Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/kPR7csjyMuF24S4QrL13a71bB4U.roa
File:                     kPR7csjyMuF24S4QrL13a71bB4U.roa (raw, json)
Hash identifier:          prYEL3LwbHyqyNhFPqYDVRJ15h3l3aM2qx4f+ro+dQ4=
Subject key identifier:   90:F4:7B:72:C8:F2:32:E1:76:E1:2E:10:AC:BD:77:6B:BD:5B:07:85
Certificate issuer:       /CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Certificate serial:       018CC795182C1B4DD8C221408CC3057C0D2E
Authority key identifier: 15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/kPR7csjyMuF24S4QrL13a71bB4U.roa
Signing time:             Tue 02 Jan 2024 00:31:26 +0000
ROA not before:           Tue 02 Jan 2024 00:31:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     19905
IP address blocks:        185.150.216.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:59:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:18:2c:1b:4d:d8:c2:21:40:8c:c3:05:7c:0d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
        Validity
            Not Before: Jan  2 00:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=90f47b72c8f232e176e12e10acbd776bbd5b0785
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5a:fb:30:41:b9:72:89:9a:01:aa:c1:12:55:
                    50:8c:f6:fe:42:37:f0:3a:1a:f1:68:c8:ed:01:ba:
                    69:c1:85:3e:94:12:c4:3a:95:8c:54:25:df:11:8c:
                    ef:27:d0:4c:31:95:7d:d2:28:b9:fc:f4:7c:60:86:
                    1a:75:46:98:5b:a8:42:3a:17:4e:38:cd:e6:26:d7:
                    b9:e4:cc:ec:37:1d:84:d6:e0:30:93:65:9d:1a:3a:
                    de:f4:14:80:4b:ff:15:6d:f2:fb:05:f8:87:d5:b9:
                    70:bb:29:95:80:b4:85:33:6d:fb:f3:42:5c:a8:a3:
                    32:69:45:6b:64:e7:f0:c2:3b:40:3a:f5:77:eb:87:
                    ec:09:2e:76:4b:1c:bf:5c:a9:f3:ae:87:7f:cc:14:
                    56:14:5a:ef:74:78:5a:e4:23:ad:55:f3:c0:5b:5f:
                    80:c2:9c:56:2b:dc:64:8f:c3:d2:50:69:67:98:4b:
                    02:80:96:3b:0a:20:85:7d:7a:bd:d2:d6:65:4b:dd:
                    a2:2e:31:7e:d3:6d:6b:de:6f:ef:46:22:2f:e5:4e:
                    2f:8b:3f:02:6c:39:c5:f8:06:a3:60:76:7a:c9:ca:
                    b8:e6:d1:10:db:76:9d:49:de:15:b5:a8:91:3a:08:
                    d1:fe:9a:51:59:68:ea:0d:dd:24:b8:60:46:dd:4d:
                    e2:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F4:7B:72:C8:F2:32:E1:76:E1:2E:10:AC:BD:77:6B:BD:5B:07:85
            X509v3 Authority Key Identifier:
                keyid:15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/kPR7csjyMuF24S4QrL13a71bB4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:b2:75:c9:bf:b3:5b:f5:26:ad:05:be:dd:fe:55:0e:84:b6:
         21:9e:c8:f0:86:23:66:e3:c4:23:46:0d:6f:b4:18:b3:5d:83:
         50:22:a1:85:6a:d9:6c:69:d5:fc:2b:7b:7b:63:d8:93:b2:f4:
         eb:4b:dd:07:ff:75:65:50:90:47:8e:f1:67:e5:66:56:9f:03:
         26:c0:de:ef:45:f8:14:05:c6:f8:0e:45:b3:5c:f1:d6:69:8b:
         4a:6c:7e:3f:5a:06:54:94:43:d9:dc:c8:b8:b6:85:49:1a:a0:
         96:88:70:b9:3c:1e:a1:b2:b6:3d:99:ca:42:1e:76:23:d2:df:
         5d:f5:48:71:3d:eb:f6:90:18:bd:46:c2:8b:92:fe:c5:e3:9b:
         f6:3e:5a:7e:71:2a:ce:78:4a:10:a7:a0:5b:b9:4a:92:a9:39:
         59:c1:55:0c:4d:0e:2b:89:d6:b7:de:c3:a5:5f:4d:dc:03:35:
         bb:1b:f8:78:f7:5e:d4:cb:bc:0c:8f:59:8f:92:e1:1c:e6:dc:
         af:b2:6d:c5:6a:49:7f:b9:7f:41:3f:d1:a1:1d:cb:ce:91:a4:
         0c:f2:80:aa:77:20:0f:5c:2e:e7:e2:53:e2:3f:88:2e:dc:72:
         70:a4:3f:8a:cc:2c:b6:57:6c:5a:cb:8c:87:7b:60:94:6a:d6:
         d4:21:77:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRgsG03YwiFAjMMFfA0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZDFmZjZiZWM5ZmJjYjg5ZTk1MGEzYTAxZWYyZDY4NmYw
ZTdhMzEwHhcNMjQwMTAyMDAzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY0N2I3MmM4ZjIzMmUxNzZlMTJlMTBhY2JkNzc2YmJkNWIwNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklr7MEG5comaAarBElVQjPb+Qjfw
OhrxaMjtAbppwYU+lBLEOpWMVCXfEYzvJ9BMMZV90ii5/PR8YIYadUaYW6hCOhdO
OM3mJte55MzsNx2E1uAwk2WdGjre9BSAS/8VbfL7BfiH1blwuymVgLSFM23780Jc
qKMyaUVrZOfwwjtAOvV364fsCS52Sxy/XKnzrod/zBRWFFrvdHha5COtVfPAW1+A
wpxWK9xkj8PSUGlnmEsCgJY7CiCFfXq90tZlS92iLjF+021r3m/vRiIv5U4viz8C
bDnF+AajYHZ6ycq45tEQ23adSd4VtaiROgjR/ppRWWjqDd0kuGBG3U3ixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJD0e3LI8jLhduEuEKy9d2u9WweFMB8GA1UdIwQY
MBaAFBXR/2vsn7y4npUKOgHvLWhvDnoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjct
OTZiODY5MWY1MjYwLzEva1BSN2NzanlNdUYyNFM0UXJMMTNhNzFiQjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjctOTZiODY5MWY1MjYw
LzEvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZbYMA0G
CSqGSIb3DQEBCwUAA4IBAQA2snXJv7Nb9SatBb7d/lUOhLYhnsjwhiNm48QjRg1v
tBizXYNQIqGFatlsadX8K3t7Y9iTsvTrS90H/3VlUJBHjvFn5WZWnwMmwN7vRfgU
Bcb4DkWzXPHWaYtKbH4/WgZUlEPZ3Mi4toVJGqCWiHC5PB6hsrY9mcpCHnYj0t9d
9UhxPev2kBi9RsKLkv7F45v2Plp+cSrOeEoQp6BbuUqSqTlZwVUMTQ4rida33sOl
X03cAzW7G/h4917Uy7wMj1mPkuEc5tyvsm3Fakl/uX9BP9GhHcvOkaQM8oCqdyAP
XC7n4lPiP4gu3HJwpD+KzCy2V2xay4yHe2CUatbUIXdH
-----END CERTIFICATE-----
Generated at Thu May 2 22:34:54 2024 by rpki-client on console-ams.rpki-client.org