Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eVFk6kBSAE5TlVE5kci8iIlHud4.roa
File:                     eVFk6kBSAE5TlVE5kci8iIlHud4.roa (raw, json)
Hash identifier:          HyxNqNkpgRULFbI3tHy9sdNKwCMaRN5+2DgTQIZs4Dk=
Subject key identifier:   79:51:64:EA:40:52:00:4E:53:95:51:39:91:C8:BC:88:89:47:B9:DE
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018CC9BCFE8B944E134C8FD0AE724294A7DA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eVFk6kBSAE5TlVE5kci8iIlHud4.roa
Signing time:             Tue 02 Jan 2024 10:34:15 +0000
ROA not before:           Tue 02 Jan 2024 10:34:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202336
IP address blocks:        2a0e:97c0:c30::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 02:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:fe:8b:94:4e:13:4c:8f:d0:ae:72:42:94:a7:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 10:34:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=795164ea4052004e5395513991c8bc888947b9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:61:9f:4c:f7:9b:2d:d8:4f:09:bd:c3:78:b0:
                    08:81:04:46:aa:d3:37:e2:68:25:32:18:18:93:7d:
                    f5:71:2a:ed:e9:9c:06:53:b7:9a:4f:a8:d0:a9:59:
                    39:ee:2f:28:1f:f9:9e:c2:a0:1f:45:1e:2b:19:df:
                    d4:c3:07:b0:a8:36:fb:4b:ba:44:e9:01:79:f0:c0:
                    22:03:9b:55:3c:21:24:97:9f:8d:94:46:c7:20:82:
                    c5:9e:e0:54:36:47:80:30:47:86:c6:bb:27:3e:da:
                    4f:34:9f:fb:52:0c:e0:1b:7a:b3:74:28:c3:61:c7:
                    de:4e:6c:09:87:c1:e3:f2:51:d3:09:11:7d:a4:3a:
                    d5:b5:41:ef:e6:be:ea:1b:21:95:62:8f:15:e8:14:
                    f2:03:dd:bb:a9:b0:b4:01:6f:c1:63:4f:bc:f5:34:
                    3e:64:67:ab:72:de:b1:53:17:72:cb:82:82:91:61:
                    a9:e2:da:cf:c4:b1:77:28:76:c1:3a:e9:4c:0b:b8:
                    17:9e:23:a2:cc:27:ed:6a:e6:c8:d3:61:7a:a5:a1:
                    71:46:42:9d:10:5e:42:03:8e:88:69:e8:7b:da:c9:
                    53:84:a1:9d:85:42:ae:a1:13:f6:7f:34:1d:3d:33:
                    1b:9d:6e:c2:77:c6:e5:45:5d:8b:fe:32:ae:98:30:
                    76:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:51:64:EA:40:52:00:4E:53:95:51:39:91:C8:BC:88:89:47:B9:DE
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eVFk6kBSAE5TlVE5kci8iIlHud4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:c30::/44

    Signature Algorithm: sha256WithRSAEncryption
         7d:42:34:c9:ca:89:35:8f:9c:4b:04:34:eb:27:78:e7:30:da:
         9c:a4:8b:de:d9:d3:a6:a6:4e:85:3c:b5:38:0b:a5:47:6a:22:
         35:79:6c:e4:c0:5e:01:20:d9:81:a9:4d:82:66:1f:45:71:b1:
         ad:fb:b5:46:34:03:41:cb:bb:55:7d:b2:27:da:76:3a:79:79:
         8e:df:72:17:dd:81:cd:e7:57:65:03:e5:e2:17:1f:84:5e:a5:
         58:0f:10:03:2c:1f:aa:73:c0:23:a4:cf:9f:40:bd:01:be:fa:
         3f:82:fa:57:cb:58:1a:be:19:54:76:fd:51:b5:a7:58:99:6e:
         64:16:bd:4d:d5:31:72:27:f3:53:04:66:45:cd:9b:1a:bb:dd:
         dd:87:8a:ec:5c:d4:28:30:2f:f7:48:74:5c:15:ec:a7:21:c6:
         a6:26:30:45:1b:d7:36:cb:36:f7:95:f4:c6:ee:f6:89:c8:54:
         3d:c5:6d:60:8a:c6:37:a7:d3:8d:76:a5:68:0d:03:5c:77:59:
         ed:c8:ec:52:2f:e2:7a:89:65:6f:6c:fb:7d:f7:94:80:95:83:
         ab:56:77:6f:26:8b:25:f2:36:a4:df:62:77:7c:df:68:ef:77:
         7a:27:37:94:62:28:67:b5:d3:1a:a5:5d:49:db:b7:24:ec:e2:
         71:9e:04:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvP6LlE4TTI/QrnJClKfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTUxNjRlYTQwNTIwMDRlNTM5NTUxMzk5MWM4YmM4ODg5NDdiOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWGfTPebLdhPCb3DeLAIgQRGqtM3
4mglMhgYk331cSrt6ZwGU7eaT6jQqVk57i8oH/mewqAfRR4rGd/UwwewqDb7S7pE
6QF58MAiA5tVPCEkl5+NlEbHIILFnuBUNkeAMEeGxrsnPtpPNJ/7UgzgG3qzdCjD
YcfeTmwJh8Hj8lHTCRF9pDrVtUHv5r7qGyGVYo8V6BTyA927qbC0AW/BY0+89TQ+
ZGerct6xUxdyy4KCkWGp4trPxLF3KHbBOulMC7gXniOizCftaubI02F6paFxRkKd
EF5CA46Iaeh72slThKGdhUKuoRP2fzQdPTMbnW7Cd8blRV2L/jKumDB2kQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHlRZOpAUgBOU5VROZHIvIiJR7neMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZVZGazZrQlNBRTVUbFZFNWtjaThpSWxIdWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAww
MA0GCSqGSIb3DQEBCwUAA4IBAQB9QjTJyok1j5xLBDTrJ3jnMNqcpIve2dOmpk6F
PLU4C6VHaiI1eWzkwF4BINmBqU2CZh9FcbGt+7VGNANBy7tVfbIn2nY6eXmO33IX
3YHN51dlA+XiFx+EXqVYDxADLB+qc8AjpM+fQL0Bvvo/gvpXy1gavhlUdv1RtadY
mW5kFr1N1TFyJ/NTBGZFzZsau93dh4rsXNQoMC/3SHRcFeynIcamJjBFG9c2yzb3
lfTG7vaJyFQ9xW1gisY3p9ONdqVoDQNcd1ntyOxSL+J6iWVvbPt995SAlYOrVndv
Josl8jak32J3fN9o73d6JzeUYihntdMapV1J27ck7OJxngRE
-----END CERTIFICATE-----
Generated at Fri May 3 06:56:35 2024 by rpki-client on console-fra.rpki-client.org