Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/gp4U2hMpTAKHtfcyqBBjZJamCK0.roa
File:                     gp4U2hMpTAKHtfcyqBBjZJamCK0.roa (raw, json)
Hash identifier:          ICWPRJnN0aZWedngGzSQkOX15DYmTAB/y21b53D2iLQ=
Subject key identifier:   82:9E:14:DA:13:29:4C:02:87:B5:F7:32:A8:10:63:64:96:A6:08:AD
Certificate issuer:       /CN=e46a3f838688843758d28057007dc6cd2898ecca
Certificate serial:       018CC793765C5ED2ADCF220DBF3789DCEF1B
Authority key identifier: E4:6A:3F:83:86:88:84:37:58:D2:80:57:00:7D:C6:CD:28:98:EC:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/gp4U2hMpTAKHtfcyqBBjZJamCK0.roa
Signing time:             Tue 02 Jan 2024 00:29:39 +0000
ROA not before:           Tue 02 Jan 2024 00:29:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        193.243.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 03:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:76:5c:5e:d2:ad:cf:22:0d:bf:37:89:dc:ef:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e46a3f838688843758d28057007dc6cd2898ecca
        Validity
            Not Before: Jan  2 00:29:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=829e14da13294c0287b5f732a810636496a608ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:31:bb:87:de:0a:aa:39:20:28:73:73:7b:cc:
                    25:e1:7f:21:c0:5c:5f:af:9b:66:f8:99:f4:d5:ca:
                    2f:d2:dc:6a:0d:ad:35:8a:c2:2b:ff:3a:33:89:52:
                    cd:ce:02:f6:3d:3f:f3:58:fc:e6:8b:23:86:d0:00:
                    79:75:ba:94:14:ad:a0:29:99:42:2d:c8:7e:21:ed:
                    04:d9:4d:3e:76:ab:01:24:42:a4:a9:2d:38:09:87:
                    12:96:c3:8f:20:bd:6b:0f:01:05:24:d3:59:8a:7e:
                    b8:0f:01:0a:26:43:43:ad:87:fb:1e:c5:bb:b3:85:
                    7e:05:43:f4:c7:b1:57:2f:bf:e8:03:0d:e2:a4:8f:
                    69:5c:39:9a:8b:51:03:32:0d:d2:39:2c:84:51:1f:
                    dc:8f:7b:02:92:51:a6:5e:41:6a:66:29:88:88:7d:
                    5b:70:38:f2:e8:30:87:e0:41:8e:2e:1b:89:5e:b9:
                    e7:88:4c:1e:89:c8:88:2f:1e:b7:6c:e9:02:b7:e9:
                    e9:ba:aa:26:d9:8d:f0:99:22:92:04:e7:f0:d4:41:
                    69:57:38:a0:9f:dc:53:e9:78:c1:99:f6:c7:a4:8f:
                    47:44:d6:37:fc:b0:2d:c4:a3:34:7b:74:43:b2:74:
                    76:7b:91:87:dc:8d:ec:39:5d:3b:03:4f:dd:4c:00:
                    72:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:9E:14:DA:13:29:4C:02:87:B5:F7:32:A8:10:63:64:96:A6:08:AD
            X509v3 Authority Key Identifier:
                keyid:E4:6A:3F:83:86:88:84:37:58:D2:80:57:00:7D:C6:CD:28:98:EC:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/gp4U2hMpTAKHtfcyqBBjZJamCK0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/52cf99-e798-4cab-a303-a3b06d4e4775/1/5Go_g4aIhDdY0oBXAH3GzSiY7Mo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.243.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bb:09:b2:be:8a:17:4e:a2:b6:77:9a:42:77:bb:31:54:7a:af:
