Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/TrXXjmCj96YxfIyKIXudqBwQCBI.roa
File:                     TrXXjmCj96YxfIyKIXudqBwQCBI.roa (raw, json)
Hash identifier:          lxNO4aEX7VkgQvgJHQwWDNEWBJOQjD45m5xiRY/9qm4=
Subject key identifier:   4E:B5:D7:8E:60:A3:F7:A6:31:7C:8C:8A:21:7B:9D:A8:1C:10:08:12
Certificate issuer:       /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial:       018CC72743D8B654C3D5A54E217AFC62038C
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/TrXXjmCj96YxfIyKIXudqBwQCBI.roa
Signing time:             Mon 01 Jan 2024 22:31:28 +0000
ROA not before:           Mon 01 Jan 2024 22:31:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     22104
IP address blocks:        213.161.87.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:43:d8:b6:54:c3:d5:a5:4e:21:7a:fc:62:03:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
        Validity
            Not Before: Jan  1 22:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4eb5d78e60a3f7a6317c8c8a217b9da81c100812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:99:e4:aa:91:dc:8e:f6:cf:33:15:65:02:c8:
                    c2:d7:56:c8:13:e3:ee:fa:d7:73:1d:07:c2:37:37:
                    fd:0a:8b:81:a7:2e:af:be:a3:34:ff:97:d9:be:70:
                    d2:5e:a2:6b:80:f0:db:ae:a7:a7:57:03:98:f8:e5:
                    ff:40:45:45:3a:d9:8a:2f:99:f1:38:59:d2:9e:0e:
                    cd:ca:f6:89:95:e7:1f:f2:d1:ba:3a:72:2b:3b:a9:
                    b2:7c:b2:3b:43:aa:2a:ee:60:e0:b9:35:c0:17:b9:
                    39:33:c9:ed:18:a0:d7:c8:0e:2c:45:49:0b:24:12:
                    a7:e4:17:74:46:cd:c2:1e:88:23:ba:79:c1:fe:e6:
                    30:3c:a8:4c:89:09:3e:e1:d9:48:cc:d8:83:0e:d4:
                    aa:02:ef:73:90:3c:f7:db:8f:50:80:3c:c6:8d:8d:
                    c2:18:9b:8b:4f:78:42:9d:ed:f7:22:c9:0c:a9:3d:
                    c1:c8:31:04:65:b1:b8:e5:38:87:10:7a:8b:a2:d5:
                    5f:98:82:96:4b:4c:de:7b:08:1b:0a:69:39:b4:ba:
                    d7:2b:4d:34:bd:32:77:72:99:4f:fa:15:52:71:e4:
                    9d:79:96:be:d7:1a:ec:99:30:d7:2d:6c:16:8b:89:
                    6e:18:2a:b8:f1:8c:35:47:6b:d2:38:89:0c:b5:db:
                    2b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:B5:D7:8E:60:A3:F7:A6:31:7C:8C:8A:21:7B:9D:A8:1C:10:08:12
            X509v3 Authority Key Identifier:
                keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/TrXXjmCj96YxfIyKIXudqBwQCBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.161.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:c7:11:ca:42:d4:cc:b1:9d:45:b8:c9:01:49:8c:f7:b3:c5:
         19:79:2d:3b:e6:5d:27:75:93:55:de:e8:30:b9:ba:48:02:a1:
         e4:cc:fb:85:ea:33:f6:8d:7a:1d:fa:74:17:2a:f3:73:b7:a4:
         b1:fc:28:d9:1f:cb:7a:97:4f:3a:7d:bd:ec:8d:e8:07:01:c3:
         8b:1f:fb:66:c7:a7:ae:42:3e:d5:1e:04:94:26:e3:93:ed:7a:
         1b:e0:81:71:79:f0:f6:91:b8:1f:9e:51:50:9b:8a:87:17:c4:
         1c:fd:0d:6e:d7:cf:e9:cf:85:94:50:72:21:7a:92:d3:76:9c:
         38:0d:c9:fd:45:d0:f8:a7:c2:50:4a:67:8d:61:9e:24:f4:96:
         6f:c5:ca:92:82:75:b7:d0:f5:35:ea:90:e5:06:98:a8:0f:c1:
         a3:16:d5:2b:33:96:5a:fe:b2:85:fa:7b:ba:3b:96:29:20:df:
         28:c0:22:34:f8:b4:ec:9d:12:3f:51:2f:2f:f9:28:d0:e6:2d:
         84:28:b9:14:27:ed:f3:ca:d3:7f:30:49:5e:76:78:a8:33:67:
         e5:b6:b8:02:1d:61:08:ac:08:c3:38:81:d0:e8:6f:6f:b3:e3:
         1b:f0:e4:01:2a:6e:21:72:fd:d6:77:89:01:14:7c:f7:c5:af:
         fc:0f:de:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ0PYtlTD1aVOIXr8YgOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGNjOTQyOWI2MzM4MmU5YjE3MTRkMjFiM2M5NmQyZTVl
YmUyNTcwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI1ZDc4ZTYwYTNmN2E2MzE3YzhjOGEyMTdiOWRhODFjMTAwODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupnkqpHcjvbPMxVlAsjC11bIE+Pu
+tdzHQfCNzf9CouBpy6vvqM0/5fZvnDSXqJrgPDbrqenVwOY+OX/QEVFOtmKL5nx
OFnSng7NyvaJlecf8tG6OnIrO6myfLI7Q6oq7mDguTXAF7k5M8ntGKDXyA4sRUkL
JBKn5Bd0Rs3CHogjunnB/uYwPKhMiQk+4dlIzNiDDtSqAu9zkDz3249QgDzGjY3C
GJuLT3hCne33IskMqT3ByDEEZbG45TiHEHqLotVfmIKWS0zeewgbCmk5tLrXK000
vTJ3cplP+hVSceSdeZa+1xrsmTDXLWwWi4luGCq48Yw1R2vSOIkMtdsrIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE61145go/emMXyMiiF7nagcEAgSMB8GA1UdIwQY
MBaAFOMMyUKbYzgumxcU0hs8ltLl6+JXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUt
ZGI0ZjM1MmU5YWQzLzEvVHJYWGptQ2o5Nll4Zkl5S0lYdWRxQndRQ0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUtZGI0ZjM1MmU5YWQz
LzEvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aFXMA0G
CSqGSIb3DQEBCwUAA4IBAQCAxxHKQtTMsZ1FuMkBSYz3s8UZeS075l0ndZNV3ugw
ubpIAqHkzPuF6jP2jXod+nQXKvNzt6Sx/CjZH8t6l086fb3sjegHAcOLH/tmx6eu
Qj7VHgSUJuOT7Xob4IFxefD2kbgfnlFQm4qHF8Qc/Q1u18/pz4WUUHIhepLTdpw4
Dcn9RdD4p8JQSmeNYZ4k9JZvxcqSgnW30PU16pDlBpioD8GjFtUrM5Za/rKF+nu6
O5YpIN8owCI0+LTsnRI/US8v+SjQ5i2EKLkUJ+3zytN/MElednioM2fltrgCHWEI
rAjDOIHQ6G9vs+Mb8OQBKm4hcv3Wd4kBFHz3xa/8D95D
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:06 2024 by rpki-client on console-fra.rpki-client.org