Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/uuP5KolXT3fhYuPwtl8BgGSm2Pk.roa
File:                     uuP5KolXT3fhYuPwtl8BgGSm2Pk.roa (raw, json)
Hash identifier:          DVI0GQ5zydESdd3Wq8ks1iCzyQeX9c974m/Y5UurXDs=
Subject key identifier:   BA:E3:F9:2A:89:57:4F:77:E1:62:E3:F0:B6:5F:01:80:64:A6:D8:F9
Certificate issuer:       /CN=69d78759e0ec6f14566d10b83c83f2bf199b7100
Certificate serial:       018CC802A5362E58D8EF1E65A358B7216D49
Authority key identifier: 69:D7:87:59:E0:EC:6F:14:56:6D:10:B8:3C:83:F2:BF:19:9B:71:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/adeHWeDsbxRWbRC4PIPyvxmbcQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/uuP5KolXT3fhYuPwtl8BgGSm2Pk.roa
Signing time:             Tue 02 Jan 2024 02:31:05 +0000
ROA not before:           Tue 02 Jan 2024 02:31:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1299
IP address blocks:        84.254.68.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/adeHWeDsbxRWbRC4PIPyvxmbcQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/adeHWeDsbxRWbRC4PIPyvxmbcQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/adeHWeDsbxRWbRC4PIPyvxmbcQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:a5:36:2e:58:d8:ef:1e:65:a3:58:b7:21:6d:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69d78759e0ec6f14566d10b83c83f2bf199b7100
        Validity
            Not Before: Jan  2 02:31:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bae3f92a89574f77e162e3f0b65f018064a6d8f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:88:25:eb:3d:19:03:04:49:09:aa:e5:b5:1a:
                    af:1a:21:c9:bc:8d:ac:a4:e4:46:f3:30:39:35:ba:
                    a4:c0:13:2c:bb:5e:ae:55:56:22:ab:ed:20:ab:c8:
                    d2:21:29:a1:5a:43:89:b5:eb:59:82:30:01:e3:95:
                    72:2f:92:e0:7d:b5:f8:de:8e:ef:23:0c:ac:a3:42:
                    fd:39:2a:1b:ea:ac:f5:b6:b5:5a:96:8c:b5:51:e8:
                    8f:be:dc:2b:ce:1e:ca:b0:57:75:69:c5:99:0b:5e:
                    81:3d:b3:86:95:fa:2c:93:7c:6c:c7:8e:9e:2f:14:
                    30:e6:e2:37:03:07:f2:ca:31:cc:a0:e1:62:75:3e:
                    7c:2d:78:c3:8f:6a:f2:7d:6c:a3:4b:d4:31:c8:0a:
                    45:22:8f:39:f2:19:72:b1:6e:86:9b:fa:54:cd:f1:
                    1c:82:e7:f2:0c:0a:eb:16:52:5f:03:85:86:8a:1a:
                    2e:c5:29:98:cf:76:ba:10:70:25:68:c7:a6:53:39:
                    e7:dc:09:12:41:81:28:0e:4c:1c:99:9a:e9:19:b6:
                    7c:58:be:aa:58:93:36:57:91:27:67:0a:f2:65:10:
                    d3:4c:6b:db:5a:4b:19:86:6f:88:2d:e3:f7:40:b3:
                    ae:4d:f2:0c:64:32:98:13:3d:54:e4:b9:8e:2b:89:
                    06:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E3:F9:2A:89:57:4F:77:E1:62:E3:F0:B6:5F:01:80:64:A6:D8:F9
            X509v3 Authority Key Identifier:
