNyb
cPeQRn+9ZB8ouf5enzaoBG2/sF3B49p0iyVOlrgqDCBPgMoZlxItAWkcSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKmpsTeWgb6Se8keV7IyGImSg1BMB8GA1UdIwQY
MBaAFGu5EluKENMiNIaBotKsfWfSrSU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdrU1c0b1EweUkwaG9HaTBxeDlaOUt0SlRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS80YjI4YjgtNzdmNi00NmQzLWI4ZDUt
ODNiYzQxM2EwNDhkLzEvb3FhbXhONWFCdnBKN3lSNVhzaklZaVpLRFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS80YjI4YjgtNzdmNi00NmQzLWI4ZDUtODNiYzQxM2EwNDhk
LzEvYTdrU1c0b1EweUkwaG9HaTBxeDlaOUt0SlRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaX4MA0G
CSqGSIb3DQEBCwUAA4IBAQCsQ2a0vShNx8rUdJMDVJUU/oKrZ9b1NMUUtwrak27T
3xRRN05g6yKtHpvnt3mf5ntJ1/i0yy6QbSX6PaMbIr8ePbRUpJCaTsPqnweE12/C
9ERIlkdXm3+f7qIbb4NqF9yfH5inttuN2mk+BfZh34ox83gDvXHnuzHQLF/tkH8Z
LdqN1t7gkppVHo4s/EpAf7VPs+p3nbF8dC90wRJwTca4digaMUIXsVo1r0MsN+VL
JCvql6FgIWNz8QGtbiXQu++Pj3aLG+rX8e4DbtDHNmeoXSWWf3ukMmomXxvTzfZM
CkeJ0UoDaXWbwF1eWA0SKmPhhwmaRFx076HiuRtFh9UG
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:38:26 2024 by rpki-client on console-fra.rpki-client.org