Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/9Oc6puL6TzwZUDdOWQQeS0BJoRA.roa
File:                     9Oc6puL6TzwZUDdOWQQeS0BJoRA.roa (raw, json)
Hash identifier:          TbkrVjO4C91ESxkLNy61v6hjfshd2BwbBigS1TWFV2M=
Subject key identifier:   F4:E7:3A:A6:E2:FA:4F:3C:19:50:37:4E:59:04:1E:4B:40:49:A1:10
Certificate issuer:       /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial:       018E31671D51EEA5BB97D5434D9BD436A89E
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/9Oc6puL6TzwZUDdOWQQeS0BJoRA.roa
Signing time:             Tue 12 Mar 2024 06:43:45 +0000
ROA not before:           Tue 12 Mar 2024 06:43:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212238
IP address blocks:        45.156.222.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 05:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:31:67:1d:51:ee:a5:bb:97:d5:43:4d:9b:d4:36:a8:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
        Validity
            Not Before: Mar 12 06:43:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f4e73aa6e2fa4f3c1950374e59041e4b4049a110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ca:03:a9:93:ec:67:ff:a7:5e:6e:2a:ed:22:
                    6e:66:8b:7c:58:31:ff:91:03:58:37:2e:16:1d:e4:
                    1d:9a:06:6c:3b:c7:46:c5:74:06:95:d3:d6:d8:f8:
                    eb:b2:e4:df:74:f2:d8:ab:20:0b:89:8f:c2:b6:00:
                    0b:77:34:03:2e:7a:3b:7d:e4:67:50:74:d5:ac:b7:
                    55:0c:51:0f:30:96:d0:8b:81:32:1c:be:cc:58:22:
                    66:cc:27:fc:2c:db:cf:56:8a:dc:71:ec:4b:11:59:
                    42:7a:17:ce:f2:5e:2a:fe:8b:cf:2c:38:34:bc:b9:
                    eb:67:c8:84:bc:39:c5:e8:f3:03:fb:2c:37:43:03:
                    d3:84:26:3d:01:65:84:47:5d:be:35:a6:ea:50:c0:
                    42:e0:94:be:02:7c:5a:42:fb:f7:55:42:e0:f2:df:
                    2f:37:f5:b7:da:b9:60:7e:a6:17:c6:d9:40:7e:55:
                    04:54:82:d1:fd:c4:68:5d:1f:21:b2:16:c5:16:db:
                    39:39:10:fe:36:6d:a3:d6:f3:32:47:40:b2:b7:76:
                    e8:b1:17:2a:61:c8:dd:b3:37:73:7d:78:b3:4d:49:
                    8d:c0:2b:65:e5:41:33:49:4d:2b:f4:58:ba:87:1e:
                    df:b3:d8:94:10:0a:b9:4a:9b:11:06:43:da:79:01:
                    62:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:E7:3A:A6:E2:FA:4F:3C:19:50:37:4E:59:04:1E:4B:40:49:A1:10
            X509v3 Authority Key Identifier:
                keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/9Oc6puL6TzwZUDdOWQQeS0BJoRA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:14:d3:f9:ad:ac:00:5f:c5:9f:04:8d:37:45:cf:c0:34:09:
         e5:40:ff:bb:95:a3:66:5a:17:73:f4:f0:54:25:4e:84:20:e0:
         4d:7d:90:6d:aa:be:6d:39:0b:23:e2:d5:c2:bd:5b:0d:93:80:
         2d:86:80:67:68:12:b6:01:1a:78:82:47:c3:18:5a:9e:5a:46:
         5b:00:a6:ff:31:c1:7f:d7:ed:d1:5c:a0:be:d5:86:31:13:e5:
         07:83:b9:b3:82:4d:a3:b9:ce:f4:ea:bf:f7:fc:19:93:31:74:
         77:18:c8:d0:66:b9:8c:7b:2b:93:dc:9b:40:30:2d:b6:a3:5e:
         db:f6:a8:e2:c3:e9:71:73:c6:5b:de:6e:14:be:72:5e:cd:e5:
         1c:0b:36:1f:e2:29:6b:47:2e:6d:38:71:9d:ff:26:b0:db:a0:
         57:c4:b9:c6:55:12:32:1b:b3:21:48:2f:e9:2c:51:b8:19:fe:
         65:1d:fb:a8:49:1b:8e:15:37:32:1d:db:1b:a2:3b:4b:33:4a:
         a6:c3:88:0d:59:78:48:57:5c:63:27:50:05:f9:9f:8d:72:c7:
         92:49:d7:36:0f:3c:bf:c7:19:d2:1e:3e:a2:94:e8:88:53:ec:
         6c:24:da:47:0a:c5:50:7f:b1:5f:a1:6f:aa:82:c5:ad:8f:28:
         c5:3b:72:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4xZx1R7qW7l9VDTZvUNqieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMzEyMDY0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU3M2FhNmUyZmE0ZjNjMTk1MDM3NGU1OTA0MWU0YjQwNDlhMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMoDqZPsZ/+nXm4q7SJuZot8WDH/
kQNYNy4WHeQdmgZsO8dGxXQGldPW2PjrsuTfdPLYqyALiY/CtgALdzQDLno7feRn
UHTVrLdVDFEPMJbQi4EyHL7MWCJmzCf8LNvPVorccexLEVlCehfO8l4q/ovPLDg0
vLnrZ8iEvDnF6PMD+yw3QwPThCY9AWWER12+NabqUMBC4JS+AnxaQvv3VULg8t8v
N/W32rlgfqYXxtlAflUEVILR/cRoXR8hshbFFts5ORD+Nm2j1vMyR0Cyt3bosRcq
YcjdszdzfXizTUmNwCtl5UEzSU0r9Fi6hx7fs9iUEAq5SpsRBkPaeQFiawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTnOqbi+k88GVA3TlkEHktASaEQMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvOU9jNnB1TDZUendaVURkT1dRUWVTMEJKb1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZzeMA0G
CSqGSIb3DQEBCwUAA4IBAQAdFNP5rawAX8WfBI03Rc/ANAnlQP+7laNmWhdz9PBU
JU6EIOBNfZBtqr5tOQsj4tXCvVsNk4AthoBnaBK2ARp4gkfDGFqeWkZbAKb/McF/
1+3RXKC+1YYxE+UHg7mzgk2juc706r/3/BmTMXR3GMjQZrmMeyuT3JtAMC22o17b
9qjiw+lxc8Zb3m4UvnJezeUcCzYf4ilrRy5tOHGd/yaw26BXxLnGVRIyG7MhSC/p
LFG4Gf5lHfuoSRuOFTcyHdsbojtLM0qmw4gNWXhIV1xjJ1AF+Z+NcseSSdc2Dzy/
xxnSHj6ilOiIU+xsJNpHCsVQf7FfoW+qgsWtjyjFO3Lz
-----END CERTIFICATE-----
Generated at Sun Apr 28 14:49:17 2024 by rpki-client on console-ams.rpki-client.org