                keyid:69:D7:87:59:E0:EC:6F:14:56:6D:10:B8:3C:83:F2:BF:19:9B:71:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adeHWeDsbxRWbRC4PIPyvxmbcQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/uuP5KolXT3fhYuPwtl8BgGSm2Pk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b59df6-d5fb-4524-8d72-e18aac5054a9/1/adeHWeDsbxRWbRC4PIPyvxmbcQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.254.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:51:62:e1:ce:d0:04:06:5b:2a:e1:11:ed:d0:30:0d:a4:38:
         73:7e:e2:fa:ab:a4:ca:f6:d6:3c:5b:59:26:24:46:5b:3f:63:
         9b:6f:29:d6:cf:c9:20:ea:ae:e2:ac:d0:33:f5:de:fd:23:83:
         dc:fb:39:57:11:0f:d0:40:6a:ac:fa:16:c7:32:a5:8d:a2:4a:
         25:9f:1d:13:b2:f5:91:ce:fc:44:62:4a:4f:35:0d:ab:97:d8:
         b9:a9:86:27:61:28:81:50:0e:b5:d3:68:b9:ac:d0:90:ba:ec:
         61:8f:52:08:58:ea:76:f4:f3:52:b9:c6:43:bb:cd:10:02:94:
         84:1a:64:23:d4:b1:a2:02:41:d3:b2:53:60:52:75:49:91:94:
         d7:8d:b6:e5:d1:e4:b8:6c:f1:57:fa:b3:38:51:ae:4b:15:01:
         18:3a:f3:3f:df:eb:27:7c:a4:bf:86:63:55:75:69:d2:5e:35:
         c9:06:e2:b6:e1:8f:1c:f2:c8:66:d8:a3:b2:f2:9c:8b:f5:38:
         fa:f3:69:25:27:06:f2:29:15:74:26:a6:b1:0b:58:79:67:7a:
         e1:20:c3:bf:e6:86:4d:d0:87:97:1e:4b:c9:94:cd:3a:3d:a8:
         a8:f8:6e:f1:a8:54:52:2e:31:76:32:44:7e:4a:85:ec:d4:b3:
         b0:14:ed:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAqU2LljY7x5lo1i3IW1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDc4NzU5ZTBlYzZmMTQ1NjZkMTBiODNjODNmMmJmMTk5
YjcxMDAwHhcNMjQwMTAyMDIzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWUzZjkyYTg5NTc0Zjc3ZTE2MmUzZjBiNjVmMDE4MDY0YTZkOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYgl6z0ZAwRJCarltRqvGiHJvI2s
pORG8zA5NbqkwBMsu16uVVYiq+0gq8jSISmhWkOJtetZgjAB45VyL5LgfbX43o7v
Iwyso0L9OSob6qz1trValoy1UeiPvtwrzh7KsFd1acWZC16BPbOGlfosk3xsx46e
LxQw5uI3AwfyyjHMoOFidT58LXjDj2ryfWyjS9QxyApFIo858hlysW6Gm/pUzfEc
gufyDArrFlJfA4WGihouxSmYz3a6EHAlaMemUznn3AkSQYEoDkwcmZrpGbZ8WL6q
WJM2V5EnZwryZRDTTGvbWksZhm+ILeP3QLOuTfIMZDKYEz1U5LmOK4kGWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrj+SqJV0934WLj8LZfAYBkptj5MB8GA1UdIwQY
MBaAFGnXh1ng7G8UVm0QuDyD8r8Zm3EAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRlSFdlRHNieFJXYlJDNFBJUHl2eG1iY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9iNTlkZjYtZDVmYi00NTI0LThkNzIt
ZTE4YWFjNTA1NGE5LzEvdXVQNUtvbFhUM2ZoWXVQd3RsOEJnR1NtMlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9iNTlkZjYtZDVmYi00NTI0LThkNzItZTE4YWFjNTA1NGE5
LzEvYWRlSFdlRHNieFJXYlJDNFBJUHl2eG1iY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVP5EMA0G
CSqGSIb3DQEBCwUAA4IBAQABUWLhztAEBlsq4RHt0DANpDhzfuL6q6TK9tY8W1km
JEZbP2ObbynWz8kg6q7irNAz9d79I4Pc+zlXEQ/QQGqs+hbHMqWNokolnx0TsvWR
zvxEYkpPNQ2rl9i5qYYnYSiBUA6102i5rNCQuuxhj1IIWOp29PNSucZDu80QApSE
GmQj1LGiAkHTslNgUnVJkZTXjbbl0eS4bPFX+rM4Ua5LFQEYOvM/3+snfKS/hmNV
dWnSXjXJBuK24Y8c8shm2KOy8pyL9Tj682klJwbyKRV0JqaxC1h5Z3rhIMO/5oZN
0IeXHkvJlM06Paio+G7xqFRSLjF2MkR+SoXs1LOwFO03
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:12:58 2024 by rpki-client on console-ams.rpki-client.org