Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ZlLmD6S2T8d3ynwJTY9IiW1xUyI.roa
File:                     ZlLmD6S2T8d3ynwJTY9IiW1xUyI.roa (raw, json)
Hash identifier:          U3A78MqJeQqVnAOjTS5ZvnBvZqxFRIOz3sj+kUzHFvU=
Subject key identifier:   66:52:E6:0F:A4:B6:4F:C7:77:CA:7C:09:4D:8F:48:89:6D:71:53:22
Certificate issuer:       /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial:       019073A9FD07B1A8D82FDBFB75BB417946C3
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ZlLmD6S2T8d3ynwJTY9IiW1xUyI.roa
Signing time:             Tue 02 Jul 2024 13:37:18 +0000
ROA not before:           Tue 02 Jul 2024 13:37:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     147293
IP address blocks:        37.128.254.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:73:a9:fd:07:b1:a8:d8:2f:db:fb:75:bb:41:79:46:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
        Validity
            Not Before: Jul  2 13:37:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6652e60fa4b64fc777ca7c094d8f48896d715322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e8:20:de:cc:de:17:1a:62:e2:e6:95:cf:97:
                    de:73:92:18:8a:4d:83:08:9e:4d:f5:66:97:d8:32:
                    5e:2e:3b:b0:bd:a5:65:70:73:ec:ea:9f:ca:61:e2:
                    50:dc:6c:1d:13:b6:6d:d5:86:f0:4e:88:4f:80:73:
                    08:e5:b3:9e:65:4b:a2:1d:6f:b4:d6:43:3f:f6:4b:
                    c2:75:7a:66:24:6b:93:39:63:53:6b:fb:2b:08:14:
                    d0:47:db:7e:3d:a7:53:69:47:43:34:28:6d:11:d7:
                    ac:fb:b7:b1:e3:3d:1e:6c:ec:ed:67:2e:71:af:0f:
                    9c:ba:32:00:6c:f1:0b:94:66:a4:c0:17:11:93:ed:
                    81:da:ea:31:e6:69:c2:85:b0:9f:da:6b:67:48:84:
                    b0:6d:66:23:ee:d9:78:1e:82:8c:de:b8:eb:93:99:
                    6a:40:e2:b8:be:40:a2:a7:72:50:c5:59:9c:86:eb:
                    9b:69:93:b2:f7:3a:40:93:8d:25:fc:bd:b7:7b:34:
                    e6:28:44:51:f4:4d:fa:6b:33:49:9f:e0:7e:a1:98:
                    be:77:fb:40:f4:a7:29:3f:6b:ea:63:6e:41:2d:5f:
                    48:00:5f:84:b9:51:64:47:e3:21:6e:d6:b6:c8:21:
                    5b:b1:ef:59:b7:77:d9:a6:0c:3b:6c:6e:f7:94:36:
                    b9:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:52:E6:0F:A4:B6:4F:C7:77:CA:7C:09:4D:8F:48:89:6D:71:53:22
            X509v3 Authority Key Identifier:
                keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ZlLmD6S2T8d3ynwJTY9IiW1xUyI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.128.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:08:3c:95:19:af:44:49:74:5b:26:8e:86:b0:7a:59:94:b3:
         f6:89:f2:97:06:69:83:a0:78:3a:22:90:f4:1a:c5:84:18:4f:
         87:d8:94:92:8e:9d:91:78:58:4b:22:49:ef:bb:31:fd:69:18:
         ef:f9:ed:74:7d:42:a0:dc:f3:41:95:2d:4d:15:dc:33:74:fc:
         72:8b:b2:80:20:68:a4:37:9e:1e:91:e2:0f:75:aa:01:21:ef:
         16:07:6d:49:22:04:20:a6:c0:fa:2a:4a:42:cb:d6:4b:f7:94:
         3f:06:79:cf:e6:bf:aa:b0:fc:23:e6:cc:2d:e8:ba:1f:4a:90:
         17:a9:8c:56:93:b7:b8:cc:e9:ff:ac:7b:a4:c4:6d:17:38:38:
         44:a4:28:ff:35:39:e7:af:94:5c:b8:e3:36:24:de:01:65:c3:
         54:a1:f9:7c:a2:2b:81:36:b2:ea:cd:83:14:8d:a9:7d:12:5e:
         d5:66:c6:a7:62:0f:96:a4:ad:dd:e0:2c:bb:98:7e:4b:73:91:
         2c:db:70:9b:28:8c:68:35:81:dc:00:3d:f2:7e:34:81:d7:71:
         4e:42:2f:87:3f:0e:2e:30:54:91:f1:6a:0e:d2:c0:ef:93:be:
         ba:82:b3:5f:f1:ec:78:d7:93:a1:7e:15:e6:c8:60:48:00:5d:
         8b:55:26:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBzqf0HsajYL9v7dbtBeUbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzAyMTMzNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjUyZTYwZmE0YjY0ZmM3NzdjYTdjMDk0ZDhmNDg4OTZkNzE1MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxugg3szeFxpi4uaVz5fec5IYik2D
CJ5N9WaX2DJeLjuwvaVlcHPs6p/KYeJQ3GwdE7Zt1YbwTohPgHMI5bOeZUuiHW+0
1kM/9kvCdXpmJGuTOWNTa/srCBTQR9t+PadTaUdDNChtEdes+7ex4z0ebOztZy5x
rw+cujIAbPELlGakwBcRk+2B2uox5mnChbCf2mtnSISwbWYj7tl4HoKM3rjrk5lq
QOK4vkCip3JQxVmchuubaZOy9zpAk40l/L23ezTmKERR9E36azNJn+B+oZi+d/tA
9KcpP2vqY25BLV9IAF+EuVFkR+Mhbta2yCFbse9Zt3fZpgw7bG73lDa5rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZS5g+ktk/Hd8p8CU2PSIltcVMiMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvWmxMbUQ2UzJUOGQzeW53SlRZOUlpVzF4VXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYD+MA0G
CSqGSIb3DQEBCwUAA4IBAQCvCDyVGa9ESXRbJo6GsHpZlLP2ifKXBmmDoHg6IpD0
GsWEGE+H2JSSjp2ReFhLIknvuzH9aRjv+e10fUKg3PNBlS1NFdwzdPxyi7KAIGik
N54ekeIPdaoBIe8WB21JIgQgpsD6KkpCy9ZL95Q/BnnP5r+qsPwj5swt6LofSpAX
qYxWk7e4zOn/rHukxG0XODhEpCj/NTnnr5RcuOM2JN4BZcNUofl8oiuBNrLqzYMU
jal9El7VZsanYg+WpK3d4Cy7mH5Lc5Es23CbKIxoNYHcAD3yfjSB13FOQi+HPw4u
MFSR8WoO0sDvk766grNf8ex415OhfhXmyGBIAF2LVSbT
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:28:47 2024 by rpki-client on console-ams.rpki-client.org