Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/KUTJuAHnRMkRFXvbLaK8Y5DzOPI.roa
File:                     KUTJuAHnRMkRFXvbLaK8Y5DzOPI.roa (raw, json)
Hash identifier:          B7ku/UNuLX82BwQr8pbKSgte5LhKDrjCPpxPebKGiOs=
Subject key identifier:   29:44:C9:B8:01:E7:44:C9:11:15:7B:DB:2D:A2:BC:63:90:F3:38:F2
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       018CC3B6C9A7BEBECA8D0F8A1FA2E9E3EC91
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/KUTJuAHnRMkRFXvbLaK8Y5DzOPI.roa
Signing time:             Mon 01 Jan 2024 06:29:45 +0000
ROA not before:           Mon 01 Jan 2024 06:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201670
IP address blocks:        93.185.165.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:c9:a7:be:be:ca:8d:0f:8a:1f:a2:e9:e3:ec:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Jan  1 06:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2944c9b801e744c911157bdb2da2bc6390f338f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5c:ff:b3:46:02:44:8a:51:e7:6f:3d:08:46:
                    54:de:c9:82:1b:c6:1a:39:23:5c:37:65:aa:f7:05:
                    d6:28:0a:b8:8c:ad:d5:a2:99:be:a6:11:b6:de:92:
                    90:81:85:a7:f3:fb:e1:3c:d4:63:0e:59:46:c6:49:
                    fd:a5:62:97:f7:79:3f:91:51:3b:de:cf:c6:2f:bb:
                    b6:ce:70:f4:c6:d1:50:11:7d:94:50:c7:c1:98:ce:
                    0c:ca:52:4b:41:fd:10:53:4d:a6:a7:44:ac:ec:54:
                    ac:94:aa:2f:01:79:29:e3:55:f0:73:bd:3d:13:3e:
                    6b:49:95:95:fb:6f:13:91:7a:49:c6:e5:16:4f:31:
                    b7:4c:f5:6f:86:b6:41:05:d4:58:d6:66:1d:b8:de:
                    00:71:a1:0d:16:4d:27:81:11:ed:49:e3:30:4e:85:
                    f6:22:9b:e1:c0:5d:f4:0e:cb:7b:48:d6:46:e0:4b:
                    af:04:72:6a:6a:2a:7d:9c:ed:49:47:e3:e4:0d:f5:
                    b0:38:88:c0:79:69:86:a0:c8:a8:09:74:5a:76:5b:
                    ec:39:16:a7:05:75:26:30:0b:3a:26:d4:f2:14:04:
                    02:85:c3:5e:57:41:53:a1:27:11:50:9d:ab:c1:6d:
                    28:bb:8b:83:bd:f9:d0:6f:db:24:b8:6f:3c:76:4d:
                    64:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:44:C9:B8:01:E7:44:C9:11:15:7B:DB:2D:A2:BC:63:90:F3:38:F2
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/KUTJuAHnRMkRFXvbLaK8Y5DzOPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.185.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:24:23:f4:72:d1:50:19:38:62:d8:ff:3f:d3:d4:18:d1:cf:
         16:4a:87:37:6e:0b:10:e6:54:a6:bb:04:e9:8d:c8:8c:54:fb:
         12:43:bc:0f:d6:79:ce:15:fc:e6:81:99:a9:64:a0:b8:82:06:
         38:c6:9d:b2:f0:b4:e9:f7:06:e8:2b:70:e3:0d:19:06:34:61:
         c2:b4:a0:0f:2d:38:0a:53:e1:96:08:27:65:37:25:5b:7e:c4:
         1d:d9:8d:c0:4e:69:7b:86:5d:84:5f:f0:43:32:af:28:cf:e9:
         32:08:9e:29:26:7a:d9:23:29:96:bb:77:90:5a:74:7c:69:b0:
         4b:af:64:1d:48:42:3e:42:3e:ce:92:be:85:74:8f:23:f0:c7:
         97:f5:90:87:bd:0a:aa:ff:f5:59:7b:b3:40:34:c1:62:56:7a:
         cf:6e:e9:a5:49:6c:62:aa:00:6d:8b:e0:53:53:85:a9:07:70:
         fa:04:49:77:0b:c6:4b:81:3c:2c:49:98:a9:26:f0:e2:25:d2:
         18:15:c1:ac:bd:e8:77:46:4c:5b:32:c9:54:91:9c:90:78:af:
         52:b6:bb:ee:64:b3:2e:25:e3:6f:3d:e1:96:91:83:69:61:46:
         19:74:93:75:a6:7e:a0:e2:d3:00:c0:06:14:65:73:9b:96:f2:
         8d:61:fb:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtsmnvr7KjQ+KH6Lp4+yRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMTAxMDYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ0YzliODAxZTc0NGM5MTExNTdiZGIyZGEyYmM2MzkwZjMzOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplz/s0YCRIpR5289CEZU3smCG8Ya
OSNcN2Wq9wXWKAq4jK3Vopm+phG23pKQgYWn8/vhPNRjDllGxkn9pWKX93k/kVE7
3s/GL7u2znD0xtFQEX2UUMfBmM4MylJLQf0QU02mp0Ss7FSslKovAXkp41Xwc709
Ez5rSZWV+28TkXpJxuUWTzG3TPVvhrZBBdRY1mYduN4AcaENFk0ngRHtSeMwToX2
IpvhwF30Dst7SNZG4EuvBHJqaip9nO1JR+PkDfWwOIjAeWmGoMioCXRadlvsORan
BXUmMAs6JtTyFAQChcNeV0FToScRUJ2rwW0ou4uDvfnQb9skuG88dk1kvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClEybgB50TJERV72y2ivGOQ8zjyMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvS1VUSnVBSG5STWtSRlh2YkxhSzhZNUR6T1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbmlMA0G
CSqGSIb3DQEBCwUAA4IBAQAYJCP0ctFQGThi2P8/09QY0c8WSoc3bgsQ5lSmuwTp
jciMVPsSQ7wP1nnOFfzmgZmpZKC4ggY4xp2y8LTp9wboK3DjDRkGNGHCtKAPLTgK
U+GWCCdlNyVbfsQd2Y3ATml7hl2EX/BDMq8oz+kyCJ4pJnrZIymWu3eQWnR8abBL
r2QdSEI+Qj7Okr6FdI8j8MeX9ZCHvQqq//VZe7NANMFiVnrPbumlSWxiqgBti+BT
U4WpB3D6BEl3C8ZLgTwsSZipJvDiJdIYFcGsveh3RkxbMslUkZyQeK9StrvuZLMu
JeNvPeGWkYNpYUYZdJN1pn6g4tMAwAYUZXOblvKNYfu+
-----END CERTIFICATE-----
Generated at Sun May 19 21:11:25 2024 by rpki-client on console-ams.rpki-client.org