Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/DvcKeUMEUAaI8htM47WqmZwalOw.roa
File:                     DvcKeUMEUAaI8htM47WqmZwalOw.roa (raw, json)
Hash identifier:          bC/OL7bJ/o3ZwPWpLbKNZG3m8wCtYAtAM0N6pdZmr9w=
Subject key identifier:   0E:F7:0A:79:43:04:50:06:88:F2:1B:4C:E3:B5:AA:99:9C:1A:94:EC
Certificate issuer:       /CN=d9ca06a6199d4405bdd360efd5439f6460ab8c11
Certificate serial:       018CC5DC88661AF5994920B6172E40C4D12C
Authority key identifier: D9:CA:06:A6:19:9D:44:05:BD:D3:60:EF:D5:43:9F:64:60:AB:8C:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2coGphmdRAW902Dv1UOfZGCrjBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/DvcKeUMEUAaI8htM47WqmZwalOw.roa
Signing time:             Mon 01 Jan 2024 16:30:13 +0000
ROA not before:           Mon 01 Jan 2024 16:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51531
IP address blocks:        45.159.240.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/2coGphmdRAW902Dv1UOfZGCrjBE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/2coGphmdRAW902Dv1UOfZGCrjBE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2coGphmdRAW902Dv1UOfZGCrjBE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 01:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:88:66:1a:f5:99:49:20:b6:17:2e:40:c4:d1:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ca06a6199d4405bdd360efd5439f6460ab8c11
        Validity
            Not Before: Jan  1 16:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0ef70a794304500688f21b4ce3b5aa999c1a94ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:59:8e:23:3f:bf:50:73:8b:91:40:3d:5b:5b:
                    a3:9a:99:e0:79:fd:be:0c:34:97:68:3c:6e:ea:c3:
                    ff:87:d9:54:c2:bc:cf:6d:8e:b9:20:1c:c2:48:39:
                    48:8b:1e:10:91:1c:87:88:27:af:b0:16:84:57:90:
                    02:3a:fa:37:54:6e:5c:ba:d1:d0:3c:ab:b8:87:0c:
                    c7:69:f1:8a:06:66:3e:ff:0b:4f:d5:b0:60:bf:86:
                    d8:dc:8e:4a:00:e6:6b:b0:a2:66:10:d3:8c:87:20:
                    d3:e4:9f:17:3a:fc:e7:c1:26:16:c6:e5:3f:d1:d3:
                    e4:69:7c:65:3e:00:5b:dc:16:33:e8:5c:bc:af:12:
                    9c:f8:0d:55:5c:5a:02:23:d4:ca:02:92:5f:71:ac:
                    a8:49:6d:35:20:06:0c:32:84:bc:ad:eb:02:7b:6c:
                    0b:b8:53:ed:9d:14:60:5f:ab:c3:a9:44:6f:12:24:
                    4b:fe:05:6a:06:58:b4:72:6d:bc:38:d8:0c:99:5a:
                    a2:4d:77:d9:d8:0b:a3:e5:01:05:81:6f:43:15:7d:
                    6e:5f:2a:17:78:65:3f:43:9c:17:fc:c4:67:ee:94:
                    88:e7:d9:15:bf:8a:ec:49:3d:d8:5c:6a:88:c9:06:
                    f0:f7:5a:2b:d7:c0:70:36:72:f7:ec:d3:68:bb:18:
                    49:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F7:0A:79:43:04:50:06:88:F2:1B:4C:E3:B5:AA:99:9C:1A:94:EC
            X509v3 Authority Key Identifier:
                keyid:D9:CA:06:A6:19:9D:44:05:BD:D3:60:EF:D5:43:9F:64:60:AB:8C:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2coGphmdRAW902Dv1UOfZGCrjBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/DvcKeUMEUAaI8htM47WqmZwalOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/2coGphmdRAW902Dv1UOfZGCrjBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9b:63:a7:70:e4:af:6f:09:e1:97:be:f0:1f:6d:a7:62:62:65:
         3c:d7:29:6d:8f:22:bd:b1:bb:e0:99:82:03:b5:a3:8d:09:e9:
         28:c2:6b:e2:6e:9c:cb:ec:ce:9b:b8:5a:e8:23:19:df:f6:c0:
         20:0e:bb:55:0e:1d:60:90:00:c2:53:c7:0b:a3:b8:41:19:60:
         f4:18:7f:72:ea:4a:ed:05:d8:1d:48:13:e2:53:02:40:0f:3f:
         f0:b8:73:81:3f:65:79:39:b7:7d:cf:d1:b3:19:23:ed:80:d8:
         eb:f3:82:ec:76:91:e5:64:af:24:3f:3c:18:9b:0a:9c:45:5f:
         89:7e:fd:04:4c:8a:ef:a1:8b:e7:a7:c7:9f:0c:f4:63:62:e8:
         fc:bb:cb:bc:6d:de:09:fa:dc:d3:87:6b:66:fd:df:4e:ab:34:
         91:89:33:82:18:28:25:d8:91:ac:f5:6b:00:a7:e3:6a:d7:78:
         eb:be:af:12:0b:b4:c9:92:42:2b:f7:c1:79:b8:66:4e:ce:20:
         12:1f:06:34:18:9e:b0:c3:2a:9d:70:f2:e2:37:bc:e2:f7:1a:
         56:0f:d2:a1:c6:64:c2:b7:64:a8:9c:56:5a:1f:29:ca:e5:28:
         c1:26:ec:02:26:26:36:ed:7d:db:11:a9:b5:6b:15:50:fd:a6:
         6c:0a:16:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3IhmGvWZSSC2Fy5AxNEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5Y2EwNmE2MTk5ZDQ0MDViZGQzNjBlZmQ1NDM5ZjY0NjBh
YjhjMTEwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWY3MGE3OTQzMDQ1MDA2ODhmMjFiNGNlM2I1YWE5OTljMWE5NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1mOIz+/UHOLkUA9W1ujmpngef2+
DDSXaDxu6sP/h9lUwrzPbY65IBzCSDlIix4QkRyHiCevsBaEV5ACOvo3VG5cutHQ
PKu4hwzHafGKBmY+/wtP1bBgv4bY3I5KAOZrsKJmENOMhyDT5J8XOvznwSYWxuU/
0dPkaXxlPgBb3BYz6Fy8rxKc+A1VXFoCI9TKApJfcayoSW01IAYMMoS8resCe2wL
uFPtnRRgX6vDqURvEiRL/gVqBli0cm28ONgMmVqiTXfZ2Auj5QEFgW9DFX1uXyoX
eGU/Q5wX/MRn7pSI59kVv4rsST3YXGqIyQbw91or18BwNnL37NNouxhJEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA73CnlDBFAGiPIbTOO1qpmcGpTsMB8GA1UdIwQY
MBaAFNnKBqYZnUQFvdNg79VDn2Rgq4wRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNvR3BobWRSQVc5MDJEdjFVT2ZaR0NyakJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iMzBhYTEtMGRjMi00NjI2LThjZDEt
NmYwMzU1NzUxOGM5LzEvRHZjS2VVTUVVQWFJOGh0TTQ3V3FtWndhbE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iMzBhYTEtMGRjMi00NjI2LThjZDEtNmYwMzU1NzUxOGM5
LzEvMmNvR3BobWRSQVc5MDJEdjFVT2ZaR0NyakJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ/wMA0G
CSqGSIb3DQEBCwUAA4IBAQCbY6dw5K9vCeGXvvAfbadiYmU81yltjyK9sbvgmYID
taONCekowmvibpzL7M6buFroIxnf9sAgDrtVDh1gkADCU8cLo7hBGWD0GH9y6krt
BdgdSBPiUwJADz/wuHOBP2V5Obd9z9GzGSPtgNjr84LsdpHlZK8kPzwYmwqcRV+J
fv0ETIrvoYvnp8efDPRjYuj8u8u8bd4J+tzTh2tm/d9OqzSRiTOCGCgl2JGs9WsA
p+Nq13jrvq8SC7TJkkIr98F5uGZOziASHwY0GJ6wwyqdcPLiN7zi9xpWD9KhxmTC
t2SonFZaHynK5SjBJuwCJiY27X3bEam1axVQ/aZsChZp
-----END CERTIFICATE-----
Generated at Sun May 19 06:29:56 2024 by rpki-client on console-ams.rpki-client.org