Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/5t9PICVhS8X4v32in6bAUtkW61Y.roa
File:                     5t9PICVhS8X4v32in6bAUtkW61Y.roa (raw, json)
Hash identifier:          qczUrw1CMsFMfAFvo5EQv1+CGH0HtZ21gSnWmxG+PC4=
Subject key identifier:   E6:DF:4F:20:25:61:4B:C5:F8:BF:7D:A2:9F:A6:C0:52:D9:16:EB:56
Certificate issuer:       /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial:       0192A32B4D509C3537AD828520D4A86764E8
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/5t9PICVhS8X4v32in6bAUtkW61Y.roa
Signing time:             Sat 19 Oct 2024 05:06:16 +0000
ROA not before:           Sat 19 Oct 2024 05:06:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198058
IP address blocks:        91.199.219.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:a3:2b:4d:50:9c:35:37:ad:82:85:20:d4:a8:67:64:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
        Validity
            Not Before: Oct 19 05:06:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e6df4f2025614bc5f8bf7da29fa6c052d916eb56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:93:9a:bf:e2:a5:b0:b7:2b:04:f3:76:08:12:
                    5b:55:f1:ff:55:e0:48:38:8a:75:30:3e:49:db:d9:
                    79:8d:5b:3a:e3:5f:08:b9:53:42:67:19:f9:ad:37:
                    f4:6c:90:00:0f:73:df:1b:a8:c1:c6:37:85:71:fa:
                    79:bb:2d:fd:ff:ee:26:8b:b2:18:4a:ff:9f:2c:d9:
                    73:f3:c9:39:b1:13:6d:e7:f5:a1:61:75:b0:68:48:
                    7e:ed:7a:34:41:e5:5e:51:33:05:47:11:9a:8b:00:
                    6c:31:4f:58:26:73:ea:c7:04:7c:c1:6f:f6:66:2f:
                    c8:6f:f0:e1:53:a9:84:8f:93:1c:81:0a:38:9e:5e:
                    98:38:a8:0b:80:06:76:64:66:de:ea:38:e4:23:fd:
                    63:c7:2f:0e:85:11:43:2a:03:b2:e5:8a:72:a6:e3:
                    29:e6:89:8f:3f:eb:4c:e0:c7:98:88:d8:b7:1f:0a:
                    12:bf:39:dd:99:1d:93:d5:ce:f9:c9:06:15:87:b0:
                    de:53:2e:e4:77:44:02:81:55:ea:dc:2e:0a:aa:6a:
                    a5:03:7e:cd:52:57:58:04:af:ad:aa:0b:c0:c8:df:
                    fb:f1:2e:24:67:b4:e3:e8:8e:5e:67:4f:70:fa:ee:
                    ac:06:e1:82:1c:8b:05:88:66:c2:d7:8e:54:89:34:
                    8b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:DF:4F:20:25:61:4B:C5:F8:BF:7D:A2:9F:A6:C0:52:D9:16:EB:56
            X509v3 Authority Key Identifier:
                keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/5t9PICVhS8X4v32in6bAUtkW61Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.199.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:b8:0a:88:57:66:2e:66:e1:cd:1c:90:6c:18:0b:b1:e7:8c:
         e2:44:e7:f3:1d:3c:4b:2e:20:b1:dd:2b:ef:6d:6b:80:e7:6a:
         20:49:d7:0c:2b:59:74:99:d0:f4:28:ac:be:94:10:5c:34:fa:
         0e:bc:d1:56:e7:9a:c0:f3:7c:0a:91:38:97:be:b1:32:e9:6a:
         63:e3:4e:bd:ee:66:d4:23:62:ad:8a:3b:dd:06:5f:6c:b2:2f:
         75:92:62:b2:62:74:75:4d:91:ee:67:be:2c:07:ca:18:3b:14:
         b1:34:b8:3a:ac:08:b9:99:8c:2e:a3:02:6b:c5:fc:99:c9:a3:
         6f:a5:7a:43:dd:f4:85:d0:cc:0c:3f:6e:4d:93:79:b5:10:a7:
         b1:f7:b8:36:ed:9e:b7:6c:1b:18:02:71:5c:4c:72:b4:38:f1:
         eb:0c:8c:d5:f3:7c:47:50:5d:17:80:57:ce:a5:c2:c5:24:bc:
         35:0d:56:af:2e:05:d7:fa:4a:43:a2:1a:d0:9f:5c:64:ac:20:
         84:7a:21:37:9c:21:43:f2:ac:cc:f9:6a:73:59:1f:8e:1b:cd:
         f9:fd:39:10:d6:bf:70:ce:61:15:b8:54:03:d4:6f:7b:53:89:
         f7:bc:39:ad:72:38:ad:f4:ba:2c:08:02:58:4e:69:e0:29:a8:
         57:77:b8:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKjK01QnDU3rYKFINSoZ2ToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh
YTMwNDQwHhcNMjQxMDE5MDUwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRmNGYyMDI1NjE0YmM1ZjhiZjdkYTI5ZmE2YzA1MmQ5MTZlYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5Oav+KlsLcrBPN2CBJbVfH/VeBI
OIp1MD5J29l5jVs6418IuVNCZxn5rTf0bJAAD3PfG6jBxjeFcfp5uy39/+4mi7IY
Sv+fLNlz88k5sRNt5/WhYXWwaEh+7Xo0QeVeUTMFRxGaiwBsMU9YJnPqxwR8wW/2
Zi/Ib/DhU6mEj5McgQo4nl6YOKgLgAZ2ZGbe6jjkI/1jxy8OhRFDKgOy5YpypuMp
5omPP+tM4MeYiNi3HwoSvzndmR2T1c75yQYVh7DeUy7kd0QCgVXq3C4KqmqlA37N
UldYBK+tqgvAyN/78S4kZ7Tj6I5eZ09w+u6sBuGCHIsFiGbC145UiTSLZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObfTyAlYUvF+L99op+mwFLZFutWMB8GA1UdIwQY
MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt
YWZiZGJkYWQ1OGE1LzEvNXQ5UElDVmhTOFg0djMyaW42YkFVdGtXNjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1
LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8fbMA0G
CSqGSIb3DQEBCwUAA4IBAQBluAqIV2YuZuHNHJBsGAux54ziROfzHTxLLiCx3Svv
bWuA52ogSdcMK1l0mdD0KKy+lBBcNPoOvNFW55rA83wKkTiXvrEy6Wpj40697mbU
I2KtijvdBl9ssi91kmKyYnR1TZHuZ74sB8oYOxSxNLg6rAi5mYwuowJrxfyZyaNv
pXpD3fSF0MwMP25Nk3m1EKex97g27Z63bBsYAnFcTHK0OPHrDIzV83xHUF0XgFfO
pcLFJLw1DVavLgXX+kpDohrQn1xkrCCEeiE3nCFD8qzM+WpzWR+OG835/TkQ1r9w
zmEVuFQD1G97U4n3vDmtcjit9LosCAJYTmngKahXd7ii
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:14 2024 by rpki-client on console-ams.rpki-client.org