         71:8c:3d:29:74:aa:88:16:ec:b8:7a:a5:15:c0:62:3b:9d:f5:
         ad:dc:41:48:71:76:f3:ff:37:e9:33:4c:4f:04:3d:55:0b:e3:
         f5:d6:38:5a:a6:1d:96:2a:26:e0:7f:bf:44:f8:33:64:5c:2e:
         60:3c:c8:da:02:7d:e5:b9:a9:73:26:95:94:0a:25:d4:f4:87:
         4e:80:8a:3f:58:fa:c2:0e:7e:2c:74:1d:13:7d:67:ab:2e:3c:
         08:e2:6f:35:b8:11:ab:c2:4b:c0:5e:39:91:9d:9f:11:55:eb:
         09:74:9a:38:13:8b:57:d9:d8:22:70:d4:c2:0a:94:9d:44:5d:
         78:32:ae:12:2b:f2:20:06:f9:63:81:02:51:41:98:8e:4b:05:
         41:cc:db:3e:98:41:bb:e8:61:ec:12:f5:4b:74:7e:47:21:cc:
         33:d2:19:7b:64:bd:82:1e:94:ea:5f:22:b2:3c:0b:ec:3a:fd:
         fa:98:eb:81:e6:64:43:a2:8c:66:04:a1:a5:b6:86:9b:13:71:
         07:84:74:74:66:dc:a9:76:ef:66:79:5d:2b:b6:3c:b3:21:8f:
         a2:c4:6b:7f:5f:e8:64:b8:eb:47:2d:95:8d:cb:c1:bb:75:36:
         66:b0:e8:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk3ZcXtKtzyINvzeJ3O8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NmEzZjgzODY4ODg0Mzc1OGQyODA1NzAwN2RjNmNkMjg5
OGVjY2EwHhcNMjQwMTAyMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjllMTRkYTEzMjk0YzAyODdiNWY3MzJhODEwNjM2NDk2YTYwOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjG7h94KqjkgKHNze8wl4X8hwFxf
r5tm+Jn01cov0txqDa01isIr/zoziVLNzgL2PT/zWPzmiyOG0AB5dbqUFK2gKZlC
Lch+Ie0E2U0+dqsBJEKkqS04CYcSlsOPIL1rDwEFJNNZin64DwEKJkNDrYf7HsW7
s4V+BUP0x7FXL7/oAw3ipI9pXDmai1EDMg3SOSyEUR/cj3sCklGmXkFqZimIiH1b
cDjy6DCH4EGOLhuJXrnniEweiciILx63bOkCt+npuqom2Y3wmSKSBOfw1EFpVzig
n9xT6XjBmfbHpI9HRNY3/LAtxKM0e3RDsnR2e5GH3I3sOV07A0/dTAByYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKeFNoTKUwCh7X3MqgQY2SWpgitMB8GA1UdIwQY
MBaAFORqP4OGiIQ3WNKAVwB9xs0omOzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdvX2c0YUloRGRZMG9CWEFIM0d6U2lZN01vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC81MmNmOTktZTc5OC00Y2FiLWEzMDMt
YTNiMDZkNGU0Nzc1LzEvZ3A0VTJoTXBUQUtIdGZjeXFCQmpaSmFtQ0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC81MmNmOTktZTc5OC00Y2FiLWEzMDMtYTNiMDZkNGU0Nzc1
LzEvNUdvX2c0YUloRGRZMG9CWEFIM0d6U2lZN01vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfOBMA0G
CSqGSIb3DQEBCwUAA4IBAQC7CbK+ihdOorZ3mkJ3uzFUeq9xjD0pdKqIFuy4eqUV
wGI7nfWt3EFIcXbz/zfpM0xPBD1VC+P11jhaph2WKibgf79E+DNkXC5gPMjaAn3l
ualzJpWUCiXU9IdOgIo/WPrCDn4sdB0TfWerLjwI4m81uBGrwkvAXjmRnZ8RVesJ
dJo4E4tX2dgicNTCCpSdRF14Mq4SK/IgBvljgQJRQZiOSwVBzNs+mEG76GHsEvVL
dH5HIcwz0hl7ZL2CHpTqXyKyPAvsOv36mOuB5mRDooxmBKGltoabE3EHhHR0Ztyp
du9meV0rtjyzIY+ixGt/X+hkuOtHLZWNy8G7dTZmsOio
-----END CERTIFICATE-----
Generated at Thu May 2 10:38:16 2024 by rpki-client on console-ams.rpki-client.org